Regardless of what service (AWS, Linode, Rackspace, OVH) if you leak keys or pas... | Hacker News

Hacker News new | past | comments | ask | show | jobs | submit

login

vertis on Dec 31, 2014 | parent | context | favorite | on: My Amazon S3 Mistake

Regardless of what service (AWS, Linode, Rackspace, OVH) if you leak keys or passwords you have the potential for costs incurred by malicious users.

I have not used OVH, but a quick perusal of the OVH API[1] suggests that you could invoke plenty of commands that would incur costs.

[1] https://api.ovh.com/console/#/order

Dylan16807 on Dec 31, 2014 [–]

But your app would not have any keys. You would give it a server and that would be it. There's no API use in a toy project, and so no way to leak account authentication.

Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact