Description: An Amazon Machine Image (AMI) is a virtual appliance container used to create virtual machines (VMs) within the Amazon Elastic Compute Cloud (EC2). EC2 instances typically interact with a variety of Amazon Web Services (AWS), and as such require access to AWS credentials and private key materials. We will explore how AWS credentials and keys may end up being persisted within an AMI, allowing these credentials and key materials to be unintentionally shared with 3rd parties. We will discuss the risks and potential impacts of compromise of this sensitive information. A new tool, .AMIexposed. will be released that can check an AMI for the most common ways AWS credentials and keys are persisted within an AMI. The results of research using AMIexposed against public AMIs will be presented, helping to quantify the scope and prevalence of AWS credentials and keys exposed within public AMIs. We.ll also discuss the risks inherent in trusting public AMIs to be free of backdoors, trojans, and other malicious hitchhikers. Results of an experiment demonstrating these risks will be presented. Finally, the talk will propose best practices for utilizing AMIs, both from the AMI creator and the AMI user perspective.
Tags: securitytube , DerbyCon , Derby Con , hacking , hackers , information security , convention , computer security , Derby 11 , DerbyCon 11 , DerbyCon-2011 ,
Disclaimer: We are a infosec video aggregator and this video is linked from an external website. The original author may be different from the user re-posting/linking it here. Please do not assume the authors to be same without verifying.