Slashdot Mirror


Clinton's Private Email System Gets a Security "F" Rating

Penguinisto writes According to a scan by Qualys, Hillary Clinton's personal e-mail server, which has lately generated more than a little controversy in US political circles, has earned an "F" rating for security from the security vendor. Problems include SSL2 support, a weak signature, and only having support for older TLS protocols, among numerous other problems. Note that there are allegations that the email server was possibly already hacked in 2013. (Note: Mrs. Clinton plans on Giving a press conference to the public today on the issue.)

3 of 315 comments (clear)

  1. Re:B is the new F? by Penguinisto · · Score: 4, Interesting

    I suspect it was crash-updated recently.

    It was listed as "F" when the story was submitted earlier this morning, but now it's suddenly bumped to a "B" (Assessed on: Tue Mar 10 09:31:29 PDT 2015).

    All it would take is a patch or two to bump it up, I suspect.

    I wonder if one can get the mods to update the submission.

    --
    Quo usque tandem abutere, Nimbus, patientia nostra?
  2. Re:The Clintons by WebCrapper · · Score: 4, Interesting

    Looks like news came out today that the White House knew of the private domain issue.

    "Press Secretary Josh Earnest corrected the statement, saying that the president must have known about Clinton’s private account because he [POTUS] had emailed that account for four years while Clinton served as his Secretary of State."

    So, now we have another agency that knows that did nothing as well.

  3. But where is the SECRET-level physical security? by bfwebster · · Score: 5, Interesting

    I had someone who did SECRET-grade e-mails setup in the military write the following to me:

    So, if for example Clinton only dealt with SECRET materials and they were sent or received in her email, all of the equipment (routers, switches, etc.) would have to be rated for that SIPRNet connection. Also, the space in which the equipment and servers and client computers resided in would also have to meet the specifications for SECRET material. This would include various forms of physical access to the space in the form of secure cards, biometrics, etc. No space rated for SECRET opens with a key from the local hardware store. . . .

    The biggest issue I see here would be is if the server was connected to the public Internet and it resided in a non-DoD-approved space.

    Not sure there are biometrics installed in the Clinton home in Chappaqua. ..bruce..

    --
    Bruce F. Webster (brucefwebster.com)