Palin’s Hacker Tracked via Proxy Server Logs

FBI agents used proxy server logs to track down the hacker who broke into Sarah Palin’s Yahoo e-mail account. The hacker gained access to the Republican Vice Presidential candidate’s account by re-setting her password. He then foolishly posted details of his adventures up on an on-line forum.  That information is now leading reporters and federal investigators to the suspect – 20-year-old David Kernell, Tennessee university college student, and son of state democratic representative Mike Kernell, who goes by the ‘net name “Rubico.”

He forced a password reset by answering questions about Palin’s birthday, zip code and where she met her spouse, Wasilla High School.   Of course, by being the Republican candidate for Vice President, this information is all very easily found on the Internet. Rubico used a proxy server that shields the source IP address from website logging scripts.  But aren’t proxy servers supposed to anonymize your information?  Yes and no.  To prevent abuse of the service – such as the occasional bomb threat or other illegal act that’s been known to happen - the admin of the proxy server logged each user’s IP address, along with the time and web destination.

CNET reports that the FBI searched Kernell’s apartment over the weekend, and local media reports suggest that three of his roommates could testify before a grand jury in connection to the case this week.

In the next few weeks, we will discuss the implications of hacking activity.  What laws were broken?  We will talk about the claims for violations of the Stored Communications Act and the Computer Fraud and Abuse Act.  Is there an argument for Yahoo’s email policy and password reset system?

 

September 23, 2008 - Posted by Prof. Cyberlaw | Federal, Hacker | | No Comments Yet