Skip to content
Better HN
Top
Best
Ask
Show
New
Jobs
Search
⌘K
0 points
mschuster91
11y ago
0 comments
Save
Share
And tokens can be abused or stolen (given they're not stored or paired with other tokens/keys residing inside a TPM), we have seen numerous cases of people hijacking others' AWS accounts and using them for mining bitcoin, of all things.
0 comments
2 comments · 1 top-level
top
newest
oldest
nailer
11y ago
· 1 in thread
That's done with an AWS secret key, which is effectively your password to the AWS API, and not a limited use token.
mschuster91
OP
11y ago
I know that, still people have managed to commit their passwords, ssh keys and more to github.
j
/
k
navigate · click thread line to collapse
