Stories
Slash Boxes
Comments

SoylentNews is people

posted by martyb on Saturday September 23 2017, @04:10PM   Printer-friendly
from the information-wants-to-be-free? dept.

Adobe is showing that it can be transparent about its security practices:

Having some transparency about security problems with software is great, but Adobe's Product Security Incident Response Team (PSIRT) took that transparency a little too far today when a member of the team posted the PGP keys for PSIRT's e-mail account—both the public and the private keys. The keys have since been taken down, and a new public key has been posted in its stead.

The faux pas was spotted at 1:49pm ET by security researcher Juho Nurminen:

Oh shit Adobe pic.twitter.com/7rDL3LWVVz
— Juho Nurminen (@jupenur) September 22, 2017

Nurminen was able to confirm that the key was associated with the psirt@adobe.com e-mail account.

Also at The Register and Wccftech.

[How many here have done something like this? Perhaps an extra file accidentally uploaded to GitHub? --Ed.]


Original Submission

 
This discussion has been archived. No new comments can be posted.
Display Options Threshold/Breakthrough Mark All as Read Mark All as Unread
The Fine Print: The following comments are owned by whoever posted them. We are not responsible for them in any way.
  • (Score: 2) by Chromium_One on Saturday September 23 2017, @06:14PM

    by Chromium_One (4574) on Saturday September 23 2017, @06:14PM (#572142)

    Like I said before, incompetent people at Adobe.

    https://soylentnews.org/comments.pl?sid=21627&cid=570246 [soylentnews.org]

    You can argue about PGP and associated tools being user-unfriendly or whatnot, but at the end of it, you have to acknowledge that this was a user not reading what was in front of them.

    --
    When you live in a sick society, everything you do is wrong.
    Starting Score:    1  point
    Karma-Bonus Modifier   +1  

    Total Score:   2