I would think one needs to distinguish between AWS infrastructure flaws -- what IBM would call violations of the statement of integrity -- versus dumb user errors. The pop press is going to call it "an AWS hack" even if it was because someone left their userid and password behind on a Post-It note on a table in Denny's.
Of course the two cases can blur somewhat if there are infrastructure characteristics that make it particularly easy for a user to screw it up. Charles -----Original Message----- From: IBM Mainframe Discussion List [mailto:IBM-MAIN@LISTSERV.UA.EDU] On Behalf Of Mike Hochee Sent: Sunday, October 11, 2020 3:34 PM To: IBM-MAIN@LISTSERV.UA.EDU Subject: Re: IBM splitting into two companies I do not have an accurate big picture nor a decent set of data to work with, but here are a few google hits that do not inspire confidence, just anecdotal stuff of course.... https://www.cbronline.com/news/aws-servers-hacked-rootkit-in-the-cloud https://tamebay.com/2020/05/amazon-warn-of-hacked-amazon-accounts-issue-acco unt-recovery-advice.html https://www.thesun.co.uk/money/10519079/amazon-accounts-hacked-fraudsters/ Does AWS have any security components on par with ICSF and RACF on the security front that you're aware of? Here's a link to their identity and access management UG... https://docs.aws.amazon.com/IAM/latest/UserGuide/id_credentials_access-keys. html?icmpid=docs_iam_console Browsing through it briefly makes me wonder what an AWS secure key repository and management tools might look like. Having been the victim of a minor identity theft myself in recent years, probably adds to my skepticism about cloud service provider security claims. Mike -----Original Message----- From: IBM Mainframe Discussion List [mailto:IBM-MAIN@LISTSERV.UA.EDU] On Behalf Of Clark Morris Sent: Sunday, October 11, 2020 3:55 PM To: IBM-MAIN@LISTSERV.UA.EDU Subject: Re: IBM splitting into two companies Caution! This message was sent from outside your organization. [Default] On Sat, 10 Oct 2020 10:40:07 -0700 (PDT), in bit.listserv.ibm-main computer chyck <rpanz...@gmail.com> wrote: >> snip much > >Cloud computing is alot like teenage sex - everybody is doing it (or wants to do it) but nobody has a flippin' clue how to do it correctly!!! What I fear is that Amazon and Microsoft both have a far better idea of what cloud computing is and how to do it than does IBM. I also suspect that Amazon has all of their computing on their cloud and is very well aware of the need for high security and has worked very hard to achieve it. Microsoft based on my experience with their Knowledge Center (repository for fixes and the equivalent of PTF cover letters) seems to understand high availability better than IBM based on postings here on ibm-main. Clark Morris ---------------------------------------------------------------------- For IBM-MAIN subscribe / signoff / archive access instructions, send email to lists...@listserv.ua.edu with the message: INFO IBM-MAIN ---------------------------------------------------------------------- For IBM-MAIN subscribe / signoff / archive access instructions, send email to lists...@listserv.ua.edu with the message: INFO IBM-MAIN ---------------------------------------------------------------------- For IBM-MAIN subscribe / signoff / archive access instructions, send email to lists...@listserv.ua.edu with the message: INFO IBM-MAIN
