Interesting article: Cloud squatters

I came across this interesting article:

‘Cloud squatters’ find data meant for previous tenants

A team at Penn State University discovered that user information can be leaked during the fairly common process of companies leaving a public cloud service and their old IP address being handed off to the next tenant.

https://www.itbrew.com/stories/2022/05/02/cloud-squatters-find-data-meant-for-previous-tenants

3 Likes

Very interesting indeed.
Reminds me of this Exchange “Autodiscover password leak” bug

Just rent a domain and wait for passwords to come in.

2 Likes

Isn’t the deeper problem that the clients are blindly sending data in the clear instead of first authenticating the server, and then sending encrypted data? It seems like if those basic steps were taken, this wouldn’t be a serious problem.

1 Like

How does caching DNS work into this problem.
Could you not end up at the wrong address.

Hi,

(sigh) this is especially frustrating because its root cause is not a technical issue, but an operational one. People just need to be aware which IP addresses they put into their DNS zones, and remove or update them whenever necessary.

Unfortunately (and, to some extend, perhaps unsurprisingly), tech giants fail to keep track of this as well:

(But of course, everybody had allowed *.microsoft.com, so these are likely to slip through access restrictions in place…)

Thanks, and best regards,
Peter Müller

2 Likes