Breaking, Sarah E-mail Hacker Found, And Guess What.....

[IEATV8S]

(Sept. 18, 2008) Palin E-Mail Hacker Says It Was Easy (Wired)**Update** TN State Rep. Mike Kernell (DEMOCRAT) confirmed that it's his son

--------------------------------------------------------------------------------

Quote:
Palin E-Mail Hacker Says It Was Easy
A person claiming to be the hacker who obtained access to Alaska Gov. Sarah Palin's private Yahoo e-mail on Tuesday has posted a supposed first-person account of the hack, revealing the relatively simple steps he says he took to crack the private e-mail of the Republican vice-presidential candidate.

The story was briefly posted Wednesday to the 4chan forum where the hack first surfaced. Bloggers have connected the handle of the poster, "Rubico," to an e-mail address, and tentatively identified the owner as a college student in Tennessee.

Threat Level was unable to reach the student by phone because his number is unlisted. His father, when reached at home, said he could not talk about the matter and would have no comment. The father is a Democratic state representative.

Palin E-Mail Hacker Says It Was Easy | Threat Level from Wired.com

Meet The Sarah Palin Hacker, David Kernell | novatownhall blog

[BlownZ]

Now that's interesting.

Wonder what Daddy will have to say today.

[Weester]

Anyone STUPID enough to use Yahoo mail deserves to get hacked!!

Here is a good way to make your computer safer

Anonymous Web Surfing by Anonymizer

[salvageV6]

Anyone stupid enough to lie on the internet to make a point deserves to get banned for life.

I like my logic far better than yours Weepie.

OH THE SHAME!!!!

Hope that's a crime, that dude needs a good beatdown.

[Weester]

Quote:

Originally Posted by salvageV6

Anyone stupid enough to lie on the internet to make a point deserves to get banned for life.

I like my logic far better than yours Weepie.

OH THE SHAME!!!!

Hope that's a crime, that dude needs a good beatdown.

ROTFL...............Still stings dont it!! You've been whiiiiiiiiining for three years now....

[unix_punk]

Surpised to see no arguement about how she was/wasn't using that non-gov email address for gov business... The so called hacker states nothing of consequense was found, but if you look at the screenprints of the email subjects theres clearly gov related stuff in there...

[UNGN]

Quote:

Originally Posted by unix_punk

Surpised to see no arguement about how she was/wasn't using that non-gov email address for gov business... The so called hacker states nothing of consequense was found, but if you look at the screenprints of the email subjects theres clearly gov related stuff in there...

I seriously doubt there is a law in Alaska that says that no government business can be done on personal E-mail.

I think there is a law that saws you can't impersonate someone to gain unauthorized access to someone elses E-mail, however.

[unix_punk]

Quote:

Originally Posted by UNGN

I seriously doubt there is a law in Alaska that says that no government business can be done on personal E-mail.

I think there is a law that saws you can't impersonate someone to gain unauthorized access to someone elses E-mail, however.

Then whats the point of DOD level security on gov agency emails/email servers? I would beg to differ that gov email doesn't need to be kept on gov authed servers only, if not a law on the state level then certainly on the fed level. Point being, instead of just deleting emails as some others may have done, the same argument can be made that this may (or would've) still be a method that could hide certain info from the freedom of info act as it is not held on gov server therefore would not be in the eye of that act...

EDIT: to comment on your other point, would Yahoo, police or any other agency care if you're email was accessed by someone that wasn't you no matter how much you complained and even knew who did it? Point being if this kid gets anything other than a slap on the wrist then it proves that gov officials get special treatment even in personal (non-gov related) situations when you or I complaining and proving the same would be overlooked. If this was indeed only a personal account, then this should be treated the same way as Joe Shmoe's email account, no one would ever go to trial, let alone jail for breaking into your email now would they?

[BLACK6PACK]

Quote:

Originally Posted by unix_punk

Then whats the point of DOD level security on gov agency emails/email servers? I would beg to differ that gov email doesn't need to be kept on gov authed servers only, if not a law on the state level then certainly on the fed level. Point being, instead of just deleting emails as some others may have done, the same argument can be made that this may (or would've) still be a method that could hide certain info from the freedom of info act as it is not held on gov server therefore would not be in the eye of that act...

EDIT: to comment on your other point, would Yahoo, police or any other agency care if you're email was accessed by someone that wasn't you no matter how much you complained and even knew who did it? Point being if this kid gets anything other than a slap on the wrist then it proves that gov officials get special treatment even in personal (non-gov related) situations when you or I complaining and proving the same would be overlooked. If this was indeed only a personal account, then this should be treated the same way as Joe Shmoe's email account, no one would ever go to trial, let alone jail for breaking into your email now would they?

Its a felony crime punishable for up to 2 years in prison to break into anyones email account.

[unix_punk]

Quote:

Originally Posted by BLACK6PACK

Its a felony crime punishable for up to 2 years in prison to break into anyones email account.

What's that law called? And does that make it OK to overlook that fact that the email account in question contained gov related emails?

In an argumentative mood today as normally I wouldn't be caught dead posting in this Political Views section... Plus being in IT and having to be well versed on laws that require Govs and Corps to keep years and years of email for accountability/law related purposes still leaves the point of these emails not being accounted for in that fashion...

[SFITurbo]

Since when is it against Govt. regulations to conduct routine business (ie. emails) over a non DOD account? People need to get rid of the idea that ALL government entities are some "super secret" black ops organizations.
We (govt. people) are left to our own trust not to disclose or discuss SENSITIVE information over non secure DOD services, or face the punishment for releasing said sensitive information to sources not cleared for access.

[unix_punk]

The information in any gov related email needs to be accounted for and archived, how could you believe otherwise?! You think your sysadmin DOESN'T backup all of your email and hold it for at least 7-10 years?! And if I'm wrong on that first part, and that's a BIG IF, then explain why there's an email in the subject list that has CONFIDENTIAL for the first word of the subject... Email that is not kept inside a network, i.e. sent to Yahoo, is NOT secure by any means. Email has never been a secure medium to share information unless encryption is used. Something tells me Palin is not quite sure how to encrypt or decrypt an email... So seeing that there was CONFIDENTAIL info in those emails it's, OK to overlook because no one would've known anyway 'if it wasn't for those medling kids'?!

Quick question that maybe one of the Dems here will answer...

Are all of you that think that emails don't need to be kept and held for archive/accountablility purposes Republicans?! You think it was OK for Bush/Rove to delete emails?

In your theory, then every company that is forced to keep emails and IM's related to business in archive for 7-10 years really doesn't have to regardless of any SOX/HIPAA/FOIA/Tax requirements?!

At least admit that it is possible that doing this CAN POTENTIALLY be used to circumvent the FOIA or Alaska's equivalent.

For the record, I am neither a republican nor a democrat, so that card doesn't work here. Let it fly...

[IEATV8S]

Quote:

Originally Posted by unix_punk

The information in any gov related email needs to be accounted for and archived, how could you believe otherwise?! You think your sysadmin DOESN'T backup all of your email and hold it for at least 7-10 years?! And if I'm wrong on that first part, and that's a BIG IF, then explain why there's an email in the subject list that has CONFIDENTIAL for the first word of the subject... Email that is not kept inside a network, i.e. sent to Yahoo, is NOT secure by any means. Email has never been a secure medium to share information unless encryption is used. Something tells me Palin is not quite sure how to encrypt or decrypt an email... So seeing that there was CONFIDENTAIL info in those emails it's, OK to overlook because no one would've known anyway 'if it wasn't for those medling kids'?!

Quick question that maybe one of the Dems here will answer...

Are all of you that think that emails don't need to be kept and held for archive/accountablility purposes Republicans?! You think it was OK for Bush/Rove to delete emails?

In your theory, then every company that is forced to keep emails and IM's related to business in archive for 7-10 years really doesn't have to regardless of any SOX/HIPAA/FOIA/Tax requirements?!

At least admit that it is possible that doing this CAN POTENTIALLY be used to circumvent the FOIA or Alaska's equivalent.

For the record, I am neither a republican nor a democrat, so that card doesn't work here. Let it fly...

Looking at all those e-mails, I see NOTHING that is a definite Government concerned e-mail! Some are from people Palin had in government positions, but were FRIENDLY types of conversations, not government business.

Thiis is a common practice, as PERSONAL e-mailing is not allowed on gov. e-mails!

[DragulaGN]

Quote:

Thiis is a common practice, as PERSONAL e-mailing is not allowed on gov. e-mails!

TOUCHE!

[SFITurbo]

Quote:

Originally Posted by unix_punk

The information in any gov related email needs to be accounted for and archived, how could you believe otherwise?! You think your sysadmin DOESN'T backup all of your email and hold it for at least 7-10 years?! And if I'm wrong on that first part, and that's a BIG IF, then explain why there's an email in the subject list that has CONFIDENTIAL for the first word of the subject... Email that is not kept inside a network, i.e. sent to Yahoo, is NOT secure by any means. Email has never been a secure medium to share information unless encryption is used. Something tells me Palin is not quite sure how to encrypt or decrypt an email... So seeing that there was CONFIDENTAIL info in those emails it's, OK to overlook because no one would've known anyway 'if it wasn't for those medling kids'?!

Quick question that maybe one of the Dems here will answer...

Are all of you that think that emails don't need to be kept and held for archive/accountablility purposes Republicans?! You think it was OK for Bush/Rove to delete emails?

In your theory, then every company that is forced to keep emails and IM's related to business in archive for 7-10 years really doesn't have to regardless of any SOX/HIPAA/FOIA/Tax requirements?!

At least admit that it is possible that doing this CAN POTENTIALLY be used to circumvent the FOIA or Alaska's equivalent.

For the record, I am neither a republican nor a democrat, so that card doesn't work here. Let it fly...

I think you may have missed the part that it is her private e-mail account. Just because a person is in Government service does not prohibit them from having a social life with other employees off the clock.
Sure the IT's track internet usage and hold correspondence, but most people file important stuff on dedicated drives. Personal stuff goes back and forth all the time on gov. computers, anyone that says the don't are lying. Some just may do it less than others. IT's have enough problems keeping the crappy system working correctly as it is, let alone tracking someones e-mail from their wife to pick up some bread on the way home.

[SGRIM]

They would be bitching if she used her Gov. account for private use

[unix_punk]

wow. i cant argue with any that, i mean after all, none of it was even related to anything i said...at all... deflection is an art i guess. thanks for the amusement.

[BLACK6PACK]

Sounds to me like they answered your question well, you just didn't like the answer. You haven't provided and I haven't seen anywhere proof that govt business was being conducted in this email account.

US CODE: Title 18,1030. Fraud and related activity in connection with computers
so you can keep up with the laws.

[unix_punk]

doesnt surprise me. anyway, you happen to read that code? are you admitting that she used that for gov purposes since that code specifically refers to any computer used by a financial institution or us government. sooo...if that code applies then she was using it for gov purposes...or you just posted some garbage without even reading it to see if it was valid. either way works for me.

[SFITurbo]

"The information in any gov related email needs to be accounted for and archived, how could you believe otherwise?! "
Govt won't touch my private emails from a non DOD server unless they have justification, MAJOR doodoo if they did. Anything from a DOD server is fair game, I sign a statement of understanding every year, ie. no non work related surfing, restricted sites, discussion of classified info on non encrypted programs etc.

"So seeing that there was CONFIDENTAIL info in those emails it's, OK to overlook because no one would've known anyway 'if it wasn't for those medling kids'?!"

IMO everyone has a reasonable assurance that information communicated between two people shall remain confidential or subject mattered "confidential". Because there apparently will always now be some pimple faced hacker with a vendetta to get some one or prove his E-manhood, safeguards will now have to out pace those with something to prove or gain. Case in point: my home PC was recently hacked via ISP and now have been a victim of ID theft. What I thought was reasonably private and relativly secure turned out the opposite. A little info goes a LONG way in ID theft, luckily we caught it quickly and placed enough protection around our info and have suffered mainly aggravation so far. There is buttholes out there in cyberland that make this their job

[BLACK6PACK]

Quote:

Originally Posted by unix_punk

doesnt surprise me. anyway, you happen to read that code? are you admitting that she used that for gov purposes since that code specifically refers to any computer used by a financial institution or us government. sooo...if that code applies then she was using it for gov purposes...or you just posted some garbage without even reading it to see if it was valid. either way works for me.

Yep I read it, and all the amendments to it over the years. Also read some of the lawsuits. Guess you didn't read those, doesn't surprise me. Guess you're not up on all the stuff you say you are. Seems as though it doesn't have to be a govt computer and as soon as it goes interstate, which it did, just about anything can be prosecuted under that law.

[unix_punk]

Quote:

Originally Posted by BLACK6PACK

Yep I read it, and all the amendments to it over the years. Also read some of the lawsuits. Guess you didn't read those, doesn't surprise me. Guess you're not up on all the stuff you say you are. Seems as though it doesn't have to be a govt computer and as soon as it goes interstate, which it did, just about anything can be prosecuted under that law.

Nope, never read any lawsuits since they weren't linked to from that page, post some links. I did however read that whole thing (twice now, thanks) and I still get stuck at the end for some reason...oh, logic. Yahoo's webmail webserver fails to fit into any of those definitions.

(1) the term “computer” means an electronic, magnetic, optical, electrochemical, or other high speed data processing device performing logical, arithmetic, or storage functions, and includes any data storage facility or communications facility directly related to or operating in conjunction with such device, but such term does not include an automated typewriter or typesetter, a portable hand held calculator, or other similar device;
(2) the term “protected computer” means a computer—
(A) exclusively for the use of a financial institution or the United States Government, or, in the case of a computer not exclusively for such use, used by or for a financial institution or the United States Government and the conduct constituting the offense affects that use by or for the financial institution or the Government; or
(B) which is used in interstate or foreign commerce or communication, including a computer located outside the United States that is used in a manner that affects interstate or foreign commerce or communication of the United States