Clinton's Private Email Was Blocked By Spam Filters, So State IT Turned Them Off (arstechnica.com) 268
An anonymous reader quotes a report from Ars Technica: Documents recently obtained by the conservative advocacy group Judicial Watch show that in December 2010, then-U.S. Secretary of State Hillary Clinton and her staff were having difficulty communicating with State Department officials by e-mail because spam filters were blocking their messages. To fix the problem, State Department IT turned the filters off -- potentially exposing State's employees to phishing attacks and other malicious e-mails. The mail problems prompted Clinton Chief of Staff Huma Abedin to suggest to Clinton (PDF), "We should talk about putting you on State e-mail or releasing your e-mail address to the department so you are not going to spam." Clinton replied, "Let's get [a] separate address or device but I don't want any risk of the personal [e-mail] being accessible." The mail filter system -- Trend Micro's ScanMail for Exchange 8 -- was apparently causing some messages from Clinton's private server (Clintonemail.com) to not be delivered (PDF). Some were "bounced;" others were accepted by the server but were quarantined and never delivered to the recipient. According to the e-mail thread published yesterday by Judicial Watch, State's IT team turned off both spam and antivirus filters on two "bridgehead" mail relay servers while waiting for a fix from Trend Micro. There was some doubt about whether Trend Micro would address the issue before State performed an upgrade to the latest version of the mail filtering software. A State Department contractor support tech confirmed that two filters needed to be shut off in order to temporarily fix the problem -- a measure that State's IT team took with some trepidation, because the filters had "blocked malicious content in the recent past." It's not clear from the thread that the issue was ever satisfactorily resolved, either with SMEX 8 or SMEX 10.
Typical . . . (Score:5, Insightful)
big boss tells IT to do whatever it takes to make THEM happy, even if it violates policy. Same story everywhere.
Re:Typical . . . (Score:5, Insightful)
No, both the boss and IT work for the organization. U fail big time.
Re:Typical . . . (Score:5, Interesting)
I have done it, literally, multiple times. I am the IT director of a privately owned manufacturing company. I report directly to the owner, and "this will be back for the company" is my trump card. Of course, I do not use it all that often, and of course, before I play it, I write page long arguments why I think so.
So, yes, a IT head duty is exactly to explain to his boss why something is a bad idea. Of course, I will obey an order from the owners to do something - it is their company, and they will bear the losses. But as I have explained to them, maaaaybe in not these exact words, if they think I don't know how to do my job, maybe they should hire someone whom they think know how to do it better.
Has my career ground to a halt? Well, I've had the position since 1997. So I guess it is technically halted. But I honestly do not mind where I am.
Re: (Score:3)
Damn, I should have previewed what I wrote before I posted it. I have trouble taking myself seriously, what with the "back" instead of "bad", the incorrect use of "whom", etc... I'm too old to be posting from something without a keyboard.
Re: (Score:2)
Yeah, the 'back' part threw me for a second, but your point still came across ok.
Re: (Score:2)
I've walked off the job over nonsense like this, real "take this job and shove it" kind of stuff. You are a professional, not a meat robot on the factory floor.
Re: (Score:3)
IT serves the business, business doesn't serve IT. That's right. But there are often certain policies that are in place as required either by *law* or by company's own policy. Higher management often tries to force their way through these policies without proper procedure, and it usually causes problems. One example would of course be the management demanding certain type of data to be migrated to a foreign cloud-based platform, which in many cases is either illegal or against company contracts with custome
Re: Typical . . . (Score:2)
Re: (Score:2)
Hippa - the small offices our to cheap to even buy a fw. Even not so small ones - I've seen running xp pc's.
Your post is borderline unintelligible. What are you trying to say?
Re: (Score:3)
This article is beyond stupid
Configuring trend micro to allow email when you know the fucking domain that it is coming from in no way requires that it be turned off entirely
At the very most somebody could have tried to spoof the Clinton domain, but, apparently, judicial watch was not bright enough to understand the situation
I have to wonder whether what is being described in the article is actually what happened or if the tech speak is being misinterpreted as to what was actually done, which is quite common. I agree with you, there are usually ways of allowing email from domains or from specific mail servers to be white listed. It is possible that the techs didn't know how to do this but the vendor should have been able to help.
Re: (Score:2)
Report it to the agency's IG, that will get some fire under the rule breaker's ass.
Trend Micro in the US Government? (Score:5, Interesting)
Re: Trend Micro in the US Government? (Score:2)
Re:Trend Micro in the US Government? (Score:5, Funny)
How is Trend Micro allowed in the State Department?
It was authorized in an email directly from Hilary.Clinnton@state.us.gov.cn
Re: (Score:2)
https://en.wikipedia.org/wiki/... [wikipedia.org]
I don't see Chinese ownership anywhere on there. Perhaps you should update Wikipedia since you seem to know more about it than them.
It turned them off (Score:2)
Johnson/Weld 2016 (Score:2)
Whitelist (Score:5, Insightful)
I run my own server for my tiny company. I've spent maybe 40 hrs total configuring spam. I have options to whitelist, blacklist, auto greylist, and various other options. It is inexcusable they can't do simple whitelisting by IP.
Re:Whitelist (Score:5, Interesting)
The worse issue is that her server wasn't setup with a certificate. So no startTLS option.
So all the emails she sent to it were sent IN THE CLEAR.
So yeah, it seems like idiots all around this issue. None of them understood email or security or anything more than click-here-to-make-blackberry-work.
Re: (Score:2)
So yeah, it seems like idiots all around this issue. None of them understood email or security or anything more than click-here-to-make-blackberry-work.
That's what happens when any technical objection can be construed as an act of open rebellion and disloyalty.
The only remaining people who stay at your side with any power are spineless Yes-Men and Yes-Women.
Re: (Score:2)
Re: (Score:2)
Why would she? All her emails would be publicly available via FOIA.
Many (most?) wouldn't be. Including the top secret (Score:3)
Obviously the emails containing top secret information wouldn't be subject to FOIA, and there are about a dozen other exceptions to FOIA, some of them quite broad.
* No, instructing her staff to remove the "Top Secret" marking from the document does NOT make the information no longer top secret. It only means she committed an ADDITIONAL crime.
Only some DOS material. But she didn't (Score:3)
The Secretary of State -could- declassify some State materials. She can't declassify any material from agencies outside DOS. But she didn't declassify it. It remained classified as it shared classified information with friends, and sent it in the clear over the internet to her house.
Re: (Score:3)
It apparently all boils down to the dream-world of politicians only carrying one device. Just carry two devices. People are learning.
It is understandable not to want private emails to get released.
Re: (Score:2)
Not the 30k+ she deleted before she handed them over. If she deleted them instead of allowing them to go public, one would presume she would also not want them public at the time she sent them.
Not to worry though, the Russians. Chinese, and North Korea all of backup copies of them.
Re:Whitelist (Score:4, Insightful)
They couldn't simply white list her IP. It is a little know fact that her server was on a home connection and she had a dynamic IP. However, the IT team was surprised to learn that bitch.dnsdynamic.com was available for DDNS.
(all my facts may or may not be of a questionable source and I preemptively plead the 5th)
Re: (Score:2)
They might simply have had out of date rules and procedures that interfered with the quality of the system. That seems more likely to me than that they were complete childlike idiots.
Re: (Score:2)
In order to get whitelisted, you have to reveal the Domain MX record and IP address officially to the State Department, then it becomes very hard to sneak some shit under the table because you've just turned the table top into glass. A big part of the NSA mission is cyber-security, the first part of cyber-security is preventing unauthorized intrusions, the second part is knowing what was taken, and available to be taken to minimise the impact to national security when the inevitable happens. Clinton was try
Re: (Score:2)
Conniving bitch (Score:2, Insightful)
What a conniving bitch.... intentionally breaking the law and intent of the law.
SHE SERVES US.
This is all just her usurping the processes that we put in place to monitor the servants who serve us.
At this point it's literally contempt for the American people's right to read the email of a public official.
She disgusts me.
Comment removed (Score:5, Insightful)
Re:FOIA requests (Score:5, Insightful)
She did this to skirt FOIA requests. I'm not sure why there aren't any major news agencies with the balls to say it.
The majority of those news outlets want her to win.
And are willing to help her any way they can.
Re: (Score:2)
Well, that's the biased conservative media for you. Bernie's kid-gloves treatment of the Megathatcher, combined with the media's willingness to ignore her brazen trainwreck of incompetence at just about everything she's ever done, means she might just win this thing.
Re: (Score:3)
She'll likely win it, but not because she's liked.
The only reason why she'll win is that the R side is just so horribly /bad/. Indeed the justification by a lot of Clintonistas is that they hold up the spectre of a "Trump Presidency."
>megathatcher
I love this term. Consider it stolen.
>Bernie's kid-gloves treatment of her
This is the most disappointing part of it. He could have annihilated her in ads using her own words and record. "But that's negative ads" and he pledged to not do negative ads. All
Re: (Score:2)
Yep. More generally, I'll add that anyone who does not live in a swing state can do likewise, without worrying about the consequences. Is your state going fully R or D? Do those choices stink? No worries, vote third party.
Re: FOIA requests (Score:2)
Re: (Score:2)
Not only this, they talk about how little/trivial security issues were found in her mail...as if the week she spent *denying there were such servers at all* wasn't spent scouring the SHIT out of those hard drives.
What was "found" in the 50k emails she released was either
- incompetence on the part of her team (unlikely - she may be a heinous reptile queen but I don't think many people have believed her incompetent. Merely evil.)
or
- deliberately seeded to give the DoJ something meaningless to find, and the c
Re: FOIA requests (Score:2)
No, 50K pages , not 50K emails... And we know how many pages there were because her lawyers 'helpfully' printed each out as PDFs that had to be scanned and indexed.
Re: (Score:3)
Um, do you have direct evidence of this motivation, or do you claim to be a mind-reader?
Re: (Score:2)
They don't need to read minds, all it takes is a little AM radio and they'll provide the mind reader.
Re: (Score:2)
After promising many times to cooperate with any inquiry, she and her staff refused to be interviewed by the Inspector General.
Re: (Score:2)
i thought it was snowflakes, not cupcakes.
Hill is a bonehead (Score:2)
No gray matter at all.
case closed (Score:2)
The officials made a policy decision.
Case and investigation seems closed if this is true.
"State Department officials by e-mail because spam filters were blocking their messages. To fix the problem, State Department IT turned the filters off "
We can quibble about document classification but classification is a result of policy
and the use or non use of a department mail server is also policy.
If those that make policy change it one way or another one place or another and even if that
policy was modified
Face. Palm. (Score:2)
I heard... (Score:2)
Re: (Score:2)
How secure that would be in practice depends almost entirely on the modem configuration.
Re: (Score:2)
How secure that would be in practice depends almost entirely on the modem configuration.
/quote
Yep, as long as you define "configured" as "Is it plugged in?"
The real Nigerian Princes couldn't get through (Score:3)
How else was she supposed to get bribes from all of those Third world nations with a normal spam filter?
IQ test (Score:3)
Re: I had problems with State's spam filter, too (Score:2, Interesting)
So THATS why the Clinton's State Dept never sent help to Benghazi!
Actually he died of smoke inhalation... (Score:3)
...in the safe room. But I'm waiting until you write your "tell all" book, declaring how Hillary personally ordered his murder because he was her gay lover, her being one of those weird Japanese hentai women with male organs
I'm sure you'll make a million dollars or so scamming all the wanting-to-believe teabaggers, and prompt some GOP congressman to ask very strange questions next time she's up on the Hill.
Re: (Score:2)
Re: (Score:2)
Re: (Score:2, Insightful)
If it was anyone else. Executives at IT always demand crap like this.
Yes. IT peons are often overruled by executives.
But in this case, when this executive demanded crap like this, it was illegal.
Clinton should go to jail.
Re: (Score:2)
I think you need to look up illegal in the dictionary.
Re: (Score:2, Troll)
Actually the point being made is dead on. At best she did not comply with regulations. Seeing as it took months for those that wrote them to figure that out, you can't blame her for not knowing. That's how compliance regulations work. If your out of compliance they tell you to fix it, then they comeback 6 months later. Nothing done was criminal in nature by itself. Know if she did it as part of another criminal act, say to falsify expenses, it could be. Anyone that thinks Clinton would be dumb enough to do
Re: (Score:2)
Re: (Score:2, Troll)
- telling her staff to remove classified markings from documents and send them this private email system
See, here you're just making shit up by ignoring the context. The details are well known; the secure system was down, they couldn't get it to work, they needed the documents, and it was their discretion what was more important. There is no actual issue or problem. That's the only example. Everything else is stuff that becomes classified after the fact, because it related to her movements. But it her discretion to protect or reveal her travel plans as necessary for her travel and work to be accomplished. Tha
Re: (Score:2, Interesting)
Yes, your argument sounds reasonable, if you have never been briefed on how to handle classified information. There is NO context that any leaking of any information is ever allowed. If it was deemed mission essential that the information be disseminated, she should have talked with the FSO to properly release the information in question.
Now, did she do something criminal, that is a fair question. Violating a national security policy is typically grounds for dismissal, with some folks let go after walkin
Death sentences (Score:2)
Re: (Score:2)
BINGO (Score:2, Interesting)
This is probably the reason that Clinton was using her own email server: the government email systems sucked because they were run by incompetent people.
Does this "excuse" Clinton? I don't know. But at least she did what she needed to do to get shit done, which is more than what you can say about many people in government.
Re:BINGO (Score:5, Insightful)
This is probably the reason that Clinton was using her own email server: the government email systems sucked because they were run by incompetent people.
Really? Look, I'm no fan of the govt, but I seriously doubt that the email admin for the State Department, The State Department of the United States, is incompetent.
Now the person that set up Clinton's open email system in her bathroom, yeah. I believe he was incompetent.
Re: (Score:2, Troll)
Incompetence at State IT is, IIRC, the reason Colin Powell gave for why he set up his own email server.
Re:BINGO (Score:5, Insightful)
You're free to advocate prosecution of Colin Powell if you wish. Nothing Powell did, legal or illegal, exonerates Hillary Clinton.
Re: BINGO (Score:4, Informative)
Specifically, Powell et al did NOT run their own server. They used commercial providers like Google and yahoo. I guess Hotmail was just too cheesy.
Re: BINGO [Colin Powell] (Score:2)
Why does that make any difference?
All 3 choices were crappy:
1. Own personal server
2. Commercial service, like AOL
3. State Dept. regular email server (which got hacked, by the way).
Why should any one be elevated above the other? It's like a choice between a Yugo, Pinto, and Chevy Chevette.
Re: (Score:2)
It makes a difference because commercial providers are presumably better at InfoSec than the nobody that ran Clinton's email server.
Re: (Score:2)
Why would I advocate that? Powell used his executive authority to do what he thought was best, and as far as I know, didn't violate any laws in the process.
Re:BINGO (Score:5, Insightful)
There's a huge difference between Colin Powell and Hillary Clinton: by the time Hillary Clinton was Secretary of State, email had become the standard way to do things, there was an email system all set up for her, and there were regulations requiring her to use the official email system unless she had a good reason to do something else (and to routinely use her own email system required approval she never asked for and never got).
Colin Powell says he didn't send or receive classified information. Recently, a grand total of two emails that were sent to him were "retroactively classified" (to use Hillary Clinton's term). Neither of the two were classified "Secret" or above. In comparison, of Hillary Clinton's known emails, over 2100 contain classified information, 65 "Secret", 22 "Top Secret" (source [politico.com])
In 2005, after Colin Powell but before Hillary Clinton, rules were developed over use of email. Colin Powell couldn't have broken them as they were put together after he was already gone, but Hillary Clinton absolutely broke them. She avoided using an official account set up for her to use, and went to great lengths to continue to use it rather than the official one. And she was required to take a training course every year about how to properly keep secrets, but there is no evidence she did so. She took the class once right after she got the job and then never took the class again.
And of course, even if Colin Powell was guilty of the exact same crimes as Hillary Clinton, that still wouldn't excuse her.
And it's obvious to anyone with common sense what her motive was: she wanted to control access to her emails. Some of her email could be embarrassing if someone read it (after filing an FOIA request) so she wanted to make sure there were no official copies of anything she didn't like. She committed conspiracy to avoid keeping Federal records that she was legally required to keep.
If you are willing to excuse Hillary Clinton for this kind of egregious lawbreaking, then you will have no moral right to complain later when President Trump does something just as bad. We're geeks here in ./ and we understand well enough to damn well know why what she did was stupid as well as illegal and wrong. Don't give her a pass for immoral behavior just because she is on your side. If you have to hold your nose and vote for her because you really really just can't even Trump, then fine and dandy, but just admit it to yourself: you would be voting for someone willing to break the law and lie about it (as proven by this email controversy).
http://www.weeklystandard.com/why-colin-powells-emails-are-not-like-hillarys/article/2000949 [weeklystandard.com]
https://www.washingtonpost.com/news/fact-checker/wp/2015/03/10/the-misleading-democratic-spin-on-hillary-clintons-emails/ [washingtonpost.com]
http://townhall.com/tipsheet/guybenson/2016/02/05/no-the-powell-and-condi-classified-emails-story-is-not-a-gamechanger-n2114842 [townhall.com]
Re: (Score:2)
Re: (Score:3)
Want to know the best part? If Hillary becomes president, she will BE IN CHARGE of ALL of government security. Ponder that while discussing her use on non-secured email servers. Hillary trolls, here they come!
Re: (Score:2)
Excellent
Re: (Score:3, Insightful)
If you are willing to excuse Hillary Clinton for this kind of egregious lawbreaking, then you will have no moral right to complain later when President Trump does something just as bad.
Morality as well as objectivity goes out the window with politics. Instead, we should be asking, would we want our worst enemies to get away with what Clinton did? Ten years from now do we want every stooge and crony to have their own personal servers and absolutely no accountability for all the resulting emails that are never archived by the government?
If your team gets away with something, then anyone can do the same. And there are some real nasty pieces of work out there.
Re: (Score:2)
Your own post boils down to: the Secretary of State bucked the rules of her own department. In your mind, this is egregious law breaking.
"And it's obvious to anyone with common sense what her motive was"
This is just making shit up. Do you have any evidence this was her motive?
How about: she didn't trust State IT to protect her emails, either through bad security, foreign spies, or ordinary folk working at State who just didn't like her and would be willing to leak damaging email.
"then you will have no mo
Re: (Score:3)
Since you are too much of a political minded person to understand it, I don't foresee this changing your mind, however, here are the laws which she broke.
https://www.archives.gov/about... [archives.gov]
She also broke laws having to do with notification of classified leakage, and encouraged her interns to commit felonies which are recorded in emails she handed over.
Re: (Score:2)
Colin Power used a personal yahoo.com (or AOL) account. He did NOT setup his own email server.
Re: (Score:2)
Powell did not set up his own server, and he did not use it to exclusively conduct State Dept business.
Re: BINGO (Score:2)
What you call underfunded, overworked and understaffed I call lazy and unskilled. Government workers aren't know for being the most productive and I seriously doubt government IT workers are an exception. Public sector employees often get payed more than their private sector counterparts if you add benefits and pensions. Also the chances they will down size and fire someone is so small you might as well assume employment is guaranteed for life regardless of how much an employees skills have rotted over the
Re: (Score:2)
Re: (Score:2)
Re: (Score:2)
This is probably the reason that Clinton was using her own email server: the government email systems sucked because they were run by incompetent people.
Does this "excuse" Clinton? I don't know. But at least she did what she needed to do to get shit done, which is more than what you can say about many people in government.
FTA
The implication is the clintonemail.com was never whitelisted because she didn't want the "department" (unclear if that meant the State Department or the IT Department of the State Department) to know she was using clintonemail.com and it failed sp
Re: (Score:2)
Re: (Score:2)
shush you!
Re: (Score:3)
1234?
Thanks to great advances in security, we've adopted a new password which is over twice as secure: 12345
Re: (Score:2)
You do all realize you can't use locks on luggage? Right?
Re: (Score:3, Insightful)
Of course, the luggage still opens with 1 of 7 keys, which can be 3d printed at home, since some moron at the TSA allowed all the keys to be photographed and published in a national magazine.
They definitely don't pick from the top shelf when stocking the TSA with talent...
Re: (Score:2)
You're better off using random colored zip ties to secure your luggage, then at least you know when it has been opened. Easier on some bags than others of course, but you can always use a bag strap secured with a zip tie or something. And don't put anything you can't afford to lose in there.
Re: (Score:2)
Personally, if I were using this method, I would include extra zip ties of a different color inside the luggage so that it isn't automatically unsecure right after being searched.
Re: (Score:2)
1234?
Your luggage has special characters?
Re: (Score:2)
AC wasn't sure about the last character, which turns out to be a 5.
Re: (Score:2)
We did go to see The Hobbit.
I haven't watched one of those shows since they took "3's company" off the air.
I did watch 5 minutes of M*A*S*H while changing between local weather and PBS.
Re: (Score:2)
Sounds like they already did using a HW dongle. It's ok tho, they disabled it.
Re: (Score:3, Insightful)
Hillary for prison 2016!
And yet, having your own email server wasn't against the law... So, good luck with that...
I'm not a Clinton supporter, but I do believe in a fair representation. What she did was against the spirit of the law and certainly shows an attempt at keeping communications private that should be part of the public record. But there is no proof that anything that she did broke the laws as written.
http://www.npr.org/sections/it... [npr.org]
Re: (Score:2)
Jeb, Colin, Rove, Mitt, et. al. have been known to do problematic things with email and/or computer equipment, YET Republicans didn't seem to care at the time. Now it's The Most Important Issue in the World!
It appears to be opportunistic drama-kinging* to me.
* Gender rotation to be PC
Re: (Score:2)
Jeb, Colin, Rove, Mitt, et. al. have been known to do problematic things with email and/or computer equipment
Which, taken as a collection together, still don't even begin to rise to the level of deliberate FOIA-avoidance and actual law breaking exhibited by Clinton. Regardless, just for fun, let's assume that the minor levels of "problematic" activity you mention were full-on criminal behavior. OK, please by all means call for prosecution of those crimes. Does that make Clinton's deliberate law breaking and (ongoing!) lying about the matter somehow go away? Or are you really in the mode of "some politicians I hat
Re: (Score:2)
It appears to be opportunistic drama-kinging* to me.
* Gender rotation to be PC
PC speech would be gender neutral, you disgusting misandrist pig.
Re: (Score:2)
Up until a year ago, Trump was a registered Democrat and good friend of the Clintons.