Clinton's Private Email System Gets a Security "F" Rating 315
Penguinisto writes According to a scan by Qualys, Hillary Clinton's personal e-mail server, which has lately generated more than a little controversy in US political circles, has earned an "F" rating for security from the security vendor. Problems include SSL2 support, a weak signature, and only having support for older TLS protocols, among numerous other problems. Note that there are allegations that the email server was possibly already hacked in 2013. (Note: Mrs. Clinton plans on Giving a press conference to the public today on the issue.)
Makes sense (Score:5, Insightful)
I mean, the only security they seemed to be interested in was keeping the emails out of the hands of people with subpoenas, FOIA requests and such.
Re: (Score:2)
It must never have occurred to them that Fox News and the FBI use hackers too.
Re: (Score:2)
They should hire you to do their spin.
Re:Makes sense (Score:4, Interesting)
No, they really shouldn't. I'm a fiscal liberal but a social conservative. There is no political party in the United States I am comfortable with.
Re: (Score:3)
So, a Spend and Subjugate party?
Re: (Score:3)
In a way. More like a Big Father With A Shotgun party.
Re: (Score:3)
Except, of course, for the minor third party of the extreme libertarians, whose faith in liberty above all else calls for a government too weak to police social issues, and taxes so small that they could rightly be called user fees for access to the courts.
Re:Makes sense (Score:5, Informative)
I mean, the only security they seemed to be interested in was keeping the emails out of the hands of people with subpoenas, FOIA requests and such.
Plus, it's in her house, so she gets 4th Amendment protections as well, which is pretty smart.
But Qualsys's SSL scan grade is relevant to a server open to the public. Looking at the generated report, the main problem, in a situation where the client software is highly controllable and very likely hand-configured, is the lack of perfect-forward-secrecy ciphersuites. And that only helps prevent future attacks, not past ones (she's "retired" at the moment).
If somebody wanted to attack this system, attacking TLS would not be the way to do it - the configuration is good enough to make so many other vectors much cheaper attacks. I see the engineer used GoDaddy as the SSL vendor. This doesn't speak well for the budget of the project which has implications for the degree of configuration hardening that was done, which is especially crucial for a Windows machine.
Re:Makes sense (Score:4, Informative)
The Qualsys SSL scan only scans the web server front-end. (Which shouldn't even exist, in my opinion. Use a mail program, not a browser.)
But this is a mail server too, with its own security implications, and those have not been scrutinized, as far as I can tell.
Re: (Score:3)
They've gotta be kicking themselves after seeing how easily the IRS handled sending dirty laundry down the memory hole without (overtly) breaking the law.
Re:Makes sense (Score:5, Informative)
http://www.politico.com/story/... [politico.com]
Actually, that IRS the dog ate my email somewhat failed.
It turns out that asking IT to look for backups of the email is more productive than looking for it personally. Its just a matter of time needed to sort through it if anyone in government is still interested.
B is the new F? (Score:5, Informative)
Re: (Score:3)
Hrm, I click on the link and see "SSL Report: mail.clintonemail.com (64.94.172.146) Assessed on: Fri Mar 06 12:35:49 PST 2015", and an F.
Are we both looking at the same thing? (clearly not, but *which* things are different, other than the grade?)
Re: (Score:3)
Here's the copy'n'paste:
1 64.94.172.146
Ready
mail.clintonemail.com
Tue Mar 10 09:23:03 PDT 2015
Duration: 55.370 sec
B
The date appears to be the difference.
Re:B is the new F? (Score:5, Interesting)
I suspect it was crash-updated recently.
It was listed as "F" when the story was submitted earlier this morning, but now it's suddenly bumped to a "B" (Assessed on: Tue Mar 10 09:31:29 PDT 2015).
All it would take is a patch or two to bump it up, I suspect.
I wonder if one can get the mods to update the submission.
Exactly. (Score:4, Insightful)
The first thing I did when I saw the discrepancies is look for a test date listed on the page, and here it was: ue Mar 10 09:50:02 PDT 2015 .
So this "B" score was earned literally minutes ago. People who are seeing an "F" are probably seeing cached data.
Re: (Score:2)
I just checked and it says "F" in a bright red box.
SSL Report: mail.clintonemail.com (64.94.172.146)
What IP address did YOU see? Maybe there's more than one server being polled?
Re: (Score:2)
Re: (Score:3)
Check my other post in this thread. Sat morning it's "F". The parent of this thread sees a "B" sat evening. Looks like they fixed something.
Re:B is the new F? (Score:5, Informative)
Interesting. I've got two tabs open -- both to the same URL. I see the following:
SSL Report: mail.clintonemail.com (64.94.172.146)
Assessed on: Sat Mar 07 15:10:39 PST 2015 | Clear cache
RATING: "F"
SSL Report: mail.clintonemail.com (64.94.172.146)
Assessed on: Tue Mar 10 09:18:02 PDT 2015 | Clear cache
RATING "B"
The difference is Protocol support is zero on the F and notes SSL 2.0 support (automatic "F").
Looks like somebody fixed something between Saturday and today.
Re:B is the new F? (Score:4, Informative)
The rating is an F because it supports SSL2. Yet, they didn't show a single example where it permitted an SSL2 handshake or connection. Every email server supports SSL2. The real question is does it actually permit SSL2 connections. Hell my server "supports" SSL2, but I have it connections disabled in the configuration. This security rating is just a load of political crap. Everyone picking on poor ol' Hillary for using a private server. It must be weak because it's not based at the State Department. Because we all know the best and brightest computer nerds work for the Fed?
Now given what I see there from this scan, she's using SHA-1 for signatures. Definitely not best practice. I'd rate that server as a C or a D. The server appears to be an IIS server. A hardened Linux server would have been the way to go. Just because it's not a guvmint server doesn't mean it is automatically weak. My server gets attacked all day long and hasn't been hacked. Sure, I'm not a big target either. I once conducted an experiment to see how long it would take for someone to hack my Linux system. So I put one out there, and didn't patch it, did a minimal security setup, like you might get from a Linux Servers for Dummies tutorial (there are plenty out there). It took 4 months for my relatvely unknown server. But that was years ago. I haven't been hacked since, and no that is not an invitation to try. I get DDOSed on a semi-regular basis. Not much I can do about that, other than what I am doing. I haven't got a 1000 servers to offload attacks to.
In the end, a well configured and maintained server stands as much of a chance of being secure as any server out there, save perhaps the DOD. Bigger is not necessarily better.
Re:B is the new F? (Score:5, Insightful)
The biggest difference is that no one gives a shit about your toy server, but they might have a fuckload of interest in the personal server of a US Senator and Secretary of State. Yes, I believe that State Department is likely to have better security than the random dipshit she seems to have hired who snagged a cheap GoDaddy cert. It's almost certainly going to have better availability, backup, and disaster recovery.
It is absolutely, 100% not acceptable to run state secrets through a personally maintained server that seems to exist only for the legal reason of giving the owner 4th amendment privacy rights. An officeholder acting in official capacity should have zero expectation of privacy from the organizations they work for. I'm "picking on poor ol' Hillary" for having every appearance of attempting to circumvent disclosure laws.
Re: (Score:3)
It is absolutely, 100% not acceptable to run state secrets through a personally maintained server
Oh, she's got that covered: she just claimed that she never used email for anything secret or confidential. If you can believe that. I don't.
Re: (Score:2)
It took four months for my relatively unknown server.
This smells funny. How specifically did your server get hacked? If I put out a server running nothing but Apache serving static HTML and SSH with a good password, I would expect it to be hacked approximately never or until the next sshnuke exploit. Which, again, would be approximately never. What were you running where you got hacked in four months?
Re:B is the new F? (Score:4, Funny)
Re:B is the new F? (Score:4, Funny)
Really? Is this like the blue dress/yellow dress thing? Different people see different things?
No, this is the typical political BS where it's getting attention - so let's fix all the problems, get it rescanned, and then pretend it wasn't horribly insecure for all the time prior to today.
Re:B is the new F? (Score:5, Funny)
I think Hillary has banned all Blue Dresses from her sight.
Re: (Score:3, Funny)
Bill did the same thing a few times. Of course the women were wearing the dresses when he demanded they be removed from his sight.
Re:B is the new F? (Score:5, Insightful)
IIS with a good config will beat *nix with a terrible config. It's not the tool that the the problem here; it's that the people using it had no clue how.
Re: (Score:3)
IIS has been as secure a web server as any for quite a few years now.
Re: (Score:3)
IIS has been as secure a web server as any for quite a few years now.
IIS 7.5 is a few years old. It came out with Windows Server 2008, if I remember correctly - that's seven years ago. It has been replaced with IIS 8 and 8.5 for years now.
But still, the biggest problem is to have web mail open to the world in the first place. Certificate based imap would be far preferable from a security point of view.
Re: (Score:2)
Yes, but 7.5 is still within it's support lifespan, which means it's getting patches and security fixes. I was only addressing the IIS aspect of your post.
But since you're persisting, the protocol, transport layer, and authentication mechanisms are all separate concerns. HTTPS is not inherently less secure than any other protocol, and could be configured to require certificate-based authentication just as easily as IMAP. The oldest and weakest versions of TLS are slightly concerning in theory, although t
Re: (Score:2)
Shows as a B for me as well. Here is a screenshot (Score:2)
http://screencast.com/t/usfMoC... [screencast.com]
What is the deal here?
"F" rating? (Score:2, Funny)
Bad H! She should have used them gov't servers, which are D-
Re: (Score:2)
I'd be curious to know what problems would have been found AT THE TIME (not now, a few years later), with the e-mail server itself (not web front-ends other than as actual vectors to compromise the system, not just an individual connection; is there any indication Clinton ever used a web front-end?), and compare that with the state.gov e-mail server (also at the same time).
Comparing this to someone using a gmail account is irrelevant. The biggest threat to security is probably going to be the people at a c
I Disagree (Score:3, Insightful)
I have been in the IT field for 30 years and I specialize in information security. Penetration testing and forensic investigations is what I do.
I do not agree with the assessment. Many argue that homes are more vulnerable, but even if it's the average home, it's far easier to find a disgruntled employee in some "cloud" service company and if you look at headlines in recent years like DRM, Target, SONY, and a number of others, you can see they are very vulnerable and for a lot of reasons.
It only takes one person on the inside, to screw things up. Edward Snowden did it with the NSA and Bradley Manning with the CIA.
Most homes are very vulnerable becuase they are all WIFI and not setup correctly. For those that do, they can be more secure. Add secret service to the mix and you have physical security.
Do you really think Clinton set up her own email server? No. She knows a lot of people in the industry and can be very selective. He data also remains under HER control, HER ownership, and if any of you idiots think your "cloud" data is safe, it just proves how inept you are.
I have to give her security grade a 'C', only because I don't have enough information to do a complete assessment.
Re: (Score:3, Interesting)
It appears that whoever set up Clinton's email used GoDaddy as the SSL vendor. Seriously. Go Daddy.
Re: (Score:3, Informative)
He[r] data also remains under HER control, HER ownership, and if any of you idiots think your "cloud" data is safe, it just proves how inept you are.
You are right but not for the reasons you believe. By owning the server she controls who can get the emails, and that includes from government investigators. When they review the emails she turns over, what proof is there that any problematic emails were not first erased? If it was in a "cloud" system, including a government system, then she would have lost the ability to sanitize the email trove before investigators get access. Regarding your calling people idiots who think differently than you and for
Re: (Score:2)
Re:I Disagree (Score:5, Informative)
He data also remains under HER control, HER ownership
That's cute, except that it's not her data. That data is owned by the American people via its government, as are all official communications. When you're an officeholder, you don't "own" your official email.
Re: (Score:3)
No. This was the email address she used for official state business. By law that is owned by the government and not by the individuals involved. This whole thing came up recently because there is evidence "that she has not been forthright in turning over the official e-mails as requested", such as other parties dutifully turning over their emails which were in reply to something she'd sent, but the referenced email not being present in the files she submitted.
IANAUSC: So how is a surprise? (Score:2)
What difference at this point does it make? (Score:5, Insightful)
In my view assuming there was a need for security the entire fault should lie with state dept allowing emails to be sent and received to and from any domains outside of their administrative influence when conducting "official business".
SMTP Email always get an "F" security rating no matter what. Checking whether webmail interface has a secure cert is like making sure the front gate of your castle is locked and secured while east and west gates remain open to the creepers at the gates.
Re: (Score:2)
Re:What difference at this point does it make? (Score:4, Insightful)
Yes. That is exactly what is expected. And if she overrulled them or retaliated, there are official channels to report it that carry whistle blower protections when department rules and laws are not being followed.
My guess is that it likely did not get that far because there likely isn't an auditing system in place to catch it. Even the president who learned about it in the news paper like the rest of us was sending and revieving mail from her in this manner and it was not caught.
Different rules for the ruling elite (Score:5, Insightful)
If you treat IRS rules the way the IRS treats IRS rules, you go to prison
If you treat immigration controls the way our immigration authorities do, you go to prison.
If you’re as careless in your handling of firearms as the ATF is, you go to prison.
If you cook your business’s books the way the federal government cooks its books, you go to prison.
Re: (Score:3)
Spot on. We just found out the the Ferguson "judge" responsible for jailing people who owe a few hundred dollars on a parking fine actually owes $170,000 to the IRS.
The bottom line is that people in power don't think the rules apply to them. Under rule of law, the rules do apply to them. But as we've seen more and more lately it's difficult to enforce the rules when they rule the enforcement mechanisms.
Re: (Score:3)
Federal retention laws have been in place for decades. The change that took place after her time a State was merely to set a 20 day limit on how long you had to send any outside documentation (emails from private addresses for example) to your agencies retention facility for transmission to the national archives. It did not create the requirement, merely set a limit on how long you could delay acting on it.
What's the Big Deal (Score:3)
Re:What's the Big Deal (Score:4, Insightful)
You're joking, but people would be shocked how much time politicians spend begging for money. A typical congressman spends more time on an average day raising money than he does on legislative business. And if he's successful at fundraising, his reward is to be forced to spend more time raising money for his less successful colleagues. It's actually kind of a big deal.
Perfect, there is surely a backup (Score:5, Funny)
Big boss hates/gets around IT (Score:2)
Why do you think clouds and BYD are so popular?
Because those annoying cost centers keep getting in the way with their change controls and tickets
We don't have time for that! The big boss needs this done now and will get his way in the end. We can focus on change management later etc.
Why is Hillary no different than any other boss who can't afford to wait on IT?
Right now I am in a dilemma? Our policy is to leave our computers on. No one follows it. We have a big update tonight and this app will throw an exc
government servers not secure, either (Score:2)
https://www.ssllabs.com/ssltes... [ssllabs.com]
So damned if you do, damned if you don't.
But where is the SECRET-level physical security? (Score:5, Interesting)
I had someone who did SECRET-grade e-mails setup in the military write the following to me [andstillipersist.com]:
Not sure there are biometrics installed in the Clinton home in Chappaqua. ..bruce..
Re: (Score:3)
Re:The Clintons (Score:5, Funny)
What about those with a last name and no first? Teller? First president who won't utter a lie?
Re: (Score:3)
Re: (Score:2)
Re: (Score:2, Informative)
Re:The Clintons (Score:5, Insightful)
If email truly wasn't that big a deal why was that listed as a reason for his dismissal. I realize you tack on as much as you can to make it stick, but still reflects bad on her now.
Also it's not what every other Secretary of State did, there's a massive difference in setting up a server you own and are the only one to have 24/7 unfettered access vs using a free email provider.
I'm sure that doesn't fit your narrative.
So you are aware there was a memo put out by Pres O. 24 August 2012 concerning use of private email for state business. While I'll agree not illegal and a no-no it does show a disregard for following procedures set out by your superior.
Next up those emails in your inbox purporting member growth work.
Re:The Clintons (Score:4, Informative)
Yet cited email as a tertiary reason for firing the African ambassador.
Installing a private Internet connection in your Dept. Of State office bathroom, in order to bypass the government link is a far cry from running a mail server out of your home.
There's a massive difference in setting up a server you own and are the only one to have 24/7 unfettered access vs using a free email provider.
That's for sure! We've all seen how secure Yahoo, AOL and Google email accounts are. That is not to say running a private email server is a walk in the park. Just because someone uses a free email provider doesn't mean they'll have a more secure server.
So you are aware there was a memo put out by Pres O. 24 August 2012 concerning use of private email for state business.
You do realize she'd set this server up in 2009 and left in Feb 2013? So she continued to use her own server her last five months, rather than do a disruptive move to the State server, when she already knew she was leaving in a few months. Your point?
Re: (Score:3)
You do realize she'd set this server up in 2009 and left in Feb 2013? So she continued to use her own server her last five months, rather than do a disruptive move to the State server, when she already knew she was leaving in a few months.
So how disruptive would it have been to just set up the MX record [wikipedia.org] to point to a professionally managed government owned mail server?
Re:The Clintons (Score:5, Insightful)
Yes, she did. It may not have been against the law just yet [mediamatters.org], but it was certainly against the State Department's own rules already [mediamatters.org].
The stupid arrangement left communications of the top American diplomat vulnerable — something Russia and other enemies would be happy to exploit on any day [bbc.com], but fine, a President is not supposed to be proficient in communication security.
But we should discard public servants at the first sign of hypocrisy — and that's exactly, what's on display here [cnn.com]. And here [mediaite.com]...
Citations needed.
Lovers gonna love.
Re: The Clintons (Score:4, Insightful)
Of the four Sec. of States that were around for email usage in the White House (Clinton and earlier). Two did not use email, Albright and Rice. The only other Secretary of State that used email was Colin Powell. He's admitted that he used a personal account for at least some of his official business. His emails are lost he says. Remember though, he was Sec. of State between 2001 and 2005. The means all of his emails are at least 10 years old by now.
More importantly, what previous holders of the office did does not matter here. Why? For at least a couple reasons. First, the push in recent years is for transparency. If previous holders did actions that are considered bad under the need for transparency and record keeping then continuing what they're doing is not right. Arguing that the previous guy did it and saying that absolves you of responsibility is wrong. Second, And pay attention here, Clinton in '07 in a speech railed against "secret emails" of the Bush administration, calling it cronyism and corruption; and then saying more transparency is needed. It's incredibly hypocritical to talk about that and then do what Clinton did.
Re:The Clintons (Score:5, Insightful)
Did not violate any rules regarding email retention
I'm curious. What is your agenda that you think lying about the situation will improve it? I mean, we know that's the historically Clintonian way of handling things when they get busted, but do you really think it helps when other people do it too, when the lies are so obviously debunked?
The 2009 National Archives regulation requires federal officials to use each agency's established communication archiving systems to retain secured copies of all communication. This federal requirement was very much in effect when she was Secretary of State. She never made arrangements to have her official communications mirrored onto State's servers, and when she left, SHE DID NOT PROVIDE COPIES. She only provided a pile of hardcopies of cherry-picked email printouts once congress discovered that she'd been holding out in violation of the Archives requirement. She got busted, and so she put employees of her family business to the task of pawing through records kept on an unsecure server in her house to decide, with her review, what to pass along. And what a shocker, there are gaps of weeks and months in the records they turned over. This is plain violation of the letter and spirit of the 2009 regulation.
She went out of her way to avoid keeping public records available while being the second person in line to the presidency, and while roaming the world accomplishing almost nothing as SoS, except for soliciting hundreds of millions of dollars for her family's enterprise from people who are the antithesis of what she weakly proclaims are her main ideological grounds for wanting now to be the president. So even if you still think that makes her a good choice, that doesn't change her deliberate violating of federal regulations - and that doesn't even get into whether or not even ONE email on that system included the receipt or transmission of even one classified item - what do you think are the odds that the Secretary of State, in exchanging email with her counterparts overseas, and with senior officials in the White House (including the president) never addressed even one classified issue?
Re:The Clintons (Score:5, Interesting)
Looks like news came out today that the White House knew of the private domain issue.
"Press Secretary Josh Earnest corrected the statement, saying that the president must have known about Clinton’s private account because he [POTUS] had emailed that account for four years while Clinton served as his Secretary of State."
So, now we have another agency that knows that did nothing as well.
Re: The Clintons (Score:4, Informative)
hilary isnt the second in line. the vice president is. :/
The VP is first in line. :/
But then it goes to the speaker of the house, president pro tempore and then secretary of state.
Re: (Score:3)
She was NEVER in-line for being president.
Ah, I typo-ed. She was fourth in line, not second. You know, because of that pesky US Constitution, which says so in plain language as it establishes the presidential line of succession. Your idea of "never" is pretty strange, but it sure does make you sound righteous enraged and all! You're probably so furious that your hands were shaking too badly to use Google. Here, I'll help you:
http://en.wikipedia.org/wiki/U... [wikipedia.org]
As for "factual explanation," you're really going to cite a quote that refers to a bl
Re:The Clintons (Score:4, Funny)
Did not violate any rules regarding email retention - rules were created after. Did what every other Secretary of State did in regards to email. Bush was president - so no, Hillary is not a bad choice.
Clearly this logic explains how Obama got elected. Twice.
Obviously we only measure our leaders on their ability to circumvent laws, not enforce them. She got an A rating.
Re: (Score:2)
For the love of God, WHY do I NOT have Mod points today?!
But you're dead on. The Clintons, and MOST other politicians, have always tried to skirt around all kinds of things and it's getting old.
Re: (Score:3)
Just for context here. Clinton called himself the Black Sheep of the Bush family. And W. Bush called Hillary his step-sister when asked to talk about the possibility of Jeb facing Hillary.
Re: (Score:2)
Re:The Clintons (Score:5, Insightful)
To be fair ... Obama just found out about it via the news media (really!!!)
“The same time everybody else learned it through news reports,” Obama told CBS News.
Next up? "I will get to the bottom of this"
Followed by .. "Not a smidgen of evidence"
And lastly ... "Phony Scandal"
Re: (Score:3)
I am not an Obama supporter. I did not vote for him, donate to him, or otherwise assist his campaign. And yet, I'd give him a pass if this is the only reason he'd have for knowing that she had a private server. When I email someone, I typically don't have the foggiest idea whether that address is served by Google, Yahoo, the CIA, or a Pentium in their basement. While her email address wasn't @state.gov, I wouldn't put it past a government official to think, "oh, wonder how she got State to set that up for h
Seriously (Score:2)
Re:No Clinton No Bush (Score:5, Informative)
In comparison, I find Hillary Clinton's casual and persistent corruption and selective rule breaking to be a worse thing than Jeb Bush's choice of role models. Still I wouldn't be broken up, if neither ever was ever elected president.
Re: (Score:3)
Easy! All we need to do is match the combined $890B that the Koch network is dumping in to the GOP, and the $200M that Soros is dumping in to the Democrats, along with whatever funding the parties themselves have fenangled. Then we have to get the networks owned and controlled by interested barties to both run our ads AND present our candidate fairly in their "news" coverage.
This is such an easy task that the blame clearly lies with the person that went out and voted third party instead of performing this t
Re:No Clinton No Bush (Score:5, Insightful)
...only $200m from Soros? May want to count MoveOn.org, DU, Being Liberal, and a whole host of other endeavors he and his buddies have been dumping way more money into... not even counting MSNBC, a goodly chunk of CNN, Verio, et al. Also, check in with Warren Buffett; he's good for (probably) at least a few hundred million or more (probably way, way more.)
Fact is, the system is soaked with money on both sides, so your original point (shitloads of money corrupting/clouding the election process) is valid, but honestly, they *both* suck.
Re: (Score:3)
Because no one else within either party is allowed to run in their primaries right? Seriously people, there are other folks in these parties. I was quite a fan of Huntsman back in the '12 Republican primaries, but everytime I brought him up, the liberals said he wasn't liberal enough and the conservatives said he wasn't conservative enough. It's so laughable.
Go vote in primaries people!!! SERIOUSLY! Open primary states are the easiest. But if you're closed primary, register as Dem or Rep and go vote. I'm ti
Re:No Clinton No Bush (Score:5, Insightful)
he was as nutty on fiscal policy as modern teabaggers
What makes fiscal responsibility "nutty"? I find the real nuts to be the crowd who thinks we can borrow as much as we like, while completely ignoring inflation.
Re: (Score:2, Informative)
It isn't the voting public, it is the very wealthy and well connected power brokers that have anointed these two. The voting public are sheeple, easily manipulated with FUD.
Let's try something else (Score:3)
Let's try something else for a while, OK.
Re:Let's try something else (Score:4, Informative)
SecState counts as "next to"
a PSA from your friendly Republican party: (Score:2)
Re:The Clintons (Score:5, Informative)
I'd say leaving office apparently broke and then making shitloads-times-fuckloads of money later, is a sign of a successful president.
Well, then President Clinton neatly skirts any accusation of being successful by that metric: http://www.washingtonpost.com/... [washingtonpost.com]
They left office not just with millions, but also with the White House dinnerware: http://abcnews.go.com/Politics... [go.com]
Re: (Score:2)
Re:Since when is a "B" grade an "F"? (Score:4, Informative)
I just checked and it says "F" in a bright red box.
SSL Report: mail.clintonemail.com (64.94.172.146)
What IP address did YOU see? Maybe there's more than one server being polled?
Re: (Score:3, Funny)
I don't know whether to moderate you as Flamebait or Insightful, so I'll just leave this here.
Re: (Score:2)
I bet if it was Palin, their cries would be a whole lot different (and they were). So much for "any appearance of impropriety" charge made by the Liberals on Conservatives.
Re:No Law broken (Score:4, Informative)
Mrs. Clinton broke no laws at all. The laws requiring saving of emails by officials were passed after Mr. Clinton left office.
Nice attempt at obfuscation there. This has nothing to do with when Bill Clinton was President. This is about how Hillary Clinton handled her email while she was Secretary of State under President Obama.
Re: (Score:2)
Re: (Score:3, Insightful)
She did however break clear and unambiguous State Department Rules. [politico.com]
The fact that she is a Hypocrite [breitbart.com] is a bonus.
Re: (Score:2)
Re:No Law broken (Score:4, Interesting)
So far, everything I've seen says she didn't break any rules.
She deliberately broke not only her boss's rules, but violated the rules she forced her own staffers to follow. But beyond that, she violated a plainly worded federal regulation: According to Section 1236.22 of the 2009 NARA requirements, “Agencies that allow employees to send and receive official electronic mail messages using a system not operated by the agency must ensure that Federal records sent or received on such systems are preserved in the appropriate agency recordkeeping system.”
.. and she had her own family business employees print out, on paper, a culled/filtered collection of messages that have weeks-long and months-long gaps in the records - and no independent entity can say what criteria she used to decide what was, or was not official. And if even a single email exchanged between her and some other party in the course of her entire tenure as the country's chief diplomat involved any classified information, there's another whole area of federal law that comes into play.
She made no provision to make that happen while she was Secretary of State, and nor did she pass along any of those records as she left office. She set up a private server in her house to avoid complying with both the administration's own rules and that very specific federal regulation. And once a congressional investigation had their fill of her stonewalling and realized why State wasn't sending them any of her correspondence, they told her to cough them up
Re: (Score:2)
Re: (Score:2, Informative)
I will be very disappointed if Clinton opponents don't use some version of an ad that highlights this.
And following that, the Democrats will put up the exact same ad, but featuring Jeb Bush.
There have been a bunch of Republicans who have admitted to using their own (non-governmental) email systems, two of which were also former secretaries of state:
Condoleezza Rice
Colin Powell
Jeb Bush
Bobby Jindal
Rick Perry
Sarah Palin
And that' most likely not all of them. But don't take this as GOP bashing, I'm pretty sure that this sort of thing is rampant on both sides of the aisle. But once one side lifts the veil on it
Re: (Score:3)
I will be very disappointed if Clinton opponents don't use some version of an ad that highlights this.
And following that, the Democrats will put up the exact same ad, but featuring Jeb Bush.
There have been a bunch of Republicans who have admitted to using their own (non-governmental) email systems, two of which were also former secretaries of state:
Condoleezza Rice
Apparently not: http://www.politico.com/story/... [politico.com]
Re: (Score:3)
Re: (Score:2)
Or that you can infer that they do Network Security from the summary or the title.