Monday, September 22, 2008

D'oh Ex Machina!

Well the hacking of Gov. Sarah Palin's Yahoo account continues to reveal details of what went on and who possibly did it.

The evidence that is accumulating is pointing to a 20 year old college student named David Kernell. And it points to him being a complete noob and not some elite hacker. I predict there will be a book written describing all the places he screwed up.

To summarize all the places:

First being resetting the password. As if Gov. Palin won't notice her password no longer working. Then instead of merely fading away after finding nothing, he tosses screenshots onto 4chan to let others play in the account. Which prompted a white knight to alert Palin, but then he screwed up by posting screenshots showing new password. This then caused the account to get locked out.

And then we have 4chan try to do a 404 and delete everything. So the fearful perp has to spew stating he did it, ego overrode his fear I guess and he plugged his computer back in. I think his handle should be rube and not rubico.

Rubico's screenshots included the ctunnel URL which allowed the FBI to quickly focus efforts when the owner contacted them. Rubico's path would have been traced to ctunnel eventually once the Yahoo logs were examined. This sped up the process. The ctunnel logs then pointed to David Kernell's computer because the idiot, as he admitted in his ego-driven manifesto to set the story straight, only used ctunnel to try and hide his nefarious deeds.

Meanwhile other people had linked Rubico's email account to one David Kernell. Now if this had been the only proof, one would be tempted to say perhaps someone hacked Kernell's account to cover their tracks. But the various server log files point to Kernell's computer, thus verifying email account to suspected perpetrator.

Maybe the title should be: How Not to be a Hacker.

No comments: