Security firms weigh in on Adobe breach, cite 38 million+ user IDs stolen

Posted by:
Date: Wednesday, October 30th, 2013, 10:56
Category: Hack, News, security

adobelogo

You’re probably going to want to change your Adobe login and password.

Per Macworld and Krebs on Security, the security breach reported earlier this month at Adobe is turning out to be much more widespread than the company first let on. At least 38 million users have been affected by the early October incident.

When Adobe announced the breach on October 3, it said that attackers stole user names and encrypted passwords for an undisclosed numbers of users, along with encrypted credit or debit card numbers and expiration dates for 2.9 million customers. Krebs on Security has reported on the full extent of the attack, confirming the 38 million figure with Adobe.

The total damage could go beyond 38 million users. According to the article, the 3.8GB file includes more than 150 million usernames and hashed passwords, all taken from Adobe. The same file also apparently turned up on a server with the other stolen Adobe data.

Adobe says that 38 million active users users were affected, whereas the other usernames and passwords could include inactive IDs, test accounts and IDs with invalid passwords. However, Adobe is still investigating, and given the tendency of users to repeat the same usernames and passwords across multiple Web services, inactive account holders could still face a security risk. Adobe is trying to notify inactive users of the breach, and has already reset passwords for active users who were affected.

To make matters worse, Krebs on Security and Hold Security both claim that the hackers stole source code for flagship products such as Photoshop, Acrobat, and Reader. Adobe acknowledged that at least some Photoshop source code was stolen; the company is trying to get the data taken down.

In a blog post, Hold Security suggested that the source code theft could have far-reaching security implications. “While we are not aware of specific use of data from the source code, we fear that disclosure of encryption algorithms, other security schemes, and software vulnerabilities can be used to bypass protections for individual and corporate data,” the firm wrote. “Effectively, this breach may have opened a gateway for new generation of viruses, malware, and exploits.”

Active Adobe users affected by the breach should have received a notification from the company by now, prompting them to change passwords. As always, users can employ several strategies to keep their data safe, such as setting different passwords on each site or setting up a password manager.

Stay tuned for additional details as they become available.

Apple confirms manufacturing issue that could shorten battery life in some iPhone 5s units

Posted by:
Date: Wednesday, October 30th, 2013, 10:58
Category: battery, Hardware, iPhone

eliphone5s

If your iPhone 5s’ battery seems a bit wonky, there’s a valid reason for it.

Per 9to5Mac and The New York Times, Apple has confirmed that a “very limited” number of iPhone 5s units could experience shortened battery life as the result of a manufacturing problem.

“We recently discovered a manufacturing issue affecting a very limited number of iPhone 5S devices that could cause the battery to take longer to charge or result in reduced battery life,” said Teresa Brewer, an Apple spokeswoman. “We are reaching out to customers with affected phones and will provide them with a replacement phone.”

The exact number of affected units is not clear, but the statement is said to imply that the number is in the few thousands range. Apple sold 9 million iPhones total over its opening weekend. The article notes that a manufacturing problem does not equal a defective battery, so it is unclear what the actual source of the issue is.

Affected users can expect to be contacted by Apple soon and will be issued a replacement phone.

If you’ve seen this issue on your end, please let us know in the comments.

Dropbox updated to 2.4.5

Posted by:
Date: Wednesday, October 30th, 2013, 10:37
Category: News, Software

This could be somewhat helpful.

On Tuesday, Dropbox released version 2.4.5 of its cloud-based storage client for Mac OS X. The new version, a 32.1 megabyte download (via MacUpdate), which adds the following fixes and changes:
- Fixed Finder crash at startup.

- Fixed crash when quitting in XP.

- Other small fixes.

Dropbox 2.4.5 requires Mac OS X 10.4 or later to install and run.

If you’ve tried the new version and have any feedback to offer, please let us know in the comments.

Firefox updated to 25.0

Posted by:
Date: Wednesday, October 30th, 2013, 10:08
Category: News, Software

elfirefox

Firefox is now old enough to make foolish mistakes but get a lower insurance rates when it goes to rent a car.

On Wednesday, Mozilla.org released version 25.0 of its Firefox web browser. The new version, a 47.1 megabyte download via MacUpdate, adds the following fixes and changes:
- [New] Web Audio support.

- [New] The find bar is no longer shared between tabs.

- [Changed] If away from Firefox for months, you now will be offered the option to reset it to its default state while preserving your essential information.

- [Changed] Resetting Firefox no longer clears your browsing session.

- [Developer] CSS3 background-attachment:local support to control background scrolling.

- [Developer] Many new ES6 functions implemented.

- [HTML5] iframe document content can now be specified inline.

- [Fixed] Blank or missing page thumbnails when opening a new tab.

- [Fixed] Security fixes can be found here.

Firefox 25.0 requires an Intel-based Mac running Mac OS X 10.6 or later to install and run.

If you’ve tried the new version and have any feedback to offer, please let us know in the comments.