Slashdot Mirror
Clinton Home Servers Had Ports Open (ap.org)
Jim Efaw writes: Hillary Clinton's home servers had more than just the e-mail ports open directly to the Internet. The Associated Press discovered, by using scanning results from 2012 "widely available online", that the clintonemail.com server also had the RDP port open; another machine on her network had the VNC port open, and another one had a web server open even though it didn't appear to be configured for a real site. Clinton previously said that her server featured "numerous safeguards," but hasn't explained what that means. Apparently, requiring a VPN wasn't one of them.
now claims the server was secured.
either of these claims disproves the other. You cannot have secured what does not exist.
Interesting how the debate has shifted away from the lies and denials in public of this, but into the content and construction.
It's like any of us being caught with a machine gun illegally in our possession but turning the debate away from the law we broke having it into whether or not it was loaded and what type of ammo, as if that made any difference.
I'm preparing my suicide potion tonight... :(
"I don't know, therefore Aliens" Wafflebox1
When it comes to building, or using, or setting up software for consumer use, it just sucks. They often have a bidding contract and hand it out to whomever pays the least.
Hillary isn't a techie, she simply reiterates what she is told about things like this. All this shows is that politicians need additional training on the proper way to handle security and privacy. Clinton's mistake is she tried a "do it yourself" or "hire someone yourself" approach, which in some areas isn't a good idea unless you really know what you are doing.
Allow me to quote our future president [and inevitable Nobel Prize winner] and allow you to draw your own conclusions:
...the point is her fundamental dishonesty, disregard for the rules that apply to 'little people', and flippant mendacity when it came to being confronted on the subject.
Of course, flagrant violation of security rules like this would get you or me thrown in prison.
As much as the Republican presidential contest is a clown car, the Democrats have perhaps an even more difficult choice: goofy or sleazy, pick one.
I did finally hear a good reason to vote for Trump, for once:
http://i.imgur.com/wVkmhzL.png
-Styopa
I really hope that this isn't an apology for Hillary.
The worst part are all the relatively smart people who are excusing this, simply because she has a (D) after her name. All I have to say, is if this were Jeb, he would be in jail already.
Agent K: A *person* is smart. People are dumb, stupid, panicky animals, and you know it.
Why is everyone focusing on security with this whole private email server? Sure, security was a problem but that's not why she made her own email server. It was made to bypass public records laws. By having their own email server they can retain or destroy whatever they want and fulfill records requests with whatever they deem fit. The IRS was their role model :-). It's about control, not security. Her and her administration should be tried for that first.
Real programmers use "copy con program.exe"
Transparency.
Clinton previously said that her server featured "numerous safeguards," but hasn't explained what that means.
Some of the numerous security technologies employed include "theater" and "through obscurity".
Like that matters..... Just imagine classified information flying around the internet, getting relayed though who knows how many mail servers.... What difference does it make?
"File to fit, pound to insert, paint to match" - Aircraft Maintenance 101
Much to the chagrin of Hillary.
Do you work for General Motors? Reuters? John Deere? DuPont? Exxon Mobile? Pfizer? Ford? IBM? Amazon? HP? General Food? Walmart? Apple? General Electric? AT&T? Boeing? Proctologist and Gamble? UPS? Disney? Lockheed Martin? Oracle? Philip Morris? Macy's? NIke? McDonald's? Staples? Whirlpool? Goodyear Tire and Rubbers (wink, wink)? United States Steel? . . . etc., etc., etc.
If you worked for any big company, and set up your own email server to do company business . . . your testicles would be deep fried and hung up as pinatas. For most dorks in the US, they do not understand what setting up your own email server, of dubious security and audibility. For us IT professionals, Obama issuing another "Executive Administrative" decree that retroactively declares Hilary's email server as safe . . . well, that sounds and smells like shit to me . . .
Schroedinger's Brexit: The UK is both in and out of the EU at the same time!
I really hope that this isn't an apology for Hillary.
If it's an apology, it would be for more than Hillary. Colin Powell also used a private e-mail for state-department business.
The worst part are all the relatively smart people who are excusing this, simply because she has a (D) after her name.
Colin Powell does not have a (D) after his name.
If it weren't for deadlines, nothing would be late.
She did both, she hosted government communications on her private email and scrubbed the communications that she deemed damaging or not related.
Knowledge = Power
P= W/t
t=Money
Money = Work/Knowledge so the less you know the more you make
I hope she was using Windows, we all know how hardened that is.
Not only was she running Windows Server (according to the AP article), but she was using Network Solutions for her registrar, even after the U.S. Postal Service and several other large institutions had their NetSol domains slammed to a registrar in the British Virgin Islands against their will; and for some reason the clintonemail.com IP address was changed to that same company in 2011. (This, of course, years and years after anyone with tech experience had dropped Network Solutions.)
Perhaps she thought her firewall was an international border, and should be open for all.
First, are you sure that it actually was extra-legal, or are you only repeating what others have said?
All that I know is that it has been reported that she had an e-mail server of her own. I could not tell you when it operated and I do not know what laws or regulations existed at what point during its operation.
At this point, so many contradictory, technically incorrect, and outright silly things have been said by talking heads about this that I'm simply inclined to not bother to judge based on it. This is like when the supposed expert from one of the news channels reported on the hacker 4chan and the images of celebrities he stole and put up on the Internet, it was so full of derp that there was no point in even bothering to pay attention other than as a drinking game of factual inaccuracies. This episode should be interpreted the same way when nontechnical people are doing the talking, be they Mrs. Clinton, or the congress critters, or the reporters.
Do not look into laser with remaining eye.
I know its not exactly the same thing, but for the relatively smart people in both Parties, she is rather equal in embarrassment quotient to Trump.
Happiness in intelligent people is the rarest thing I know.
Ernest Hemingway
Colin Powell used a PUBLIC email server, not a private one. Slightly different, and enough different that it matters.
Agent K: A *person* is smart. People are dumb, stupid, panicky animals, and you know it.
All I have to say, is if this were Jeb, he would be in jail already
Are you conveniently forgetting that Jeb did literally the exact same thing? He had a personal server, then decided what to forward for state archives and deleted the rest.
And so did Christie
And so did Jindal
And so did Rubio
And so did Huckabee
And while they no longer candidates, so did Perry
And so did Walker
I'm not excusing Hillary, because she did fail to follow security protocols. But lets not pretend that she's in some rare company, and lets not pretend that state level governments operate with complete transparency and that state governors could never possibly discuss classified or secret information under any circumstances.
If one of us lies to a government official under oath or not, we are fined or go to jail (or both...)
Why doesn't this apply to government officials (of any stripe)?
--- Mercutio was right.
Colin Powell has also said he had two machines in his office, one for secure government correspondence (which is also subject to FOIA requests) and the other for his personal email account -- I believe this is vary much different then Hillary who only had a personal email account and stored all correspondence (government or not) on a largely un-secure personal server. While she "might" have successfully "wiped" this server, I am sure numerous state actors have the full monty (so to speak), and for a price... Or perhaps they are holding on to the emails to blackmail our potential future president -- no harm nor foul I guess...
> I'm saying she did something stupid, not malicious.
Leaving out that setting up a server to bypass public records laws is inherently malicious as far as the public interest goes, even if setting it up wasn't malicious, repeatedly lying to us about it most certainly is malicious. The fact that they can convince a non-trivial faction of America of non-factual things is a serious problem. It will continue to be a problem whether it's being abused by Ds or Rs and it was just as bad when the Rs were doing it and I was complaining about them.
If we want a responsible government, we can't let them off the hook when they deliberately and knowingly subvert the accountability rules, no matter which faction they belong to. If nobody can be held accountable, then the government controls us when it's supposed to be the other way around in a democracy.
Is this the best you can do to try to keep the "scandal" alive? Just because the RDP port is open doesn't mean it's actually RDP running on the port.
I do serious IT work as my job. Obviously, you don't. If one of my sysadmins left that port open, he would be fired. Yes, we run a port scanner on all our servers to make sure that they are clean . . . squeaky clean. This is just standard procedure in most serious IT shops.
Whatever you do in yours . . . well, that will be your problem.
Schroedinger's Brexit: The UK is both in and out of the EU at the same time!
Actually, they found exactly the opposite when the (D) operative hacked her account and they actually found nothing. But keep reading the DailyKos and HuffPo ... they never lie.
Agent K: A *person* is smart. People are dumb, stupid, panicky animals, and you know it.
Bill Clinton can rape people, and it is okay,
Who did Bill rape?
You are making lots of wild acusations, but I see nothing in support of them. Did I miss this week's Conspiracy Times?
Learn to love Alaska
No, I do not have enough information to make a judgement. I have not seen the configuration of the mail server, I do not know when it operated, and I do not know the intricacies of the law during that period.
I have not seen any good reporting on the configuration of the mail server, on when it operated, or on the law during that period. I have heard that the law changed sometime after the mail server was used, and that people have been attempting to tie the operation of the mail server pre-law to the post-law rules.
I do not find for or against Mrs. Clinton for the mail server. If the timetable for a change in law meant that she was not breaking the law, then I would find in favor of her, rather than simply discarding this as something upon which to judge her.
And all of this is silly since conventional e-mail is an inherently insecure communications medium to begin with, regardless of the destination.
Stop trying to offend with style. Find some goddamn substance instead.
Do not look into laser with remaining eye.
But don't you realize that leaving a port open on her home server makes her history's greatest monster? Clearly, you're not paying attention to the GOP debates.
You are welcome on my lawn.
All right, explain your position then. Provide us with the details that you must obviously have that the rest of us aren't aware of.
Do not look into laser with remaining eye.
Not a single criminal complaint of "rape" against him. Some civil suits and informal accusations, but no formal signed accusations of rape, where the accuser would be liable for perjury for false statements.
Learn to love Alaska
"What difference does it make?" -- H. Clinton.
Honestly, who cares? It's a non issue.
The problem is that she put information that must be in the PUBLIC RECORDS (see FOIA) on a private server where she was the sole decider of what is or is not going to the public record. This screams all kinds of alarms for me. No, I cant say she withheld anything damning, illegal, embarrassing, incriminating or who knows what else. What I can say with certainty that all of her actions with regards to the server dont appear to be consistant with someone who isn't hiding something (wipe the HD -- emails trickling out after hearing "they've been turned over" already -- etc). And that fills me with doubt about her and her judgement.
How can we elect someone with this kind of doubt to become president? Only someone with some fake "situational" ethics can forgive this enough to pull the lever for her at the ballot box.
So there's one rape allegation there. Which firstly is "a person" not "people", and secondly is merely an allegation by someone who has given multiple inconsistent versions of the story.
As I recall, you're right, the email account was used for little of import, but I don't think it was hacked by some nefarious (D) operative. Wasn't it just some guy on a forum that guessed her password reset answers based on publicly available information?
She did what Rice and Powell did before her. But it's only a problem when she does it. Why?
Learn to love Alaska
"Why?"
Powell and Rice didn't use email much during their tenure as SoS. Rice didn't use personal email at all for State Department business. Powell used a secured laptop with a state department email for the bulk of state department business with minor (his claim) non-state-department issues from his personal account (like house keeping stuff).
Albright didn't use email at all, from my understanding.
That's "why".
That leaves Clinton the last one of the SoS's who could have used email (information age) -- and she didn't use a state department account AT ALL. How can this not ring some alarm inside your head?
Translation: I am biased and choosing to stick my head in the sand on this issue.
Translation: I'm unable to cogently carry on a civil discussion or respond with valid points of my own, so I'm going to make myself feel clever and witty by reposting someone else's post again in an astounding act of me-tooism.
"She's been investigated for years, and not one problem found"
There's been plenty of 'problems' found. Nothing that has yielded an indictment -- but enough that a reasonable person should keep her clear of public service.
"There are records of every "official" email to and from her in the State Department servers."
Clearly you've no idea what you are talking about.
http://www.nbcnews.com/news/us...
Those emails werent ON the state department servers. Because she sent them from her PERSONAL account to the DoD. How many other emails have yet to surface because they aren't on the State Department's archive?
http://www.nytimes.com/2015/09...
You know... if I see enough tell tale clues that a rat has been in my kitchen (chewed hole in dog food, for example) I can decide that there *IS* a rat without actually SEEING it. There MIGHT be a logical explanation for the hole, but as far as Clinton goes, every excuse comes with a lot more tell tale clues. Example:
https://www.washingtonpost.com...
And then this:
http://www.npr.org/sections/al...
And it was wiped....
She could be spitting your your face and you'd be saying "it's raining!" Please, I'm not saying "beyond a reasonable doubt" in the legal sense that she did anything illegal. I'm saying that a reasonable person could only conclude that she hasn't been forth-coming and should not be trusted.
(please note all my citations are either liberal or left leaning sources).
Why is anyone making a fuss over Hilaries private e-mail server. Gov't comms are a mess. and then there's GWB43.com
https://en.wikipedia.org/wiki/...
Oh, I remember. I wasn't happy about that, just as I'm not happy about what Secretary Clinton did. Secretiveness and corruption are not limited to any one party.
"What the American public doesn't know is what makes them the American public." -Ray Zalinsky (Tommy Boy)
In my opinion it's not possible to use email in a way where hosting your own server is responsible for mishandling of classified information.
Either the classified message is encrypted and the email server's security is moot or the classified message is not encrypted and the sender is mishandling the information in the first place by sending it in clear text over the internet, regardless of where the server is hosted.
I would not be surprised if she used her own email server to get around government record keeping but that's the only issue I see here.
Government officials have been doing this for years (remember Sarah Palin's personal email being accessed? and the guy going to prison for it?), but it's always been done with a veneer of technological ignorance that gives them a little bit of plausibility. Almost every single one of them that has happened so far has been able to shrug their shoulders and say "ha ha, email, who knows how that stuff works! it's magic!", and between their age (GWB was born in 1946, for example) and the general time period (before smartphones even existed) they were able to claim this without any hint of being deceitful.
Hillary has tried to do this while simultaneously setting up her own server! How fucking dumb does she think people are to believe her saying things like "wipe the server? what, like, with a cloth?" after having ordered the construction and curation of her own private email server? A server which, while in vague legal territory, serves no purpose other than to give herself control over her communication because of her political ambitions?
There's no deniability here. She can't claim that some boffin came to her and said that this would be a good idea and she rubberstamped it without any scrutiny. She can't claim to have ordered its creation and been ignorant as to what it was capable of because its very purpose of existence was to communicate outside of official channels. She can't claim to be ignorant about classification status of information because, as Secretary of State, she's one of the fucking root authorities!
Everything about this is her bending the rules for her own personal benefit and not caring about what the consequences are and blatantly lying about it afterwards with the implication that she should get away with it because, otherwise, it might ruin her chances at election. Sorry, but no thanks. If anyone posting here on /. did anything similar to this, not only would you never work for the US government again, but you'd probably have to sit in a federal prison for a decade before you got the chance to have your resumes thrown in the garbage.
Government communication are certainly a mess, and we probably know that more than anybody, but having anyone who feels like it set up their own VPS or whatever to deal with the problem is a step in the opposite direction. Anyone in any kind of administrator role should cringe at the thought of that. Anyone who excuses this kind of basic technological ignorance as a justifiable reason for breaches of trust and security should be laughed out of the room, as well. Email is not some new-fangled crazy technology, as it's been known and used by the general public for at least 20 years, and anyone who continues to enable the willful ignorance of an older generation like this is only serving to cause clusterfucks like communications in government in the first place.
You should be linking things like that and demanding more accountability, not using it as some flimsy excuse for more shit behavior.