The trial of David Kernell, the alleged Sarah Palin hacker, has started, and he could face up to 20 years in prison if convicted. In this case, the defendant is accused of hacking into Sarah Palin’s Yahoo email account. The account was breached when the attacker was able to guess the values for the password reset. Many online services allow you to reset passwords if you can answer several cognitive questions such as your date of birth, your zip code, where you met your spouse, or maybe what high school you attended. While some might argue that this attack was not even a real hack, the potential jail time is. The defendant could be sentenced to many years in prison if found guilty.
The real moral of this story is the accessibility of information and how this accessibility can work for or against you. The attacker used available information to figure out the answers required to reset the email account password. Once the hacker had access to the email account, screen-shots of the email account were posted online for everyone to see. These screen-shots not only showed the content of the email account, but also the URL of the proxy server that was being used to hide the hacker’s true identity. This information ended up being the hacker’s undoing as it allowed authorities to track the suspect by his IP address and tie the activity to Mr. Kernell.