Modernizing Authentication — What It Takes to Transform Secure Access
The hacker or hackers who broke into Alaska Governor Sarah Palin's e-mail account didn't need much technical skill. The proof is in the screen shots taken by the cracker, who left all the evidence computer forensics experts will need to find him.
In his screenshots, posted to the underground Web site 4chan, a user named "Rubico" showed his entire browser window, including the address bar, as part of his deed. It showed to everyone that he used CTunnel, a Web service that acts as a proxy, blocking users' TCP/IP addresses when they visit a Web site.
It also showed a hash string that identified who the user is. CTunnel.com's owner, Gabriel Ramuglia, told Wired's Threat Level blog that the FBI has contacted him to obtain his logs, which he would comply in delivering.
Then, as if realizing his error, such as using only one proxy server to hide his identity, he wrote:
"yes I was behind a proxy, only one, if this s--- ever got to the FBI I was f------, I panicked, i still wanted the stuff out there but I didn't know how to rapids--- [A derogatory reference to Rapidshare, an anonymous file sharing service where people can dump a large file, get a link to it and share it with others to download] all that stuff, so I posted the pass on /b/, and then promptly deleted everything, and unplugged my internet and just sat there in a comatose state."
"/b/" is the Random board on 4chan, an image sharing board inspired by a similar Japanese board. It only has about 10GB of online data because it cycles through data so fast, but generates gigabytes of daily traffic. The /b/ board can get as many as 200,000 posts per day, according Time magazine.
The Wall Street Journal recently profiled its founder, a 20-year-old New Yorker named Christopher Poole, and his dilemma in trying to make a business out of a site with enviable traffic but occasional stomach churning content and abysmal user behavior.