Source: Link

September 22, 2008 (Computerworld) The man who traced the IP address of the hacker who accessed Alaska Gov. Sarah Palin’s e-mail account last week confirmed today that it belongs to an Illinois company that provides Internet service to the Knoxville, Tenn., apartment complex where the FBI served a search warrant early Sunday.

Gabriel Ramuglia, the webmaster of Ctunnel, an Athens, Ga.-based proxy service used by the hacker to mask his or her identity, acknowledged that the IP address he found in his server logs belongs to Pavlov Media, an Internet service provider based in Champaign, Ill.

According to its Web site, Pavlov Media provides Internet, television and phone services to The Commons at Knoxville, a complex that specializes in apartments for students of the University of Tennessee-Knoxville.

Early Sunday, WBIR, Knoxville’s NBC affiliate, reported that FBI agents had searched the apartment of David Kernell, 20, at The Commons. David Kernell is the son of Mike Kernell, a longtime Democratic state legislator from Memphis.

Last week, David Kernell was linked to the hack of Palin’s e-mail account on blogs and message boards after someone identified only as “Rubico” claimed to have accessed Palin’s account by using Yahoo Inc.’s password reset feature. Others subsequently connected the Rubico handle to the e-mail address rubico10@yahoo.com, which was in turn linked to Kernell through Internet searches that uncovered connections between him, the username and the e-mail address on sites such as YouTube.

Rubico claimed that the online research needed to reset Palin’s password took just 45 minutes.

Ramuglia said Sunday that the IP address he found in the proxy service logs didn’t “look consistent” with reports identifying Kernell. By today, however, he had changed his mind.

“It became clear that the ISP, in addition to serving Illinois, also serves Tennessee, which means that the IP address could actually be consistent with the news reports,” Ramuglia said today.

Ramuglia had been asked by the FBI to save the proxy service’s log — logs are usually purged after seven days — and to search for a specific IP address that authorities provided. The IP address was one in a block assigned to Pavlov Media.

Before the account break-in, Palin, the Republican nominee for vice president, had come under fire for using private e-mail accounts to conduct state business. Some critics had accused her and others in her administration of using private accounts rather than state-provided ones to skirt message-retention and public-records laws.

McCain v. Obama – Let Us Know Who You Want To Win

Advertisements

Source: PC Mag

How can you prevent a Palin webmail hack from happening to you? The short answer: you can’t.

Yahoo has no immediate plans to overhaul its e-mail security procedures after a hacker last week gained access to Sarah Palin’s private Yahoo Mail account, the company said Monday. Instead, it is reviewing security processes on an industry-wide basis.

Google’s Gmail and Microsoft’s Hotmail also have existing processes in place to enable password recovery. But those too can be exploited by a hacker patient enough to sniff through personal data that might already be available online.

Yahoo, however, is being forced to reconsider its own security practices.

“While federal law and our privacy policy prevent us from commenting about specific user accounts, Yahoo takes security and privacy seriously and we are continually working on improvements to our account security processes,” according to a spokeswoman. “We’re also participating in industry-wide discussions on how to better protect users.”

A hacker gained access to the Republican vice presidential hopeful’s gov.palin@yahoo.com account last week after successfully navigating Yahoo’s password recovery feature. That process required the hacker to enter Palin’s login name, date of birth, ZIP code, and to answer the question, “Where did you meet your spouse?”

Palin, who currently serves as governor of Alaska, is now widely known to be a lifetime resident of Wasilla, Alaska, so the ZIP code was easily deciphered. A quick Google search revealed her date of birth, and any of the approximately 40 million people listened to her GOP convention acceptance speech were informed that she met her husband in high school. An amateur who fiddled with the wording a bit – “Wasilla high” being the correct response – had access within minutes.

Yahoo is trying to strike a balance between providing a secure user experience while also ensuring a process for accessing lost account information, according to a source familiar with the situation. The company last week issued a memo to users on how to create more secure passwords, though the Palin hacker did not know her password.

Naturally, a typical user’s personal Webmail accounts are not going to generate as much hacker interest as Palin’s account, but security remains a concern. What is your best option?

When signing up for Yahoo, the company asks for standard personal information – name, gender, date of birth, country, and ZIP code – and then asks users to answer one of nine possible secret questions: where the user met his or her spouse; the first school the user attended; his or her childhood hero, favorite pastime, favorite sports team, father’s middle name, or high school mascot; the name of the user’s first car or bike; or the name of the user’s pet.

Once you select one of these questions, however, you cannot change it. You can also not change your date of birth. Had Palin recovered her own account, hackers could have just as easily gained re-entry given that they had the answer to her secret question. Yahoo does allow users to change their gender and/or location, so switching her ZIP code to a random city might have done the trick.

Microsoft’s Hotmail has a similar set-up situation, asking for personal information, and the answer to one of six secret questions: the user’s mother’s birthplace, the user’s best childhood friend, the name of the user’s first pet, the user’s favorite teacher, favorite historical person, or the occupation of the user’s grandfather.

Unlike Yahoo, Hotmail users can change their secret question once they set up their account. This might have helped Palin if she’d acted fast, but it also means that if the hacker had successfully accessed a Hotmail account, the hacker could have changed the secret question immediately and locked the proper owner out of the account indefinitely.

Microsoft also has no immediate plans to change its Hotmail security processes, according to a spokeswoman.

“Microsoft is always working to strengthen the security of its products and services and is committed to helping consumers have a safe, secure and positive online experience,” she said. “We know our customers’ needs are constantly evolving based on changes in the security landscape and we are always working to meet these new threats and to help protect our customers from them.”

Gmail might have the most secure password recovery process at this point, but it is a potentially lengthy process.

Gmail also requires personally identifiable information, but lets users either create their own question or answer one of four Google-selected questions: primary frequent flyer number, library card number, first phone number, or first teacher’s name.

If a user forgets his or her password, Google will send password reset information to the secondary e-mail address a user provided when signing up. But if the user lost the password to that account, no longer had access to it, or did not provide a second e-mail address, Google requires a waiting period of five days before resetting the password.

“To prevent someone from trying to break into an account you’re actively using, the security question is only used for account recovery after an account has been idle for five days,” according to Google. “The Gmail team cannot waive the five day requirement or access your password under any circumstances.”

The FBI and Secret Service are now investigating the Palin hack. Authorities reportedly searched the home of a 20-year-old University of Tennessee student over the weekend, but no arrests have been made. The hacker could face felony charges for violating the Computer Fraud and Abuse Act, but could also avoid prosecution thanks to a Department of Justice loophole, according to the Electronic Frontier Foundation.

Palin and the now erased Yahoo account have also made headlines over allegations that the governor used her personal account for state business.

Image Hosting by Picoodle.com

Source: Sky

The mystery group, who call themselves Anonymous, posted a number of the Republican vice-presidential candidate’s private emails and family photos on the internet.

The McCain campaign were furious and called it a “shocking invasion of privacy and a violation of law” – and called for those responsible to be prosecuted.

The FBI are now hunting the gang, who bragged about how they were able to obtain Mrs Palin’s password by guessing she had met her husband at high school and knew her date of birth and postal code.

Using the details, one hacker – who uses the online handle Rubico – said he tricked Yahoo into assigning a new password for Mrs Palin’s email account.

Anonymous, who have so far evaded capture by successfully masking their IP addresses, have hit the headlines on many occasions over their twisted antics.

They have been dubbed ‘hackers on steroids’ by the US media and get their kicks by making prank calls, flooding message boards with obscene photos and breaking into people’s social network sites to out them as gay.

In March this year, they flooded an epilepsy website with flashing images, causing some members to suffer migraines and seizures.

The FBI is investigating what may be the first computer attack that physically harmed people.

They also stormed a virtual world known as Habbo by sending in black-skinned avatars with Afro hair to block off the pool to other users, claiming it was infected with AIDS.

They also formed swastika formations.

The group was slated over the suicide of US student Mitchell Henderson, who they claimed had shot himself because he lost his iPod, something he had noted on his MySpace page.

Anonymous seized on a badly written message on his online memorial page and turned the phrase “an hero” into an internet catchphrase.

For more than a year, the sick group carried on the harassment by calling the youngster’s parents, pretending to be his ghost.

Image Hosting by Picoodle.com