See, commenters-who-were-appalled-that-I-was-insufficiently-appalled-by-the-breach? The diabolical genius(es) behind Sunday’s listserv shenanigans are now the subject of an intense virtual manhunt by Canada’s “secretive electronic counter-espionage police.” Abandon hope, all ye who dareth prank the Prime Minister: the Communications Security Establishment is on the case:
See, commenters-who-were-appalled-that-I-was-insufficiently-appalled-by-the-breach? The diabolical genius(es) behind Sunday’s listserv shenanigans are now the subject of an intense virtual manhunt by Canada’s “secretive electronic counter-espionage police.” Abandon hope, all ye who dareth prank the Prime Minister: the Communications Security Establishment is on the case:
The RCMP and the Communications Security Establishment have been asked to track down the source of at least two prank e-mails issued Sunday to scores of people signed up with the prime minister’s e-mail service.
The CSE has the dual role of electronic eavesdropping and protection of federal computer systems.
One of the messages suggests Mr. Harper’s recognition of Kosovo’s independence could lead to Quebec sovereignty.
As a journalist/geek, I was particularly impressed by the following:
The jokesters would not necessarily have needed to hack into government computers to perform their stunt; all they would have required was the listserv’s e-mail address.
Exactly, and good for the Canadian Press reporter who pointed it out — too often, we non-tech journalists get these kinds of stories hopelessly wrong due to our less-than-expert knowledge of how computers — and networks — actually work. I wouldn’t want to be within bellowing rage of the CSE investigators when the folks at PCO try to explain why they didn’t bother securing the mailing list, though.
INSTAUPDATE: Forgot to mention this, but I’ll be surprised if they’re able to track down the poster of the second spoofed email — it was sent through a far more bulletproof anon remailer, and the X:IP resolves to somewhere in Croatia. (Of course, it’s also worth noting that the machine associated with the IP in the original message – profiled by Steve Janke here – could well have been hijacked.)
ANOTHER UPDATE: According to an ITQ correspondent (who can share the details here, if he’d like), MTS – the ISP associated with the IP address that may have been responsible for the first spoofed message – has indicated that the “offender” has been identified, and they will proceed from here. Sounds ominous! Further bulletins as events warrant!