funsec mailing list archives
Re: Adobe: Important Customer Security Announcement
From: Rich Kulawiec <rsk () gsp org>
Date: Thu, 3 Oct 2013 20:38:22 -0400
On Thu, Oct 03, 2013 at 06:15:50PM -0400, Jeffrey Walton wrote:
Sigh.... It would be nice if there was a full accounting of what precisely was egressed.
I generally use what I called the Kulawiec Iceberg Principle of Dataloss. [1] The KIPD says that companies are only aware of 1/7 of the breaches they actually suffer. Further, they only know 1/7 of the extent of the breaches that they're aware of. And finally, they only report to the public 1/7 of what they know. (The precise fraction varies, of course, but it's never unity.) Also, more coverage of this debacle: Adobe admits 2.9M customer accounts have been compromised http://www.zdnet.com/adobe-admits-2-9m-customer-accounts-have-been-compromised-7000021546/ Adobe To Announce Source Code, Customer Data Breach http://krebsonsecurity.com/2013/10/adobe-to-announce-source-code-customer-data-breach/ ---rsk [1] I was hoping maybe for the Grand Unified Theory and a Nobel Prize, but since that doesn't seem likely in the near future, I'm putting my name on this. Get your own. Mine! Mine! MIIIINE! _______________________________________________ Fun and Misc security discussion for OT posts. https://linuxbox.org/cgi-bin/mailman/listinfo/funsec Note: funsec is a public and open mailing list.
Current thread:
- Adobe: Important Customer Security Announcement Jeffrey Walton (Oct 03)
- Re: Adobe: Important Customer Security Announcement Paul Ferguson (Oct 03)
- Re: Adobe: Important Customer Security Announcement Rich Kulawiec (Oct 03)