Slashdot Mirror
Hillary Clinton Used BleachBit To Wipe Emails (neowin.net)
An anonymous reader quotes a report from Neowin: The open-source disk cleaning application, BleachBit, got quite a decent ad pitch from the world of politics after it was revealed lawyers of the presidential hopeful, Hillary Clinton, used the software to wipe her email servers. Clinton is currently in hot water, being accused of using private servers for storing sensitive emails. "[South Carolina Representative, Trey Gowdy, spoke to Fox News about Hillary Clinton's lawyers using BleachBit to wipe the private servers. He said:] 'She and her lawyers had those emails deleted. And they didn't just push the delete button; they had them deleted where even God can't read them. They were using something called BleachBit. You don't use BleachBit for yoga emails or bridesmaids emails. When you're using BleachBit, it is something you really do not want the world to see.'" Two of the main features that are listed on the BleachBit website include "Shred files to hide their contents and prevent data recovery," and "Overwrite free disk space to hide previously deleted files." These two features would make it pretty difficult for anyone trying to recover the deleted emails.
Slashdot reader ahziem adds: The IT team for presidential candidate Hillary Clinton used the open source cleaning software BleachBit to wipe systems "so even God couldn't read them," according to South Carolina Rep. Trey Gowdy on Fox News. His comments on the "drastic cyber-measure" were in response to the question of whether emails on her private Microsoft Exchange Server were simply about "yoga and wedding plans." Perhaps Clinton's team used an open-source application because, unlike proprietary applications, it can be audited, like for backdoors. In response to the Edward Snowden leaks in 2013, privacy expert Bruce Schneier advised in an article in which he stated he also uses BleachBit, "Closed-source software is easier for the NSA to backdoor than open-source software." Ironically, Schneier was writing to a non-governmental audience. Have any Slashdotters had any experience with BleachBit? Specifically, have you used it for erasing "yoga emails" or "bridesmaids emails?"
All indications are she wasn't very careful while actively using the server. However, once she started getting requests to produce data from it, then she suddenly got very careful. Even if she did do nothing wrong, that is a very stark change in behavior that just happened to coincide with legal requests to hand over data.
The wiping just means that she is very secure from her own state interfering with her. But it doesn't say anything about how easy it was for third party states to gain information from her email server before it was wiped. So her servers might be secure from the justice system, but not secure from third parties. Both these aspects are how it shouldn't be.
What about the Freedom of Information Act? Don't secretary of state emails have to be archived?
The big knock against her email server is that any other state employee that ran such a thing would be locked up in jail.
no, the responsible thing to do is to turn it over to the justice department and let them fucking shred it.
Let me try. First, her entire purpose in having said private email server was explicitly to protect her privacy - something she is very sensitive about. The issue, and what separates her situation from that of Colin Powell, is that she used that server for both personal and official email exchanges. This defies both basic common sense and several applicable federal laws - laws which were *NOT* part of the recently concluded FBI investigation. That investigation was about the content of the emails and their classification, NOT - again - the real violation of law and common sense. Bottom line is that her credibility is in question because of a series of actions, all attributable to her paranoia and penchant for secrecy.
Hillary Clinton co-mingled personal and official government communications on her private email server. All of those communications are subject to the Federal Records Act and the Freedom of Information Act.
Her personal emails ceased to be personal when she co-mingled them with official government communications. HRC and her lawyers were not authorized to decide what is relevant to FRA and FOIA and what is not.
HRC and her lawyers deleted 30,000 or so emails that are not recoverable - therefore she is in violation of both the FRA and FOIA.
HRC should be, at the very least, in front of a jury to answer for her actions.
we're also not the ones who mixed her personal and professional lives. she is.
she's the public face of the state department, which has policies in place to make sure that their correspondence are both secure and archived... so people can go back and look into them to make sure everything is aboveboard.
she sacrificed her right to privacy on her private correspondence when she conducted professional business on the same server.
i don't want to see her fucking wedding photos, but i want someone to make sure that she wasn't selling access to the office of the secretary of state of the united states. and if someone with clearance in the justice department needs to comb through 4 years of "private" emails to make sure, then she has only herself to blame.
Powell used an aol account.
He did NOT put a private server in his house!
Same for Rice. Powell used it for non-state NON-classified business.
Hillary has lied so many times about this server, is is clear to any hones observer that she was hiding activities of corruption with the Clinton foundation and did not want FOIA to discover her activities.
Hillary was supposed to have government archivists sort through the mails, not her personal attorneys. That was a violation of the federal records act.
She had classified information on the server, despite assertions that she did not- caught in another lie.
She said all work related mails were turned over. Another lie- the FBI found thousands of work related mails not turned over, including classified.
In the eyes of the law (courts), spoliation of evidence is equivalent to guilt, but perhaps to a lessor degree.
My quibble was the blatant arrogance of the act. That private server was clearly a move to preserve final editing rights of her tenure at the State Department and evade any future FOIA requests that may crop up during her next run for the presidency; and was there ever any doubt that she would run again? The fact that she thought she could get away with it after experiencing the fallout from the exact same move by members of the Bush administration while she was a sitting Senator in Washington reinforces the feeling that her arrogance knows no bounds. She took a page out of the neocon playbook and figured she would show them how it's done.
Did you run shred on a server after the FBI said it wanted the data on it?
Destruction of evidence is itself a crime. The difficulty is always in proving that's what happened - by definition you're missing a key piece of evidence.
This isn't mud slinging. This is technology news about obfuscating forensic evidence in practice on a technology website.
Your statement is mudslinging.
Whether the secure wipe was used as a simple matter of Best Practice, or was done for Nefarious reasons, is not known. So when the article makes judgements such as "When you're using BleachBit, it is something you really do not want the world to see." it becomes a political mudslinging story.
I don't personally use this software, but I personally always securely wipe any drive which I'm done using. Even if there's nothing on there, even if it only contains "yoga emails" or etc.
The disturbing thing to me is that this article is all but using the "If you have nothing to hide, you wouldn't use secure wipe methods" line of bullshit. Using strong encryption, secure wipe software, etc. should not be allowed to be seen as a "shady" or "suspicious" activity- it should rather be seen as the Intelligent and Normal way of doing things.
The FBI found the "key piece(s)". Comey then said "No prosecutor would pursue this case" and dropped it. He was probably right--but only because of her last name. If I did that, I might get out after 5 years or so. Heck, one of my counterparts got in trouble for a single line in a controlled document which had the same info in the public domain. I'm sick of these "Nothing to see here" claims--just look at any security briefing and it's spelled out. We just had another one, and according to it I would be required to report her if she was in my office.
Please state the part of the law on improperly transmitted classified information that talks about ratio of classified material to non classified material.
1. She put classified info on a private unsecured server where it was vulnerable, contrary to the law which she was fully advised of upon taking office.
2. She did all her work through that server, hiding it from all 3 government branches (congressional oversight, executive oversight, and the courts) and public FOIA requests.
3. When the material was sought by the courts and congress, she and the state department people lied under oath claiming the material did not exist (perhaps Nixon cronies should have all lied about tapes existing).
4. After her people knew the material was being sought, the server's files were transferred (by private IT people w/o clearances) to her lawyers (no clearances).
5. She and her lawyers deleted over 30000 e-mails, claiming they were only about yoga and her daughter's wedding dress (Nixon cut a few minutes of tape).
6. They then wiped the files with bit bleach (a step not needed for yoga or wedding dress e-mails). (Nixon did not degauss all his tapes)
7. They handed the wiped server to the FBI, and hillary publicly played ignorant with her "with a CLOTH?" comment (absolute iin-you-face arrogance against the rule of law) (Nixon did not hand tape recorders with erased tapes to the FBI)
Prove you are sincere, and not a total unprincipled partisan hack:
Are you a Nixon supporter?
Would you accept this behavior from Donald Trump or Dick Cheney?
Comey spent hours in front of Congress explaining, very patiently, over and over, that the reason he could not recommend prosecution against Clinton is because all of the suspected crimes required proof of intent, which the FBI did not have.
Transcript of Gowdy questioning Comey. Lots of context, but note the bolded section:
Gowdy: Secretary Clinton said "I did not e-mail any classified information to anyone on my e-mail there was no classified material." That is true?
Comey: There was classified information emailed.
Gowdy: Secretary Clinton used one device, was that true?
Comey: She used multiple devices during the four years of her term as Secretary of State.
Gowdy: Secretary Clinton said all work related emails were returned to the State Department. Was that true?
Comey: No. We found work related email, thousands, that were not returned.
Gowdy: Secretary Clinton said neither she or anyone else deleted work related emails from her personal account.
Comey: That's a harder one to answer. We found traces of work related emails in — on devices or in space. Whether they were deleted or when a server was changed out something happened to them, there's no doubt that the work related emails that were removed electronically from the email system.
Gowdy: Secretary Clinton said her lawyers read every one of the emails and were overly inclusive. Did her lawyers read the email content individually?
Comey: No.
Gowdy: Well, in the interest of time and because I have a plane to catch tomorrow afternoon, I'm not going to go through any more of the false statements but I am going to ask you to put on your old hat. False exculpatory statements are used for what?
Comey: Well, either for a substantive prosecution or evidence of intent in a criminal prosecution.
Gowdy: Exactly. Intent and consciousness of guilt, right?
Comey: That is right?
Gowdy: Consciousness of guilt and intent? In your old job you would prove intent as you referenced by showing the jury evidence of a complex scheme that was designed for the very purpose of concealing the public record and you would be arguing in addition to concealment the destruction that you and i just talked about or certainly the failure to preserve. You would argue all of that under the heading of content. You would also — intent. You would also be arguing the pervasiveness of the scheme when it started, when it ended and the number of emails whether They were originally classified or of classified under the heading of intent. You would also, probably, under common scheme or plan, argue the burn bags of daily calendar entries or the missing daily calendar entries as a common scheme or plan to conceal.
Two days ago, Director, you said a reasonable person in her position should have known a private email was no place to send and receive classified information. You're right. An average person does know not to do that.
This is no average person. This is a former First Lady, a former United States senator, and a former Secretary of State that the president now contends is the most competent, qualified person to be president since Jefferson. He didn't say that in '08 but says it now.
She affirmatively rejected efforts to give her a state.gov account, kept the private emails for almost two years and only turned them over to Congress because we found out she had a private email account.
So you have a rogue email system set up before she took the oath of office, thousands of what we now know to be classified emails, some of which were classified at the time. One of her more frequent email comrades was hacked and you don't know whether or not she was.
And this scheme took place over a long period of time and resulted in the destruction of public reco