But last night, Sullivan and The Atlantic went even further: An internet group hacked two of Sarah Palin's email accounts. And Sullivan celebrated the act.
Commenter P.G. puts this in proper context:
[T]oday he endorsed identity theft as a legitimate tool against Palin.
I cannot comprehend how he has not been fired today. The Atlantic Monthly, one of the great publications of the past century+, now endorses identity theft. This is far more shocking that the lunacy and rumor-mongering of the past 3 weeks. Identity theft is a truly insidious crime that destroys peoples lives every single day. Today a Sr. Editor of The Atlantic Monthly, on their own pages, proudly endorsed this tactic. That the Washington Post is not investigating this situation is a complete and utter sham. Howard Kurtz should be ashamed. I plan on calling The Atlantic tomorrow to inquire as to their official position on identity theft and their comments on Sullivan's endorsement of it.
P.G. seems right to suggest that at this point it's The Atlantic itself which is endorsing the commission of crimes against Palin--because no one else at the magazine has written to contradict Sullivan. Whether by design or not, Andrew Sullivan is now speaking for the entire magazine by applauding criminal behavior directed at Sarah Palin.
What does David Bradley think about this? Why are no media reporters interested in asking him?
Update: Tech Guru P.G. expands a bit on hacking and identity theft:
I've read elsewhere around the web the notion that hacking an email account does not qualify as identity theft, but may be covered by various anti-hacking laws.
This is not necessarily true. The method most likely used to gain access to the account almost certainly qualifies as identity theft.
I can think of only a few ways to gain access to a private email account: some sort of brute force password hack, or trick the provider to reset password and/or account info.
Brute force attacks these days are mostly defeated by security protocols in place designed specifically to stop such attacks. It is probably highly unlikely that this was a brute force attack, and if it were Yahoo has a huge problem on their hands regarding their security.
In all likelihood this was either a web-password-reset or some other form of reset that gained access to the account. If a web-reset occurred it is possible that with the plethora of personal Palin information available to the public someone might be able to answer the questions set up before a reset can occur (i.e. where did you attend middle school, what is your dog's name, etc...) If you read a EULA or any agreement, to answer these questions as though you are the account holder is identity theft. It is also possible that someone simply called Yahoo to get this information, again under the guise that they were Sarah Palin or someone authorized on her behalf. This constitutes identity theft.
Nonetheless, whether it violates a hacking law or identity theft laws, it was a crime. And The Atlantic sanctions crimes against Sarah Palin. Until a retraction or disclaimer is provided, this is their official position.
Update 2: Orin Kerr has more on the criminal actions in question.
12 comments:
Just a quick point:
I've read elsewhere around the web the notion that hacking an email account does not qualify as identity theft, but may be covered by various anti-hacking laws.
This is not necessarily true. The method most likely used to gain access to the account almost certainly qualifies as identity theft.
I can think of only a few ways to gain access to a private email account: some sort of brute force password hack, or trick the provider to reset password and/or account info.
Brute force attacks these days are mostly defeated by security protocols in place designed specifically to stop such attacks. It is probably highly unlikely that this was a brute force attack, and if it were Yahoo has a huge problem on their hands regarding their security.
In all likelihood this was either a web-password-reset or some other form of reset that gained access to the account. If a web-reset occurred it is possible that with the plethora of personal Palin information available to the public someone might be able to answer the questions set up before a reset can occur (i.e. where did you attend middle school, what is your dog's name, etc...) If you read a EULA or any agreement, to answer these questions as though you are the account holder is identity theft. It is also possible that someone simply called Yahoo to get this information, again under the guise that they were Sarah Palin or someone authorized on her behalf. This constitutes identity theft.
Nonetheless, whether it violates a hacking law or identity theft laws, it was a crime. And The Atlantic sanctions crimes against Sarah Palin. Until a retraction or disclaimer is provided, this is their official position.
You know, I've been having great fun leaving questions at the Atlantic's new advice column feature, things like, "I'm having trouble deciding if identity theft and email hacking should be illegal? Could you help me decide?"
Orin Kerr believes the easiest crime to prove would be a hacking crime:
http://volokh.com/posts/1221704175.shtml
"18 U.S.C. 1030(a)(2)(C), accessing a protected computer without authorization to obtain information"
There may also be some useful information here regarding account hijacking (though this applies mostly to banking):
http://www.fdic.gov/consumers/consumer/idtheftstudy/legislative.html
and here:
http://www.mysecurecyberspace.com/encyclopedia/index/account-hijacking.html
Ok, here is how it went down. As I suspected, it was identity theft or misrepresentation of identity:
http://michellemalkin.com/2008/09/17/the-story-behind-the-palin-e-mail-hacking/
rubico 09/17/08(Wed)12:57:22 No.85782652
....
In the past couple days news had come to light about palin using a yahoo mail account, it was in news stories and such, a thread was started full of newfags trying to do something that would not get this off the ground, for the next 2 hours the acct was locked from password recovery presumably from all this bullshit spamming.
after the password recovery was reenabled, it took seriously 45 mins on wikipedia and google to find the info, Birthday? 15 seconds on wikipedia, zip code? well she had always been from wasilla, and it only has 2 zip codes (thanks online postal service!)
the second was somewhat harder, the question was “where did you meet your spouse?” did some research, and apparently she had eloped with mister palin after college, if youll look on some of the screenshits that I took and other fellow anon have so graciously put on photobucket you will see the google search for “palin eloped” or some such in one of the tabs.
I found out later though more research that they met at high school, so I did variations of that, high, high school, eventually hit on “Wasilla high” I promptly changed the password to popcorn and took a cold shower…"
Just as I suspected, someone used the web-reset feature, along with various personal facts easily found on the web, to reset the password. This is an acceptable vetting tactic according to Andrew Sullivan and The Atlantic Monthly
"That the Washington Post is not investigating this situation is a complete and utter sham."
Oh, please. Do you REALLY expect the Washington Post to investigate this? The LAST thing they want to do is say that some other media has gone overboard for Obama and against McCain.
The only media organs that would ever consider publishing something along these lines would be an explicitly conservative magazine - a National Review or Weekly Standard. Too bad nobody who reads this has any connection to any of the writers for those magazines.
Anon 1:09-
It isn't that the post should be investigating whether The Atlantic is in the tank for Obama. If true, that wouldn't be a big deal (Douthat and Salam are both lukewarm McCain supporters, I hardly think the mag supports one candidate over another and I don't sense that from reading it, ever).
The scandal is that the publication, or the National Journal company, endorses theories about Sarah Palin no other respectable media outlet endorses, and now endorses criminal activity against a major public figure. This is a not-insignificant story. If the WaPo endorsed 9-11 trutherism on their blogs and cheered identity theft against Bush, the NYTimes would report it, regardless of their own perceived bias against those same people. Similarly, when Howell Raines was running the NYTimes into the ground with his bias, the WaPo covered the story even though they have a somewhat similar bias. Real reporters cover these stories. Regardless of whether you think they have a particular bias, they are professionals and do go after a good story. The Sullivan-Atlantic insanity is a good story that warrants at least a phone call from Howie Kurtz.
Sullivan just stepped in it (again):
First, he posts purported excerpts from Palin's email account, which include references to "fags" or "faggots." Sullivan -- true to his slipperiness on all matters Palin -- concludes, "I have to say that given Palin's Christianist far-right base, this kind of internal language does not surprise me. Alas."
Bold words -- too bold, in fact. Only a short time later, Sullivan has to admit his error: Sullivan's source was referring to himself in those terms.
Of course, Sullivan doesn't bother apologies for his assertion that Palin's use of such terms would be unsurprising.
Sullivan's full of corrections today! Earlier today, he said that the McCain campaign has "no clue about foreign policy," as evidenced by the allegedly erroneous use of the term "President Zapatero." Later he had to admit that use of the term "President" with respect to Prime Minister Zapatero is not at all incorrect.
For someone so prone to prejudice and error, he's hardly in a position to accuse Palin of bigotry or the McCain foreign policy team of ignorance!
Actually, there are a -lot- of ways to get into an email account, beyond just brute-force password cracking and the web password-reset feature that most web-based email clients feature.
In fact, either of those two methods would probably be the least likely ones to be undertaken. The former because most web-based emails now have a low number of failed login attempts available before the account locks down (which are logged, as well), and the latter because it involves going through a ton more effort to get the same result.
There are a lot of ways to get through security systems. And several of the ways that most people not terribly familiar with computers would think of as being virtually impossible aren't nearly as difficult to do as you'd think. Everybody got scared twenty years ago when the movie Hackers came out, and, really, their perception of what's happening and how it's done hasn't really changed much since then.
Maurkus,
Turns out the "hacker" in question used EXACTLY the method I thought was most likely. He used the web-reset feature after researching the answers to the personal questions with information readily available on the internet.
Technically, this is not a "hack" at all, requiring no computer skill or knowledge whatsoever. It's identity theft or impersonation, plain and simple. My 8 year old daughter could have accomplished this.
Are you kidding? He doesn't "celebrate" it. He posts the link to wikileaks. It's what blogs do. Besides the violations of open records act policies evidenced by the Gov conducting official business through a private email account (er, shades of the WH, anyone?), it's a news story. This blog used to be interesting - it's become a weird Andrew sullivan hate-fest.
anon 3:51-
Sullivan specifically says "because McCain didn't vet" Palin the hacker had to. That is linking approvingly. It is condoning a crime. You're a pathetic Sullivan apologist who draws breath that would be better used for something else, like pond scum.
I'm with Sam; I'm no longer reading this blog. Sullivan is to Last as O.J. is to Geraldo.
Get a life! BTW, Iggles suck. Wait for the repeat beatdown in Philly!
Post a Comment