/*PenDragn: Forensic Analyst Says Likely Governor's Racist Audio Was Not in Password Protected Area*/

9.13.2006

Forensic Analyst Says Likely Governor's Racist Audio Was Not in Password Protected Area

From NBC11.com report:
NBC 11 News went to Forensic Analyst Mike Murr to find out how a private recording becomes public.

Murr took a look at the governor's site.

"I don't see anything up front that says password protected or private," Murr said. "It is possible someone could have made a typo saved to wrong system.

Another report notes:
A link first posted it on a August 29th press release from the governor's office. The Angelides staffers chopped off some of that Web address and accessed a directory where they downloaded four hours worth of material.

Prof. Hao Chen. Ph.D., UC Davis Computer Science Dept.: "That's absolutely possible. In fact, that's why a lot of security vulnerabilities have happened because of misconfiguration."

Six minutes were leaked to the LA Times. The governor's comments about a Puerto Rican lawmaker's personality touched off a firestorm.

Schwarzenegger Tape: "She's Puerto Rican or the same thing... Cuban... I mean, they are all very hot... They have the, you know, part of the black blood in them and part of the Latino blood in them..."

The California Highway Patrol is investigating whether the governor's server was hacked, as is State Attorney General Bill Lockyer.


The security has been fixed at the governor's site now apparently. And hopefully, someone's been hired that knows how to run an IP check.

Not being a tech junkie I am relying on outside sources here.

The UK Inquirer notes that
the tapes were on a Web server called speeches.gov.ca.gov in a directory structure that looked like "http://speeches.gov.ca.gov/dir/06-21.htm.htm".

Such a listing is exactly the sort of thing that a Democrat researcher should be legitimately looking at.


ZDNET says about the same thing, but it seems more understandable to me,

The controversy may center on the design of the Web server called speeches.gov.ca.gov. The California government used it to post MP3 files of Schwarzenegger's speeches in a directory structure that looked like "http://speeches.gov.ca.gov/dir/06-21.htm.htm". (That Web page is now offline, but saved in Google's cache.)

A source close to Angelides told CNET News.com on Tuesday that it was possible to "chop" off the Web links and visit the higher-level "http://speeches.gov.ca.gov/dir/" directory, which had the controversial audio recording publicly viewable. No password was needed, the source said.


According to the Washington Post:
The California Highway Patrol has launched a probe into how the file was downloaded. Spokesman Tom Marshall declined to comment. "The investigation is expected to last several weeks so we're not commenting until it's done," he said.


And the guy that makes the skin crawl, Governor's spokesman Steve Schmidt again tries to make Watergate out the incident (but that's Schmidt):
The Los Angeles Times would not have attributed the file to anonymous sources if it was available on a public Web site, Schwarzenegger campaign manager Steve Schmidt told reporters. "This was an attempted political dirty trick and they've been found out," Schmidt said, referring to the Angelides campaign.


The post also has a great comment from an aide to Steve Westly who lost to Angelides in the primary:
"It's like a taking confidential document, putting a blank sheet of paper over it and pinning it to a coffee shop bulletin board," said Jude Barry, campaign manager for Angelides' unsuccessful primary rival, state Controller Steve Westly. "If you're unusually lucky nobody will read it, but if someone does you shouldn't be surprised."

Not surprisingly a former Republican National Campaign researcher disagrees.