Tuesday, September 23, 2008

Just and Update: Twenty is just not as mature as it used to be...

Hunt for Palin hacker shaping up to be simple case
By LARA JAKES JORDAN – 6 hours ago
WASHINGTON (AP) — The hunt for the hacker who broke into Republican vice presidential candidate Sarah Palin's personal e-mail account is shaping up to be a remarkably simple investigation, by the standards of major cybersecurity whodunits.
U.S. investigators figure the hacker claimed responsibility in a detailed accounting that included his own personal e-mail address and that he tried to cover his trail using a U.S. Internet anonymity service that has been surprisingly cooperative with the FBI in efforts to peel away that anonymity.
Not exactly the plot of a Hollywood thriller.
In what may be a significant break in the case, the FBI searched the residence of the son of a Democratic state lawmaker in Tennessee over the weekend looking for evidence linking the young man to the break-in, two law enforcement officials told The Associated Press. The apartment the FBI searched is in a complex about five blocks from the University of Tennessee campus, in a neighborhood popular with students.
David Kernell, 20, has not returned repeated phone calls or e-mails from the AP since last week. His lawyer said Monday the family is going through a difficult period. Kernell is an economics major at the University of Tennessee in Knoxville.
"The Kernell family wants to do the right thing, and they want what is best for their son," said attorney Wade V. Davies of Knoxville. "We are confident that the truth will emerge as we go through the process. David is a decent and intelligent young man, and I look forward to assisting him during this difficult period."
Kernell is the son of state Rep. Mike Kernell, a Memphis Democrat and chairman of Tennessee's House Government Operations Committee. The father declined last week to discuss the possibility his son might be involved in the case.
"I had nothing to do with it, I had no knowledge or anything," Mike Kernell told the AP last week.
"I was not a party to anything of this nature at all," he added. "I wasn't in on this — and I wouldn't know how to do anything like that."
No one answered the door at Mike Kernell's home in Memphis on Monday, and he did not return repeated phone calls Monday from the AP.
Palin's e-mail account with Yahoo Inc. was compromised last week by a hacker who revealed as evidence a few inconsequential personal messages she has received since John McCain selected her as his running mate. The McCain campaign confirmed the break-in and called it a "shocking invasion of the governor's privacy and a violation of law."
Palin used "gov.sarah" in one of her Yahoo e-mail addresses she sometimes uses to conduct state business. The hacker targeted her separate "gov.palin" account.
During the break-in, the hacker used an Internet address that traced to David Kernell's apartment complex in Knoxville. The FBI obtained logs Saturday establishing the connection from Gabriel Ramuglia of Athens, Ga., who operates an Internet anonymity service used by the hacker.
Ramuglia told the AP the FBI asked him to confirm that the address appeared in his records. Ramuglia said his logs showed the hacker visiting Yahoo's mail service, resetting Palin's password and announcing results of the break-in on a Web site where the hacking was first disclosed.
"I think he just didn't realize the severity of what he was doing until afterwards," Ramuglia said.
After the break-in, a person claiming responsibility published a detailed chronology of the hacking on the same Web site. That person identified his e-mail address as one that has been linked publicly to David Kernell.
Kernell's father, Mike Kernell, has a strait-laced reputation among his colleagues.
"Mike Kernell is your quintessential Boy Scout," said state Rep. John Deberry, another Democrat. "Mike follows the rules. He will almost get on your nerve as far as making sure things are done by the book."
"If Mike had known anything about this, he would have had a fit on his son," Deberry said. "When I saw his reaction when he first heard about it, the absolute fear and shock that was on his face, I realized then he had absolutely nothing to do with it."
Experts said the hacker apparently left an easy trail for investigators.
"He might as well have taken a picture of his house and uploaded it," said Ken Pfeil, an Internet security expert. "He should have just set up a big beacon that said, 'Here's my house,' or confessed. If they can't catch this guy based on all the information posted on the Web then all bets are off."
Associated Press writers Ted Bridis in Washington, Erik Schelzig and Lucas L. Johnson II in Nashville, Tenn., and Beth Rucker in Knoxville contributed to this report.


Palin hacker's IP address linked to Tennessee college dorm
By Sam Gustin, Portfolio.com Published: September 22, 2008 - 10:00AM CT
Related Stories
Alleged 1st-person tale of Palin e-mail hack comes and goes
Hack of Palin e-mail makes case for sticking with .gov account
Palin comes under fire for using Yahoo e-mail for state biz
The hacker who broke into GOP vice-presidential candidate Sarah Palin's e-mail account used the internet service provider of a Knoxville, Tennessee student housing complex under federal investigation.
Federal agents executed a search warrant early Sunday morning at the apartment of a University of Tennessee student in connection with the probe.
In the days since news of the Palin hack broke, Web sleuths have focused on the 20-year-old student, whose father is a Democratic state representative in Tennessee.
But Portfolio.com has learned that the IP address used by the Palin hacker originated from an Illinois-based ISP called Pavlov Media, which provides internet service to The Commons at Knoxville, a University of Tennessee student housing complex.
In an interview with Portfolio.com, Gabriel Ramuglia, who runs Ctunnel.com, a proxy service used by the hacker to try to disguise his identity, said federal investigators asked him about a single IP address which has become the focus of the government's probe into the hacking of Palin's Yahoo e-mail account.
Ramuglia quickly matched the IP address to one found in his logs, which he said displayed Web activity "consistent with what web sites the hacker was expected to have visited through my service."
"The person visited Yahoo Mail, 4chan.org, and the Web addresses that were visible in the posted screenshots," Ramuglia told Portfolio.com Sunday night.
Ramuglia declined to provide the user's full IP address, but Portfolio.com has learned that the address falls within the range operated by Pavlov Media, formerly known as Fusion Broadband, which was created through a 2004 merger between Noment Networks and Distributed Management Information Systems, Inc. (DMISI).
Pavlov Media operates the internet service for The Commons at Knoxville apartment complex, which has become the center of attention in the Palin hack probe. The FBI showed up early Sunday morning at the apartment of the student, the son of a Democratic state representative from Memphis.
The student was apparently hosting a party at his apartment when the feds arrived.
WBIR of Knoxville reported that a Justice Department spokesperson confirmed "investigatory activity" in Knoxville related to the Palin case, and a separate law enforcement source confirmed that a search warrant was served. As of Sunday evening, no charges had been filed in the case.
News of the search warrant came just days after someone named "rubico" posted a mea culpa on 4chan.org, an online bulletin board frequented by individuals associated with "Anonymous," an amorphous, largely unorganized movement of hackers who gained notoriety after some adherents targeted the Church of Scientology.
Internet sleuths have compiled a list of evidence pointing to the student as the culprit, but again, no charges have been filed.
Meanwhile, legal experts say they expect the hacker, if found guilty, to receive a light sentence, according to Wired.com, not least of all because of ambiguity in the Justice Department's own policy regarding the legal status of e-mail that has been read, but not discarded.

No comments: