Have you heard the news about Vice Presidential candidate Sarah Palin getting her yahoo mail account hacked? I read a blog entry by Michelle Malkin entitled “The Story Behind the Palin E-mail Hacking” to get the details. It put some of the details in perspective.
The main clarification was that the perpetrator who did the hacking was not part of some elite hacker group. There is a site called 4chan that has a lot of discussion boards. People post on this site as Anonymous normally. You don’t need to sign in with your credentials. One person hacked Palin’s Yahoo account early Tuesday morning. The account and password were then shared on one of the 4chan discussion boards. The plan was for other readers to go crazy and use the e-mail.
In the end, this discussion board thread was deleted by the moderators. Some users had taken screen shots of what they saw on 4chan. It was these screen shots that were shared with the mass media. Later a poster that goes by the handle rubico claimed to be the original person who hacked the account and shared the password on the 4chan board. Rubico’s e-mail address is email@example.com.
Here is a synopsis of what rubico said he did. He used Wikipedia to find information about Palin. He then used Yahoo’s password recovery features to trick Yahoo into providing him with Palin’s password. Rubico then proceeded to read each of Palin’s e-mails. However he did not find any incriminating evidence. There were just personal things like family pictures in there. He decided to post the password to 4chan as a prank. He was unhappy that somebody who disagreed with he work went in and changed the password of Palin account.
There were a number of interesting issues surrounding Palin’s account being compromised. One is that Palin uses a free e-mail service like Yahoo. The other is that it is easy to take advantage of the Yahoo password recovery system. Finally, there was a lot of misinformation about the story in the mass media. That is typical I guess.
Analysis Failure - My new team leader asked me to cost a fix to a bug the customer found. I looked up the ticket in our system. Somebody had already done an analysis and pro...