Cyberpunk Review » The Sarah Palin Email Hack: or Why politicians need to stay away from computers. (UPDATED)

September 24, 2008

The Sarah Palin Email Hack: or Why politicians need to stay away from computers. (UPDATED)

A pic from Palin's hijacked Yahoo! email

Flattering image of America’s “next” veep, huh?

You must have heard about it over the weekend: An “Anonymous” hacker (now known, or suspected to be University of Tennessee student David Kernell, son of representative Mike Kernell, D-TN) gained access to Palin’s Yahoo! email account and posted screencaps of her inbox, emails, etc. to 4chan. Those pics have since been removed, and Palin’s Yahoo email has been deleted, but you can still get a lookee at the booty on Gawker or download a zip from WikiLeaks. Even now, there are still events unfolding around the hack, along with some “collateral damage.”

 

How the hack went down. Whether one can call this an actual “hack” may be questioned. In actuality, the “hack” was not much more than gaming Yahoo’s password recovery:

after the password recovery was reenabled, it took seriously 45 mins on wikipedia and google to find the info, Birthday? 15 seconds on wikipedia, zip code? well she had always been from wasilla, and it only has 2 zip codes (thanks online postal service!)

the second was somewhat harder, the question was “where did you meet your spouse?” did some research, and apparently she had eloped with mister palin after college, if youll look on some of the screenshits [sic] that I took and other fellow anon have so graciously put on photobucket you will see the google search for “palin eloped” or some such in one of the tabs.

I found out later though more research that they met at high school, so I did variations of that, high, high school, eventually hit on “Wasilla high” I promptly changed the password to popcorn and took a cold shower…

That’s it. No buffer overflows, no stealth virus bombardment, no password cracking, not even any social engineering. Just some basic Google research to find answers that only Palin herself should know.

David kernell, Suspected Email Hacker

Is this the 7337 hax0r who raided Palin’s Yahoo account?

Was it worth the effort? After looking at what was posted, there’s really nothing earth-shattering to behold; It’s just basic family-and-business yakking. Hardly worth the effort, right? Obviously, idle chatter was not what the hacker was looking for. He must have been looking for some dirt regarding Palin’s Troopergate scandal, only to leave with the screenshots to prove he was there.

The FBI was able to trace the hack through a proxy that was used, and got a search warrant (yes, the FBI actually bothered to get a warrant!) to search Kernell’s apartment. Today (September 23, 2008), a grand jury convened to examine the evidence, but no indictment was made as yet. There may be future sessions to hear more evidence if it becomes available.

Bill “Mouth O’ Crap” O’Rilley

One good hack deserves another.

Collateral Damage. Fox News windbag William “ORLY?” O’Rilley mouthed off about the screenshot postings, referring to the act as “trafficking in stolen merchandise” and “despicable, slimy, scummy.”

His website was hacked shortly afterwords and posted to WikiLeaks. Memo to all NeoCons: DO NOT DIS HACKERS. THEY WILL PWN ALL YOUR ASS.

 

Big Brother Goes Both Ways. (Not like that!) Anthony Taurus perhaps put it best in his blog, The United States of Anthony, on why hackers are more important today than ever before:

We live in a true Matrix and we’ve got to be able to fight back digitally. We, the people, need hackers as the government has hackers and as corporations have hackers that can be, will be, and have been used against us. This hacking lets me know that not even government officials are safe from the system they’ve developed. There is always someone out there watching and listening. And, those kinds of individuals exist on both teams.

There’s also a comment posted by “Anonymous” (no relation to the Palin hacker, maybe) that points out the difference between real hackers and the Palin hacker.

As always, stay tuned as more (leaked) data becomes available…

 

UPDATE 08-Oct-08: Wired reports that David Kernell has turned himself in after being officially indicted for the access. He was released without bond and is waiting trial set for December 16.

Meanwhile, Palin is said to have another email system setup outside official channels. The system was setup for her run for Alaska’s governor, but has been shut down since the Yahoo account breach. It is believed the system may have been used like the Yahoo account was; To bypass official channels and possibly hide evidence of ethics violations.

Comments

September 24, 2008

Gigabyte Eschaton said:

Politicians need to stay away from breathing

Karsten said:

Rock on! Great Article.

Mr No1 said:

Sweeeeeeeeeet

This is a very well written article. I’m not surprised the media is calling it a “hack” they are too lazy to reseach and report he facys or interview someone that nknows what they’re talking about.

Klaw said:

It’s 1337 H4X0R!!!!!

comwedge said:

they have broken the zip file.

September 25, 2008

Let me hack YOUR email account and post your private pictures to internet... said:

…and let’s see how happy you’ll be.

Cyberpunkreview.com, please stick to reviewing movies because that’ s what you can do (really) well.

Mr No1 said:

You forgot to state your name… is it Sarah? XDDD

cable5 said:

lolz, ‘hack’… if the skillz involved in this are called a hack… damn I can use google, I’m a hacker…. :D

btw, I agree with the one post, although hack is connected to cyberpunk, lately the amount of half realted and not so much related to cyberpunk has increased… I’d actually like to see some reviews again. ‘caus, as said, they are really good, and a source for ” I need to see this”

September 28, 2008

Mr No1 said:

cable5, I didn’t write the post about sticking to reviews only. In fact, my posts favour this particular thread =P

But I agree with this not being hack =)

TJHooker said:

uggg..4chan/where “myspacers” go when they’re not taking zoolander style images of themselves, and posting them on pages. I do appreciate there fad buster mentality though.

A heap overflow would of been nice, but knowing commercial servers they probable have some form of updated stack and heap protection running at kernel level. They’re rich.

The o’rilley page hack was probably just poor configuration or outdated FTP solutions. Someone running a fuzzer(sorry, I find security intriguing.)

September 29, 2008

Anonymous said:

“Memo to all NeoCons: DO NOT DIS HACKERS. THEY WILL PWN ALL YOUR ASS.”
Epic Win.

O’Reilly got reamed.

We are Legion and all that shit, I guess :p

Anon said:

Call for /b/lackup!

May 22, 2009

Free Web Proxy said:

Some really usefull information here if you pay attention, thanks


~All Related Entries Related This~

 

All News as Cyberpunk

<<--Back to top

Made with WordPress and the Semiologic CMS | Design by Mesoconcepts