The Corpus Callosum

Email Pilfering

Posted by Joseph j7uy5 on September 19, 2008
(11)
More »

A prominent political candidate had her email account pilfered.
 It is not known, openly, how this was done.
 Reportedly, it was a simple password, a word that could be
found in any English dictionary.  That was a mistake.

Still, it was wrong for people to do it.  Period.  

Yes, the act does make some points.  But they are all points
that could be made without doing something wrong.

(11)
More »

Comments

  1. #1 foole
    September 19, 2008

    My understanding was that Palin’s password was reset using Yahoo’s password reset feature. Most of these types of features involve questions that are easy to research or easy to guess. While I think Palin’s original password probably was based on a dictionary word, I think the flaw in his case has to do with yahoo (and gmail and hotmail and myriads of other services).

    And I agree that it was wrong to break into her account I think this underscores the need for personal responsiblity with regards to Internet security (as an aside I am not blaming the victim here). Personally, I think any system that relies on passwords is probably already weak. I’d rather passwords go away completely and that we use something better.

  2. #2 foole
    September 19, 2008

    My understanding was that Palin’s password was reset using Yahoo’s password reset feature. Most of these types of features involve questions that are easy to research or easy to guess. While I think Palin’s original password probably was based on a dictionary word, I think the flaw in his case has to do with yahoo (and gmail and hotmail and myriads of other services).

    And I agree that it was wrong to break into her account I think this underscores the need for personal responsiblity with regards to Internet security (as an aside I am not blaming the victim here). Personally, I think any system that relies on passwords is probably already weak. I’d rather passwords go away completely and that we use something better.

  3. #3 SimonG
    September 19, 2008

    I think it also highlights that webmail services are not appropriate for serious use. A former employer of mine banned the use of them for this and other reasons.

  4. #4 Rob Jase
    September 19, 2008

    At least we can be sure her vp running mate McCain didn’t do it. He doesn’t know what email is.

  5. #5 Nalgas
    September 19, 2008

    Her password was reported as ‘popcorn’. A crude dictionary attack would have broken her password. This dates her computer-security smarts to the early 90s (oh, so last millennium!) which makes her woefully not up to the task, although compared to McCain she’s cutting-edge and he’s in the dust left behind by the trailing edge of yesteryear’s days gone by.

  6. #6 Matt Hussein Platte
    September 19, 2008

    One may assume that had she been using the state-provided email account — you know, the one that is required by law, subject to subpoena, etc. — the email system and its administrators would have required a robust password.

  7. #7 Andrew
    September 19, 2008

    There is an interesting contrast in reactions to this and past attempted actions in some quarters. When its people in charge trying to get ahold of other peoples private and personal information and correspondance, thats apparently patriotic and thoroughly Right, True and American.

    However, when it’s the personal information and private correspondence of the people in charge that’s being divulged, all of a sudden it’s a heinous crime verging on terrorism and baby eating. (Judging from some of the more comically extreme reactions I’ve seen recently.)

    So yes, it is always wrong to do such things, no matter who is doing it or who is the victim, but the change in tune of certain quarters has been most amusing, if unsurprising.

  8. #8 Mustafa Mond, FCD
    September 19, 2008

    Reportedly, Palin’s staff actually discussed using private email accounts to circumvent subpoenas seeking public records. You’re right, that could have been found out without illegally hacking Palin’s email account.

    Oh gosh, the linked article is from September 14, 2008; it was reported before the hacking incident.

  9. #9 caitlin
    September 21, 2008

    The password was not popcorn… as the first commenter noted, the password was hacked using the reset facility. Once hacked, the hacker reset the password as “popcorn”… before devolving into a heap of terrified uselessness as he realized what he’d done.

  10. #10 Mustafa Mond, FCD
    September 22, 2008

    FBI searches Kernell apt., roommates subpoenaed
    Maybe the roommates should just ignore the subpoena, the way Todd Palin is ignoring his subpoena in the Troopergate investigation.

  11. #11 Joseph j7uy5
    September 23, 2008

    Yes, Todd Palin, and Cheney, and Addington, and Miers, and probably others whom I have forgotten.