Slashdot Log In
"Anonymous" Hacks Palin's Private Email
Posted by
kdawson
on Wed Sep 17, 2008 05:34 PM
from the should-have-used-hushmail dept.
from the should-have-used-hushmail dept.
netbuzz writes "'Anonymous,' best known for its jousts with Scientology, has apparently hacked Sarah Palin's private Yahoo email account. Contents, including sample emails, an index, and family photos, have been posted by Wikileaks, which calls them evidence that the GOP vice presidential candidate has improperly used private email to shield government business from public scrutiny." Note that there is no easy way to tell if the material on Wikileaks is genuine or a hoax. Update by J : Genuine.
Related Stories
[+]
Palin Email Hacker Found 767 comments
mortonda writes to tell us that the person responsible for breaching Sarah Palin's private email account has been found. We discussed the breach last Wednesday, shortly before the hacker, a University of Tennessee-Knoxville student, posted a message detailing his methods. Wired has a story examining the potential legal consequences for the hacker.
[+]
News: Court Rules That Palin Must Save Yahoo Emails 412 comments
quarterbuck writes "An Anchorage judge has ruled that Governor Sarah Palin must save her emails, as they were apparently used for state business. Last week a Tennessee man was arrested over hacking one of her Yahoo email accounts. The Washington Post also reports that Sarah Palin, her husband, and officials had set up email accounts known only to each other."
[+]
IT: Study Shows "Secret Questions" Are Too Easily Guessed 303 comments
wjousts writes "Several high-profile break-ins have resulted from hackers guessing the answers to secret questions (the hijacking of Sarah Palin's Yahoo account was one). This week, research from Microsoft and Carnegie Mellon University, presented at the IEEE Symposium on Security and Privacy, will show how woefully insecure secret questions actually are. As reported in Technology Review: 'In a study involving 130 people, the researchers found that 28 percent of the people who knew and were trusted by the study's participants could guess the correct answers to the participant's secret questions. Even people not trusted by the participant still had a 17 percent chance of guessing the correct answer to a secret question.'" Schneier pointed out years ago how weird it is to have a password-recovery mechanism that is less secure than the password.
This discussion has been archived.
No new comments can be posted.
The Fine Print: The following comments are owned by whoever posted them. We are not responsible for them in any way.
Full
Abbreviated
Hidden
Loading... please wait.
The crossed the line this time (Score:5, Interesting)
Attacking Scientology is one thing. We all know that it is a crock of crap. However, when somebody hacks a VP candidate, the FBI and Secret Service will react strongly.
Re:The crossed the line this time (Score:5, Funny)
Parent
Re:The crossed the line this time (Score:5, Funny)
He and John are still in Stan Marsh's closet, so noone will hear them.
Parent
Re:The crossed the line this time (Score:5, Funny)
(now I'm in the closet too!)
Parent
Alrighty then... (Score:5, Funny)
HEY TOM CRUISE!!!!
If you're reading this, then I tell you that your hokey sci-fi, pseudo-religion CULT is a crock of crap.
And I also think you're a faggot weenie too.
So there.
PS: Your acting sucks too.
Parent
Re:Alrighty then... (Score:5, Funny)
Parent
Re:Alrighty then... (Score:5, Funny)
PS: Your acting sucks too.
Insult the man's beliefs, fine, they are crap, but his part in "Tropic Thunder" was hilarious.
Parent
Re:The crossed the line this time (Score:5, Insightful)
Parent
Re:The crossed the line this time (Score:5, Informative)
This was on CNN a few minutes ago and they confirmed that the Secret Service was already involved in the investigation.
Parent
Re:The crossed the line this time (Score:5, Insightful)
On one hand.. I agree they crossed the line.. on the other I kind of understand people's motives. Now I am in no way shape or form advocating hacking someone's email account, but there's something important to consider here. There's a great article at NY Times [nytimes.com] which talks about Palin's rise in politics. Here's one excerpt:
Interviews show that Ms. Palin runs an administration that puts a premium on loyalty and secrecy. The governor and her top officials sometimes use personal e-mail accounts for state business; dozens of e-mail messages obtained by The New York Times show that her staff members studied whether that could allow them to circumvent subpoenas seeking public records.
If she does infact use her private email address for correspondence with other staff members or governmental bodies, can you really consider it a private email account anymore? I'm not asking for response from slashdotters with analogies here, but if she does infact potentially use her personal email to avoid subpoenas then why the hell should it be considered personal. She is paid by the taxpayers and they have a right to know what is going on. Why have her staff members been studying the use of personal email accounts for official business anyways?
Maybe the deal with her using personal email for work is just a rumor, and maybe the whole deal with "Anonymous" is not true, but still things aren't just black and white here.
Parent
Re:The crossed the line this time (Score:5, Insightful)
When the McCain announced Palin as his running mate, I recognized quickly it was quite an ingenious move on their part. I wouldn't be surprised that one of the big reasons she was picked was because of all the issues and drama surrounding her. It is enough to create a media feeding frenzy, diverting the major coverage away from the issues that could defeat them. As they say no publicity is bad publicity, and all the negative coverage paints her as the victim or underdog, whom literature has taught us to root for.
Parent
Re:The crossed the line this time (Score:5, Insightful)
"no publicity is bad publicity"
Spoken like someone who knows nothing about marketing. One of the first things I was taught in my marketing classes is how that is a crock.
Bad publicity has bankrupted companies, people and countries. It's drove people to suicide. There IS bad publicity.
Parent
Re:The crossed the line this time (Score:5, Interesting)
I would imagine though that hacking into a yahoo e-mail account, even if it's a political figure, is not really going to get any serious penalties. It's not like they hacked into a government e-mail account. It's also not as if she has launch codes yet. McCain has to be elected, then die of a heart attack for her e-mail to be of much real importance. ... of course, if she did, they would probably end up in her yahoo account. And we'll be dead soon anyway. As Matt Damon said, someone who belives in creationism should not be an (old) heartbeat away from the football.
But I suspect secret service is investigating mostly to determine if there's a real security risk IE if she e-mailed out that there was a spare key to her house under a fake rock in the garden, or she was going to be in room 287 of the doubletree hotel.
Parent
Re:The crossed the line this time (Score:5, Insightful)
Parent
Re:The crossed the line this time (Score:5, Insightful)
But I suspect secret service is investigating mostly to determine if there's a real security risk IE if she e-mailed out that there was a spare key to her house under a fake rock in the garden, or she was going to be in room 287 of the doubletree hotel.
I suspect the Secret Service is investigating mostly because this is high profile and will end up being publicly embarrassing. Not so much to Palin as to the people she was communicating with.
No doubt someone archived the entire account in their e-mail program and will dump it all online sometime before the election.
Parent
Re:The crossed the line this time (Score:5, Insightful)
Holy shit. How you believe we originated really matters on whether you should have control of nuclear codes?
Presumably the connection is that a creationist clearly lacks even a modest helping of critical and independant thinking.
Parent
Re:The crossed the line this time (Score:5, Insightful)
As much as I think Scientology is a dangerous cult, the actions of Anonymous to date have been demonstrating that they are just a group of dangerous radicals. Anonymous is dangerous because they attack and slander groups they disagree with and hide behind masks so that their opponents can not adequately defend themself. Now, I know many of the people who hate Sarah Palin and the Republicans won't see a problem with this, but for a moment imagine how you would feel if a similar group performed the same action on Barack Obama (or a political leader in your own country) and see how 'wonderful' it would be.
Parent
Re:The crossed the line this time (Score:5, Insightful)
Right, remember this is the same group that hacked an epilepsy support page to try to induce seizures. Also realize this is pretty much the opposite of constructive: Palin is being used as a distraction to keep us from thinking about real issues. This only furthers that distraction. It would be one thing if they found evidence of corruption, but this is merely digital tabloid fluff.
Anonymous is doing this entirely to feed their own egos.
Parent
Re:The crossed the line this time (Score:5, Insightful)
Anonymous most likely are doing this because they got lucky. I would guess hack attempts are made at a number of public and political figures. If they have a successful strike, then I'd expect them to run with it. I wouldn't overplay the deliberateness of this.On the other hand if a possible vice- or actual president is daft enough to have unencrypted emails floating round a public system, then it's hardly surprising those emails surface. And anyone can be Anonymous - that's it's greatest strength (even more so than the technical competence of some of its members).
Now if they have found that she was conducting official business through private email accounts and was doing so to avoid scrutiny, then that is interesting.
Parent
Who did? (Score:5, Insightful)
It's entirely likely that some scientologit did this and claimed that "anonymous" was behind it. Google for "operation freakout" for another example of the criminal nut-cult framing an innocent party for a crime.
-jcr
Parent
Intended purpose of hacking the e-mail (Score:5, Insightful)
I think that I understand the reasoning of anonymous actions, in that s/he thinks Palin is doing wrong, and s/he wants to call attention to it.
This may just backfire, and generate support for Palin, thereby defeating his actions purpose. Indeed, this type of attack could even be used as a method for generating support by Palins camp.
The end is not justified by the means, and these types of attacks should not be pursued, either by the attacker, nor by the readers of such "information".
Parent
Re:Intended purpose of hacking the e-mail (Score:5, Insightful)
I respect your opinion on this issue, though I don't agree. Sarah Palin has done the exact same thing that Bush did - hide governing related communications on non-government servers. I believe this is illegal. I also think republicans have been doing this since Nixon got caught with tapes. Rather than reform their integrity, they reformed their communication systems to illegally hide their activities. Sarah Palin is scary, and Anonymous is doing us a favor. Only the light of scrutiny will reform our government.
Parent
Re:The crossed the line this time (Score:5, Funny)
Yes. GP keeps a lot of monkeys in the basement.
Parent
Re:The crossed the line this time (Score:5, Informative)
What the hell are you talking about? Anonymous the name attributed to (and embraced by) the many and varied denizens of 4chan's Random (/b/) board. They rose to fame with their protests against scientology, but anyone who has ever visited /b/ could tell you that:
1) Anonymous is a 'group' only in the loosest sense of the word. There's no organization, no leader, and no real agenda. It works more like flash mobs. One person suggests something, and if enough people go along with it to achieve critical mass, then it's epic. Otherwise, it's just a few internet nerds making idiots out of themselves.
2) Anonymous has no real code, moral stance, or ethical guideline. /b/ frequently delves into such subjects as drug use, murder, petty crime, and child porn.
3) Anonymous does everything they do for their very own personal amusement. Any claim to be standing on principle is really just part of the joke. Since anonymous is kind of an intersection of Slashdot and MySpace when it comes to demographics, you'll find you agree with many of their 'positions.' However, don't expect any real loyalty from them.
Parent
No way to tell? (Score:5, Interesting)
Translation: Wikileaks has been down for hours.... Wonder why?
Re:No way to tell? (Score:5, Informative)
Parent
Re:No way to tell? (Score:5, Informative)
Ok here's the full list of Wikileaks domains:
* http://www.wikileaks.org/ [wikileaks.org]
* https://secure.wikileaks.org/ [wikileaks.org]
* https://wikileaks.cx/ [wikileaks.cx]
* http://wikileaks.org.uk/ [wikileaks.org.uk]
* http://www.cauce.us/wiki/Wikileaks [cauce.us]
* https://secure.wikileaks.be/ [wikileaks.be]
* https://secure.freedomsbell.org/ [freedomsbell.org] â" alternative name to bypass the Great Firewall of China
* https://secure.libertypen.org/ [libertypen.org] â" alternative name to bypass the Great Firewall of China
* https://secure.ljsf.org/ [ljsf.org] â" alternative name to bypass the Great Firewall of China
* https://secure.sunshinepress.org/ [sunshinepress.org] â" alternative name to bypass the Great Firewall of China
Parent
Confirmed by her campaign (Score:5, Informative)
It has been confirmed by her campaign and Amy McCorkell, the sender of one of the emails that has been posted.
Something or Other (Score:5, Informative)
The "something or other" suggested is conducting public business using private email. For Federal officials, that's illegal, because it amounts to hiding your paper trail. Don't know if Alaska has a similar law for State officials, but even if it doesn't, hiding her actions is not what you'd expect from the reformer Palin claims to be.
Of course, even if proven, Palin will just add these charges to her list of Things That Never Happened, like her initial support for the Bridge to Nowhere.
Parent
History in the making (Score:5, Funny)
This might be the first time the Secret Service has encountered the Streisand Effect.
Probably Genuine (Score:5, Interesting)
Note that there is no easy way to tell if the material on Wikileaks is genuine or a hoax.
Wired has confirmed [wired.com] from one sender, Amy McCorkell, that the displayed message from her to Sarah Palin is genuine.
Hacking? (Score:5, Insightful)
Re:Hacking? (Score:5, Funny)
Parent
Hooray for women's rights! (Score:5, Interesting)
Sarah Palin is proof that there is no glass ceiling for women, as long as you're not ugly, have fufilled your reproductive obligations, don't have any actual power, will be subordinate to a man, seem clueless, and hiring you will keep a black man out of the white house.
Re:Hooray for women's rights! (Score:5, Interesting)
Parent
Encryption, maybe... (Score:5, Insightful)
This wouldn't have even been an issue if she'd used encryption.
Maybe high-profile leaks like this will help convince the public at large that encryption is beneficial, even if you aren't doing anything wrong.
This is why you use official email systems (Score:5, Insightful)
This is a really good reason why they should NOT be using their private email. Sure, using the government systems opens them up to having their corruption on record, but having it on something like Yahoo mail opens it up to something like this, potentially exposing WAY more information than that. Not that government email is unhackable, but I'd certainly expect it to be at least a little bit more secure.
What will happen in retaliation? (Score:5, Insightful)
If this is true, I think it's possible that Anonymous has just painted a gigantic bulls-eye on a free internet.
I am all for ferreting out corruption, but what I worry about is how many will paint this: "Terrorist Rogue Hacker attacks Vice Presidential Candidate."
What limits are there on privacy now? I hope I am wrong.
Wow, no spam! (Score:5, Funny)
The ol' double standard... (Score:5, Insightful)
"McCain-Palin 2008 Campaign Manager Rick Davis: 'This is a shocking invasion of the Governor's privacy and a violation of law. The matter has been turned over to the appropriate authorities and we hope that anyone in possession of these emails will destroy them. We will have no further comment'..."
When someone does this sort of hacking/eavesdropping/snooping to a government official, it's called "a shocking invasion of...privacy and a violation of law."
When the government does it to you, it's called the "Patriot Act."
Ugh... (Score:5, Insightful)
I don't like Palin or the entire McCain campaign in the least... but how is this even remotely acceptable? We cry and bitch and moan about warrantless government wiretapping, yet when some group of a-holes breaks into an elected official's personal email account and posts screenshots on the web, we see it as just some more dirt on a candidate. The best word that describes that is "despicable."
Mark this as flamebait all you want, but people running for public office have constitutional rights too. I've always considered Anonymous a bit shady in their dealings, and this justs seals the deal.
A generation gap... (Score:5, Interesting)
1) Yahoo e-mail account
2) Password was her zip code
3) Prominent public figure
4) No attempt to disguise her identity in the user name
Are the over 30 year olds really that stupid? This is stuff I'd expect from my grandmother, not a governor/VP candidate.
The sad thing is the media isn't going to note that her behavior was unsafe. Instead it will be the dirty hacker's fault, nevermind that the account has likely been "hacked" several times. Even if it hasn't it sure as hell would be if this info wasn't made public and the account was shut down.
It will really twist my nuts if:
1) Everything in the account becomes a inadmissible when an investigation of the legality of the account is conducted.
2) The issue of the McCain/Palin ticket's technological illiteracy is not brought up. Maintaining the security of your e-mail account is something every user has to be able to do, and that includes using a real password. And, no, I don't think Biden's a competant human either, but the top of that ticket hasn't really given me reason to worry, yet...
Fuck, people are stupid. But nevermind that, it's those damn tricky kids... so crafty these days!
Re:Who? (Score:5, Funny)
I'll pardon your ignorance if you pardon my advice to just fucking google it.
Parent
Re:Who? (Score:5, Funny)
I'll pardon your ignorance if you pardon my advice to just fucking google it.
Now that's just rude! The least you could do was provide a link [justfuckinggoogleit.com].
Parent
Re:I've looked. Check Gawker (Score:5, Informative)
I'm fairly certain that this is legit. I'm also fairly certain that members of Anonymous are not all based in the USA and may or may not have anything to fear from the Secret Service.
However, one of the features of a Yahoo Mail account is the ability to download a backup copy of your mailbox as a single file. I believe the file format is the one used by Outlook Express, rather than the more universal .mbox format, but still, if the "hackers" didn't think to grab everything, I would be shocked.
I'd be willing to bet that someone out in internet land has a copy of Sarah Palin's whole mail spool right now.
Parent
Re:I've looked. Check Gawker (Score:5, Interesting)
the scuttlebut on /b/ yesterday was that no, Anon did not download a backup file, and got cold feet when he realised where he was and that partyvans would be dispatched shortly. There was much crying and gnashing of teeth among /b/tards yesterday, I tell you, who were hoping for complete copies of the e-mails, and were denied.
Parent
Re:I've looked. Check Gawker (Score:5, Insightful)
Now, there is proof...
What she said isn't the story, it's who she said it to.
Parent
Re:I've looked. Check Gawker (Score:5, Insightful)
So far only two emails, some personal photos, a contact list and some inbox screenshots have been posted. Nothing incriminating.
Depends how you define "incriminating".
Work email goes to and from work accounts. Personal email goes to and from personal accounts. That's a policy common in corporations and in government, and is increasingly strictly adhered to the higher up the ranks you go.
As a member of public office, she is accountable to the public, and her email pertaining to her office is a matter of the public record, and subject to things like the Freedom-of-Information-Act (FOIA). Using a personal Yahoo account to conduct government business would be hugely inappropriate for a multitude of reasons; not least of which is undermines her accountability to FOIA.
In Palin's case its evident that a number of her contacts are @alaska.gov... meaning she was corresponding as 'personal palin' to other public officials using their office-accounts.
While perhaps not incriminating, it is hugely inappropriate. Either she was sending them personal messages -- which is inappropriate; she should have sent those to their personal accounts, or she was sending or receiving work related messages which is completely unacceptable.
Palin clearly didn't adhere to this separation of work and personal (hell, her "personal" account is 'gov.palin' which is itself inapprorpiate) and while I'm sure many many people are guilty of it, its still inappropriate, and most of us aren't angling to be 2nd in line to the presidency, so the scrutiny on her is warranted. It would be nice if we could unmask the other canditates personal accounts too, to have a more balanced exposee, but that's beside the point.
Parent
Re:First impression: not cool (Score:5, Insightful)
Since she's advertising herself as a candidate with strong ethics who's trying to clean up government and get rid of backroom dealing, she clearly feels that she's not accountable to the same standard of ethics that others should be held to. This is a huge lapse in judgment that voters need to be aware of before they cast their votes.
Parent
Re:First impression: not cool (Score:5, Insightful)
This is what I don't get, after reading about half of the posts in this thread: About 95% of the posts don't mention the right to privacy, at all. But monitoring e-mail traffic by secret service in order to catch terrorists or prevent possible terrorist attacks, is frown upon by the great majority of Slashdotters.
Parent