In more Sarah Palin/IT news…maybe there’s a good reason for John McCain’s professed aversion to e-mail. He’s selected a more tech-savvy running mate, but she’s quickly become a poster child for some work-e-mail no-nos – and what can go wrong when using public-access mail servers for official business.
VP candidate Palin had her “firstname.lastname@example.org” Yahoo! e-mail account hacked yesterday and some of its contents posted online. The group, which billed itself “Anonymous,” supposedly posted some of her private communications to expose what appeared to be her use of a personal account for government business. This included personal photos, the contents of several messages, the subject lines of dozens of e-mails and Palin’s e-mail contact list.
Palin has been criticized for using a personal e-mail account to conduct state business. An Alaska activist has filed a Freedom of Information Act request seeking disclosure of e-mails from another Yahoo! account Palin used, email@example.com.
Michael Allison, chief executive of the Internet Crimes Group, a private company specializing in Internet security, said the hackers may have accessed Palin’s account by using publicly available information to guess her password, or by using a program to capture her keystrokes. A hacker also might have sent a forged e-mail to her account tricking her into revealing her own password.
Of course, I must start by commenting on the immaturity of these hackers. You can dislike a candidate all you want, but don’t hack into his or her e-mail account. Apparently, it’s been known for months that Palin uses Yahoo! accounts to conduct government business. So what, really, do you accomplish by posting some apparently-innocuous messages online? If anything, it just drums up sympathy for Palin.
I’m left wondering: was there any good reason for Palin to be using Yahoo! for official business when she has a more properly secured e-mail address through her work? I don’t see it. Like most large organizations, I’m sure the Alaska state government must have a VPN or other such protocol in place to allow her to access her e-mail remotely. Would you be as brazen about transmitting business information as she has been? This strikes me as another example of Palin’s inexperience and/or overt flouting of the rules. I wonder if those in charge of IT at the White House are already having nightmares over the security snafus they may face if McCain and Palin are elected.
Here’s my bottom line: if Sarah Palin can’t be bothered to rely upon her secure, official e-mail address for conducting state government business, how can we feel confident that she’s going to properly protect information related to national security? I don’t want to live in fear that nuclear war codes are floating around through Yahoo!