Palin’s e-mail Was Hacked - No One Cares She Used Yahoo?
Okay, I try not to get too crazy about politics here in my blog because, frankly, it’s very difficult to get your emotions and your raised eyebrows and your sarcasm to show in print. Sometimes you seem like a ranting lunatic, others you see clueless when you were really just going for a laugh. This time I have to say something.
I feel very badly that Governor Palin’s personal e-mail was hijacked. I hate hackers of any sort, despise spammers and ID thieves and scammers of all stripes. Here’s the thing, though…what the hell was she thinking? Seriously.
The e-mails in question included personal, confidential, and in some cases official correspondence. They were sent by the highest Executive in the state of Alaska, and she was using Yahoo Web-mail to do it? Where is the IT security in the state of Alaska? The US Navy, the USCG - places I’ve worked and assisted in network security for - don’t even allow users to access webmail. This is one of the reasons. You can’t control information that is housed on a remote server, and who knows what Yahoo employees actually have access to the e-mail servers? I’ll guarantee you they don’t have a security clearance. If Yahoo operates like most IT systems, there are probably a huge number of administrators and technicians with full access to the servers.
While it’s an infantile and pathetic attack to hack into someone’s Yahoo e-mail and post it on the Internet, it’s an almost criminal breach of security to have that e-mail on a public webmail system in the first place. I don’t care what was in the e-mail, and I feel badly for Governor Palin’s privacy being violated, but at the same time, she and all those responsible for educating her on Internet security and maintaining that security should be held accountable for an almost ridiculous breach of security.
I wonder if people will every wake up to the fact that every server with information on it has IT guys in charge of it, and if you don’t have access to and control over those IT guys, you don’t HAVE any security. There’s a great IT t-shirt out there - on the front it says…do you have a backup of all your files and e-mail? On the back it says. I do.
I hope the Governor and her staff will take this as the wake-up call it should be…but I doubt it. The focus is on the horrible hackers, and it’s pretty unlikely it will turn it’s light on the stupidity that gave them the green light for their crime.
I guess it’s job security…
-DNW
09/18/08, 6:56 AM |
Yes. Thank you. I wish this was just the State of Alaska, but many public institutions simply do not understand real security risks and their consequences. A chain is only as strong as it’s weakest link.
09/18/08, 7:04 AM |
It’s funny. You can explain why things are security risks. You can build elaborate protections for things that are, or should be, important. Actually getting anyone to pay attention to those precautions, or to REALLY GET what you are saying seems beyond the realm of possibility.
People in positions of authority have an obligation to pay more attention than average citizens. If Johnny loses the bowling schedule, well, that’s a shame. If a corporate lobbyist hires a hacker to get inside information from an e-mail account foolishly exposed on a public e-mail system - that’s an entirely different matter.
The ability to see and understand the threat and act on it is crucial in today’s Internet-based world. That is one reason I can’t support a President who admittedly won’t use e-mail and hasn’t a clue about the entire mess…particularly since his VP candidate and her people seem - while able to use it - unable to grasp the dangers involved.
-DNW