Re: Sarah Palin: hacked by Anonymous

It depends on the situation...how the information was collected and what protocol that both sides have agreed upon. Even with keyword searching to narrow the focus, there are lots of false positives which lead to unrelated information still getting to the point where attorneys are reviewing for responsiveness. In this day and age, all people with jobs should anticipate this situation happening to them at some point during their careers.

Re: Sarah Palin: hacked by Anonymous

If you post that information under the umbrella of a "news organization", then the answer is "no you should not got to jail." That is a First Amendment issue, and the Supreme Court has made that very clear.

If the information is harmful in some way to to the person who it's about, and it isn't "newsworthy" per se, then that person has options for redress under the civil system. Most good news organizations understand that, and won't print such information (things such as credit card number, expiration and security code, etc) under fear that it is not newsworthy and it it clearly has very high potential for being harmful.

Of course, the question of what constitutes a "news organization" is less clear. So far, everyone is treating things like 'Big Bob's Bilious Blog' like they are in the same class as the New York Times. Some civil suits and case law will no doubt help define that in the coming years.

You posting it as an individual, may or may not be going to jail, depending on the state and your intent, as the criminal laws vary that much. Under the civil law in most places, you would almost certainly still be liable.

Re: Sarah Palin: hacked by Anonymous

If someone steals your credit card number, expiration and security code and gives it to me and I post it everywhere, should I go to jail? After all, it's just information, it's just a bunch of numbers.

Re: Sarah Palin: hacked by Anonymous

Sorry it took me so long to reply to this, I spent the evening researching the Federal Sentencing records for the past 150 years or so, and I couldn't find a single instance where a Judge actually sentenced someone to be raped in prison.

So I guess these statements are more or less made to show how horrible it can be in prison, and possibly to deter someone from committing a crime in the first place that could end up with them being pounded in the ass.

A) I would assume that each state has it's own set of laws regarding transparency at that level, and the Feds have their own laws.

B) Chances are, oversight/enforcement is done after the fact when someone complains or there's enough evidence to open an investigation.

As I said before, I'm quite sure that Sarah Palin is not the only public official that has possibly done this. I'd bet that officials from both sides have done it.

C) I believe that so far, it's only been accusations, without enough evidence, I don't think they can even begin an investigation. But hey, let's see how this works.

I'm making a accusation right now that Nancy Pelosi has been using her personal email to conduct official Speaker of the House Business.

Re: Sarah Palin: hacked by Anonymous

Just watched the Bill O'Reilly arguing about whether the operators of Wikileaks should go to jail:

http://www.youtube.com/watch?v=KpndIvUGPwA

The guy is so out of touch its hilarious. STOLEN INFORMATION! It's like if someone stole your car!

Re: Sarah Palin: hacked by Anonymous

Keep in mind how naive and apathetic the general public is when it comes to all of us being connected together all web-like. There are all types of people on the internet doing all sorts of various things. Some good. Some bad.

Generally speaking, people that are naive about the internet are apathetic until they get cracked. When they have been violated, only then do they fully realize how dangerous it is out there. Especially if you are a high profile person.

So do not criticize her for not having a heightened sense of awareness indicative of someone in her current position. She hasn't been around the block enough times for us to expect more from her. If she's been shady by using her personal email to conduct government business, then she will own her mistake.

What happens next? Palin, feeling violated, will probably add to her agenda (if she is elected VP) some thoughts about reforming the internet.

How fun that will be for her. Tally-ho!

Re: Sarah Palin: hacked by Anonymous

minor off-topic quibble - regarding 'FPMITAP' - It's interesting that as a society we heavily criticize typical rape, and the rapists who commit it, but we seem quite glad at the prospect of sending all manner of criminals to a prison to be raped on a consistent basis.

It's not nice to break into people's email, and much worse to disclose it in an irresponsible manner. That said, I would say that's on a whole different level of crime than would deserve a punishment of 'FPMITAP', assuming the the 'PMITA' bit is as it says.

Back on topic:
Out of curiosity,
a) what laws actually exist regarding transparency in govt,
b) what oversight/enforcement is in place for said laws
c) has any actual investigation been conducted on the accusations in this case? I got the impression that the accusations aren't new, but a few months old.
These things would be helpful to review and agree on, I think.

Re: Sarah Palin: hacked by Anonymous

Mea culpa... I stand corrected

Re: Sarah Palin: hacked by Anonymous

I wasn't a member of the Defcon forums at the time, or else I probably would have spoken up and said something, I believe there are members of the forum here that know me well enough to state that I speak the truth in regards to that.

From what I've seen so far in the media, they're stating it as FACT that she was using the account for official business. This cannot be a fact until an investigation is complete, as far as I've seen, no investigation has even been started. So let's try to stick to what's actually known as fact. A criminal broke into her personal email account and posted private information. Anything outside of that is conjecture and hearsay.

See above.

I agree with this. Chances are, she's learned her lesson about using lame passwords and lame reminder hints. But for anyone to make a blanket statement and say that she's the only public official doing this (from either side of the system) is an idiot (not saying that you are).

To All:

I do have the utmost respect for many members of this forum and viewpoints. My only goal here is to point out that above everything else, this thing makes everyone who considers themselves a hacker look bad. This is what we've been fighting against for all the times and this kind of event drags us all down. It can only lead to more government intrusion into our lives, and more silly laws being passed. We as the hacker community should not be taking delight in her invasion, but should be condemning, it doesn't matter who it is, the crime was committed, I hope the offenders go to the FPMITAP.

Re: Sarah Palin: hacked by Anonymous

According to the linked article, thats what the password was changed to. Other sources put the technique of getting into the account as the typical "use the yahoo password recovery function with information gathered from analyzing the victim"

Re: Sarah Palin: hacked by Anonymous

So how much of this issue is biased by the target of the intrusion? No one lined up to admonish anyone for airing Paris Hilton's phone data dump; seems that the public at large loves to see someone burn at the stake... subject to perception of who is the protagonist. Not calling anyone out, just saying that with a political race firing up, people's intensity, voracity, and defensiveness ramp.

I don’t care which technology challenged member of a retarded binary political system thinks that they're above the law and attempting to confound public accountability; if that was the intention. Perhaps they were absent that day for orientation... who knows.

I've never thought that the ends justify the means. However if public officials are conducting business on private email services and it is prohibited, then it clearly demonstrates that there is no real oversight of this communication compliance as it took a malicious act by someone to air the failure to comply with process.

So shame on the lawbreaker(s) for intentionally breaching someone's private account and shame on Palin for either being foolish or potentially attempting to obfuscate official communication for whatever reason.

So what have we learned from this? Not much. Politicians can be sneaky, email accounts with lax passwords don't help your security profile, and that there is lack of security oversight for public officials to assure compliance… Apparently many of our politicians and officials don’t value the security of official communications if they dared to loop threads to non-government email services.

beer.

Re: Sarah Palin: hacked by Anonymous

Putting the Palin case aside. If that were to be true of some random person, while the young attorneys reading that person's email would happen, only emails that were pertinent to the case at hand SHOULD be revealed, correct? (emphasizing 'should')

Re: Sarah Palin: hacked by Anonymous

Although the breach of the personal account came from someone breaking in, this really ought to illustrate the problems with using personal accounts for work in general. If your employer gets sued and they learn that you've been using a personal account for work, the lawyers will be looking to go through your personal account.

Same thing goes for conducting personal business on your work account...there is no expectation of privacy in your work email and there could come a time when teams of young attorneys are reading through your personal affairs.

Re: Sarah Palin: hacked by Anonymous

Oh, I must have missed your outrage amongst the laughter of her using an yahoo account. I'll try to read more carefully next time.

I think this is the same kind of thing as people's animosity for Microsoft, if all the people that hated MS and spent those thousands of hours attempting to crack MS products would do the same thing for Linux or Apple (which we're starting to see now), then I bet you'd see similar issue that we've seen with MS, cracks and flaws.

Now if those same people went after other public officials, I'm sure they'd find the same kinds of things, lame passwords, public webmail accounts. But no one seems to be looking at them. Palin is a target yes, should she have known about the issues, maybe. You have no idea when that account was created, I'm sure with all the things that she's been doing since being picked, I'm sure her Yahoo account wasn't the first thing she thought of, nor did her 'handlers' think of it.

Has absolutely nothing to do with the issue at hand.

If someone really thought she was using her account for official business, there's proper channels to follow. Committing a crime to prove a crime isn't good practice. Besides if the person that posted all that information was actually smart, then they should have taken a week or so, read through every single email in her box and then posted actually relevant information of her using her account for official business, but apparently they didn't bother with that. Instead they posted her daughter's cell phone number (how would you like it if someone did that to you?) They posted private family photos and private email contacts. It would seem that this was her personal email account, not being used for official business.

Re: Sarah Palin: hacked by Anonymous

You've hit a key word here. ACCUSATIONS, that's all they are, it isn't up to some rogue asshole to crack her account and try to prove that she's done such a thing. It's up to the proper authorities to do so.

I don't really see the issue with the name of her account, maybe she was proud that she's the Gov, maybe she did it as a joke. After all, what's your private email address? Would it have been better if she used hottielibrarian@yahoo.com?

No, it wouldn't be ethical for someone that isn't a duly appointed person by the courts to do this. A PI cannot just go about cracking into things because they want to, they still have to abide by the laws of the land. Without a court order, they cannot wiretap someone. The crime is clear and the person(s) that committed deserve whatever punishment they receive.

As for transparency laws, apparently from your thinking, no public official should be allowed to have a private email address. Hey, I think Obama, Nancy Pelosi, Harry Reid and Hillary all have private email addresses, and I suspect that they're using them for official business. I think that someone should be investigating and cracking into their emails as well to 'investigate' their transparency.