Having worked in the field of information security for some time and having worked on criminal cases involving breeches of security, I'm telling you that it's not going to happen.
They would fight it, but they would, at the very least be tried in the press, their web server would be under attack and at the very least, they would be forced off the ether-net.
Which is itself a crime.
What I want to know is, was this web site one of the sites that were vetted by the Obama campaign to cover the Obama nominating convention?
Not as far as I can tell. There are millions of blogs out there. Only a handful have the kind of following that lend themselves to being noticed by a presidential campaign.
More interesting to me will be Yahoo!s response to all of this. They've had a lot of security problems in the past but nothing that's gotten this kind of press.
How they handle it will indicate whether they are in the tank for 0bama and whether there was help from inside of Yahoo!
I’ll start off by saying that more of what you say seems correct to me than not. However, not everyone is an Internet Security expert. Most of us have WAY too full a plate to deal with to even get 10% of the way into it (Internet Security) that someone like you would likely recommend. Consider: Gov. Palin is probably just an “average” Internet / e-mail user, at most. She sure has plenty to do outside of that! If the Alaska State Gov’t. has an Internet Security person working for the Governor’s Office, then they should have advised Gov. Palin on essential internet secutity protocols.* If that person (if they exist) did not do so, then how does Gov. Palin find out (except perhaps by chance or accident)? It may seem “obvious” to you. It may not be so obvious to most people.
I’m quite sure I can find a bushel basket full of things most people, including yourself, are completely ignorant of, in my area of specialization. Heck, I am an electronics engineer and use computers all the time: I readily recognize there are probably ten bazillion things I SHOULD KNOW but I’ve not yet learned about the Internet, about 9 bazillion of which I have no suspicion about or knowledge of their existence at all. I just don’t have the freakin’ time, and nobody’s told me.
One thing I have learned from this is more about what constitutes a relatively safe “answer” to those “security questions” one often has to try to remember for even mundane accounts. Now... If only I could remember all of ‘em!
*On the other hand, I would also point out, as others have noted here, that Gov. Palin appears to have been only sending personal & unimportant (to the public) e-mails on her Yahoo account. So, the question becomes, should the State of Alaska provide the Governor with a highly secure e-mail account for personal communications?