FYI: the VW Volksdaten exploit wasn't quite an open S3 bucket - they managed to remotely extract AWS keys from a JVM heap dump using this (terrible) default configuration issue in older versions of "Spring Boot Actuator": https://www.wiz.io/blog/spring-boot-actuator-misconfigurations#1-exposed-heapdump-file-16
But also VW claimed they were truncating the precision of stored coordinates, but for a load of car models they weren't...
Hopefully there will be a full writeup somewhere soon, it was quite a good talk.
Russ Garrett /
npub1ee…dyqtx
2024-12-28 09:22:56
Author Public Key
npub1eezyh8rhjgmn73zgx64maxy9kunye2pwmafrky5456tmy3le7lhqmdyqtxPublished at
2024-12-28 09:22:56Event JSON
{
"id": "242605749bb2a4915ab5ea56cf09c56c5f6b268a7adab59372f067d92460ddf5",
"pubkey": "ce444b9c7792373f444836abbe9885b7264ca82edf523b1295a697b247f9f7ee",
"created_at": 1735377776,
"kind": 1,
"tags": [
[
"proxy",
"https://chaos.social/users/russss/statuses/113729717983729088",
"activitypub"
]
],
"content": "FYI: the VW Volksdaten exploit wasn't quite an open S3 bucket - they managed to remotely extract AWS keys from a JVM heap dump using this (terrible) default configuration issue in older versions of \"Spring Boot Actuator\": https://www.wiz.io/blog/spring-boot-actuator-misconfigurations#1-exposed-heapdump-file-16\n\nBut also VW claimed they were truncating the precision of stored coordinates, but for a load of car models they weren't...\n\nHopefully there will be a full writeup somewhere soon, it was quite a good talk.",
"sig": "bdf624de3f8bbadd20f197f5cf2c1ef0fa9f04286737426acbedaa436db0d5e6a18711c66e77f2c6cfb6d77f3c2686dbe389ca97cc59771c2adbee96a2394d6d"
}