Announcement

Collapse
No announcement yet.

Sarah Palin: hacked by Anonymous

Collapse
X
 
  • Filter
  • Time
  • Show
Clear All
new posts

  • #16
    Re: Sarah Palin: hacked by Anonymous

    Actually if you believe what she believes the crackers were working with god and it's all part of his plan.

    I know what a pendejo; sorry couldn't resist.

    xor

    Actually and just to be fair I would love to see the service provider logs for McCain, Obama, as well as the other folks. I'm sure they get pounded with illegitimate login attempts.
    Last edited by xor; September 17, 2008, 19:54.
    Just because you can doesn't mean you should. This applies to making babies, hacking, and youtube videos.

    Comment


    • #17
      Re: Sarah Palin: hacked by Anonymous

      Sure it's funny to laugh at the follies of politicians. That, IMO, is the only positive thing about any politician, but I have to agree with Streaker in asking the question "where is the outrage?" The thing that really bothers me about this is that we as a community are again held up as the bad guys, and it's right in the middle of the biggest show on earth. The press, and therefore the public, just see "hackers" have done something rather than "criminals."

      No matter which way this story develops -whether the Palin gains sympathy as the victim, or the Democrats get to make hay of the Republicans being technology inept- in the end neither the Republicans nor the Democrats with be seen as the bad guys. We will.
      Thorn
      "If you can't be a good example, then you'll just have to be a horrible warning." - Catherine Aird

      Comment


      • #18
        Re: Sarah Palin: hacked by Anonymous

        My only response to this is disappointment.

        If you're going to commit a crime, at least deliver something like an email that she's bangin McCain, or that Obama is really the father of her daughters child, or that she never liked Alaska .. or.. fucking something. This is just lame.

        *note: this is not an endorsement of computer crime, but complete dismay over the lack of news this actually is.

        I'm sure she's not the first public official with a web email account that got compromised in the last month. .. I mean, what's next.. ZOMG I GOTZ SPYWAREZ ON HER IEz!
        if it gets me nowhere, I'll go there proud; and I'm gonna go there free.

        Comment


        • #19
          Re: Sarah Palin: hacked by Anonymous

          Palin's password was "popcorn"
          45 5F E1 04 22 CA 29 C4 93 3F 95 05 2B 79 2A B0
          45 5F E1 04 22 CA 29 C4 93 3F 95 05 2B 79 2A B1
          [ redacted ]

          Comment


          • #20
            Re: Sarah Palin: hacked by Anonymous

            Wikileaks isn't loading at the moment. odd.

            This is an interesting issue. Apparently, Palin had previously used a yahoo address to conduct government business, and was aware of the possible problems with that. Now, a similarly named address is cracked, and revealed to be mostly personal, correct?

            I'm kind of wondering why a personal email account would be named 'gov.palin' in the first place. 'gov' is for government/governor. This, plus the accusations of the use of a yahoo account for govt. business, and it's not hard to see how people might think this account was doing the same thing.

            In this case, it's clearly illegal to crack into the account to check on your own. Theoretically, an internal investigation might be able to get a warrant to check the account, and arguably that should have happened anyway. So, is it ethical to break into a system for potentially well-intentioned reasons? Some would say yes, others no.

            In this case, Palin is not only a private citizen, she is also a member of government, and subject to a certain loss of privacy due to the transparency laws. There are systems in place to enforce these laws. Do citizens have a right to double-check this enforcement? If people honestly believed that this account was being used illegitimately, and it wasn't being investigated, would it be ethical for someone, such as a private investigator, to check for themselves?
            It's not stupid, it's advanced.

            Comment


            • #21
              Re: Sarah Palin: hacked by Anonymous

              Originally posted by bascule View Post
              Palin's password was "popcorn"
              Man that's what I call rubbing salt into the wounds.

              xor
              Just because you can doesn't mean you should. This applies to making babies, hacking, and youtube videos.

              Comment


              • #22
                Re: Sarah Palin: hacked by Anonymous

                Originally posted by YenTheFirst View Post
                Wikileaks isn't loading at the moment. odd.

                This is an interesting issue. Apparently, Palin had previously used a yahoo address to conduct government business, and was aware of the possible problems with that. Now, a similarly named address is cracked, and revealed to be mostly personal, correct?

                I'm kind of wondering why a personal email account would be named 'gov.palin' in the first place. 'gov' is for government/governor. This, plus the accusations of the use of a yahoo account for govt. business, and it's not hard to see how people might think this account was doing the same thing.

                In this case, it's clearly illegal to crack into the account to check on your own. Theoretically, an internal investigation might be able to get a warrant to check the account, and arguably that should have happened anyway. So, is it ethical to break into a system for potentially well-intentioned reasons? Some would say yes, others no.

                In this case, Palin is not only a private citizen, she is also a member of government, and subject to a certain loss of privacy due to the transparency laws. There are systems in place to enforce these laws. Do citizens have a right to double-check this enforcement? If people honestly believed that this account was being used illegitimately, and it wasn't being investigated, would it be ethical for someone, such as a private investigator, to check for themselves?
                The story as I've read it so far is that some tool unknowingly cracked her account and didn't know what they had. Then just released the account info a public forum. Getting my news from across the pond so it may not be accurate.

                In the end we will no doubt just have more tool reports at places like Defcon trying to do MSNBC style got-ya stories. The bad thing about this the cameras are getting very small. Just saw a Swann gum stick video/dvr/wireless camera for $119 at Microcenter.

                Thorn I think there is outrage. I'm outraged by the crime. I'm outraged by the medias reporting of it. I'm outraged by her staff and the people dully sworn to protect her, who failed. But more importantly I'm outraged that we the "greatest nation on the planet" have to chose from a much of idiots for our leaders also. This isn't like the first time this happened. They should give candidates and their families computer security 101 before putting them in front of a camera. I sense a buck to be made here. :-)

                Man I loath hypocrisy in all it's forms. Did you see the daughters baby daddies myspace page; OMG. There's a marriage that is going to 5 last minutes.

                Of course the fact that the account has been hacked taints the information from a legal perspective. Now yahoo will have to spend millions of dollars to proof that their imaging backups haven't been violated. Then of course the backups will become part of the public record and it will all come out in the end. Also, technically it's not her data anyway. The minute she started using yahoo's services it became their data. I think we need Jurist right about now. :-)

                As her defense attorney I would be attacking the validity of data right now. How was it stored. did it leave the country, what networks did it travel over, were they secured ...etc.

                xor
                Last edited by xor; September 18, 2008, 06:03.
                Just because you can doesn't mean you should. This applies to making babies, hacking, and youtube videos.

                Comment


                • #23
                  Re: Sarah Palin: hacked by Anonymous

                  Originally posted by YenTheFirst View Post
                  This is an interesting issue. Apparently, Palin had previously used a yahoo address to conduct government business, and was aware of the possible problems with that. Now, a similarly named address is cracked, and revealed to be mostly personal, correct?

                  I'm kind of wondering why a personal email account would be named 'gov.palin' in the first place. 'gov' is for government/governor. This, plus the accusations of the use of a yahoo account for govt. business, and it's not hard to see how people might think this account was doing the same thing.
                  You've hit a key word here. ACCUSATIONS, that's all they are, it isn't up to some rogue asshole to crack her account and try to prove that she's done such a thing. It's up to the proper authorities to do so.

                  I don't really see the issue with the name of her account, maybe she was proud that she's the Gov, maybe she did it as a joke. After all, what's your private email address? Would it have been better if she used hottielibrarian@yahoo.com?

                  In this case, it's clearly illegal to crack into the account to check on your own. Theoretically, an internal investigation might be able to get a warrant to check the account, and arguably that should have happened anyway. So, is it ethical to break into a system for potentially well-intentioned reasons? Some would say yes, others no.

                  In this case, Palin is not only a private citizen, she is also a member of government, and subject to a certain loss of privacy due to the transparency laws. There are systems in place to enforce these laws. Do citizens have a right to double-check this enforcement? If people honestly believed that this account was being used illegitimately, and it wasn't being investigated, would it be ethical for someone, such as a private investigator, to check for themselves?
                  No, it wouldn't be ethical for someone that isn't a duly appointed person by the courts to do this. A PI cannot just go about cracking into things because they want to, they still have to abide by the laws of the land. Without a court order, they cannot wiretap someone. The crime is clear and the person(s) that committed deserve whatever punishment they receive.

                  As for transparency laws, apparently from your thinking, no public official should be allowed to have a private email address. Hey, I think Obama, Nancy Pelosi, Harry Reid and Hillary all have private email addresses, and I suspect that they're using them for official business. I think that someone should be investigating and cracking into their emails as well to 'investigate' their transparency.
                  A third party security audit is the IT equivalent of a colonoscopy. It's long, intrusive, very uncomfortable, and when it's done, you'll have seen things you really didn't want to see, and you'll never forget that you've had one.

                  Comment


                  • #24
                    Re: Sarah Palin: hacked by Anonymous

                    Originally posted by xor View Post
                    Thorn I think there is outrage. I'm outraged by the crime. I'm outraged by the medias reporting of it. I'm outraged by her staff and the people dully sworn to protect her, who failed. But more importantly I'm outraged that we the "greatest nation on the planet" have to chose from a much of idiots for our leaders also. This isn't like the first time this happened. They should give candidates and their families computer security 101 before putting them in front of a camera. I sense a buck to be made here. :-)
                    Oh, I must have missed your outrage amongst the laughter of her using an yahoo account. I'll try to read more carefully next time.

                    I think this is the same kind of thing as people's animosity for Microsoft, if all the people that hated MS and spent those thousands of hours attempting to crack MS products would do the same thing for Linux or Apple (which we're starting to see now), then I bet you'd see similar issue that we've seen with MS, cracks and flaws.

                    Now if those same people went after other public officials, I'm sure they'd find the same kinds of things, lame passwords, public webmail accounts. But no one seems to be looking at them. Palin is a target yes, should she have known about the issues, maybe. You have no idea when that account was created, I'm sure with all the things that she's been doing since being picked, I'm sure her Yahoo account wasn't the first thing she thought of, nor did her 'handlers' think of it.

                    Man I loath hypocrisy in all it's forms. Did you see the daughters baby daddies myspace page; OMG. There's a marriage that is going to 5 last minutes.
                    Has absolutely nothing to do with the issue at hand.

                    Of course the fact that the account has been hacked taints the information from a legal perspective. Now yahoo will have to spend millions of dollars to proof that their imaging backups haven't been violated. Then of course the backups will become part of the public record and it will all come out in the end. Also, technically it's not her data anyway. The minute she started using yahoo's services it became their data. I think we need Jurist right about now. :-)

                    As her defense attorney I would be attacking the validity of data right now. How was it stored. did it leave the country, what networks did it travel over, were they secured ...etc.

                    xor
                    If someone really thought she was using her account for official business, there's proper channels to follow. Committing a crime to prove a crime isn't good practice. Besides if the person that posted all that information was actually smart, then they should have taken a week or so, read through every single email in her box and then posted actually relevant information of her using her account for official business, but apparently they didn't bother with that. Instead they posted her daughter's cell phone number (how would you like it if someone did that to you?) They posted private family photos and private email contacts. It would seem that this was her personal email account, not being used for official business.
                    A third party security audit is the IT equivalent of a colonoscopy. It's long, intrusive, very uncomfortable, and when it's done, you'll have seen things you really didn't want to see, and you'll never forget that you've had one.

                    Comment


                    • #25
                      Re: Sarah Palin: hacked by Anonymous

                      Although the breach of the personal account came from someone breaking in, this really ought to illustrate the problems with using personal accounts for work in general. If your employer gets sued and they learn that you've been using a personal account for work, the lawyers will be looking to go through your personal account.

                      Same thing goes for conducting personal business on your work account...there is no expectation of privacy in your work email and there could come a time when teams of young attorneys are reading through your personal affairs.
                      jur1st, esq.

                      Comment


                      • #26
                        Re: Sarah Palin: hacked by Anonymous

                        Originally posted by jur1st View Post
                        Although the breach of the personal account came from someone breaking in, this really ought to illustrate the problems with using personal accounts for work in general. If your employer gets sued and they learn that you've been using a personal account for work, the lawyers will be looking to go through your personal account.

                        Same thing goes for conducting personal business on your work account...there is no expectation of privacy in your work email and there could come a time when teams of young attorneys are reading through your personal affairs.
                        Putting the Palin case aside. If that were to be true of some random person, while the young attorneys reading that person's email would happen, only emails that were pertinent to the case at hand SHOULD be revealed, correct? (emphasizing 'should')
                        A third party security audit is the IT equivalent of a colonoscopy. It's long, intrusive, very uncomfortable, and when it's done, you'll have seen things you really didn't want to see, and you'll never forget that you've had one.

                        Comment


                        • #27
                          Re: Sarah Palin: hacked by Anonymous

                          So how much of this issue is biased by the target of the intrusion? No one lined up to admonish anyone for airing Paris Hilton's phone data dump; seems that the public at large loves to see someone burn at the stake... subject to perception of who is the protagonist. Not calling anyone out, just saying that with a political race firing up, people's intensity, voracity, and defensiveness ramp.

                          I don’t care which technology challenged member of a retarded binary political system thinks that they're above the law and attempting to confound public accountability; if that was the intention. Perhaps they were absent that day for orientation... who knows.

                          I've never thought that the ends justify the means. However if public officials are conducting business on private email services and it is prohibited, then it clearly demonstrates that there is no real oversight of this communication compliance as it took a malicious act by someone to air the failure to comply with process.

                          So shame on the lawbreaker(s) for intentionally breaching someone's private account and shame on Palin for either being foolish or potentially attempting to obfuscate official communication for whatever reason.

                          So what have we learned from this? Not much. Politicians can be sneaky, email accounts with lax passwords don't help your security profile, and that there is lack of security oversight for public officials to assure compliance… Apparently many of our politicians and officials don’t value the security of official communications if they dared to loop threads to non-government email services.

                          beer.
                          If a chicken and a half, can lay an egg and a half, in a day and a half... how long would it take a monkey, with a wooden leg, to kick the seeds out of a dill pickle?

                          Comment


                          • #28
                            Re: Sarah Palin: hacked by Anonymous

                            Originally posted by bascule View Post
                            Palin's password was "popcorn"
                            According to the linked article, thats what the password was changed to. Other sources put the technique of getting into the account as the typical "use the yahoo password recovery function with information gathered from analyzing the victim"

                            Comment


                            • #29
                              Re: Sarah Palin: hacked by Anonymous

                              Originally posted by goathead View Post
                              So how much of this issue is biased by the target of the intrusion? No one lined up to admonish anyone for airing Paris Hilton's phone data dump; seems that the public at large loves to see someone burn at the stake... subject to perception of who is the protagonist. Not calling anyone out, just saying that with a political race firing up, people's intensity, voracity, and defensiveness ramp.
                              I wasn't a member of the Defcon forums at the time, or else I probably would have spoken up and said something, I believe there are members of the forum here that know me well enough to state that I speak the truth in regards to that.

                              I don’t care which technology challenged member of a retarded binary political system thinks that they're above the law and attempting to confound public accountability; if that was the intention. Perhaps they were absent that day for orientation... who knows.
                              From what I've seen so far in the media, they're stating it as FACT that she was using the account for official business. This cannot be a fact until an investigation is complete, as far as I've seen, no investigation has even been started. So let's try to stick to what's actually known as fact. A criminal broke into her personal email account and posted private information. Anything outside of that is conjecture and hearsay.

                              I've never thought that the ends justify the means. However if public officials are conducting business on private email services and it is prohibited, then it clearly demonstrates that there is no real oversight of this communication compliance as it took a malicious act by someone to air the failure to comply with process.

                              So shame on the lawbreaker(s) for intentionally breaching someone's private account and shame on Palin for either being foolish or potentially attempting to obfuscate official communication for whatever reason.
                              See above.

                              So what have we learned from this? Not much. Politicians can be sneaky, email accounts with lax passwords don't help your security profile, and that there is lack of security oversight for public officials to assure compliance… Apparently many of our politicians and officials don’t value the security of official communications if they dared to loop threads to non-government email services.

                              beer.
                              I agree with this. Chances are, she's learned her lesson about using lame passwords and lame reminder hints. But for anyone to make a blanket statement and say that she's the only public official doing this (from either side of the system) is an idiot (not saying that you are).

                              To All:

                              I do have the utmost respect for many members of this forum and viewpoints. My only goal here is to point out that above everything else, this thing makes everyone who considers themselves a hacker look bad. This is what we've been fighting against for all the times and this kind of event drags us all down. It can only lead to more government intrusion into our lives, and more silly laws being passed. We as the hacker community should not be taking delight in her invasion, but should be condemning, it doesn't matter who it is, the crime was committed, I hope the offenders go to the FPMITAP.
                              Last edited by streaker69; September 18, 2008, 16:13.
                              A third party security audit is the IT equivalent of a colonoscopy. It's long, intrusive, very uncomfortable, and when it's done, you'll have seen things you really didn't want to see, and you'll never forget that you've had one.

                              Comment


                              • #30
                                Re: Sarah Palin: hacked by Anonymous

                                Originally posted by Wesson357 View Post
                                According to the linked article, thats what the password was changed to.
                                Mea culpa... I stand corrected
                                45 5F E1 04 22 CA 29 C4 93 3F 95 05 2B 79 2A B0
                                45 5F E1 04 22 CA 29 C4 93 3F 95 05 2B 79 2A B1
                                [ redacted ]

                                Comment

                                Working...
                                X