Page: 1
jeff47
Profile Information
Member since: Tue Jun 24, 2008, 12:50 PM
Number of posts: 26,549
Number of posts: 26,549
Journal Archives
How Team Clinton screwed up the security on her server
What we know so far:
1) Communications with her server were not encrypted for the first 3 months. https://www.venafi.com/blog/post/what-venafi-trustnet-tells-us-about-the-clinton-email-server/ 2) They left the default VPN keys installed on her server http://www.bloomberg.com/news/articles/2015-03-04/clinton-s-e-mail-system-built-for-privacy-though-not-security Using those addresses, McGeorge discovered that the certificate appearing on the site Tuesday appeared to be the factory default for the security appliance, made by Fortinet Inc., running the service.
3) They were using, and continue to use, self-signed SSL certificates http://gawker.com/how-unsafe-was-hillary-clintons-secret-staff-email-syst-1689393042 4) They set up a .com domain, enabling the typosquater who has registered clintonmail.com (no "e" before "mail"  . Whoever registered that domain is in a perfect position to steal login information or perform spear phishing attacks.
5) Her ISP was repeatedly hacked by China http://www.democraticunderground.com/?com=view_post&forum=1251&pid=615632 |
Posted by jeff47 | Thu Sep 24, 2015, 09:16 PM (1 replies)
Go to Page: 1
