Blown To Bits

Sarah Palin’s Email

Thursday, September 18th, 2008 by Harry Lewis

As has been widely reported online, someone managed to access personal email accounts of Alaska Governor Sarah Palin. ¬†Wired Magazine’s blog has a clear summary of the contents. That account and a number of other reports suggest that the governor was using her private account to conduct government business in order to avoid public-records laws.

What was retrieved (by no means all the email that was in the account) you can¬†download yourself from the Wikileaks site. Go ahead — you’ll feel a little naughty, and it will make you think. How many copies of those emails do you now suppose are out there? Those bits are not going away, ever.

Wikileaks anonymously posts documents that have been “classified, confidential, censored or otherwise withheld from the public,” and are “of political, diplomatic, ethical or historical significance” (in the view of whatever anonymous soul runs the site). Of course, the documents may have been illegally obtained; that is the first thing the McCain campaign shouted. (How about a comment on government business happening on Yahoo! mail, and whether that’s the way the open, transparent new Washington government we’ve been promised will be run?)

We have a long history in this country of illegally obtaining documents that reveal illegal or unethical behavior. Thinking back on the publication of the Pentagon Papers in 1971, I am moved to ponder how much simpler it would be today. The question of prior restraint would have been moot before it could even have been raised, had someone scanned them in and posted them to Wikileaks.

How did the account get compromised? No one is saying, but I noted some of the problems with password security a few days ago. There are some speculations; perhaps someone tricked the service into revealing her password (most unlikely, as passwords are ordinarily encrypted at the server). Or resetting it (more possible — remember that Paris Hilton’s T-Mobile account was compromised because the name of her dog was the answer to the I-forgot-my-password-give-me-a-new-one security question). But still improbable for a Yahoo! mail account. She might have been the victim of a phishing attack (but if she is so credulous that she fell for one of those “this is your account manager speaking, please type your password here so we can verify it” scams, heaven help us if she winds up negotiating with Putin).

I would tend to look for a simpler strategy if I were trying to break in. Try a password like “Todd.” A lot of people still use them, even though most services demand that passwords be more complicated than that.

P.S. This example makes it clear what it means to say that the president needs to understand information technology. He doesn’t need keyboarding dexterity or familiarity with Excel macros. He needs to be able to understand this blog!

One Response to “Sarah Palin’s Email”

  1. Blown to Bits » Blog Archive » How Palin’s Yahoo! Email Was Compromised Says:

    […] Sarah Palin’s Email […]