Still more Sarah Palin "Hacker" news
Posted by Steve Burgess at 12/9/2009 3:23 PM 
Categories: malware,Sarah Palin,hackers
Tags: malware Sarah Palin politics hackers computer forensics trojan horse
Categories: malware,Sarah Palin,hackers
Tags: malware Sarah Palin politics hackers computer forensics trojan horse
The latest defense for the individual charged with accessing Sarah Palin's email account in 2008 seems to be that he didn't do it; someone else planted a Trojan Horse on the computer and, remotely accessing the defendant's computer, did the dirty work from some place else. This, they say, is what made the defendant, David Kernell, look like the guilty party. Lawyers for the 21-year old son of a Tennessee State representative are approaching the case from multiple directions, but this is the first one that claims malware, not the student, is to blame.
In 2008 the FBI seized an Acer laptop from Kernell's apartment. The attorneys filing says that "The program, which was installed by an unknown method before the computer ever came into Mr. Kernell's possession, uses sophisticated technology to record and report personal information without the user's knowledge." They state that the software has been isolated and identified. The name of the software has not been disclosed publicly ostensibly in order to protect personal information.
The case revolves around an incident in September 2008 wherein Palin's personal email account was compromised, its contents posted on the Internet at the 4chan forum, and its password changed to "popcorn." The compromiser, whose 4chan handle was "Rubico," then posted a mea culpa of sorts on the web, saying he didn't quite realize the seriousness of his act until it was done. His note said he was particularly worried because he hid behind only one proxy server. He posted a screenshot of Palin's email account that revealed part of the URL of the proxy/anonymizer service, Ctunnel.
Bloggers connected Rubico - the poster of the guilty note - to an email address belonging to Kernell, and made that information public. He said that 45 minutes worth of research online & a few guesses was enough to allow him to get past Yahoo's evidently weak security. It is at least weak for public figures who have relevant personal info all over the web, such as the 3 pieces of data Rubico used: Palin's birth date, zipcode, and where she met Todd. The owner of the Ctunnel service has cooperated with the FBI, saving and presumably revealing relevant portions of the service's traffic logs.
Defense moves have included the idea that Palin's emails were public record, that a felony charge was inappropriate for a misdemeanor offense, that use of the terms like "hacker" and "hack" would be prejudicial to the jury as the guesses made to access the emails required no sophisticated computer skill, and most recently that Kernell didn't do it anyway - it was an actual hacker using Kernell's computer via a Trojan.
The trial date has been moved to April 2010.
It is worth noting that the mention of the proxy specifically calls out the widespread meme regarding "hiding behind seven proxies." It's a bit of jargon covering some internet folklore regarding the amount of indirection required to remain safe from detection when committing various kinds of shenanigans. As with all memes, this one has numerous variations and parodies.
Reply to this
Indeed, Mr. Munin's Fire! Reminds me of the old phrase, "beyond the 7th wave."
Reply to this