Not in the least surprised
Adobe has er "form" when it comes to appalling lapses in security. At one time, it was able to boast responsibility for the world's biggest customer data bend-over-and-cheek-spread.
An absent-minded security staffer just accidentally leaked Adobe's private PGP key onto the internet. The disclosure was spotted by security researcher Juho Nurminen – who found the key on the Photoshop giant's Product Security Incident Response Team blog, ironically. That contact page should have only included the public PGP …
Typically you encrypt with a public key so that only the holders of the private key are able to decrypt it.
You *can* encrypt with a private key, but the only real use case of that is for signing. Signing is basically generating a hash of some content, and then encrypting that hash with the private key so that anyone with your public key can verify that it was you that generate the hash.
Maybe I am mistaken; I thought the related public key would do the decryption.
No, public keys encrypt, private keys decrypt (and sign - for verification of sender id).
Although Adobe will have issued a new key pair, anyone with an archive of mass-trawled email traffic (cough NSA cough) could now decrypt any archive messages, or spoof messages from Adobe to anyone who has not spotted the change in key pair.
I believe I am substantially correct. According to RFC 4880, each recipient's public key is used to encrypt the (symmetric) message encryption key, and each encrypted symmetric key is attached to the encrypted message. A recipient uses her private key to decrypt the a message encryption key, and the latter to decrypt the message body. The sender's private key is used with the hash that represents the message to provide a digital signature, if desired.
So compromise of a private key would allow signing and message spoofing (until the owner - Adobe, here - revokes it and the revocation is noted by recipients) (Reminder to self: refresh keyring periodically). It also, as another poster noted below, would allow decryption of messages directed to the owner of the (formerly) private key, to Adobe in this case.
Although I am inclined to think NSA, some 23 miles away by road, may have copies of messages I have sent, as far as their decrypting them I am more concerned about the recipients' private keys than mine.
i think what probably happened is that they received some sort of NSL and gag order forcing them to disclose the private key for [old] emails sent to/from PSIRT.
Posting the key there works as a warrant canary signalling that the canary is now dead.
So whilst you are right that it would allow retroactive decryption of any emails that are signed with it, that's only for the past week assuming it was even deployed the same day it was created. It could well be that posting the public key is part of their deployment protocol meaning it was only actually in use for a few hours. Maybe.
Don't get me wrong, it's a howler. But the practical effect is less than you suggest.
A private key allows decryption of any emails or files being encrypted for Adobe to decode. That means any emails being sent to or from Adobe, typically. Other people use the PUBLIC key to secure the message for the recipient; only the recipient can read it because only the recipient has the PRIVATE key.
From the wikipedia reference: "By law, NSLs can request only non-content information, for example, transactional records and phone numbers dialed, but never the content of telephone calls or e-mails."
While there is no guarantee that the issuer of an NSL or requester of a warrant follows the law, it is likely that most do. In the case of a warrant, a judge with some degree of independence reviews and approves it before it is executed.
It is very likely that any PGP-encrypted message which Adobe sent was also encrypted with their public key, in order that they can later read the message themselves. So possession of their private key will in most cases allow you also to decrypt messages they sent.
There's an interesting tangential point here: if you encrypt a message with PGP or GPG and you are worried that bad people (bad people with legislation) might force you to decrypt it, then encrypt it *only* with the recipient's public key. Then you *can't* decrypt it, even if you wanted to, because it's not encrypted with your public key.
So, you send out your email encrypting it with the public key? If so... then nobody can read it; unless of course you do what Adobe did, and release the private key.
BOTH keys can encrypt/decrypt. Which does which when... depends on its use.
Hey... you don't happen to work at Adobe do you?
Premiere is probably not that widely used but I would say Lightroom is very popular with Photographers. You may find that InDesign is used by many graphic houses for layouts but I wouldn't know about that.
And even then... if they had only created Photoshop... what a creation. Think how many people in the world have job because of that program.
They are also key players in PostScript, typefaces and Illustrator predates Photoshop. There are large chunks of its catalogue, though, that were obtained by acquisition. In fact PostScript is where they began, really. Ha! Remember that code 0 feature that let you permanently disable a printer with a well crafted PostScript file? Ah, Adobe. You spoil us with your security related humour.
"You may find that InDesign is used by many graphic houses for layouts but I wouldn't know about that."Development of InDesign began at Aldus and was acquired by Adobe when they purchased Pagemaker from them. To say the least InDesign is InDispensible as is Postscript. So it goes...
Better to wait until the excuses are posted as to why it didn't happen this time. A disjunct with reality never seems to even dent these beliefs. The more strongly your identity is vested in a particular belief - the more dangerous to your being to have to accept it is wrong.
Better to wait until the excuses are posted as to why it didn't happen this time.
From what I've read, when they said the world would end, they now claim they meant the world as we knew it would end, and the world from now on will be very different.
Not sure how that fits with claiming a fucking huge (*) previously invisible planet was going to come crashing into us. Badly I would suggest.
(*) Apologies for not remembering what the Official El Reg Unit is. I keep thinking Mega-Jubs. But then I often do :)
If the user of a product is aware that they have to do something in order to encrypt or decrypt then their security process isn't user friendly, because a secure process is secure by default. Crypto keys for typical users should be created and stored automatically, e.g. when they register a domain or account, and ideally stored where they're very unlikely to be meddled with by their user, and can't be meddled with by anyone else. Those able to access private keys in the first place need to know what they're doing with them, or these aren't secure.
Biting the hand that feeds IT © 1998–2018