BSidesLV 2022 - Whose encryption key is this? It’s a secret to everybody. - Utilizing providers such as Amazon Web Services, Google Cloud Platform, and Microsoft Azure carries a level of shared responsibility. In this talk, we share a cautionary tale of how that shared responsibility can fail in a way you may never have expected, and how following best practices can lead you to a worse place than you were before. We’ll discuss how using an AWS-managed service in a common configuration can result in your log data being silently encrypted with a “rogue” encryption key, rendering your data completely inaccessible and outside of your control.