Categories
WebApps

How the FBI Would Have Tracked Palin’s Hacker If He Were L33ter

It’s been a few weeks since Palin’s “hacker,” David Kernell, got caught because he left a reference to ctunnel.com in the screenshots of Palin’s email.

Enjoy Jail, Punk!

What if David Kernell was able to remove the references to ctunnel.com? What would the FBI have to do to catch him? And how would a would-be hacker avoid detection?

  1. The FBI would have to obtain records from Yahoo and 4chan, and these records would hopefully reveal the IP addresse(s) that accessed Palin’s account.
  2. The FBI would also have to search data retrieved from a descendant of Carnivore, a wiretapping software used for the Internet c. 2001. Such data could reveal the MAC address of the hacker. The MAC address would lead to the place of purchase for David’s network card.

Even if David Kernell photoshopped ctunnel.com from the screenshots of Palin’s email, the FBI could still have catched him in two ways:

  1. The IP address at Yahoo or through Carnivore-like software would have led the FBI to ctunnel and then to David’s IP address.
  2. The MAC address gotten through Carnivore-like software at David’s ISP (which is not really likely) would have led the FBI to the store at which David’s computer was purchased. Something like “ping davids_IP && arp -a” would have to be run on a LAN level.

So how else could David have avoided detection?

1) He could have chained proxy servers.
2) He could have used a combination of p2p networks like the ones used for downloading movies and music to get to the web pages.

But even then, the FBI would still be able to catch him.

The FBI could still log name server look ups, the very techology that allows your computer to see www.fbi.gov as 64.212.100.43. If a log of name server look ups matched the time stamps of when the hacked pages were accessed, then the FBI would have a strong reason to believe that the hacker was using the ISP that provided the name server lookup, and from there get to David.

Okay, okay. Let’s say that David disabled name server lookups. Could the FBI catch him if he went as far as that?

If somehow his MAC address got leaked that would lead right to whoever purchased his computer’s network card. If he paid cash for his network card on the black market, or Craig’s List, then the FBI would be on a wild goose chase.

I think if he took all the precautions above, the FBI would be at a total loss for tracking Palin’s Hacker if he were l33ter.

Thoughts?

Categories
TechBiz WebApps

How Do You Avoid Presentation Disaster?

It’s been a rough few days at work. We got hacked. I had to cancel a lunch with some pals at the Reverie. @alicetiara and @walnotes were gonna be there and everything was set for a pretty convivial conversation and some fun debate.

But the code used for my presentation didn’t work because the machine it was working on wasn’t configured correctly. There might have been an issue with someone overwriting my code, too.

How do you avoid presentation disaster?

For my part, I’m creating a tool called Noobwatcher that:

  • checks the repo for changes every N seconds — because of a high noobage level, I’m gonna check every second
  • the moment that there is an update send the diff to me via IM, email, twitter. Take your pick.
  • check the server configuration files important to my code every N seconds
  • the moment a configuration file changes send the diff to me via IM, email, twitter — might as well use pownce, too.

Have you had to set something like this up? If so, what solution did you use?