A message board poster claiming to be the hacker who broke into Sarah Palin’s e-mail account says the attack involved nothing more technical than a nose around Wikipedia. But details posted in the screenshots of Palin’s account may lead the FBI straight to the offender – who may have political links.

The purported hacker posted on a board at the 4chan.org site (be warned that some of the posts there are distinctly not work-safe). ‘Rubico’ says that, having read of Palin’s Yahoo address in a Washington Post article, the attack took just 45 minutes. He or she apparently used the password recovery feature which asked for the Palin’s date of birth (easy to find) and zip code (not exactly difficult to figure out in a town the size of Wasilia, Alaska).

They then had to answer the security question “Where did you meet your spouse?” Palin being a public figure, it didn’t take long to come up with the answer ‘Wasilia high’, in reference to her former school.

Naturally there’s no way, at the moment, to confirm if this really is the hacker writing. However, the method described appears perfectly plausible for Yahoo’s service: though the original password is normally sent to a previously registered alternative e-mail address, users can say that address is out of action and reset the password.

Whoever was responsible may have blundered, however. It appears they used the Ctunnel proxy service to obscure their identity when logging on to Palin’s account. The problem is that when they posted the various screenshots of her messages, they left the Ctunnel website address in the picture.

The FBI is now working with Ctunnel to analyse its datalogs. While there are more than 80GB to sift through, the web address should contain enough information to figure out when the pages were visited and, in turn, who was using the service. And to cut a long legal situation short, ‘anonymous’ proxy browsing soon stops being anonymous once the Feds get interested.

It’s not just internet geeks who can get excited about the scandal now: there’s another political dimension. Tennessean.com, the website of Nashville’s principal newspaper, today quotes Mike Kernell as saying his 20-year-old son David is the man (presumably ‘Rubico’) being discussed on message boards in connection with the hacking. The juiciest part of that news is that Mike Kernell is a member of the state legislature – and a Democrat.

Related:

Entry was posted on Friday, September 19th, 2008 at 2:07 pm under Hacking, Leaks, Legal, Security.

Read more entries by John Lister.
Stumble It!