Precisely, Hillary privatized the top official in the State Department's server. (Reply #16)

In the discussion thread: It's not the emails. It's the server. [View all]

Fri Oct 16, 2015, 02:42 PM

Uncle Joe (53,202 posts)

16. Precisely, Hillary privatized the top official in the State Department's server.

"That's total amateur hour," said Marc Maiffret, who has founded two cybersecurity companies. He said permitting remote-access connections directly over the Internet would be the result of someone choosing convenience over security or failing to understand the risks. "Real enterprise-class security, with teams dedicated to these things, would not do this," he said.

The government and security firms have published warnings about allowing this kind of remote access to Clinton's server. The same software was targeted by an infectious Internet worm, known as Morta, which exploited weak passwords to break into servers. The software also was known to be vulnerable to brute-force attacks that tried password combinations until hackers broke in, and in some cases it could be tricked into revealing sensitive details about a server to help hackers formulate attacks.

"An attacker with a low skill-level would be able to exploit this vulnerability," said the Homeland Security Department's U.S. Computer Emergency Readiness Team in 2012, the same year Clinton's server was scanned.

(snip)

In Clinton's case, Internet addresses the AP traced to her home in Chappaqua revealed open ports on three devices, including her email system. Each numbered port is commonly, but not always uniquely, associated with specific features or functions. The AP in March was first to discover Clinton's use of a private email server and trace it to her home.

Mikko Hypponen, the chief research officer at F-Secure, a top global computer security firm, said it was unclear how Clinton's server was configured, but an out-of-the-box installation of remote desktop would have been vulnerable. Those risks — such as giving hackers a chance to run malicious software on her machine — were "clearly serious" and could have allowed snoops to deploy so-called back doors.

The U.S. National Institute of Standards and Technology, the federal government's guiding agency on computer technology, warned in 2008 that exposed server ports were security risks. It said remote-control programs should only be used in conjunction with encryption tunnels, such as secure VPN connections

http://bigstory.ap.org/article/467ff78858bf4dde8db21677deeff101/only-ap-clinton-server-ran-software-risked-hacking

Aside from the security issues, this kind of practice creates an additional barrier between a politician's actions and governmental accountability and oversight, Hillary was supposed to be working in service to President Obama and he nor the State Dept. had direct access to her official correspondence without going through the private corporations maintaining her server.

Thanks for the thread, Fawke Em.

Reply to this post

Back to OP Alert abuse Link to post in-thread

Always highlight: 10 newest replies | Replies posted after I mark a forum

Replies to this discussion thread

84 replies	Author	Time	Post
It's not the emails. It's the server. [View all]	Fawke Em	Oct 2015	OP
You are going to be one of the last people	upaloopa	Oct 2015	#1
No shit, the thread could just as easily be titled "Benghazi, it's not about what we know	randys1	Oct 2015	#3
Yes, but since the FBI doesn't think it's a dead issue,	Fawke Em	Oct 2015	#7
Look, I sure don't need advice from someone	upaloopa	Oct 2015	#12
And I don't need advice for someone who wouldn't know	Fawke Em	Oct 2015	#15
It's a dead issue	upaloopa	Oct 2015	#26
This isn't.	Fawke Em	Oct 2015	#58
Hardly a dead issue....	tex-wyo-dem	Oct 2015	#79
What about FBI?	840high	Oct 2015	#51
ummmmm yeah ...	cosmicone	Oct 2015	#2
Not my meme.	Fawke Em	Oct 2015	#8
Question:	Cali_Democrat	Oct 2015	#4
Question	99Forever	Oct 2015	#5
Yes - because he exposed the problems.	Fawke Em	Oct 2015	#10
It is the same thing that IT has to fight executives over. The executives want the "I AM BOSS"	LiberalArkie	Oct 2015	#6
And, yet, the Hillary fans think this is some sort of witch hunt.	Fawke Em	Oct 2015	#13
I do know the their IT is covering his ass for some reason. I think it was set up for the	LiberalArkie	Oct 2015	#18
The IT guy is in actual legal jeopardy.	jeff47	Oct 2015	#22
Yea, I think that is why he is taking the 5th. (And probably fifth of Crown or Jack Black also)	LiberalArkie	Oct 2015	#25
Got it: E-mails clean, so attack her on the server.	Hortensis	Oct 2015	#9
I've never cared about Benghazi or her emails.	Fawke Em	Oct 2015	#11
+1. I didn't get interested in this until the IT guy started talking about taking the Fifth. n/t	winter is coming	Oct 2015	#76
Next you will tell us her home alarm system was the problem.	randys1	Oct 2015	#77
I work in corporate security for a large financial institution, dealing with cyber-incidents	Maedhros	Oct 2015	#14
Thank you.	Fawke Em	Oct 2015	#17
This is why I consider Hillary supporters to be my political opponents, in a larger sense	Maedhros	Oct 2015	#20
Let me get this straight.	yallerdawg	Oct 2015	#30
I know this to be true because	AtomicKitten	Oct 2015	#52
Good point.	Fawke Em	Oct 2015	#61
Not every technical expert assumes the server ex- President Clinton had installed	Hortensis	Oct 2015	#23
Hillary's private server existed outside administrative control.	Maedhros	Oct 2015	#32
A standard assumption, but is it valid in this particular case?	Hortensis	Oct 2015	#38
I agree, this incident reveals an egregious failure by the Obama Administration	Maedhros	Oct 2015	#40
Now, be fair, Maedhros. Obama is prosecuting LEAKERS, not employees who,	Hortensis	Oct 2015	#41
In my job, I investigate people "who pass information to valid receivers" with no ill intent,	Maedhros	Oct 2015	#43
Noted, but irrelevant. Your intimation that Obama is prosecuting sloppy	Hortensis	Oct 2015	#44
Not my intimation at all.	Maedhros	Oct 2015	#46
NSA "whistleblower" Tom Drake is equivalent to a clerk confirming	Hortensis	Oct 2015	#50
How does a clerk confirming a lunch date by phone relate to this issue?	Maedhros	Oct 2015	#53
Let's both do that, shall we? Lots of other good stuff to take on out there. :)	Hortensis	Oct 2015	#54
I do agree that this email/server issue is not a factor in my choice of who to support.	Maedhros	Oct 2015	#56
Oh, I so understand that. I'm guessing as a security professional	Hortensis	Oct 2015	#60
Same here.	Fawke Em	Oct 2015	#64
CALL CONGRESS!	OilemFirchen	Oct 2015	#63
This is HUGH!!!1111	ronnykmarshall	Oct 2015	#70
Yes. It is valid.	Fawke Em	Oct 2015	#62
Precisely, Hillary privatized the top official in the State Department's server.	Uncle Joe	Oct 2015	#16
This comes to mind..	DCBob	Oct 2015	#19
The horse just left the stable a couple of weeks ago.	Fawke Em	Oct 2015	#66
So Hillary's lack of cyber security skills means she would not be a good President??	DCBob	Oct 2015	#83
I still don't give a shit!	JRLeft	Oct 2015	#21
Yet you would have howled to the sky if this had happened to Condoleeza Rice.[n/t]	Maedhros	Oct 2015	#33
I don't even like Hillary. There are plenty of reasons to not like her this is a waste of time and	JRLeft	Oct 2015	#37
Personally, I see this more as a failure by the Obama Administration for allowing this to happen.	Maedhros	Oct 2015	#39
Message auto-removed	Name removed	Oct 2015	#24
I'm a security professional. My professional judgement in this incidence	Maedhros	Oct 2015	#35
Message auto-removed	Name removed	Oct 2015	#48
Bravo.	Fawke Em	Oct 2015	#65
I was against using unofficial email when the Bush crew was doing it. And now too.	arcane1	Oct 2015	#27
"Hillary Rodham Clinton's home basement"	jberryhill	Oct 2015	#28
Better than keeping it out in the tool shed I suppose. nt	Cheese Sandwich	Oct 2015	#78
When the story starts with a falsehood, in the first sentence,	Agnosticsherbet	Oct 2015	#29
Gulp!	oasis	Oct 2015	#31
Here we go again.	Dr Hobbitstein	Oct 2015	#34
Well, I started at this goal post.	Fawke Em	Oct 2015	#69
Keep on keeping on.	Dr Hobbitstein	Oct 2015	#84
You're wasting your time on people that have probably never installed and configured an OS before..	frylock	Oct 2015	#36
They probably think hardening a server is akin to sitting fudge	Fawke Em	Oct 2015	#68
Well now I'm hungry for fudge!	frylock	Oct 2015	#80
Keep moving those goal posts	workinclasszero	Oct 2015	#42
Given how many times the federal government sites have been hacked in the last few	OregonBlue	Oct 2015	#45
Yes, it is.	Fawke Em	Oct 2015	#71
Perhaps the Republicans can hire you to look into this.	hrmjustin	Oct 2015	#47
I wouldn't be surprised if my company doesn't get consulted.	Fawke Em	Oct 2015	#72
Chomping at the bits I see.	hrmjustin	Oct 2015	#75
No thanks	Dem2	Oct 2015	#49
Bernie	BainsBane	Oct 2015	#55
I am, too.	Fawke Em	Oct 2015	#74
Lets just wait to see what happens	jfern	Oct 2015	#57
"When all you have is a hammer the whole world looks like a nail."	DemocratSinceBirth	Oct 2015	#59
You don't give two tugs of a dead dog's dick	Codeine	Oct 2015	#67
Except that I happen to work for a cyber security firm.	Fawke Em	Oct 2015	#73
Whatever it is	matt819	Oct 2015	#81
How niceto see the partisan political attacks, tax paid carried out right her on DU.	Todays_Illusion	Oct 2015	#82

Edit History

Please login to view edit histories.