Feeds

Palin email witness decries 'dog and pony' prosecution

When throwing the book backfires

Internet Security Threat Report 2014

A witness who testified against the man accused of breaching Sarah Palin's Yahoo! Mail account has criticized federal prosecutors for distorting the facts in an attempt to score legal points.

Gabriel Ramuglia said the episode left him so disenchanted that he's changing the logging policy for Ctunnel.com, the anonymity proxy used to access Palin's Yahoo account while she was running for vice president in 2008. Before, he collected the IP address of each user along with the time and address of each web visit and stored it for seven days. Now, he logs the minimum required by law.

Ramuglia said he's taking the step because he believes prosecutors exaggerated entries in the log information when presenting it to the jury in the case. On several occasions, he said assistant US attorneys told him privately they wanted to "show as much commerce as possible" by emphasizing connections his proxy made to ad servers, even though his site almost always filters out their content.

Based on the evidence in Ctunnel logs, Ramuglia said, he believes Kernell "should have got in some trouble." But he went on to say that he believes prosecutors are attempting to win enhancements to Kernell's potential sentence by ginning up findings that the breach disrupted interstate commerce.

"My objection is that they seem to be more interested in getting a maximum sentence than with prosecuting what actually happened," Ramuglia, 26, told The Register on Tuesday. "They really don't need to try to get 50 years on this by drumming up all these other irrelevant charges."

Ramuglia testified last Wednesday in the trial of 22-year-old David C. Kernell, who is charged with four felonies for allegedly breaking in to the Palin account. Kernell has pleaded not guilty to the charges. His attorney has insisted there was no criminal intent in the intrusion and during closing arguments told jurors: "not every choice we make at age 20 defines who we are."

The jury began deliberating on Tuesday after a week of testimony.

When FBI agents contacted Ramuglia in September 2008, the webmaster and entrepreneur said he was happy to turn over the logs showing the IP address of the person who accessed Palin's account without access. He said it was only recently that he learned that if Kernell is convicted on all four charges, he faces a maximum sentence of about 50 years. (Legal experts say based on the facts, he would probably get much less).

After objecting to prosecutors' court tactics, Ramugila said that Ctunnel will no longer proactively log any information at all on servers located in the US. In the UK, in keeping with laws there, he will store information for 48 hours. He said he may still narrowly log on a case-by-case basis, say, in instances where a user repeatedly abuses his terms of service.

US attorneys handling the case couldn't be reached for comment. In their defense, it should be noted that it's not unusual for attorneys on either side to emphasize facts that are favorable to their side, and there's nothing in Ramuglia's account that suggests any wrongdoing on the part of prosecutors. It's also unclear what sentence prosecutors will seek should Kernell be found guilty.

Still, it says something about the nation's uneven sentencing guidelines when someone like Ramuglia says he's no longer willing to serve as a witness for prosecutors, even in cases where he believes an offense has occurred.

"I would rather not have anything useful to provide to law enforcement and him get away with it than them put on this dog and pony show and try to get him put away for the rest of his life," he said. "It's just wrong. To the extent I can legally do so, I'm not going to be a part of it." ®

Internet Security Threat Report 2014

More from The Register

next story
George Clooney, WikiLeaks' lawyer wife hand out burner phones to wedding guests
Day 4: 'News'-papers STILL rammed with Clooney nuptials
Shellshock: 'Larger scale attack' on its way, warn securo-bods
Not just web servers under threat - though TENS of THOUSANDS have been hit
Apple's new iPhone 6 vulnerable to last year's TouchID fingerprint hack
But unsophisticated thieves need not attempt this trick
PEAK IPV4? Global IPv6 traffic is growing, DDoS dying, says Akamai
First time the cache network has seen drop in use of 32-bit-wide IP addresses
Oracle SHELLSHOCKER - data titan lists unpatchables
Database kingpin lists 32 products that can't be patched (yet) as GNU fixes second vuln
Researchers tell black hats: 'YOU'RE SOOO PREDICTABLE'
Want to register that domain? We're way ahead of you.
Stunned by Shellshock Bash bug? Patch all you can – or be punished
UK data watchdog rolls up its sleeves, polishes truncheon
prev story

Whitepapers

Forging a new future with identity relationship management
Learn about ForgeRock's next generation IRM platform and how it is designed to empower CEOS's and enterprises to engage with consumers.
Storage capacity and performance optimization at Mizuno USA
Mizuno USA turn to Tegile storage technology to solve both their SAN and backup issues.
The next step in data security
With recent increased privacy concerns and computers becoming more powerful, the chance of hackers being able to crack smaller-sized RSA keys increases.
Security for virtualized datacentres
Legacy security solutions are inefficient due to the architectural differences between physical and virtual environments.
A strategic approach to identity relationship management
ForgeRock commissioned Forrester to evaluate companies’ IAM practices and requirements when it comes to customer-facing scenarios versus employee-facing ones.