Friday, September 26, 2008

Sarah Palin - Email Hacked

Vice presidential candidate Sarah Palin's Yahoo! email was hacked - proving hacking isn't always something that's difficult to do, with a little thought.

The person who hacked it basically launched what we would call a "social engineering" attack. Apparently, the email account required the following information to reset the password - the user name (readily available), date of birth (find it on Wikipedia), ZIP Code (easily guessed from her town of residence), and the answer to the security question. The answer to the security question was easily guessed - "Where did you meet your husband?" - given that they were high school sweethearts, it's easy to guess that it was the high school they attended, and that was also on Wikipedia.

Notice - NO hacking tools required!

The other interesting part is that the hack (see below for link to screen shots) allowed hackers to find personal email addresses of all sorts of politicians, including Governor Schwarzenegger and many members of the Alaskan political regime.

The interesting part is that the way laws are currently written, this may not technically be illegal!

PS - John McCain admits that he doesn't know how to use a computer. He's probably safe from being hacked, but it scares me to have a potential president who doesn't know anything about computers.

Web Links:

1 comment:

Anonymous said...

Damn, this posting is very interesting. I checked out Wikileaks document and there is the actual pictures and the screenshots of the email. About McCain, i can not understand how there is still people with no knowledge in computer in this century. JaV13R