Home page logo
/

educause logo Educause Security Discussion mailing list archives

Re: FYI - Adobe account compromise
From: Louis Aponte <louisaponte () WEBER EDU>
Date: Thu, 7 Nov 2013 12:15:32 -0700

Try

http://nakedsecurity.sophos.com/2013/11/04/anatomy-of-a-password-disaster-adobes-giant-sized-cryptographic-blunder/



*Louis Aponte*




On Thu, Nov 7, 2013 at 11:24 AM, Keller, Alex <axkeller () stanford edu> wrote:

http://sophos.com/adobe doesn't resolve...

But this seems like a likely candidate for the article Brian referenced:

http://nakedsecurity.sophos.com/2013/11/04/anatomy-of-a-password-disaster-adobes-giant-sized-cryptographic-blunder/

Best,
alex

Alex Keller
Information Technology
Stanford School of Engineering
axkeller () stanford edu
(650) 736-6421



-----Original Message-----
From: The EDUCAUSE Security Constituent Group Listserv [mailto:
SECURITY () LISTSERV EDUCAUSE EDU] On Behalf Of Brian Helman
Sent: Thursday, November 07, 2013 6:40 AM
To: SECURITY () LISTSERV EDUCAUSE EDU
Subject: Re: [SECURITY] FYI - Adobe account compromise

There's an excellent description at sophos.com/adobe and on this week's
Security Now podcast.

-Brian

________________________________________
From: The EDUCAUSE Security Constituent Group Listserv [
SECURITY () LISTSERV EDUCAUSE EDU] on behalf of Andrew Daviel [
advax () TRIUMF CA]
Sent: Wednesday, November 06, 2013 4:20 PM
To: SECURITY () LISTSERV EDUCAUSE EDU
Subject: [SECURITY] FYI -  Adobe account compromise

FYI

Per http://xkcd.com/1286/ and others, hackers have leaked 130 million
user records from Adobe, containing email address, 3DES encrypted password,
and hint, with lines like:

63498551-|--|-mxxxxxxx () wisc edu-|-eYxxxxxxxxxxxxx==-|-kunsan cutie|--

2 million of these are .edu addresses

From what I have read, the passwords are encrypted using a symmetric key
but the key is unknown. For now. As a mailing list for spam, it needs
washing, badly.

All that user education is having some effect, at least.
The most popular password is now "123456", an improvement over "12345" a
couple of years ago and "1234" before that.
Per http://stricture-group.com/files/adobe-top100.txt

See also
http://www.hydraze.org/2013/10/some-information-on-adobe-135m-users-leak/
http://www.leemangold.com/2013/11/02/adobe-data-breach-faq/
http://tobtu.com/adobe.php
http://anonnews.org/forum/post/64784

http://arstechnica.com/security/2013/11/how-an-epic-blunder-by-adobe-could-strengthen-hand-of-password-crackers/
Password reset: https://www.adobe.com/ca/account/sign-in.adobedotcom.html

I'm not sure it's really a big cause for concern, though I guess a lot of
people use the same password for everything and there's their password hint
"dog's name" sitting out there. The etymology of user names on Hotmail
should we worth a sociology paper or two.


--
Andrew Daviel, TRIUMF, Canada
Tel. +1 (604) 222-7376  (Pacific Time)
Network Security Manager


  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]