Amazon downplays report highlighting vulnerabilities in its cloud service

Hypothetical example described in report much harder to pull off in reality, company says

Amazon said today that it has taken steps to mitigate a security issue in its cloud computing infrastructure that was identified recently by researchers from MIT and the University of California at San Diego.

The report described how attackers could search for, locate and attack specific targets in Amazon’s Elastic Computer Cloud (EC2) because of certain underlying vulnerabilities in the infrastructure.[…]

In response, Amazon spokeswoman Kay Kinton said today that the report describes cloud cartography methods that could increase at attacker’s probability of launching a rogue virtual machine (VM) on the same physical server as another specific target VM.

http://www.networkworld.com/news/2009/102909-amazon-downplays-report-highlighting-vulnerabilities.html

Leave a Reply