Welcome to DU!
The truly grassroots left-of-center political community where regular people, not algorithms, drive the discussions and set the standards.
Join the community:
Create a free account
Support DU (and get rid of ads!):
Become a Star Member
Latest Breaking News
General Discussion
The DU Lounge
All Forums
Issue Forums
Culture Forums
Alliance Forums
Region Forums
Support Forums
Help & Search
2016 Postmortem
In reply to the discussion: NSA Chief: Hillary Clinton Emails Were 'Opportunity' for Foreign Spy Agencies [View all]jeff47
(26,549 posts)1. How Team Clinton screwed up the security on her server
What we know so far:
1) Communications with her server were not encrypted for the first 3 months.
https://www.venafi.com/blog/post/what-venafi-trustnet-tells-us-about-the-clinton-email-server/
2) They left the default VPN keys installed on her server
http://www.bloomberg.com/news/articles/2015-03-04/clinton-s-e-mail-system-built-for-privacy-though-not-security
Using those addresses, McGeorge discovered that the certificate appearing on the site Tuesday appeared to be the factory default for the security appliance, made by Fortinet Inc., running the service.
3) They were using, and continue to use, self-signed SSL certificates
http://gawker.com/how-unsafe-was-hillary-clintons-secret-staff-email-syst-1689393042
4) They set up a .com domain, enabling the typosquater who has registered clintonmail.com (no "e" before "mail" . Whoever registered that domain is in a perfect position to steal login information or perform spear phishing attacks.
5) Her ISP was repeatedly hacked by China
http://www.democraticunderground.com/?com=view_post&forum=1251&pid=615632
Edit history
Please sign in to view edit histories.
44 replies
= new reply since forum marked as read
Highlight:
NoneDon't highlight anything
5 newestHighlight 5 most recent replies
RecommendedHighlight replies with 5 or more recommendations
NSA Chief: Hillary Clinton Emails Were 'Opportunity' for Foreign Spy Agencies [View all]
magical thyme
Sep 2015
OP
Also, they didn't pay the extra $10 for private domain registration. ALWAYS the mark of an amateur.
DisgustipatedinCA
Sep 2015
#6
I just meant that to the right people with bad intent, non-private registration could be like a...
DisgustipatedinCA
Sep 2015
#20
it's an article in Newsweek, which a lot of people outside of DU read and trust
magical thyme
Sep 2015
#4
I decided to click in the link to check your claim...the article is from Reuters, reprinted.
Fred Sanders
Sep 2015
#7
The question, no quote, was about foreign officials who use private servers for "official business".
Fred Sanders
Sep 2015
#9
take out clinton, put in bush. You would be gathering firewood as i write this
roguevalley
Sep 2015
#25
I read the OP twice and still have no idea what the fuss is about. And since there is not a
Fred Sanders
Sep 2015
#5
Believe me, had it been hacked it would have been 24/7 over the news and FOX. nt
kelliekat44
Sep 2015
#33
that's one of the things the FBI is looking into and they aren't talking to anybody
magical thyme
Sep 2015
#34