2016 Postmortem
Related: About this forumWhy our technological ignorance is hurting Hillary Clinton
And the msm and Republicans and other play into this ignorance to play up the story into a fictitious 'scandal"
Why our technological ignorance is hurting Hillary Clinton
https://www.washingtonpost.com/news/the-fix/wp/2015/10/09/why-our-technological-ignorance-is-hurting-hillary-clinton/
By Philip Bump October 9 at 8:30 AM
The personal e-mail server that Hillary Rodham Clinton used was repeatedly subject to hacking attempts from users in China, South Korea and Germany in 2014, the Associated Press reported Wednesday. Which seems as though it confirms some of the worst fears of Clinton's detractors: an insecure system, with foreign agents peeking in.
But to Peter Fidler, president of the tech firm WCA Technologies in New York, the story is much less alarming.
"It's not unusual at all" that there would be attempts to hack into her server, Fidler said when we spoke with him by phone on Thursday. "Basically what it means -- a hacking attempt [is] they'll try to log in as admin, sysadmin, administrator ... they'll try many different types of names and not give up. We used to see that a lot. We would capture all these things and then block entire countries."
In other words, that someone from China tried to hack into Clinton's server doesn't mean 1) that they were targeting Clinton specifically, 2) that they were agents of the Chinese government, or 3) that they were actually able to access information.
Hackers will often "port scan" IP addresses to find vulnerable systems. An IP address is the number that indicates where a computer exists on the Internet, a little like a street address. Port scanning -- for which there exist online tools -- is a bit like casing a house to figure out how to get in. There are certain default network ports that are used for Internet-based services. Port 80, for example, is usually the port that servers use to allow Web traffic. Hackers can check the open ports on a number of IP addresses quickly -- and then try to see if they can use the ports to access the server.
It's complicated to explain, but not in itself unusual, as Fidler indicated. (The AP article itself notes that "t was not immediately clear whether the attempted intrusions into Clinton's server were serious espionage threats or the sort of nuisance attacks that hit computer servers the world over."
But the story reinforced one of the challenges that Clinton faces as the e-mail server story continues to slowly unfold: People don't really understand how the Internet works, and so the stories might sound more ominous than they otherwise would.....
karynnj
(59,501 posts)Some of the sharpest criticism of what HRC did have been things written in tech related media. On DU, some of the clearest explanations of why it was wrong have been written by self identified tech people.
It may well be that the inner Clinton team - HRC, Abedin, Mills, etc - are NOT that tech savvy and the tech guy may have been too junior to have been in on the decision to do this - he might have just been given the job to set up what they asked for. It may be their lack of tech savvy that meant they did not see the technical problems.
However, it is not JUST these issues - that you can put in a box saying they are "technical" - but the issue that the SD emails should have been kept by the SD. At minimum, this would have meant having a weekly, monthly OR even one dump at the end of her service to the SD. (In fact, had it been say weekly - I would bet that it would not have been long before HRC created two accounts on the machine just so they didn't have to carefully separate personal and private.
Fawke Em
(11,366 posts)And I'd pit the network security experts I work with against Peter Fidler any day. WCA Technologies is a, well, technology company, but they are NOT experts in network and data security. In fact, that's not even offered by their firm. I checked.
I'm not concerned with the amateurs using phishing attempts or Port 80 exploits. I'm more concerned about the professional state actors that are far more sophisticated than a script kiddie.
DanTex
(20,709 posts)bots actually, that just go around looking for vulnerabilities everywhere.
Fawke Em
(11,366 posts)But I'm not all that concerned with that stuff.
DisgustipatedinCA
(12,530 posts)On many subjects, I need to defer to experts. With respect to data security and network engineering, I don't take a back seat.
And it's true that public IP's on the internet are constantly port-scanned, and that in the vast majority of cases, nothing comes of it (largely because the "script kiddies" running those scripts have no idea what to do after the recon phase). But ALL successful and dangerous hacks do start out the same way. So at that level, the harmless vs the harmful cannot be determined--the ingress is the same in either case. And that's why you have to protect against anyone and everyone.
snooper2
(30,151 posts)for some things and it has pretty good built in security, but not critical as it's all sitting in RFC1918 space-
Working on new product/project and we will have a mail server (probably SurgeMail as well) sitting on the public intertubes but damn sure will have a firewall. Actually, just gave myself an idea, wonder if you can use an SBC to protect a mail server? What is better than dynamic blacklisting
DisgustipatedinCA
(12,530 posts)No one tries to brute-force a firewall, but if it's not in place, there's going to be trouble.
Our email is outsourced now, so that they can look incompetent with Exchange instead of us looking competent with Exchange.
And not related to anything else, but since we're here...how does IT hiring look in the DFW area? In the Bay Area, it's extremely active right now.
snooper2
(30,151 posts)One of them I'm trying to recruit internally then what he is doing can be backfilled, and probably have to look to the street for an SBC guru since I'm pretty close to vendor selection- we can look for specific skill set-
We actually just got a new CIO recently, everybody including him are talking woo hoo NVF is the next biggest greatest thing!
For me being on the telecom side I'm like, blah, not ready for prime time until the chipsets improve. Couple vendors have tried to do transcoding for example in a virtual environment with very poor results
DisgustipatedinCA
(12,530 posts)Fortunately for me, the industry doesn't seem to have solidified on much yet, so I may have some time to catch up while standards are coming into focus.
Good luck with your secret project. My secret project has been finding a way to get out of the hellscape that is my current employer. The big reveal comes Tuesday morning.
Have a good weekend, snooper2.
jeff47
(26,549 posts)So have the world's best firewall, and anyone can just waltz right past it.
SunSeeker
(51,550 posts)Seems to me stuff was safer on Hillay's server than at the State Department.
Dot gov got hacked, yes.
But, dot gov also employees IT security professionals who add layers of security onto their network to protect various parts of their networks. They use a variety of security products and professional techniques to protect the "inner sanctum," as it were. Maybe some personnel records were hacked because they're on a less secure and less monitored part of the network, but they're going to have a much more difficult time getting into the national security "room."
Clinton's server was also hacked and her server didn't have layers of security to protect it. The problem is we don't know what information she was sharing via email to determine if someone might have gotten some sensitive information.
SunSeeker
(51,550 posts)Attempted hacks are not hacks.
DemocratSinceBirth
(99,710 posts)I would be remiss in exiting this thread without giving my friends and foes , alike, on this board a and just warn you the most dangerous place to be in the midst of a hanging is between the posse and the intended victim.
jeff47
(26,549 posts)Her server was vulnerable. But you have to understand some details of network security to understand that.
So while a port scan by itself is not scary, a port scan that hit a vulnerable server is.