 diyAudio |
|
|
Author
|
|
pengyou
Banned
Registered: March 2011
Posts: 21
|
|
Thu March 31, 2011 7:43pm
|
|
|
It appears, however, that Intuit QuickBooks Pro 2011 included a backdoor in the product, from
Intuit Quicken Home And Business 2010 through Quicken 2007. This backdoor allows Intuit to offer their own affordable service whereby Intuit will unlock a customer's file. To deliver this service, Intuit uses a 512-bit RSA key known only to Intuit. Before Elcomsoft's discovery of Intuit's backdoor, Intuit was the only organization that could unlock their customers' files.
"It is very unlikely that a casual hacker could have broken intoIntuit QuickBooks Premier 2010's password protection regimen," said Vladimir Katalov, Elcomsoft's CEO. "Elcomsoft, a respected leader in the crypto community, needed to use its advanced decryption technology to uncover Intuit's undocumented and well-hidden backdoor, and to successfully perform a factorization of their 512-bit RSA key."
Perhaps Intuit included the Quicken backdoor to make it possible for the United States Internal Revenue Service (IRS), FBI, CIA, or other law-enforcement and forensics organizations to use an "escrow key" to gain entry into password-protected Quicken files. Unfortunately, the existence of such a backdoor and escrow key creates a vulnerability that might leave millions of Quicken users worldwide with compromised bank account data, credit card numbers, and income information.
|
|
|
|
|
All times are GMT. The time now is 02:37 AM.
diyAudio
Photo Details
