Maybe I'm missing something here, but that doesn't seem to make sense.I mean, how was the OVDB session IDed?Wouldn't you have to break into OVDB server (which I don't think happened), have logs of IP addresses that connected and a timestamp, and then compare the same with all the popular email companies, gmail/hotmail et al?