David Kernell, the 20-year-old Tennessee college student suspected of breaking into the Yahoo Mail account of Gov. Sarah Palin, was indicted by a federal grand jury.
The development comes almost three weeks after authorities first named him as a suspect in the case.
Kernell is a student at the University of Tennessee at Knoxville. Perhaps more embarrassing, his father Mike Kernell is a longtime Democratic state representative from Memphis.
A grand jury in Knoxville indicted Kernell Tuesday on one count of accessing a computer without authorization. He reportedly turned himself in to the FBI on Wednesday morning.
Kernell pleaded not guilty, officials involved in the case said, and he was released without posting bond. However, the court imposed restrictions on his computer usage. He is not allowed to own a computer and can use the Internet only for checking e-mail and doing class work. A copy of his indictment can be found here.
If convicted, Kernell faces up to five years in prison and a fine of $250,000.
Kernell became the target almost immediately after the contents of Palin’s Yahoo Mail account were posted on 4chan, an image sharing site. When the hacker posted information about his accomplishments on 4chan, he did so under a nickname, “rubico.” There was a hotlink to the “rubico” name to the e-mail address “rubico10@yahoo.com,” which in turn was traced back to Kernell.
If that didn’t get him, another slip up would have. The hacker who broke into Palin’s account posted full screen shots of his accomplishment, including the address bar of his browser without the address obfuscated.
There in the address bar for all to see was proof he had use CTunnel, an anonymous Web surfing site that hides one’s IP address. However, CTunnel logs the addresses of all who use the service, and its owner cooperated with the FBI to track down who was responsible. Within days the IP address was traced to and Internet Service Provider that serves the Knoxville apartment complex where Kernell lives.
The FBI raided Kernell’s apartment at midnight on Sept. 21. Kernell fled the scene and his apartment was searched for three hours, according to the FBI.
The Palin e-mail hack
exposed just how poor most security systems really are. Her account wasn’t compromised by brute force; the hacker simply used the forgotten password feature, which asked him to answer simple questions. Rubico found those answers by looking up personal information publicly available about Palin, in this case, where she met her husband Todd.