So you think the non-partisan Inspector General of the State Department, as well as the Obama appointed CIO and Assistant Secretary of Diplomatic Security were just confused about State Department policy on email usage? And fortunately, you are more expert in government oversight, IT, and cyber security than they are. Thank goodness you are here to step in and let us know that those officials were all wrong! Plus, your extensive cites make your case so much more compelling!
By the way, the answers are:
- I have mandatory annual training on IT security. It’s either once or twice a year, I forget.
- I have one system that I’m forced to change passwords about every 90 days. The other system we just started mandatory password changes, I think it’s about once a year.
- Ironically enough, the one thing that I installed without permission that immediately pops to mind is a password manager.
All of this is aside from the fundamental fact that I have never done anything quite so patently stupid as conducting official business on any kind of personal email. Plus I can think of a time or two where I intervened with my superiors to get them to avoid some rather egregious IT errors that could have had catastrophic consequences if an adversary managed to exploit the vulnerabilities. Those were not pleasant conversations to have, basically saying, “No, boss, you can’t do what you want to do because this IT expert over here knows more than you or I about the subject, and he is very worried.”
The State Department’s email was hacked by the Russians in 2014.
Cite: https://www.cnn.com/2015/03/10/politics/state-department-hack-worst-ever/index.html
It may be true that this occurred after Clinton left her position as SoS, but it speaks to the insecurity of their official email system.
I believe people are discounting the level of security of her personal system. It was set up for Bill’s use - an ex-President. She used it during her ‘08 run for the presidency. I suspect it had a very high level of security.
I also suspect that really sensitive materials were likely handled using far more secure, and traditional, methods (diplomatic pouches delivered by courier; those tents they set up to avoid being monitored) than email.
As for Ivanka - sure, it’s worth questioning what she may have been transmitting using unofficial or unsanctioned methods. But - unless we find out that she was selling state secrets (a distinct possibility) - I doubt there is anything “there” there. Still, let’s have her testify to Congress, just to be sure.
While nobody has any information to show that the server was hacked - as much as some right-wingers think otherwise - a brief look at the Wikipedia page on the scandal should disabuse you of the notion that pros were running the server.
It appears to me that she was just lucky that nobody penetrated it. I assume that if the Russians did, they would have given everything to WikiLeaks, as they did with Podesta’s emails.
If they had come across an e-mail with HRC describing Bernie as a crazy-ass Commie Jew with a weed-whacker haircut, it would have been on my FB feed in an hour.
That would be past practice, not policy. Both policy and practice are relevant, but they are different.
You don’t need a pro to manage a secure server. You just need someone with enough Google-fu to be able to find the security solutions that actually work, and who is aware enough of their limitations that they don’t try to improve on them. And ultimately, the proof of the pudding is in the eating: Criticisms will often point to the many hacking attempts on the server, but of course there were attempts. But there’s no evidence that any of the hacks were successful, and every reason to believe that we would know if any had been.
This, exactly. Just make sure that the patching automatically occurs, and the server will be secure. And install a hundred-dollar SonicWall firewall in front of the server, and it will be practically invulnerable from outside hacking. It’s been my experience that most servers (and networks) are compromised because somebody clicked on a malware link embedded within a well-disguised email. There’s no indication that this happened to Clinton’s server. The ‘leaked’ emails came from a laptop which had downloaded those emails, not from the server.
Yeah, try putting me in charge of a server and let’s see how well that works out for everyone.
ETA: and as far as “the proof is in the pudding” comment, let’s all remember that the Ghost Ship didn’t burn down until it did; then everyone couldn’t stop talking about what a hazard it was. The proof was in the pudding, until it wasn’t.
The analogy would be apt if, for years before the Ghost Ship fire, there were people repeatedly dousing it in gasoline and throwing matches at it. Russian hackers, with the resources of one of the most powerful governments in the world behind them, spent years attacking all of the other e-mail systems connected with Hillary Clinton, and got into all of them except her personal one. It’s beyond belief that they didn’t attempt to attack that one, too, or that they would have failed to leak what they found if they had succeeded. When the most skilled hackers in the world, with virtually unlimited resources available, try for years to attack a system and still fail, that seems to me to be the very definition of secure.
You hope the Republican response will be “oh, we demanded Hillary locked up, so we’ll demand the same for Ivanka, otherwise our outrage would seem transparently insincere and situational.”
The actual Republican response will be “oh, you’re angry about Ivanka’s emails, but you didn’t care about Hillary’s emails.”
You will then clarify “I don’t give a shit about Ivanka’s emails, I’m calling out your double standard on emails between Ivanka and Hillary.”
The response will then be “What about your double standard between [some completely different thing probably involving Bill Clinton]”.
There’s no hope. Conservatism is the Scientology of politics. They’re beyond rational engagement.
It’s a weird debate when a person maintains that their conjecture is more reliable than expert analysis.
What genuinely-expert analysis contradicts what Chronos said?
I think I’ve had my fill of a debate that consists of me citing everything, and Chronos citing nothing, especially when requested to do so.
So I’ll respond to your otherwise-reasonable request by saying that OF COURSE I’m right! It’s NOT PLAUSIBLE to say I’m not! You know, what Chronos has been saying in his last many posts
I don’t know if this a cite you’re looking for, but the FBI says there was no evidence that Hillary’s email server was ever hacked.
Yes, I’ve already talked about that.
You know how you make a convincing argument that something can be done? You do it. If all these experts think it’s so easy to hack Clinton’s server, then let’s see them do so.
Are they supposed to invent their own time machine too? Or are you lending them yours?
Could this be the break the Clinton campaign has been waiting for?
Silly rabbit, laws are for democrats.