2016 Postmortem
Related: About this forumAbout Guccifer's new hacking claim
As some of you may know, I've put together a Clinton email scandal timeline, at thompsontimeline.com. I'd like to point out some facts that relate to Guccifer's new hacking claim.
I don't know if what Guccifer says is true or not. I'm sure hard evidence will come out one way or another in time. But for Clinton supporters who are touting reporting like this:
"An internal FBI review of Clintons email records did not indicate traces of hacking, a source familiar with the situation told POLITICO."
Keep in mind that the security logs provided to the FBI were given by Bryan Pagliano, who managed Clinton's server while Clinton was secretary of state. In February 2013, his job at the State Department ended the same time Clinton left office. One month prior to that, Clinton was already looking for someone new to manage the server, so it appears he stopped managing the server around that time.
Guccifer hacked into Sid Blumenthal's emails on March 15, 2013, and found out about Clinton's emails and her clintonemail.com server that way.
It's not clear when Pagliano stopped managing her server - it could be that nobody was managing it for a few months. But by June 2013, the Colorado company Platte River Networks took over managing the server and Pagliano was definitely out of the picture. Then this happened:
June 2013 to October 2013: During this time, it appears that Clinton's private server is wide open to hacking attempts. On May 31, 2013, maintenance of the server was taken over by a small Colorado-based company called Platte River Networks, and the server is sent to a data center in New Jersey. Platte River Networks then pays to use threat monitoring software called CloudJacket SMB made by a company named SECNAP. SECNAP claims the software can foil "even the most determined hackers." However, the new software doesn't begin working until October, apparently leaving the server vulnerable. It is known that the server is repeatedly attacked by hackers in the months from October 2013 on, but it is unknown if any attacks occur when the software is not yet installed. Justin Harvey, chief security officer of a cybersecurity company, will later comment that Clinton "essentially circumvented millions of dollars' worth of cybersecurity investment that the federal government puts within the State Department. ... She wouldn't have had the infrastructure to detect or respond to cyber attacks from a nation-state. Those attacks are incredibly sophisticated, and very hard to detect and contain. And if you have a private server, it's very likely that you would be compromised." (The Associated Press, 10/7/2015)
Then the software was finally installed and this happened:
October 2013 to February 2014: Clinton's private email server is the subject of repeated attempted cyber attacks, originating from China, South Korea, and Germany. The attempts are foiled due to threat monitoring software installed in October. However, from June to October 2013, her server is not protected by this software, and there is no way of knowing if there were successful attacks during that time. A 2014 email from an employee of SECNAP, the company that makes the threat monitoring software, describes four attacks. But investigators will later find evidence of a fifth attack from around this time. Three are linked to China, one to South Korea, and one to Germany. It is not known if foreign governments are involved or how sophisticated the attacks are. Clinton had ended her term as secretary of state in February 2013, but more than 60,000 of her emails remained on her server. (The Associated Press, 10/7/2015)
So the claim that there was no evidence of hacking attempts clearly only refers to the time Bryan Pagliano was managing the server. Afterwards, with the domain name broadcast to the world through the Guccifer hack story (which was reported at the time in Gawker, the Russian Times, and other media outlets), incredibly, Clinton did not shut down her server or take her emails from her time as secretary of state off it. She did change emails, but to a different account on the same server (it went from hdr22@clintonemail.com to hrod17@clintonemail.com).
Whether Guccifer got into her server then, I don't know. But it defies belief that nobody did, when the server was wide open to hacking attempts not long after the Guccifer hack revealed clintonemail.com was where Clinton stored all her emails. If the Russians, Chinese, and other foreign government didn't scoop up all her emails then, they were totally incompetent.
So this claim about Clinton's server logs showing no hacker attempts is a red herring, and is only partially true at best. Even if you disregard the fact that any talented hacking attempt leaves no traces in the logs, it doesn't matter much if there were no hacker attempts from 2009 to 2013 because there was such opportunity from 2013 onwards, and all of Clinton's emails were still there! This is why the former heads of the NSA, CIA, DIA, Defense Department, and so on have said that it's assumed foreign countries did get her emails, because they were such a wide open and vulnerable target.
antigop
(12,778 posts)TheBlackAdder
(28,180 posts).
No computer specialist worth their salt will say that a stand-alone server, maintained by one guy, is secure.
.
grasswire
(50,130 posts)Please also note that we are cautioning readers to remember Dan Rather's experience and proceed with caution when trying to evaluate Guccifer's claims. It would be very easy for David Brock to ratfuck with some facet of this matter.
bbgrunt
(5,281 posts)haikugal
(6,476 posts)Bob41213
(491 posts)You've been very thorough. Pointing out very useful details.
Samantha
(9,314 posts)he discovered with three other countries. I remember China and Russia were two of those, but I cannot remember the third. Might have been South Korea.... When he discovered Blumenthal's address, he guessed his password, he found the emails to and from Hillary. And so he shared them. I would think it would be very easy from there for those countries to also access her email, but I am not the accomplished technical type so I can't call that shot.
Sam
paulthompson
(2,398 posts)Do you have a source for that? I haven't heard that, but then again I've missed some stuff.
Samantha
(9,314 posts)I am wondering if you saw this:
In early 2013, news outlets including Russia Today and The Smoking Gun published memos from Guccifer, with excerpts of exchanges between Blumenthal and Hillary Clinton about Libya including details following the 2012 Benghazi terrorist attack.
In a 2015 prison interview from Romania with reporter Matei Rosca for Pando.com, Lazar told Rosca that, "I used to read (Clinton's) memos for six or seven hours ... and then do the gardening."
and
The Romanian government told Fox News that the request to extradite Lazar came from the FBI, but when Fox News asked when the process began, a government spokesperson said they were not authorized to comment further.
Romanian media have reported the request came on or about Dec. 29, 2015. That would have been shortly after the intelligence communitys identification of emails beyond top secret on Clintons personal server, which became public in mid-January.(bold emphasis added)
from http://www.foxnews.com/politics/2016/04/08/source-no-coincidence-romanian-hacker-guccifer-extradited-amid-clinton-probe.html
I going to go look some more tonight....
Sam
Samantha
(9,314 posts)This article was dated in February 2016, but I missed it. It is explosive. I don't want to break the rule about the 4 paragraph limit to cite, so I wish to point out the following is the link, the title and 3 paragraphs. The article was subsequently updated, and if there is a fourth paragraph below it will be that update.
http://observer.com/2016/02/breaking-hillary-clinton-put-spies-lives-at-risk/
Discussions with Intelligence Community officials have revealed that Ms. Clintons unclassified emails included Holy Grail items of American espionage.
I can confirm that the FoxNews report, which lacks any specifics about exactly what was compromised, is accurate. And what was actually in those Top Secret emails found on Hillarys unclassified personal bathroom server was colossally damaging to our national security and has put lives at risk.
Discussions with Intelligence Community officials have revealed that Ms. Clintons unclassified emails included Holy Grail items of American espionage such as the true names of Central Intelligence Agency intelligence officers serving overseas under cover. Worse, some of those exposed are serving under non-official cover. NOCs (see this for an explanation of their important role in espionage) are the pointy end of the CIA spear and they are always at risk of exposure which is what Ms. Clintons emails have done.
Not only have these spies had their lives put in serious risk by this, its a clear violation of Federal law. The Intelligence Identities Protection Act of 1982, enacted due to the murder of the CIAs station chief in Athens after his cover was blown by the left-wing media, makes it a Federal crime to divulge the true identity of any covert operative serving U.S. intelligence if that person has not previous been publicly acknowledged to be working for our spy agencies.
Here is just the title of the update together with a link:
Whoa: Did Hillary's Emails Expose Undercover US Spies and Identify Foreigners on CIA Payroll?
http://townhall.com/tipsheet/guybenson/2016/02/01/report-top-secret-hillary-emails-included-operational-intelligence-which-jeopardized-lives-n2113093
This is incredible.
Sam
emulatorloo
(44,101 posts)"Fox News Report"
And
townhall.com
roguevalley
(40,656 posts)The pooch here. People probably got killed here
grasswire
(50,130 posts)The townhall link will bring you some grief. But this is really important stuff for everyone to see. Even Hillary supporters should be seeing what the rest of the world is reading.
Samantha
(9,314 posts)I stayed up stewing about that exact question until 5:00 am this morning. Sometimes, grasswire, politics becomes personal, and for reasons I will allow you to guess (you are pretty smart) you can imagine how something like this becomes personal. It hits home. Here in the Washington, DC area, which people sometimes forget, we were hit as well as NY on 9/11. We take our national security issues very seriously. Additionally, as you can imagine people have friends and relatives who work in this arena.
I do agree that this information should be broadcasted to the general DU population, but I am not sure I can handle all of the backlash at this time. If you like to take it and make it an op, please be my guest. It is important to note that while some of the reporting has been done by FOX (it is the only network that carries this issue in depth - the others are afraid to touch it) but one sentence in one of the posts I made confirmed FOX's reporting. It is the info from Observer. So that should be enough to give legitimacy to the post.
Please let me know if you can carry the ball on this. I wish I could but .... too personal, hit too close to home. I hope you do pick up the ball and run with it, grasswire. Let me know what you decide.
Regards,
Sam
grasswire
(50,130 posts)Many rabbit trails to follow. Or I should say skunk trails.
I have lived in the Washington metro area, and I cherish it. What a thrill it always was for me to stand on the Mall, look in all directions, and just soak it in. Couldn't believe I was fortunate enough to live there.
Heck. What's one more round of hateful posts from the Hilleryans. I'll do it in a bit.
Samantha
(9,314 posts)there is just too much info out there to read it all and absorb it all. But there is another item that I read weeks ago that I have been trying to find that is also very explosive. I think the American people should know just how precarious and sometimes even dangerous putting the responsibility for national security into the wrong hands can often backfire in dire ways. That point needs to be driven home.
thanks, grasswire
Sam
grasswire
(50,130 posts)The info is there, but not quoted from a RW source.
http://www.democraticunderground.com/12511906628
Samantha
(9,314 posts)crunched a bunch of chocolate espresso beans ....
Sam
PS I don't think one needs to apologize for reporting from FOX today. I personally had FOX banned in this house for 15 and one-half years but I recently found it was the only network reporting on this issue. So now some smaller publications are starting to show up and C-SPAN also has covered it.
2cannan
(344 posts)Russian Television: Partial Release of Hacked Hillary Clinton Emails
http://www.forbes.com/sites/paulroderickgregory/2013/03/19/russian-television-rt-partial-release-of-hacked-hillary-clinton-emails/#de27b112e46d
840high
(17,196 posts)I could remeber where.
BillZBubb
(10,650 posts)They actually believe the logs would show if anyone hacked the system. I'm sure some other Hillbot told them that had to be true and they took it as Gospel, since it supported their closed minded, unquestioning support of Ms. Golden Sacks.
In_The_Wind
(72,300 posts)Reter
(2,188 posts)On Thu May 5, 2016, 06:42 AM an alert was sent on the following post:
The technical ignorance of the Hillbots is astounding.
http://www.democraticunderground.com/?com=view_post&forum=1251&pid=1902788
REASON FOR ALERT
This post is disruptive, hurtful, rude, insensitive, over-the-top, or otherwise inappropriate.
ALERTER'S COMMENTS
Over the top name calling, nothing but disruptive.
You served on a randomly-selected Jury of DU members which reviewed this post. The review was completed at Thu May 5, 2016, 06:49 AM, and the Jury voted 3-4 to LEAVE IT.
Juror #1 voted to LEAVE IT ALONE
Explanation: No explanation given
Juror #2 voted to LEAVE IT ALONE
Explanation: Is name-calling Mrs. Clinton against our rules? No.
Juror #3 voted to HIDE IT
Explanation: No explanation given
Juror #4 voted to LEAVE IT ALONE
Explanation: No explanation given
Juror #5 voted to LEAVE IT ALONE
Explanation: Sometimes the truth hurts ... leave it.
Juror #6 voted to HIDE IT
Explanation: No explanation given
Juror #7 voted to HIDE IT
Explanation: No explanation given
Thank you very much for participating in our Jury system, and we hope you will be able to participate again in the future.
JudyM
(29,225 posts)Last edited Thu May 5, 2016, 12:15 AM - Edit history (2)
And also looks a lot more like a criminal violation on her part... Since it's clear that her failure to turn her email over to State when she left was a violation, leaving it all unsecured at a time when she shouldn't have even had possession of it -and a considerable duration, at that- is most likely going to mean conviction. Not my area of law, but seems fairly straightforward. Proof of hacking is not required for this case to be made, from what I've read.
Any other DU lawyers know more about this?... In particular, any precedent on what constitutes gross neg. in this context? Or other charges that would rise out of this, besides conspiracy...
leveymg
(36,418 posts)is a violation of 18 USC 793 (f)(2). I have a post up today on the Greatest page that links another I posted a few days ago on that subject.
JudyM
(29,225 posts)And the fact that it appears to have been unsecured could rise to gross negligence, it would appear.
leveymg
(36,418 posts)Went into that in a third article posted last August, also linked.
JudyM
(29,225 posts)leveymg
(36,418 posts)COLGATE4
(14,732 posts)840high
(17,196 posts)synergie
(1,901 posts)The classification happened AFTER she left State. They do that a lot. So no violation of any security agreement. I'm not sure why you guys type up all these things and fail to do your research on the simplest of things, this has been covered, and former SoS have stated that over-classification after the fact is a rather silly thing that happens.
leveymg
(36,418 posts)with other agencies. Various people stripped classification markings off of documents found on secure systems and transferred the classified information into emails that were transmitted over her unauthorized server. This classified information was later identified by the originating agency and matched up with the original classified documents. Only at that point was the material found on her server reclassified.
On at least one instance, Hillary instructed Jake Sullivan, her aide, to take materials off the classified server, strip the headers, and "send unsecure." Sorry, but that's a direct violation of her security agreement crime under penalty of felony federal statute.
synergie
(1,901 posts)leveymg
(36,418 posts)In email, Hillary Clinton tells aide to send talking points "nonsecure"
To comply with a court-ordered goal, the State Department made public about 3,000 pages of emails from Hillary Clinton's private server early Friday morning, including 66 messages that were later marked "classified" on some level.
On the campaign trail, the presidential candidate has insisted that no classified information was sent or received through her private email server.
But in one email exchange between Clinton and staffer Jake Sullivan from June 17, 2011, the then-secretary advised her aide on sending a set of talking points by email when he had trouble sending them through secure means.
Part of the exchange is redacted, so the context of the emails is unknown, but at one point, Sullivan tells Clinton that aides "say they've had issues sending secure fax. They're working on it."
Play Video
Clinton: " I did not email any classified material"
Clinton responds, "If they can't, turn into nonpaper w no identifying heading and send nonsecure."
Bob41213
(491 posts)These emails were not retroactively classified by the State Department; rather these em ails contained classified information when they were generated and, according to IC classification officials, that information remains classified today. This classified information should never have been transmitted via an unclassified personal system.
The Hillary camp loves to make the claim. It's not true. The State Department was forced to admit as much in this letter posted on their site. They don't have authority over classified info that isn't theirs and that's the case here. It wasn't retroactively classified. It was classified when it was sent, but Hillary refused to use the classified network so it couldn't be "marked classified." There is wrangling going on trying to protect Hillary's butt to get things unmarked classified but it doesn't sound like the originating agencies are interested in protecting Hillary's butt as much as the State department is.
Fawke Em
(11,366 posts)It doesn't matter. The statute refers to mishandling national security data. It doesn't specify "classified" information. It merely mentions, "anything connected with the national defense."
https://www.law.cornell.edu/uscode/text/18/793
HooptieWagon
(17,064 posts)Rosa Luxemburg
(28,627 posts)why was this allowed? Why would this woman be president?
HooptieWagon
(17,064 posts)The existence of the server was secret until the hacker posted Blumenthall's emails to Clinton. When she left office, Clinton signed a required statement stating she had turned over all documents and emails, which in fact she had not done. In short, State Dept had no idea she left all those emails, some classified information, stored on an unsecured server in a NJ warehouse. I wouldn't call that sloppy handling...I'd call it willfull negligence.
amborin
(16,631 posts)and her atty to decide which emails were "personal" and not work related. She deleted these, I believe, thinking they were forever safe from prying eyes. But they were apparently stored in the cloud, or copies were, and I think one of the companies or the FBI was able to retrieve some, if not all, of them. At least one of these retrieved "personal" emails is actually work-related, thus belying her claims that they were "personal."
HooptieWagon
(17,064 posts)...but several contained classified information, two of which were the highest level of classified.
Rosa Luxemburg
(28,627 posts)HooptieWagon
(17,064 posts)The server was stored at Platte River Networks, a mom and pop operation in NJ. I do not know what kind of security is in place there, maybe just a dead bolt on the door. I do not know how the server itself was secured, but apparently they logged several hack attempts from foreign countries. I do not know to what degrees employees had access or if they had any security clearance.
Over the entire timespan the server was used, security appears to have ranged from very amateurish to virtually non-existant.
Rosa Luxemburg
(28,627 posts)I didn't really know the extent of this until now
Rosa Luxemburg
(28,627 posts)this is not looking good
Land of Enchantment
(1,217 posts)reading it was Bubba's idea to have the home-brew server in the first place. Thanks for the very coherent timeline and for your previous threads too.
HooptieWagon
(17,064 posts)It was replaced by the server in question...assumed to be bigger to handle her State business and Foundation business.
paulthompson
(2,398 posts)Details are murky, but it appears that the Clinton Foundation server was either the same server for a while or at least also run from her same Chappaqua house. Then in 2010, IP look ups indicate that both Clinton's email server and the Clinton Foundation server migrated to mid-Manhattan, which is where Clinton Foundation headquarters is. Then Clinton's server returned to Chappaqua at some point.
tex-wyo-dem
(3,190 posts)clintonemail.com server that housed all that official State Department business (including classified) was physically moved from her house to someplace (presumably The Clinton Foundation headquarters) in Manhattan? If so, that means during that time the server was exposed to who knows how many people without security authorization and was vulnerable?
Just, wow!
paulthompson
(2,398 posts)Here's the entry on it:
May 21, 2010 to October 21, 2010: Computer records suggest Clinton's private server could be located at The Clinton Foundation's headquarters. According to publicly available computer records, the IP (Internet Protocol) address for the mail.presidentclinton.com server is 24.187.234.187 from at least 2009 to 2011. Records also show that mail.clintonemail.com server has the same exact IP address, 24.187.234.187, from at least May 21, 2010 to October 21, 2010. That means the two servers must have been in the same location for that overlapping time period. Computer records can also indicate where the IP addresses are physically located, and that IP address at that time is somewhere in the middle of Manhattan, New York City. That makes sense for presidentclinton.com, since former President Bill Clinton's offices are there, and The Clinton Foundation headquarters is also there. But that would suggest that Hillary Clinton's clintonemail.com server used for all her secretary of state work is also based in Manhattan and not Chappaqua, New York, for at least part of 2010. (DNS History, 9/7/2015) (DNS History, 9/7/2015) (IP Tracker, 9/3/2015)
leveymg
(36,418 posts)Who put that research together? If in fact, the server was housed at the Foundation HQ, it indicates that she may have shared classified information with others at the Foundation beyond Blumenthal and her private "intel" providers and her DOS aides, such as Huma Abedine and Pagliono, who were being paid supplemental salaries by the Foundation. That's a whole new wrinkle.
tex-wyo-dem
(3,190 posts)This is outrageous and unbelievably careless...seriously. Who knows how many people had physical access to that server.
grasswire
(50,130 posts)Just a small detail.
nolawarlock
(1,729 posts)I think I'm more sick of hearing about these emails than Bernie is. LOL
BlindTiresias
(1,563 posts)Responding to an OP with lots of time and effort put into it with a pathetic, dismissive sentence is called "shit posting".
Fawke Em
(11,366 posts)It will be all anyone will talk about because the FBI investigation is real and not some partisan right-wing made up drama box.
nolawarlock
(1,729 posts)CoffeeCat
(24,411 posts)I appreciate the research that you have done and the understanding of this very complex situation. And it is a very confusing and elaborate situation.
One must not only understand the "Who, What, Where, When and Why" but also various areas of the laws and also knowledge about government classification and how the FBI and the DOJ conducts investigations.
I appreciate the time you have put into putting together the facts surrounding these issues.
We see now that the Hillary campaign is defensively Tweeting about this serious issue. They are obviously spinning. It's important that the truth come out about this. We're in the throes of a Presidential primary and we need truth, so we can make informed decisions.
I just want the facts to come out. I appreciate that you are providing facts that are backed up by evidence and sourced articles.
Invaluable.
Thank you so much.
paulthompson
(2,398 posts)It's a team effort. I'd love if you or others would get involved. I'd just as gladly accept help from any Clinton supporter, as long as they're interested in finding the truth and not sabotage. My goal is to follow the facts wherever they lead.
GreatGazoo
(3,937 posts)I have used timeline construction in the study of various historical mysteries including my ongoing study of a person aka Henry Hudson. There is no record in England of a person named Henry Hudson ("Hendrick Hudson" , it is likely an assumed name used by a person who was involved in piracy and who lied to investors. No portraits, birth records, baptism, marriage records, tax records, census records or any other commonly used records exist which support the existence of a person whose birth name was Hendrick Hudson. Hudson and his son were allegedly cut adrift by his crew and left to die in northern Canada in 1611 yet none of his crew were court martialed. Through construction of timeline using known and verifiable events it may be possible to find out, 400 years later, who Hudson really was and whether this person returned to England after 1611.
Completely agree that this is an excellent technique which is very useful in sorting out highly partisan and media-spun events. Paul does it well enough to stand up to extreme scrutiny.
Thanks Paul!
Fairgo
(1,571 posts)This has been a boon. This appears to be prima facie evidence of negligence. And realistically, I would assume the war room is moving under the assumption that any secret on that server is in the hands of foreign governments. I'm sure they are looking forward to the new "Wipe it with a cloth" commander in chief.
eridani
(51,907 posts)w4rma
(31,700 posts)"Justin Harvey, chief security officer of a cybersecurity company, will later comment that Clinton "essentially circumvented millions of dollars' worth of cybersecurity investment that the federal government puts within the State Department. ... She wouldn't have had the infrastructure to detect or respond to cyber attacks from a nation-state. Those attacks are incredibly sophisticated, and very hard to detect and contain. And if you have a private server, it's very likely that you would be compromised." (The Associated Press, 10/7/2015)"
It's been pointed out that even if she'd used Gmail or Yahoo mail, her email would have been much more secure, because they spend a lot of time and money on security. Clinton basically had one guy (Bryan Pagliano) managing the server who had a full time job in another state who appears not to have really known what he was doing. There have been numerous articles about how poor the security was. For instance, the first two months Clinton was secretary of state, her server had no encryption on it at all! And this was while she traveled to about a dozen countries using her BlackBerry, including China. You literally could not do worse than have NO security.
Then, after Pagliano left, she handed management to a company called Platte River Networks. They were like your neighborhood mom 'n pop computer repair shop. They operated out of an apartment in an apartment building, and didn't even have an alarm system! And yet Clinton trusted them with emails that turned out to contain top secret and even above top secret information.
It truly boggles the mind. Anyone who claims that Clinton's private server could have been safer than the State Department simply don't know what they're talking about. Maybe in theory that could be true, if it had been done right with an entire team of experts managing it, but the way it was actually done was amateur hour all the way.
HooptieWagon
(17,064 posts)Oilwellian
(12,647 posts)Isn't that lovely? An open orchid for all hackers to admire. I bet they had some great laughs around the world. Goddamn. The stupid. It really hurts.
amborin
(16,631 posts)hopemountain
(3,919 posts)other than denial, how will they talk their way out of this one?
pnwmom
(108,973 posts)And we know that classified documents weren't supposed to be sent either on a .gov account or Hillary's private server.
And we know Hillary used a separate, secure system for transmitting and receiving classified documents.
And whatever this hacker claims to have found on the Clinton server, there has been no evidence put forward, other than Repub rumors based on anonymous sources, that she had then-classified documents there.
http://prospect.org/article/why-hillary-wont-be-indicted-and-shouldnt-be-objective-legal-analysis
Why Hillary Won't Be Indicted and Shouldn't Be: An Objective Legal Analysis
There is no reason to think that Clinton committed any crimes with respect to the use of her email server.
Richard O. Lempert, U MI professor of law
March 20, 2016
What follows reflects the knowledge and experience I have gained from working at the Department of Homeland Security from 2008 until 2011. While there, I took the lead in drafting a security classification manual for one of the divisions of the DHS science and technology directorate. In this discussion, I offer answers to questions about the former secretary of states email that have not been frequently asked, but should be.
SNIP
Does the fact that the classified information was on Clintons personal server rather than a State Department server effect the analysis?
In most ways it shouldnt. While Clintons use of a personal server has, no doubt, harmed her politically, her use of a personal server most likely has little bearing on questions relating to the improper transmission of classified information. Had Clinton not used her personal server for the messages in question, she would presumably have had a personal account on the same system that other Department employees use for State Department business. Neither Clintons personal server nor ordinary State Department systems are properly secured for the transmission of classified information. The one way in which using a personal server might make a difference is that EO 13526 provides, An official or employee leaving agency service may not remove classified information from the agency's control. By maintaining classified messages on her server, Clinton was arguably not complying with this provision. I use the word arguably because lawyers could argue over whether the fact that the State Department never had control of the information on her server meant she could not remove it, but I expect this is an argument Clinton would lose. However, if Clinton is to be believed, she didnt know that classified messages were on her server, and no criminal sanctions attach to violations of this provision regardless.
There is the interesting question of whether the inadvertently transferred classified emails were more or less secure because they were on Clintons server rather than on a State Department server. The FBI investigation may provide an answer. From a distance, it seems possible that Clintons messages were more secure on her server than they would have been on the State Departments servers, even if the latter were protected by a technically superior firewall. The State Departments systems are reportedly regular targets of hackers. Few knew that Clinton used a personal server for business emails, so hacker attacks may have been far less common if they happened at all. Also hackers often gain access to systems by fooling users into downloading malicious programs or clicking on malicious web sites. Since few people had accounts that accessed Clintons servers, the chance that someone might inadvertently open a door to hackers is most likely much less. Finally, after a few months, transactions with Clintons servers were reportedly encrypted. Because of the difficulties posed by the need to accommodate different server and computer generations, the government has lagged behind the private sector in encryption.
I also cannot help observing that it is the party that regularly declares that government doesnt work that tells us that when it comes to computer security we can trust the government more than the private sector to get things right.
SNIP
jmg257
(11,996 posts)Secretary of State John Kerrys testimony in front of the Senate Foreign Relations Committee on Tuesday produced a number of revelations about the ongoing Hillary Clinton email probe, including that she was provided an email account during her time at the agency designed to handle classified information but never used it.
Read more: http://dailycaller.com/2016/02/23/revealed-state-dept-created-classified-email-account-for-hillary-but-she-never-used-it/#ixzz47n0A4Sdi
Secretary Clinton did not use a classified email account at the State Department. An account was set up on ClassNet on her calendar, but it was not used, Frifield wrote in response to a Sept. 21, 2015 letter from the committee asking for information about Clintons use of an account equipped to handle classified information.
ClassNet refers to the State Department workstations that are designed to allow employees to view classified information.
But while Clinton did not consume classified information in that system, she did so on her own personal email account, which was hosted on a private server that was housed at her residence.
...
Yes. Dot gov servers were hacked, but those servers aren't the closed-loop systems like SIPRnet and JWICS that are used to house national security data.
Because the government does business with the public, many servers, for obvious reasons, are connected with the Internet. Government officials also need to email into and out of their servers as a course of conducting that business. But our classified networks are not only compartmentalized, closed-off from the Internet and access-limited, they are also protected by a team of security experts dedicated to logging and monitoring everything that system does.
Do you honestly think that we'd house our national security data on servers that any Joe Blow from the outside world could access?
Here is some information on the security measures taken to protect SIPRnet: http://www.dhra.mil/perserec/osg/s1class/siprnet.htm
The author of that article may know law, but he doesn't know cyber security or how we protect electronic national defense information.
ucrdem
(15,512 posts)This is really not a story you want to hang your hopes on.
roguevalley
(40,656 posts)Read this so when the boom comes it will hurt less.
ucrdem
(15,512 posts)cui bono
(19,926 posts).
Dems to Win
(2,161 posts)Quite a lot of work you did.
I have a bad feeling that Comey is going to hold off until after the convention, then file a few dozen requests for indictments. Starting with Sidney Blumenthal. Including Hillary's staffers, and probably Hillary. The indictments may not be just for mishandling classified data, but also pay-to-play bribery for mixing State Dept contracts and business with Clinton Foundation donations and Bill's speaking fees. Somebody will surely be indicted for obstruction of justice for altering some of the Sidney B emails before turning them over.
The FBI has been working on this for a long time. It defies credulity that they are simply looking at data handling issues, at least imho.
38 lawsuits over Hillary's non-compliance with FOIA, plus investigations by several Inspector Generals and the FBI. We Democrats are truly insane to be nominating Hillary. I can't see this ending well.
YouDig
(2,280 posts)Any computer connected to the internet is the "subject of attempted cyber attacks". There are bots that just go around from IP to IP just looking for vulnerabilities. That means nothing.
The server was not "wide open to hacking." What happened is that the communication with the email server was apparently unencrypted for a few months. That doesn't mean that you can just hack into the server itself. If you have access to an intermediary node between the client and the server, you can spoof the connection or read the communications if you really know what you are doing. Guccifer didn't have that access.
It's not remotely true that "any talented hacking attempt leaves no trace in the logs". For instance, if you use a man in the middle attack to spoof a session or steal someone's login credentials, and then later use those credentials to download all of their emails, that would leave a trace in logs, and you couldn't get rid of those traces with the email credentials that you stole because it would show up in logs that are unaccessable by email clients.
Fawke Em
(11,366 posts)Everyone who has reviewed it says so.
http://bigstory.ap.org/article/467ff78858bf4dde8db21677deeff101/only-ap-clinton-server-ran-software-risked-hacking
https://www.wired.com/2015/03/clintons-email-server-vulnerable/
http://fortune.com/2015/03/11/hillary-clinton-email-unsecure/
(And that's just a few)
FreakinDJ
(17,644 posts)That is just blatantly FALSE
They are trying to determine WHO Wiped the Server's Security Logs
jmg257
(11,996 posts)WASHINGTON A former aide to Hillary Clinton has turned over to the F.B.I. computer security logs from Mrs. Clintons private server, records that showed no evidence of foreign hacking, according to people close to a federal investigation into Mrs. Clintons emails.
Mrs. Clintons work-related emails as secretary of state, which have been made public as part of a Freedom of Information Act lawsuit, show that she received spam emails intended to try to lure her into clicking a malicious link. Those emails, known as spear phishing attempts, were traced to Russia, but it was not clear from the emails alone whether anyone clicked on those links or whether the security was compromised.
The former aide, Bryan Pagliano, began cooperating with federal agents last fall, according to interviews with a federal law enforcement official and others close to the case. Mr. Pagliano described how he set up the server in Mrs. Clintons home in Chappaqua, N.Y., and according to two of the people, he provided agents the security logs. ..."
FreakinDJ
(17,644 posts)Can't have it both ways
Looks like Damage Control messaging put out by the Clinton Campaign - but more will be revealed.
jmg257
(11,996 posts)"How did Clinton receive and consume classified information?
A separate, closed email system was used by the State Department for the purpose of handling classified communications, which was designed to prevent such information from being transmitted anywhere other than within that system."
Notice how it says "the State department had protocols", and "a separate closed system was used by the State Dept." BUT it doesn't say SHE actually used them!!
https://www.hillaryclinton.com/briefing/factsheets/2015/07/13/email-facts/
AND then you read this:
Secretary Clinton did not use a classified email account at the State Department. An account was set up on ClassNet on her calendar, but it was not used, Frifield wrote in response to a Sept. 21, 2015 letter from the committee asking for information about Clintons use of an account equipped to handle classified information.
http://dailycaller.com/2016/02/23/revealed-state-dept-created-classified-email-account-for-hillary-but-she-never-used-it/#ixzz47n0A4Sdi
bigtree
(85,984 posts)...we're to believe he hacked Clinton but didn't leak? He leaked stuff from top government & military officials as well as the Bush family, but he sat on this until now?
Out of the kindness of his hacker heart?
Why don't you do a feature on the 'illuminati' and Goofy's claims about the Rockefellers?
This crap belongs in the CT forum.
COLGATE4
(14,732 posts)little site.
polly7
(20,582 posts)What she did was purposeful, and disloyal to the President and 330 million people who could have been put in danger by foreign govt's accessing her server. Libya is ruined, with 'help' from 'keep em coming' Blumenthal, who Obama had blacklisted but who she was paying through her Foundation. An atrocity based on lies that helped create IS and enabled them getting military equipment to spread their horror throughout NA and the ME.
They don't care about other human beings on RimJob's site. It belongs here.
YouDig
(2,280 posts)That should tell you something.
polly7
(20,582 posts)His legacy is on the line here too because of what she did.
Think!!!
YouDig
(2,280 posts)The only people who care about this "betrayal" are right-wingers and a few people in the Bernie camp who spend way to much time watching Fox News.
polly7
(20,582 posts)YouDig
(2,280 posts)polly7
(20,582 posts)I don't agree with lying atrocities that cause suffering you'll never even imagine in your lifetime for millions of human beings.
roguevalley
(40,656 posts)ucrdem
(15,512 posts)bigtree
(85,984 posts)http://www.democraticunderground.com/12512243585
...come on back Thompson and tell us how credible this crap is again.
lagomorph777
(30,613 posts)See the definition of "successful."
Guccifer has been extradited because he is useful in the investigation. This is not going away.
ucrdem
(15,512 posts)riderinthestorm
(23,272 posts)The referrals to the FBI for an investigation by Obama two appointed Democratic IGs?
The investigation by the non-partisan FBI?
The decision by a Clinton appointed judge to allow discovery to go forward with stern words to Hillary Clinton that her actions have verged on obstruction?
ucrdem
(15,512 posts)OpenSecrets.Org: "Comey's Conservative Chops"
by David Steinbach on May 31, 2013
{snip}
In fact, the apparent nominee-to-be has contributed to Obamas opponents in each of the past two elections. In August 2008, Comey sent $2,300 to the GOP presidential nominee, Sen. John McCain (Ariz.). A few years later, Comey did his part to try to prevent Obamas re-election, maxing out to Republican Mitt Romney with $5,000 in donations. Comey also gave $2,500 during that cycle to Susan Brooks (Ind.), a Republican with whom Comey had worked at DOJ. Brooks went on to win a House seat.
http://www.opensecrets.org/news/2013/05/fbi-director-nominee-comeys-conserv/
grasswire
(50,130 posts)They have exposed themselves, and we should not be drawn into their attempts to deflect. It's tempting, I know. I do it, too. But everyone with a brain sees what they are doing.
Fawke Em
(11,366 posts)If Guccifer used social engineering to gain access to Clinton's server like he did Blumenthal's email account, then the logs wouldn't show any activity. If someone is remotely logging onto your account using your credentials, the server isn't going to know it isn't you.
In other words, Clinton regularly logged onto her server from a variety of places. As long as the proper user name and password were used, there is nothing for the server logs to show a discrepancy.
Think of it like logging onto your web-based email client, such as Google. You can do it from any computer connected to the Internet as long as you have your user name and password.
mmonk
(52,589 posts)Dr Hobbitstein
(6,568 posts)that has logged into my account.
If he used her account, they would know, because the IPs wouldn't match.
Fawke Em
(11,366 posts)"Logs from Secretary Clinton's server do not show any evidence of foreign hacking."
Do you guys know what a proxy server is?
Dr Hobbitstein
(6,568 posts)social engineering.
I know what a proxy server is (as I use one regularly).
Fawke Em
(11,366 posts)It was not the FBI who said there's no evidence of hacking on her logs, it was her own server guy, Bryan Pagliano, who, as we've seen, wasn't too adept at data security.
The technician who helped manage Hillary Clinton's private email server for her work as secretary of state has given security logs to investigators that he said show no signs of foreign hacking, the New York Times reported on Thursday.
Bryan Pagliano is cooperating with the Federal Bureau of Investigation's criminal inquiry into the email setup in exchange for limited immunity by the U.S. Department of Justice, according to the Times, citing unnamed people who know about the investigation. With limited immunity, his testimony cannot be used in a prosecution against him, the Times said.
http://www.reuters.com/article/us-usa-election-clinton-idUSMTZSAPEC33HF0X9N
The FBI has said NOTHING about this, so the point is moot for now.
Dr Hobbitstein
(6,568 posts)You said something about him using her credentials to log in, and how that wouldn't leave a record. I was telling you that yes, it WOULD leave a record. Nothing about the FBI.
grasswire
(50,130 posts)thanks for pointing that out
cui bono
(19,926 posts)I don't know that much about it, but I know that when I am using one Hulu tells me I have to stop using it to watch anything.
So if Hulu knows, the person running the SOS server damn well should know!
.
HooptieWagon
(17,064 posts)As I understand, anybody could have logged in with no record.
Barack_America
(28,876 posts)How many IP's would be logged?
Dr Hobbitstein
(6,568 posts)Barack_America
(28,876 posts)...then these "10 other IP addresses" could not have been her, given we are told she only ever used her smartphone?
Dr Hobbitstein
(6,568 posts)then her phone could possibly use 10 different IPs--or more--depending on where she is using it. Also, accessing the mail from another computer is an option. However, each device has a unique MAC address (identifier that is unique to every individual device that connects to a network). So if her phone utilized 10 different IPs to login, those 10 IPs would still have the same MAC address.
YouDig
(2,280 posts)And the other thing is, Guccifer didn't claim to socially engineer his way in, he claimed to get in by doing a port scan. Of course, doing a port scan doesn't actually get you into anything.
NorthCarolina
(11,197 posts)Yurovsky
(2,064 posts)the law just being one item on an infinite list.
In the baseball game of life, she was born on 3rd base but thinks she hit a triple. She has enjoyed all of the trappings of wealth and privilege, and she never suffered like anyone who truly fought for anything. When she pulls the bullshit victim card, I find it impossible to sympathize for the poor little rich girl (who still doesn't think she's rich enough, thanks to her insatiable greed).