SoylentNews

Adobe Accidentally Publishes One of its Private PGP Keys

posted by martyb on Saturday September 23 2017, @04:10PM   
from the information-wants-to-be-free? dept.

takyon writes:

Adobe is showing that it can be transparent about its security practices:

Having some transparency about security problems with software is great, but Adobe's Product Security Incident Response Team (PSIRT) took that transparency a little too far today when a member of the team posted the PGP keys for PSIRT's e-mail account—both the public and the private keys. The keys have since been taken down, and a new public key has been posted in its stead.

The faux pas was spotted at 1:49pm ET by security researcher Juho Nurminen:

Oh shit Adobe pic.twitter.com/7rDL3LWVVz
— Juho Nurminen (@jupenur) September 22, 2017

Nurminen was able to confirm that the key was associated with the psirt@adobe.com e-mail account.

Also at The Register and Wccftech.

[How many here have done something like this? Perhaps an extra file accidentally uploaded to GitHub? --Ed.]

---

Original Submission

• Re:PGP magic Re:PGP magic (Score: 1, Insightful) by Anonymous Coward on Saturday September 23 2017, @06:09PM (1 child)

  by Anonymous Coward on Saturday September 23 2017, @06:09PM (#572140)

  > Even those with some technical knowledge

  Given the decline in quality from Adobe (their early stuff like Postscript language and programming manuals were great), you may be giving them too much credit??

  Parent

  Starting Score:	0		points
  Moderation		+1
  Insightful=1, Total=1
  Extra 'Insightful' Modifier		0
  Total Score:		1

• Re:PGP magic (Score: 2) by stretch611 on Saturday September 23 2017, @06:47PM

  by stretch611 (6199) on Saturday September 23 2017, @06:47PM (#572150)

  Given the decline in quality from Adobe...

  Thats what happens when you outsource everything to the lowest bidder.

  --
  Now with 5 covid vaccine shots/boosters altering my DNA :P

  Parent