Sarah Palin ordered to preserve her Yahoo mail
- TAGS:preserve, Sarah Palin, Yahoo
- IT TOPICS:Government & Regulation, Internet, Security
This is a story that just won't go away. Sarah Palin has been ordered to retain her Yahoo private e-mail account and preserve any messages related to state business. This comes as a result of a lawsuit filed by a former state worker and activist named Andrea McLeod. Details of the on-going Yahoogate story are all in a news report that came out over the weekend.
I call it Yahoogate because I am already starting to see the fall-out from this high-profile story. David Kernell was indicted last week for breaking into Palin's account and changing the password to "popcorn" -- he has pleaded not guilty; now Palin herself may be in trouble.
In government and in the enterprise, using a personal Webmail account is verboten because they are not inherently secure. I mentioned before that Yahoo has now changed their password reset policies. I noticed today that the music streaming service Rhapsody has also changed their reset system so that you have to use the e-mail address you had when you first signed up.
It's sometimes true in network security that one bad hack can lead to a massive new security overall. Webmail especially has been surprisingly lax when it comes to password resets -- I used to be able to reset my Hotmail password just by typing in one security question (I think it was "name of your first pet") without any other hurdles. If the Kernell case leads to more security on the Web, that would be a good thing because it has been a wake-up call to at least a few, and maybe a whole bunch, of Web companies like Yahoo. I'm a little surprised we haven't seen more copycat crimes: breaking into George Clooney's e-mail, or maybe Brett Favre's.
I see that as one of those stories that we can all relate to: it has always seemed a bit too easy to guess passwords on the Internet, either by going through a reset process or just typing random passcodes that would seem likely candidates. A story like this one makes news when we have all had the temptation to try it. If enough damage is done in hacks like these, it may lead to more interest in a security system such as Sender ID. Still, I retrieve my physical mail from an inbox that has no lock and key like most people do. Of course, it is a federal crime to steal even one piece of junk mail, so maybe that is where we are headed.
Related news and opinion
- Sarah Palin ordered to preserve her Yahoo mail
- Kernell pleads innocent to Palin hack charge
- IT Blogwatch: Sarah Palin's alleged email hacker pleads, "Not guilty"
- Accused Palin hacker has a history of intrusion
- Scott McPherson: Throw the book at Palin's email hacker
- Tenn. student indicted for hacking Palin's e-mail
- Yahoo, Hotmail, Gmail all vulnerable to Palin-style password-reset hack
- FBI searches Tenn. student's apartment in Palin hacking case
- IT Blogwatch: Sarah Palin e-mail hacker drops anchor, arrr!
- Security researchers ponder possible Palin hacks
- Sharon Machlis: Yahoo users: Like Sarah Palin, you may be vulnerable to an e-mail hack
Free Insider Guide