20 year old David Kernell hacked into Gov. Palin’s Yahoo email account and has now been indicted on federal charges. He got in by answering a string of security questions to reset her account password using answers he researched on the Internet. This was what’s known as a “socially engineered” security breach verses what’s called a “brute force” attack which requires more technical savvy to pull off. David, aka Rubico10, could have gotten away with his attack. Here’s how:
David was smart enough to know to use a service called cTunnel to mask his public assigned IP address. This service (actually a server) is available on the Internet to mask the Internet address assigned by the users Internet Service Provider to a specific account (the account you pay for monthly). What David wasn’t smart enough to do was use an internet connection that could not be tied back to him. He performed the hack from his own apartment.
If a breach on the Internet is serious enough, liking hacking a VP candidates personal email account, the FBI or other law enforcement agencies can retrieve the IP address used to connect to the breached site (in this case Yahoo). David thought that by using cTunnel to mask his IP address (by going through the cTunnel servers) he might not be tracked down because the address in the Yahoo logs would resolve to cTunnel and not his ISP. Well, unfortunately for David the owner of the cTunnel service, Gabriel Ramuglia, cooperated with the FBI and provided his user and/or connection logs that lead straight to David’s apartment complex.
So there’s a moral to this story: If your going to hack into a government officials private email account by all means use the open, public, wireless Internet connection at the nearest coffee shop. By using a service like cTunnel, combined with the anonymity of an open wireless Internet connection it would be near impossible for any law enforcement agency to track back through the IP addresses to the offenders origin PC.
I’ve often thought that public wireless Internet connections are the single greatest on-line security threats. They provide the cover of anonymity. If the offenders connection was tracked by law enforcement to a local Starbucks the very most the IT staff supporting that point of connection could provide would be the MAC address (hardware address of the computers network adapter) used to connect to the wireless network at the time the attack occurred. And I doubt that most would be able to pull the MAC off a cheap Linksys router most of these restaurants, bars and coffee shops use. Should law enforcement actually get the MAC address of the PC used in the attack, trying to locate who bought that PC which was delivered through the retail chain would be virtually impossible.
So hack away from the Carolina Ale House or nearest hotel lobby. Just don’t do it from your bedroom. I just realized something. It’s pretty rare that I get to categorize a post in both Technology and Politics. Cool.
I just posted about this on my blog. I think the most important lesson here is: Learn to proxy, you silly kids.
*facepalm*
True enough, but even multi-proxy connections can be trailed with enough effort. The trick is the path must lead to nowhere. That’s where the open public connection comes in. War Driving is illegal for a reason: Unsecured wireless connections are no friend of Internet security.