By Joel Hruska
October 08, 2008 - 12:37PM CT

David Kernell, the alleged hacker of Sarah Palin's Yahoo e-mail account, has been indicted by a federal grand jury and will be arraigned today by US Magistrate Judge C. Clifford Shirley. The indictment alleges that Kernell gained access to Palin's account by resetting the account password by correctly answering a series of security questions.

This type of identity authentication is used widely across the 'Net; the questions themselves are typically designed to be both easily answered and personal to each registrant. Common examples include: "What was your mother's maiden name," "What was the name of your first pet," and "What was the name of your elementary/junior high/ high school."

There's no way to know which of these Palin chose, as most web sites allow the user to select from a range of questions, but the original 4chan post that kicked off the scandal implied that cracking the e-mail account required only basic research. In fairness to Yahoo, these types of security measures do not anticipate that the user might be a public figure, particularly a public figure who has suddenly found herself under a white-hot spotlight of media attention.

In this case, it was Governor Palin's private account that was hacked, and not the other Yahoo e-mail address she was apparently using for government business, but again, Yahoo doesn't advertise itself as a service in that way. The indictment also alleges that Kernell "allegedly read the contents of the account and made screenshots of the e-mail directory, e-mail content and other personal information."