Internet forensics on the Zuckerberg hack

Image: Johan Nilsson / Some rights reserved

Charles Arthur’s superb Guardian post on trying to track down who hacked Mark Zuckerberg’s Facebook account is an excellent example of Internet forensics. Here’s an extract:

[W]e might be able to find the hacker if we can find out who changed the Wikipedia page. Unfortunately, it wasn’t done by a registered user. But because of Wikipedia’s clever tracking system, you can see the IP of non-registered users: there it is at the top of the edit page in the screenshot: You can also see what articles machines at that IP address have edited – a very mixed bag–- and also how edits from that IP have been increasingly smacked down by Wikipedia editors (latest on that page coming from October 2009: “Please stop your disruptive editing. If you continue to vandalise Wikipedia, as you did at Lyoto Machida, you will be blocked from editing.”

So who’s behind A quick whois query tells you that it… the US department of defence in Williamsburg. [FULL ARTICLE]

Leave a Reply

Fill in your details below or click an icon to log in: Logo

You are commenting using your account. Log Out /  Change )

Google photo

You are commenting using your Google account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s