Thursday, October 9, 2008

Mother's maiden name

The hacking of Sarah Palin's Yahoo account should be a teachable moment for people who really are regular people. Don't use stuff that other people know to "secure" your data!

When your bank or your credit card or your service provider asks you to choose a challenge question on your account and they offer you vintage 1950 questions - mother's maiden name, place of birth, high school graduated from, last four digits of SSN, etc. - it's pretty clear that either (1) they don't know what they're doing, or (2) they don't care, and their real goal is to fob responsibility for security off on you. (Of course, CNN sanitizes the story, hiding how the hacker reset the password and pretending that the contents of Palin's account only appeared "briefly.")

The hacker committed a crime, and David Kernell is probably guilty as alleged. This level of foolishness should be best resolved by a misdemeanor plea agreement and a slap on the wrist, say public service, much as has happened in various past illegal taping cases involving partisans of both sides.

The crime exposed the fact that Palin has indeed used unofficial email for official acts, shades of the Bushists. She's an apt pupil. I seriously doubt that this is a crime in Alaska (though it's clearly an evasion of law in Washington), but it's a legitimate subject for political controversy even if it isn't illegal.

At least Palin can send email, even though her writing skills are right in line with her extemporaneous speaking skills. Which is to say, right up with some of the wingnut commenters on this blog.

No comments: