As most of the traditional defenders of privacy are curiously quiet on this one, it’s left to the police and Wired to come up with some answers. And, it seems they’re doing so, quickly. The AP reports the hacker impersonated Palin, using the “forgot your password?” feature to gain access. He simply gave Palin’s birthdate and zipcode, and then answered the secret question, “Where did you meet your spouse?” The answer, of course, was “Wasilla High.” He showed up on a forum yesterday to brag about his feat under the name, “Rubico.” Investigators apparently have the cooperation of an Athens, Ga. man whose internet anonymity service was used to shield the hacker’s identity. Wired has something more interesting. They claim the username and e-mail associated with “Rubico” may belong to a Tennessee college student who is the son of a Tenn. Democratic state representative, but the connection has not yet been confirmed.
Also curiously absent from the AP’s coverage of the hacker’s account of the hacking? His partisan motivations, which Wired includes in its story:
Despite the fact that other quotes in the story indicate the reporter read the hacker’s account, which included that sentence, he apparently didn’t deem it relevant. He did, thank goodness, include two paragraphs about Palin’s use of personal e-mail as a possible ethical breach. Nothing to see here. Just your average hack of a vice presidential candidate’s e-mail account with no political motivation whatsoever. I’m sure if it does end up being a Democrat’s son who’s the culprit, the media will regain its respect for the privacy of politicians’ children but quick. Perhaps should Bristol Palin should engage in something more illegal and high profile next time to stave off the press. Update: Fox identifies the possible hacker and Tennessee college student as David Kernell, son of Rep. Mike Kernell of the Tennessee legislature. A Lexis search on Kernell turns up very little, but a 2003 NYT piece about new electronic voting machines in Tennessee calls him a “technology enthusiast.” The only connection so far to Kernell seems to be that the e-mail he used to post his confession once belonged to a “David Kernell,” so who knows how it will play out, but the Athens, Ga. tech guy seems confident he can track him using his logs, as the hacker only used one proxy to conceal himself, so we should have an answer soon enough. Update: Just a reminder that I think all this started when the Washington Post published Sarah Palin’s Yahoo! address in this story about her use of a private account for government business. It came out on Sept 10 and set forums afire with talk about how it was only a matter of time before it was hacked. I believe that’s the first place the e-mail appeared, and I can’t imagine what was the justification for printing it. Why does the public have the right to know her actual address? You can make the argument that they should have access to some of the information in the account, but not the address itself. Update: Slight correction: The first e-mail address hacked was gov.palin, which is slightly different than the gov.sarah address the Post printed, though the Post’s gratuitous mention certainly put everyone on the right trail. Both gov.sarah and gov. palin had to be shut down in the aftermath of the hacking.
