Wednesday, March 4, 2015

Where Can I Get Me One of Them Super Secure Clinton.com Email Accounts?

Great news: Hillary’s e-mail server had a “misconfigured encryption system”
This same Bloomberg article notes that having her own private server meant that Hillary could erase all traces of any e-mail as she saw fit, a luxury not available to someone who uses a commercial e-mail service like Gmail. Google’s servers retain a record of your messages even if you’ve deleted them “permanently” from your trash. Hillary, because she could delete them from her own server, really could make the disappearance permanent. (Well, except for whatever the NSA’s been gathering from her.) Precisely the sort of feature you’d covet if you were a crook looking to keep your official state business away from the prying eyes of the great unwashed you serve.

But all of that was obvious once we knew she was using her own private server. What wasn’t obvious is that she’s a moron who didn’t take basic security precautions to keep hackers away from her files. Remember that 3 a.m. phone call from the 2008 campaign? Presumably there were Russian and Chinese spies listening in because Hillary, the “experienced” candidate, was too much of a goon to use a secure line.
However, when [digital security consultant Alex] McGeorge examined [Clinton's e-mail] set-up this week he found it used a default encryption “certificate,” instead of one purchased specifically for Clinton’s service. Encryption certificates are like digital security badges, which websites use to signal to incoming browsers that they are legitimate.
“It’s bewildering to me,” he said. “We should have a much better standard of security for the secretary of state.”…
Using a scanning tool called Fierce that he developed, Robert Hansen, a web-application security specialist, found what he said were the addresses for Microsoft Outlook Web access server used by Clinton’s e-mail service, and the virtual private network used to download e-mail over an encrypted connection. If hackers located those links, they could search for weaknesses and intercept traffic, according to security experts…
Those defaults would normally be replaced by a unique certificate purchased for a few hundred dollars. By not taking that step, the system was vulnerable to hacking.
It probably costs $100k or so to buy a Clinton.com email account so you too can communicate with the ex-Secretary of State secretly. And if you have that much cash to donate to the Clinton Foundations, she might even be interested in your communication.

No comments:

Post a Comment