Warning this article may contain opinions of the author that you and iTWire don't agree with.
Visit the last page to have your say in our forum.

No. 1 Story

Telstra adds one million mobile services, but Sensis plummets

Telstra has revealed the addition of almost one million new mobile services in the six months to December 2011, but Sensis revenues plummeted 24 percent in 12 months.

 read more
StumbleUponSubmit to redditShare this on TwitterShare on facebook | Print |PDF 

More From

How not to get hacked like Sarah Palin

Alex Zaharov-Reutt
Saturday, 20 September 2008 16:54

Opinion and Analysis

Page 1 of 3
The news that Republican Vice-Presidential candidate Sarah Palin’s Yahoo webmail account was hacked is all over the Internet. Your webmail could be hackable in the same way – here’s how to make it much harder for the hackers.

Microsoft Office 365 Get your free Trial
When news that Sarah Palin’s webmail account at Yahoo was unleashed onto an unsuspecting Internet, it spread like wildfire, with online accounts of how the hack was achieved popping up all over the Internet.

The “hacker”, known as Rubicon, is alleged to be David Kernell, a 20 year-old University of Tennessee-Knoxville student, and son of Democratic State Rep. Mike Kernell, although David’s involvement or otherwise is not confirmed.

The details behind the so-called hack are pretty simple: the Yahoo email password recovery service was used to fool Yahoo’s computers into allowing anyone with the right answers to the password recovery service to change the password to something different.

Wired.com’s blog has the transcript of a post at the “4chan” blog, supposedly run by the anti-Scientology group Anonymous.

While the forum postings have now been erased, Wired.com still lists the details in full, with the relevant bits listed here, as written by “Rubicon”:

“after the password recovery was reenabled, it took seriously 45 mins on wikipedia and google to find the info, Birthday? 15 seconds on wikipedia, zip code? well she had always been from wasilla, and it only has 2 zip codes (thanks online postal service!)

“the second was somewhat harder, the question was “where did you meet your spouse?” did some research, and apparently she had eloped with mister palin after college, if youll look on some of the screenshits that I took and other fellow anon have so graciously put on photobucket you will see the google search for “palin eloped” or some such in one of the tabs.

“I found out later though (sic) more research that they met at high school, so I did variations of that, high, high school, eventually hit on “Wasilla high” I promptly changed the password to popcorn and took a cold shower…”

Clearly, Palin used “truthful” answers to her password recovery security questions when asked by Yahoo during the email account setup process.

What could Palin have done instead, and if you have a webmail account with any provider, what should you do now? Please read on to page 2.


Start 1 2 3 Next 

Sponsored Announcements

Websense #1 in Web Security Fourth Year in a Row

David Bass | For the fourth year in a row, IDC has placed content security provider Websense (NASDAQ: WBSN) at the top of the IDC Worldwide Web Security 2011 –…

You may have missed


Advertisement

- sponsored feature -

The Death of Traditional BI: What’s Next?

How to Make Business Discovery Work for Your Business IP PABX BUYING GUIDE

Business Discovery takes its cues from consumer apps. Like Google, it encourages us- ers to hunt for and explore data without worrying about or even noticing the underly- ing technology. Their entire experience is working within an intuitive interface to get real-time, self-service results with only minimal training. ...more

Our Services for Technology Professionals

E - mail News SMS Headlines Desktop Alerts News Feeds Job Alerts Technology Events Press-Releases