Adobe is showing that it can be transparent about its security practices:
Having some transparency about security problems with software is great, but Adobe's Product Security Incident Response Team (PSIRT) took that transparency a little too far today when a member of the team posted the PGP keys for PSIRT's e-mail account—both the public and the private keys. The keys have since been taken down, and a new public key has been posted in its stead.
The faux pas was spotted at 1:49pm ET by security researcher Juho Nurminen:
Oh shit Adobe pic.twitter.com/7rDL3LWVVz
— Juho Nurminen (@jupenur) September 22, 2017Nurminen was able to confirm that the key was associated with the psirt@adobe.com e-mail account.
Also at The Register and Wccftech.
[How many here have done something like this? Perhaps an extra file accidentally uploaded to GitHub? --Ed.]
(Score: 2) by Chromium_One on Saturday September 23 2017, @06:14PM
Like I said before, incompetent people at Adobe.
https://soylentnews.org/comments.pl?sid=21627&cid=570246 [soylentnews.org]
You can argue about PGP and associated tools being user-unfriendly or whatnot, but at the end of it, you have to acknowledge that this was a user not reading what was in front of them.
When you live in a sick society, everything you do is wrong.