Slashdot Mirror
Clinton's Private Email System Gets a Security "F" Rating
Penguinisto writes According to a scan by Qualys, Hillary Clinton's personal e-mail server, which has lately generated more than a little controversy in US political circles, has earned an "F" rating for security from the security vendor. Problems include SSL2 support, a weak signature, and only having support for older TLS protocols, among numerous other problems. Note that there are allegations that the email server was possibly already hacked in 2013. (Note: Mrs. Clinton plans on Giving a press conference to the public today on the issue.)
I suspect it was crash-updated recently.
It was listed as "F" when the story was submitted earlier this morning, but now it's suddenly bumped to a "B" (Assessed on: Tue Mar 10 09:31:29 PDT 2015).
All it would take is a patch or two to bump it up, I suspect.
I wonder if one can get the mods to update the submission.
Quo usque tandem abutere, Nimbus, patientia nostra?
It appears that whoever set up Clinton's email used GoDaddy as the SSL vendor. Seriously. Go Daddy.
A NYC lawyer blogs. http://www.chuangblog.com/
Looks like news came out today that the White House knew of the private domain issue.
"Press Secretary Josh Earnest corrected the statement, saying that the president must have known about Clinton’s private account because he [POTUS] had emailed that account for four years while Clinton served as his Secretary of State."
So, now we have another agency that knows that did nothing as well.
I had someone who did SECRET-grade e-mails setup in the military write the following to me:
Not sure there are biometrics installed in the Clinton home in Chappaqua. ..bruce..
Bruce F. Webster (brucefwebster.com)
No, they really shouldn't. I'm a fiscal liberal but a social conservative. There is no political party in the United States I am comfortable with.
SJW: a person who perceives an injustice, and while correcting it, commits a greater injustice.
So far, everything I've seen says she didn't break any rules.
She deliberately broke not only her boss's rules, but violated the rules she forced her own staffers to follow. But beyond that, she violated a plainly worded federal regulation: According to Section 1236.22 of the 2009 NARA requirements, “Agencies that allow employees to send and receive official electronic mail messages using a system not operated by the agency must ensure that Federal records sent or received on such systems are preserved in the appropriate agency recordkeeping system.”
.. and she had her own family business employees print out, on paper, a culled/filtered collection of messages that have weeks-long and months-long gaps in the records - and no independent entity can say what criteria she used to decide what was, or was not official. And if even a single email exchanged between her and some other party in the course of her entire tenure as the country's chief diplomat involved any classified information, there's another whole area of federal law that comes into play.
She made no provision to make that happen while she was Secretary of State, and nor did she pass along any of those records as she left office. She set up a private server in her house to avoid complying with both the administration's own rules and that very specific federal regulation. And once a congressional investigation had their fill of her stonewalling and realized why State wasn't sending them any of her correspondence, they told her to cough them up
Don't disappoint your bird dog. Go to the range.