Report: Tenn. legislator confirms son is at center of Palin hack chatter
Blogs, message boards link college student to e-mail address reportedly used by hacker
Computerworld - A Tennessee state legislator has confirmed that his son, a 20-year-old student at the University of Tennessee-Knoxville, is the person being named on blogs and message boards in connection with the hacking of Alaska Gov. Sarah Palin's e-mail account, a Nashville paper reported late yesterday.
Kernell, a Democrat, represents District 93, which encompasses the University of Memphis and other parts of southwest Memphis. He declined additional comment to the Tennessean.
On Wednesday, someone identified only as "rubico" posted a message to 4chan.org's popular /b/ board claiming to have gained access to Palin's e-mail by using Yahoo's password reset feature. Although the post was deleted from 4chan.org, a copy was sent to conservative syndicated columnist Michelle Malkin, who published it on her blog Wednesday.
Others linked the rubico handle on 4chan.org to the e-mail address "firstname.lastname@example.org," which was in turn linked to David Kernell through Internet searches that uncovered connections between him, the username and the e-mail address on such sites as YouTube. Kernell's YouTube page has since been closed. The email@example.com address was marked as "temporarily locked because of security concerns" by Yahoo early today.
In a blog that Kernell began in 2003 -- and which holds only three entries -- he identified himself as "rubicox," a variation of rubico10. Kernell also used the rubicox handle on a chess site linked from his blog.
Others made more unusual connections between the hacker dubbed rubico10 and Kernell.
In the posting to 4chan.org's /b/ board, rubico10 said that after gaining access to Palin's account, "I promptly changed the password to popcorn and took a cold shower."
"Just dawned on me why he used the password 'popcorn'," said a user going by the name "akgoldrush" on the blog littlegreenfootballs.com. "Duh. Getting a little slow in my old age."
Gabriel Ramuglia, the webmaster of an Athens, Ga.-based proxy service, may be able to shed light on the identity of the hacker as early as today. On Thursday, Ramuglia said that the FBI had contacted both him and Yahoo the day before, asking for server logs to determine who had accessed Palin's account.
Ramuglia operates Ctunnel, an ad-supported proxy service targeted primarily at users in schools or businesses who want to access sites that are normally blocked by network administrators. Screenshots of several messages from Palin's account showed that the hacker had used Ramuglia's proxy service in an attempt to hide his or her tracks.
Ramuglia was in the middle of transferring about 80GB of log file data yesterday and hoped to start searching through it sometime today. "The FBI told me that they had asked for information by tomorrow [Friday] from Yahoo," Ramuglia said. "That's about the time frame I'll be able to search my logs."
He was also confident he would be able to pinpoint the person who used his proxy service to access Palin's account. "I should be able to track it down to their original ISP, and then the IP address of the person who did it," Ramuglia said. "Who did this abused my service and broke the law."
Both the FBI and Secret Service have opened investigations, but neither agency has made any public announcements of suspects or arrests.
Palin e-mail hack
- Yahoo, Hotmail, Gmail all vulnerable to Palin-style password-reset hack
- Report: Tenn. legislator confirms son is at center of Palin hack chatter
- Web proxy firm working with FBI to trace Palin e-mail hacker
- IT Blogwatch: Sarah Palin e-mail hacker drops anchor, arrr!
- Security researchers ponder possible Palin hacks
- Update: Hackers claim to break into Palin's Yahoo Mail account
- Sharon Machlis: Yahoo users: Like Sarah Palin, you may be vulnerable to an e-mail hack
- Douglas Schweitzer: How safe is your e-mail correspondence?
- Global News Update: Thursday, September 18, 2008
Read more about Networking in Computerworld's Networking Topic Center.
- 15 Non-Certified IT Skills Growing in Demand
- How 19 Tech Titans Target Healthcare
- Twitter Suffering From Growing Pains (and Facebook Comparisons)
- Agile Comes to Data Integration
- Slideshow: 7 security mistakes people make with their mobile device
- iOS vs. Android: Which is more secure?
- 11 sure signs you've been hacked
- What Datapipe customers need to know about the new PCI DSS 3.0 compliance standard This handy quick reference outlines what PCI DSS 3.0 is, who needs to be compliant and how Alert Logic solutions address the new...
- Defense Throughout the Vulnerability Life Cycle This whitepaper provides insight into how to leverage threat and log management technologies to protect your IT assets throughout their vulnerability life cycle.
- The Critical Role of Support in Your Enterprise Mobility Management Strategy Most business leaders underestimate the importance of tech support when they choose an EMM solution. Here's what to put on your checklist.
- Separating Work and Personal at the Platform Level: How BlackBerry Balance Works BlackBerry® Balance™ separates work from personal on the same mobile device, right at a platform level. Find out how it can work for...
- Live Webcast Best Practices for the Hyperconverged Enterprise Network To the Age of Constant Connectivity and Information overload
- Getting Ready for BlackBerry Enterprise Service 10.2 Find out how BlackBerry® Enterprise Service 10 helps organizations address the full spectrum of EMM challenges, while balancing the needs of both the...
- Containerization Options: How to Choose the Best DLP Solution for Your Organization This webcast outlines a framework for making the right choice when it comes to containerization approaches, along with the pros and cons of... All Networking White Papers | Webcasts