Welcome to DU!
The truly grassroots left-of-center political community where regular people, not algorithms, drive the discussions and set the standards.
Join the community:
Create a free account
Support DU (and get rid of ads!):
Become a Star Member
Latest Breaking News
General Discussion
The DU Lounge
All Forums
Issue Forums
Culture Forums
Alliance Forums
Region Forums
Support Forums
Help & Search
WAPO: OP-ED : Was An Asian Gov't Reading Hillary's Emails in 2009?
Two questions are raised by this timing: First, why didn’t the server have encryption from the start? And second, why did it get encryption in March, at a time when Clinton should have been extraordinarily busy getting up to speed at State, not messing with computer security protocols?
The simplest answer to the first question is that the lack of a certificate was just a mistake. But what about the second? What inspired the Secretary to get an encryption certificate in March when her team hadn’t bothered to get one in January or February?
The likely answer to that question is pretty troubling. There now seems to be a very real probability that Hillary Clinton rushed to install an encryption certificate in March 2009 because the U.S. intelligence community caught another country reading Clinton’s unencrypted messages during her February 16-21, 2009, trip to China, Indonesia, Japan, and S. Korea.
Thanks to FOIA lawsuits, the State Department has released a few documents from this early period. They show that Clinton began using the clintonemail.com server as early as January 28, 2009, just after her inauguration. Other messages from Cheryl Mills used the server in early February.
Even as she kept her homebrew server, Clinton and her staff were fighting to hang on to their Blackberries, just like President Obama. That provoked resistance from the State Department’s top security official, Assistant Secretary Eric Boswell. On March 2, he sent the Secretary a memo — “Use of Blackberries on Mahogany Row” — declaring that “the vulnerabilities and risks associated with the use of Blackberries in Mahogany Row [the State Department’s seventh floor executive offices] considerably outweigh their convenience.”
On March 11, at a staff meeting, Clinton seemed to throw in the towel on her Blackberry, telling Boswell that she had read the memo and “gets it.” We know this from correspondence among Boswell’s staff.
But what’s fascinating and troubling is something else in the correspondence. One staff message says that during Clinton’s conversation with Boswell, “her attention was drawn to a sentence that indicates we [the diplomatic security office] have intelligence concerning this vulnerability during her recent trip to Asia.”
snip
Eighteen days later, Clinton’s server acquires a digital certificate supporting TLS encryption, closing the biggest security hole in her server.
I suppose this could all be coincidence, but the most likely scenario is that the Secretary’s Asia trip produced an intelligence report that was directly relevant to the security of Clinton’s communications. And that the report was sufficiently dramatic that it spurred Clinton to make immediate security changes on her homebrew server.
Did our agencies see Clinton’s unencrypted messages transiting foreign networks? Did they spot foreign agencies intercepting those messages? It’s hard to say, but either answer is bad, and the quick addition of encryption to the server suggests that Clinton saw it that way too.
If that’s what happened, it would raise more questions. Getting a digital certificate to support encryption is hardly a comprehensive response to the server’s security vulnerabilities. So who decided that that was all the security it needed? How pointed was the warning about her Asia trip? Does it expand the circle of officials who should have known about and addressed the server’s insecurity? And why, despite evidence that Clinton was using the server in connection with work in January and February, did Clinton turn over no emails before March 18?
snip
https://www.washingtonpost.com/news/volokh-conspiracy/wp/2016/04/04/was-an-asian-government-reading-hillary-clintons-emails-in-february-2009/
The simplest answer to the first question is that the lack of a certificate was just a mistake. But what about the second? What inspired the Secretary to get an encryption certificate in March when her team hadn’t bothered to get one in January or February?
The likely answer to that question is pretty troubling. There now seems to be a very real probability that Hillary Clinton rushed to install an encryption certificate in March 2009 because the U.S. intelligence community caught another country reading Clinton’s unencrypted messages during her February 16-21, 2009, trip to China, Indonesia, Japan, and S. Korea.
Thanks to FOIA lawsuits, the State Department has released a few documents from this early period. They show that Clinton began using the clintonemail.com server as early as January 28, 2009, just after her inauguration. Other messages from Cheryl Mills used the server in early February.
Even as she kept her homebrew server, Clinton and her staff were fighting to hang on to their Blackberries, just like President Obama. That provoked resistance from the State Department’s top security official, Assistant Secretary Eric Boswell. On March 2, he sent the Secretary a memo — “Use of Blackberries on Mahogany Row” — declaring that “the vulnerabilities and risks associated with the use of Blackberries in Mahogany Row [the State Department’s seventh floor executive offices] considerably outweigh their convenience.”
On March 11, at a staff meeting, Clinton seemed to throw in the towel on her Blackberry, telling Boswell that she had read the memo and “gets it.” We know this from correspondence among Boswell’s staff.
But what’s fascinating and troubling is something else in the correspondence. One staff message says that during Clinton’s conversation with Boswell, “her attention was drawn to a sentence that indicates we [the diplomatic security office] have intelligence concerning this vulnerability during her recent trip to Asia.”
snip
Eighteen days later, Clinton’s server acquires a digital certificate supporting TLS encryption, closing the biggest security hole in her server.
I suppose this could all be coincidence, but the most likely scenario is that the Secretary’s Asia trip produced an intelligence report that was directly relevant to the security of Clinton’s communications. And that the report was sufficiently dramatic that it spurred Clinton to make immediate security changes on her homebrew server.
Did our agencies see Clinton’s unencrypted messages transiting foreign networks? Did they spot foreign agencies intercepting those messages? It’s hard to say, but either answer is bad, and the quick addition of encryption to the server suggests that Clinton saw it that way too.
If that’s what happened, it would raise more questions. Getting a digital certificate to support encryption is hardly a comprehensive response to the server’s security vulnerabilities. So who decided that that was all the security it needed? How pointed was the warning about her Asia trip? Does it expand the circle of officials who should have known about and addressed the server’s insecurity? And why, despite evidence that Clinton was using the server in connection with work in January and February, did Clinton turn over no emails before March 18?
snip
https://www.washingtonpost.com/news/volokh-conspiracy/wp/2016/04/04/was-an-asian-government-reading-hillary-clintons-emails-in-february-2009/
5 replies
= new reply since forum marked as read
= new reply since forum marked as read
