HongPong writes: The PanamaPapers law firm Mossack Fonseca exposed most of their customer service portal's backend, unpatched Drupal code through misconfiguring an Oracle server, also revealing a "portfolio" content type & possible local chat server. These vulnerabilities provide clues as to how the PanamaPapers might have been extracted remotely. This extends stories in Forbes & Wired UK about their security problems.
HongPong writes: "In a continuation of the excitement around Microsoft's confidential Law Enforcement guide hitting Cryptome.org, now several more Law Enforcement Sensitive PDFs about Windows 7 have been posted, including a lot of detailed information about examining BitLocker drive encryption and potentially cracking it: "We can also see the Recovery Key ID number" and a series of hex addresses, it says (win7-bit-spy.pdf p 67). With all the guides Cryptome has posted for PayPal, MySpace, AOL, SKype, Yahoo! & others, one can certainly get a clearer picture of implementations of government demands, but also these training manuals created by the companies clearly illuminate their own intent. Also, who else has had this information? Isn't it deceptive marketing to peddle products with such backdoors or intended weaknesses?"