Sarah Palin goes the way of Paris Hilton
Wednesday, it was reported that Sarah Palin's Yahoo account was hacked by a perpetrator wishing to find incriminating information in her emails. It was not done using some strange computer security vulnerability. It was not done by guessing her password. It was done just in the same way as Paris Hilton's T-Mobile account was hacked some time ago: by guessing the answers to security questions.
View full article »
jfruh
Apple syncing patent can't come soon enough
pasmith
New Twitter features borrow from 3rd party clients
Esther Schindler
Open Source Changes the Software Acquisition Process
mikelgan
How to set up continuous podcast play on the new iTunes
David Strom
Five important Windows 7 mobility features
sjvn
Guard your Wi-Fi for your own sake
Sandra Henry-Stocker
Grepping on Whole Words
Sidekick: The Good News & the Bad News
Either way you look at it Microsoft Data Center management did not follow standards or best practices in this failure. In which case it makes me wonder more about the outsourcing of corporate data much less personal data.
- mburton325
Join the conversation here
Quick, practical advice for IT pros. Made fresh daily.
Want to cash in on your IT savvy? Send your tip to tips@itworld.com. If we post it, we'll send you a $25 Amazon e-gift card.
No maybe about the hacker
No maybe about the hacker being at fault. Locks are to keep honest people honest. Any lock can be picked, that's why we have laws. He/She/They should pay the price. Are you confused about who's at fault in rape cases, or is it a matter of degree?I'm not sure where this
I'm not sure where this 'author' got his information? but pure logic would dictate that he is full of crap. Considering the average password list is full of things like 'sex', 'love', 'password', the technique of using three fairly random pieces of data is fairly secure - and can not be 'hacked' in 45 minutes. I'm sure Yahoo would have something to say about that many hack attempts in such a short time.This liberal wacko needs to stop spreading hate and rumors and just do her job.
according to Palin the rape
according to Palin the rape victim is at faultThis wasn't a "hack". This
This wasn't a "hack". This was password guessing. Was it wrong? Sure. Criminal? If it is, then maybe Washington should look to themselves first for giving themselves the authority to look into your emails whenever they feel like it. Like they said about the Patriot Act: "If you have nothing to hide, you have nothing to fear."I find it interesting that Palin is now refusing to cooperate with the so-called "Troopergate" investigation. If either of us refused to appear, we'd be in JAIL. So, what is she hiding? Instead of cooperation, we have McCain and Palin "poisoning the well", and their followers are lapping it up.
But it's funny to hear mention of "blaming a rape victim". Palin is on record for charging victims of rape with the cost of "rape kits". So not until does a rape victim have to cope with being mentally and physically violated, they are financially violated to the tune of $1,200.
The lies coming from the McCain/Palin camp are just scary. Sinclair Lewis said it best, "When fascism comes to America it will be wrapped in the American flag and carrying a cross."
"Palin is on record for
"Palin is on record for charging victims of rape with the cost of 'rape kits'".What record? That b/s is from some Democratic hit piece. Another Pearl of Wisdom from a reader of the Democratic Underground posting board. Do a search before you repeat such claptrap. If you DO believe this, I have three money-making offers for you.
1) A bridge in NYC real cheap
2) Gold bricks real cheap
3) I have a friend in Nigeria who needs to transmit $20-mil to a U.S. bank account, giving you a 10% commission. All he needs in your bank account and pin number.
ACT NOW!
I'll blame the hacking on
I'll blame the hacking on the hacker, but Palin really shouldn't be using a personal account for government business either...is she going to do the same thing as VP? Not what I would call improving national security.There was no evidence of her
There was no evidence of her using her personal e-mail for business. So if you don't find the dirt your looking for you just make stuff up? Or resort to illigal measures to try to find it. How pathetic these people are and anyone who supports what they did. Get a life.That comment would make
That comment would make sense, except it doesn't...because she didn't use this account for government business.Even the guy who posted the details about illegally accessing the account wasn't anything resembling government business. The only "government" items are things of a clerical nature.
Guys like you are worried about Sarah Palin getting a reminder about when/where an event might be taking place on a personal email account, but you're not interested in the Gigabytes worth of stuff that went missing during the Clinton administration? Or, the missing FBI files? Or, what about when Sandy Burger (Bill Clinton's National Security Adviser) was caught red-handed smuggling out top secret documentation?
Illegally accessing email is a crime, no matter how you illegally access it.
The hacker is the only person responsible.
So I guess if I get shot
So I guess if I get shot while walking down the street, it's my fault for being in the way of the bullet. You're a fraud. You are a lefty to the core, why don't you just admit it.Well if your walking in a
Well if your walking in a neighborhood where they do a lot of shooting whel then it is partly your fault. Daaaa...I AM a lefty to the core
I AM a lefty to the core and proud of it. However, your comment doesn't make sense.Aside from that Palin is an evangelical nutcase. Having her as vice-president and potential president would further ensure that this country will go to hell in a hand basket.
Anyone who believes that it's okay to hunt and kill wolves from a helicopter for sport obviously lacks decency and compassion to be the (potental) president of our county
It wouldn't surprise me if you yourself are a born again Christian fanatic intent on promoting Armageddon.
You can also to take the
You can also to take the mail out of my mailbox after the postman drops it off, but it's a felony. Do it, get caught, go to jail.This is exactly why you
This is exactly why you don't use your yahoo email for business.Also, angry political people aren't very bright, but the person that hacked this email account is.
The hacker(s) weren't very
The hacker(s) weren't very bright, they posted a screen shot with their original proxy on a site that is meant to hide proxies!What about the author of
What about the author of this article, who's primary purpose is to put Sarah Palin and Paris Hilton's name in the same headline, with some fluffy nothing content, to try and merge the two personalities in the reader's mind, and get it posted on news.google.com.Doing this through a hacking attempt by some snot nosed kid of a Democratic representative in Tennessee? Nice.
Also transparent. Liberal Media....get a life.
Just blaming the hacker and
Just blaming the hacker and leaving it at that is short-sighted. The fact that it was hacked is obviously his (or her) fault. The fact that it was so easy to do, however, was not.The "security questions" now used by a lot of sites for password recovery/logging in without a password are much too easy to find. There are a couple of workarounds for this, such as sending an email to the person after the security questions have been answered (Too bad email itself isn't secured) or choosing questions not easy to look up (As mentioned, a lot of sites only let you use pre-chosen questions, and many/all of them are often a matter of public record or easily found online).
It's not as glamorous as looking into new crypto algorithms or trying to crack existing ones, but security researchers really should look into this aspect of digital security.
What a lame attempt to link
What a lame attempt to link Sarah Palin to Paris Hilton. I'll bet to you got all tingly when you finally thought of it.I'm suprised someone put a
I'm suprised someone put a link to this article from a google news page. I'm sure it's because the liberal media is doing what they do best, speading their stupidity. The writer cannot differentiate as to whether a criminal is at fault. That's sad. If I don't lock my house doors and turn on the alarm, then am I at fault? 'Maybe', according to the author. Sad. Are all his articles like, "I don't know the answer, but I can drum up stupid questions.".The writer gives himself
The writer gives himself away immediately with the "wannabe VP" comment. Right off you know his piece will be dismissive of Palin. The writer is your typical arrogant liberal--just the sort of stuff made for Google news. I want McCain to win, but that will pale in comparison to the joy I will experience at witnessing these leftist snakes choke on their own bile.first there was not any
first there was not any government information in the account. There were personal matters being discussed with other government officials, but there is not security risk there.Second, I think that we do need to start holding the respective sites as to how they handle things like a password reset. I am in the web programing field and there is a lot of things that they could have done that would have been much better. There are systems out there that they could implement that would take a great deal of knowledge of the person to crack through, not just the birth date and some silly question about their past. Most if not all of those are guessable or for the case of someone in the public view can be looked up.
If you want to look more into what can be done about this you can look here. This isn't new news.
It sounds to me like there
It sounds to me like there is a hole in the security question methodology used by many websites. It is better to have a reset password be sent via email to the email address known to the account. That also alerts the account holder that somebody was trying to mess with the account if the account holder didn't request the password reset.Most of the websites I join
Most of the websites I join do send me an e-mail to my e-mail address, when I first sign on and when I need to reset my account when I forget my password. I have not given it a second thought about those which do not. I will be aware of those who do not now thanks to you.Thanks
We can blame the "hacker"
We can blame the "hacker" for all of this, but frankly, that's beside the point. if a snot-nosed kid from somewhere can hack the governor's account, what's going to happen when she's president and facing a cartel of hackers from China and Russia? It's true that the "hacker" did a "bad thing," but guess what, this is a bad world and she's going to be facing much more difficult challenges as president.Palin choice to use a Yahoo account was grossly negligent and motivated by her desire to be able to delete evidence when convenient, a tactic learned from the Bush administration. She cannot be trusted to defend our nation.
Why does a governor and VP
Why does a governor and VP candidate have a yahoo account? Wouldn't it be more appropriate to have something behind the great governmental firewalls?What a completely lame
What a completely lame article that manages only to link Palin with Hilton in a headline, useful only to the propagation of hate and misinformation from the left. This is the disgraceful tactic of a small mind without ethics.That is why you create a
That is why you create a false profile. Always have an email address that no one knows about. This is where you store your private information. Then you create fake answers that only you know. Where were you born? Maybe you were born in Anchorage, but you write something like Barbie Dream House.Mybe like me she has no
Mybe like me she has no skeletons in the cupboard to hide so is not ultra security consciousMy banks security questions
My banks security questions are equally lame. They were:What's your favorite movie?
What's your favorite restaurant?
What's your favorite drink?
I didn't like these questions because the answers can change depending on the last movie you've seen, the last place you've eaten or the latest drink had. I called them to complain; but they didn't seem to care. I answered all of their questions as "none". I don't bank there anymore.
AGREE WITH LAST ANONYMOUS
AGREE WITH LAST ANONYMOUS POST! AAAAH SHUTUP!!!!Perhaps people wouldn't have
Perhaps people wouldn't have a dubious attitude about hacking Yahoo! accounts if our leaders weren't so ethically challenged.I dig how all these mouth
I dig how all these mouth breathing rednecks quickly blame everything on "the left" and "the librul media!!!!!1" These are the same fuks who quickly blame hurricane survivors for their own plight (why didn't they leave when they had the chance?? Always waiting for their nanny-state to come save them! Let 'em suffer now! Next time, be prepared). Well, dumbfuks, time for the "self-reliant" crowd to own up to their own failures. Creationist Barbie was too stupid to not use a freaking webmail account for government e-mails? Then deal with the fallout.As much as we'd all like to
As much as we'd all like to blame the hacker, the reality is that our data is at stake, and like physical security, the idea is to be harder to get in than the next guy. Here's how I accomplish that task:1) never use a real password for bogus accounts. Who cares if your Washington Post account is compromised -- it doesn't matter. Use bugmenot.com to share passwords for these annoyances. Also keeps people from potentially learning the passwords you use for your real account.
2) Security questions: do what the article says we shouldn't: use a bogus answer like Abraham Lincoln as your birthday. Spectacularly effective, but hard to remember. My strategy: use the same bogus answer (perhaps "qwertyuiop[]\") and always choose the first question in the dropdown.
3) use a password generator/manager like keypass to generate and remember strong passwords for all your real accounts, and use absurdly difficult unlock questions (the abraham lincoln example above, but use randomly generated trash instead) for things like bank accounts etc.
4) Use pseudonyms for secure accounts, not your real name, not your email address, but something different. Some people like to use the name of a character from their favorite book, for example. Who would "guess" that my bank username is "gandalf"?
5) Use email encryption for sensitive emails. It's totally surprising to me that, despite good security for emails being quite standardized as s/mime, that practically nobody uses that technology to secure sensitive information.
6) Stay under the radar. Celebrities will always be attacked with a direct concerted effort. The rest of us are merely passively attacked -- if our accounts survive the first attack, the bad guy will just visit our proverbial next door neighbor.
Why does no one tries this
Why does no one tries this angle or even speculates that she might even want this account to be Hacked while she knows that there was not very much in these emails to incriminate her. She is a Sly Fox from Alaska that has two yahoo accounts. Maybe there are more accounts we do not know. She could use the government email servers but she did not and Why?The first sentence referring
The first sentence referring to “Wannabe” express your articles remaining content. Also a comparison between Palin and Paris Hilton what does that have to do with security? The next time a writer from IT world offers their opinion I hope politics isn’t involved. Please don’t print Wannabe advice and stick to the facts.Thanks for the comment DD.
Thanks for the comment DD. The post has been edited and "wannabe" removed. But please don't let that oversight detract from Markus' point that the Sarah Palin email hack used the same technique as the Paris Hilton T-mobile hack. I invite you to re-read this post and some of his earlier posts about password reset. It is not trivial.Surely,the 'hacker' is
Surely,the 'hacker' is responsible for his actions,however if she's to be a VP,don't expect anybody to go easy on her.I don't think America deserves such a reckless veep!No, it's totally Palin's
No, it's totally Palin's fault here. As a major public figure she needs to be more cautious about everything, from the way she looks to the way she conducts her business. Based on what I've been reading about this whole issue, and about Palin in general, she conducts her business in a very poor manner that isn't suitable for the office of VP, let alone for president (god forbid!).In an age where identity theft and cybercrime is on the rise we need leaders who at least can protect their e-mail accounts. Heck, we need leaders who are savvy enough to use the Internet at the very least. How are we, the 'regular' people, to feel safe in our own homes and with our own personal information when the people at the highest levels of our government can't even protect theirs?
Oooohhh, sounds like a Palin
Oooohhh, sounds like a Palin hater. Would you feel the same if Obama got his hacked into? Or are we just jealous??? What do you recommend that she should have done to protect herself more from these low life criminals? Shouldn't that be the websites control? I hope they catch them and put them away, then you can waste your time consoling and supporting them in jail.Does Markus Jakobsson have
Does Markus Jakobsson have any basis for asserting that the hacker was "wishing to find incriminating information in her emails"?This was a product of 4chan's /b/ community, and they are just as interested (if not more) in stirring up chaos, as they are in actually exposing anything.
So, why has this (literally) anonymous person been transformed into some "unknown political hacktivist"?
It would appear that like
It would appear that like John McCain Sarah Palin has very little Internet knowledge. Create a safe password and security question answers. Misspell words and or use upper and lower case letters. Properly dispose any paper documents with personal or government information. As a Governor Palin should be aware of how to responsibly handle both private and public information.When you start dog training
When you start dog trainingNot about hacking, but while
Not about hacking, but while we're on the subject of Paris Hilton, someone just emailed me this:http://givemeamillionparishilton.com/
Pretty funny. Pass it on!
Re: Sarah Palin goes the way of Paris Hilton
Palin has promoted oil and natural gas resource exploration in Alaska, including in the Arctic National Wildlife Refuge. On global warming, Palin, has said that "a changing environment will affect Alaska more than any other state, because of our location. Podcast media is the way of the future. Some people wonder what a podcast is. Podcast is uploading new media files that are set to broadcast by those people who have subscribed to your profile. You can generate revenue pretty easily with a podcast that people are interested in. Some podcasts are so hot that people get short term loans to sign up for them. If you have valuable information, it's easy to generate money; you don't want to give out a free podcast for what people should pay you for. If you post them often, and they're good enough, people could be getting installment loans for your next podcasting.Rid of those pesky bugs you pick when surfing the net.
One of the first things that I learned when I got my new computer was that if you own a PC then you better have a good antispyware scanner to help get rid of those pesky bugs you pick when surfing the net. Otherwise, your computer won’t keep running like new for very long. It will begin to slow down and eventually get so sluggish you won’t even be able to use it. I tried a variety of different scans before I ran across Search-and-destroy Antispyware at http://www.Search-and-destroy.com. So far I have been very happy with the antispyware solution from Search-and-destroy and very glad that I gave it a try.jobs for 14 year olds jobs
jobs for 14 year oldsjobs for 14 year olds
jobs for 14 year olds
jobs for 14 year olds
jobs for 14 year olds
jobs for 14 year olds
jobs for 14 year olds
jobs for 14 year olds
jobs for 14 year olds
Saraideas's Blog
Sara ideas
saraideas
saraideas
saraideas
saraideas
saraideas
saraideas
saraideas
Sara's Blog
sara's Site
Saraideas
saraideas
I for one would be glad to
I for one would be glad to see Sarah Palin fade from the political landscape now that she has stepped down as Governor of Alaska.I’ve never understood the fascination with her and would have been truly concerned for our neighbours to the south, and all of the free world, had she been a heartbeat away from being U.S. President.
My impressions are based on all I have seen and heard from Palin since she arrived on the national scene as John McCain’s running mate on the Republican ticket for last November’s U.S. Presidential election.
I was turned off right away with a comment she made while accepting the Vice-President candidacy. You may remember the quote; “what’s the difference between a hockey mom and a pit bull? Lipstick.”
I’m sure she meant it to be catchy but the only inference I could make is, because their child plays an aggressive sport, mom has a license to act out aggressively too. Like an ill tempered pit bull apparently.
A recognized problem in all minor sports, not just hockey, is parents getting too emotionally wrapped up in their child’s sport and acting inappropriately around the arena, field, diamond, wherever the sport is being played.
The goal for parents with children playing minor sports is to be supportive. Of course they can, and should if necessary, act aggressively in defence of their child, if he or she is being mistreated or facing an injustice, but that’s not what Palin’s quote implied. canadian payday loans