In light of the recent Binance and Capital One hacks, I thought I'd share what I'm working on. It's tool that makes it easier for businesses to collect end-to-end encrypted documents. All s3 buckets only store PGP files so misconfiguration is less disastrous. If a business uploads their public key, then there's no data in the cloud to hack. I learned a lot of awesome JS tricks while working on this. All the encryption is done in the client's browser using OpenPGP.js (which I highly recommend).