September 23, 2008
September 22, 2008 (Computerworld) The man who traced the IP address of the hacker who accessed Alaska Gov. Sarah Palin’s e-mail account last week confirmed today that it belongs to an Illinois company that provides Internet service to the Knoxville, Tenn., apartment complex where the FBI served a search warrant early Sunday.
Gabriel Ramuglia, the webmaster of Ctunnel, an Athens, Ga.-based proxy service used by the hacker to mask his or her identity, acknowledged that the IP address he found in his server logs belongs to Pavlov Media, an Internet service provider based in Champaign, Ill.
According to its Web site, Pavlov Media provides Internet, television and phone services to The Commons at Knoxville, a complex that specializes in apartments for students of the University of Tennessee-Knoxville.
Early Sunday, WBIR, Knoxville’s NBC affiliate, reported that FBI agents had searched the apartment of David Kernell, 20, at The Commons. David Kernell is the son of Mike Kernell, a longtime Democratic state legislator from Memphis.
Last week, David Kernell was linked to the hack of Palin’s e-mail account on blogs and message boards after someone identified only as “Rubico” claimed to have accessed Palin’s account by using Yahoo Inc.’s password reset feature. Others subsequently connected the Rubico handle to the e-mail address firstname.lastname@example.org, which was in turn linked to Kernell through Internet searches that uncovered connections between him, the username and the e-mail address on sites such as YouTube.
Rubico claimed that the online research needed to reset Palin’s password took just 45 minutes.
Ramuglia said Sunday that the IP address he found in the proxy service logs didn’t “look consistent” with reports identifying Kernell. By today, however, he had changed his mind.
“It became clear that the ISP, in addition to serving Illinois, also serves Tennessee, which means that the IP address could actually be consistent with the news reports,” Ramuglia said today.
Ramuglia had been asked by the FBI to save the proxy service’s log — logs are usually purged after seven days — and to search for a specific IP address that authorities provided. The IP address was one in a block assigned to Pavlov Media.
Before the account break-in, Palin, the Republican nominee for vice president, had come under fire for using private e-mail accounts to conduct state business. Some critics had accused her and others in her administration of using private accounts rather than state-provided ones to skirt message-retention and public-records laws.