20 votes

Seven "zero logging" VPN providers leak 1.2TB of user logs unprotected and facing the public internet

1 comment

  1. Greg
    Link
    Elasticsearch. Every single fucking time, it's elasticsearch. I get that the lack of authentication out of the box is frustrating, and probably quite confusing for someone who hasn't set it up...

    Elasticsearch. Every single fucking time, it's elasticsearch.

    I get that the lack of authentication out of the box is frustrating, and probably quite confusing for someone who hasn't set it up before. What I genuinely don't understand is how an engineer can be capable of setting it up themselves, confident enough that they choose to do so rather than just using Amazon's off the shelf version, and still think it's a good idea to leave a database out there on the internet with absolutely no password.

    11 votes