Big Breaks in the Palin E-mail Breach Investigation

You may also like...

2 Responses

  1. While it is ironic that rubico’s bragging made him easier to trace, I’m not convinced that the feds wouldn’t have been able to trace him almost as easily had he not done it. They would have needed to dig through Yahoo’s logs, but that would just have involved finding the first successful password change on the account and then looking at the IP address, which would have led them straight to Ctunnel. Yes, they wouldn’t have had the exact URL, but they would have had the exact time, which would be almost as good for someone with 80 gigs of logs.

  2. Paul Ohm says:

    James,

    You’re right that the advantage to the Feds was probably marginal. Still, at the very least, a smart agent (and trust me, there are plenty of those) could have gone to Ctunnel at the same time he or she went to Yahoo, saving himself or herself a few hours during which Ctunnel’s logs might’ve been deleted.

    Also, what do you make of the second Ramuglia quote? “Usually, this sort of thing would be hard to track down because it’s Yahoo email, and a lot of people use my service for that.” If enough people use his service for Yahoo mail, then his logs might have shown more than one request through Ctunnel to Yahoo at any given date and time.

    Finally, according to other sources, the URL “showed a hash string that identified who the user is.” If true, then not only would this have saved Ramuglia from searching his logs for date strings at all, it would have also been the kind of great identity evidence the prosecutor would love, especially if the same hash value is found in a cache on the ultimate suspect’s computer.