Indifference and ignorance: Delving deep into the Clinton e-mail saga

Clinton wasn't alone in mishandling communications, classified data.

Read the whole story

 

[Seraphiel]

itfa[/url]":1mbr4rwg]

Snark218[/url]":1mbr4rwg]

Isahaya[/url]":1mbr4rwg]Sounds familiar. This guy did very similar things and was prosecuted by the FBI for it:
https://www.fbi.gov/sacramento/press-re ... -materials

The major - and obviously critical - difference being that they could establish clear intent to mishandle classified information in his case. They could not do so in Clinton's case. That's not a minor point, and it doesn't make what she did equivalent to his case, as much as conservatives desperately want to conflate them.

What do you mean that isn't so in Clinton's case? Did she accidentally install a server in her home and accidentally send classified information through it multiple times? She absolutely intended to mishandle classified information, otherwise she would have followed the policies of her own department.

She was following behaviors her predecessors had done, assuming (quite incorrectly) that it was acceptable to do since the previous two SoS had done the same thing. She obviously didn't intend to mishandle classified information; if that was her intent, there would have been a much larger quantity of it, and it would be clearly marked as such. See also: Snowden.

What happened in the real world is that almost none was found at all, all of it apparently sent *to* her by other people, and what was found was not properly marked. Even many of those items were later deemed unclassified anyway by the responsible agency.

 

[BullBearMS]

microlith[/url]":32ndzxvx]

mycroftxxx[/url]":32ndzxvx]it is also very clear from context that keeping her email as far away from FOIA as possible was a major driver in the personal server situation.

Which is an assertion being made, but utterly lacking in support.

Aside from the now public email in which Clinton says she does not want to use a State Department email address because she doesn't want to risk "the personal being accessable" to FOIA requests?

http://thehill.com/policy/284864-clinto ... ontroversy

 

[BullBearMS]

For all the people claiming Clinton only did what others had done (Powell in particular), the senior political team at MSNBC (hardly a Clinton unfriendly media outlet) debunked that quite thoroughly.

https://www.youtube.com/watch?v=bkJE0U8Qby4

 

[groghunter]

I was surprised the argument for "previous SecStates did it too" wasn't stronger.

Powell went through State dept IT for his outside line, & had literally no other choice in order to actually communicate to do his job, & a lot of the regs preventing what he did post-date his tenure.

Rice seems to have been a complete "paper e-mail" user, & her staff used State Dept email.

Clinton's server doesn't look so "standard ops for SecState" in comparison.

There definitely seems to have been some bullshit going on with the other agencies, getting Clinton on a secure device should have been NSA's priority, not stonewalling.

The entire State Dept. seems to have been rife with mishandling of classified. Administrators at state need to go to jail (Sec state is technically in charge, but lets be real, it's largely a diplomatic job, not an administrative one, & there's people who don't change between appointments in high positions that are supposed to ensure continuity on this shit.)

Regardless, since the statute doesn't require intent, & since Clinton should have been able to at least recognize some of this data as sensitive (you don't see the equivalent of nuclear launch codes & think "oh well, must not be classified since it wasn't sent that way." you see some really unknown shit, it's fairly obvious that it should be protected) or because some of it was actually marked, she should at least meet the burden for bringing a case, even if she gets exonerated at trial.

 

[BullBearMS]

F22Rapture[/url]":1kcdw0e3]

Steveha7[/url]":1kcdw0e3]I've always heard that ignorance of the law is no excuse for breaking the law.

The subtlety here is not "she didn't know having classified documents on a private server was illegal" but that "she didn't know the documents on her private server were classified".

As an example: If you see lumber laying on the side of the highway and take it, assuming that it is abandoned, but you turn out to be wrong, you will probably not be charged with theft of the lumber because you had a reasonable belief that your action was not committing a crime. You believed that it was abandoned, you did not intend to deprive someone of their property, therefore theft did not occur.


Likewise, the email investigation hinged on the fact that there was insufficient evidence to prove that Clinton knew any of the emails were classified. Few emails were marked at all and several of those that were marked were marked improperly.

This is also not true. FBI Director Comey:

seven e-mail chains concern matters that were classified at the Top Secret/Special Access Program level when they were sent and received. These chains involved Secretary Clinton both sending e-mails about those matters and receiving e-mails from others about the same matters. There is evidence to support a conclusion that any reasonable person in Secretary Clinton’s position, or in the position of those government employees with whom she was corresponding about these matters, should have known that an unclassified system was no place for that conversation. In addition to this highly sensitive information, we also found information that was properly classified as Secret by the U.S. Intelligence Community at the time it was discussed on e-mail (that is, excluding the later “up-classified” e-mails).

None of these e-mails should have been on any kind of unclassified system, but their presence is especially concerning because all of these e-mails were housed on unclassified personal servers not even supported by full-time security staff, like those found at Departments and Agencies of the U.S. Government—or even with a commercial service like Gmail.

Separately, it is important to say something about the marking of classified information. Only a very small number of the e-mails containing classified information bore markings indicating the presence of classified information. But even if information is not marked “classified” in an e-mail, participants who know or should know that the subject matter is classified are still obligated to protect it.

https://www.fbi.gov/news/pressrel/press ... ail-system

 

[CraigJ ✅]

crislevin[/url]":1bkj7veg]Im not entirely sure why Ars wants to get into the politics. Multiple pieces attacking one party's nominee in a week, what exactly is going on in your editorial office?

If you find the facts uncomfortable, maybe you should look to your candidate, not the people reporting the facts.

Ars has been pretty critical of Clinton. This article is extremely evenhanded and nonbiased.

You must be extremely biased yourself to see an article such as this as somehow being politically biased.

 

[rayleonard]

The way justice works for the rest of us "underclass," ignorance of the law is no excuse.

 

[Just Mark]

Blitzenn[/url]":ll3u6tbi]

Vinceslayer[/url]":ll3u6tbi]...because other people did it too...

This does not lessen the absolute stupidity, carelessness, selfishness, shadiness, and possibly nefariousness of her actions. Anyone who does something like this should have, at a minimum, security clearance revoked for life.

Did you read the article? (No). So you drive down a road that has no posted speed limit and everyone else is driving 55 mph. So you drive 55 mph. Later you learn the speed limit is/was 35. Should your driving privileges be revoked for life?

The article clearly states that this 'condition' that caused this to happen was due to a number of factors, including predecessors doing the same (or even worse) things. On top of that, everyone in a position to stop or correct it was afraid to say anything. Nothing was ever done or said until one of the involved parties choose to run for high office. I am glad it came to light so it can be fixed, but to place all of the blame on one person is clearly folly. Especially if you read the article.

What the article doe not state it that for anyone to hold a clearance of any level, you must first receive information/instruction and acknowledge your understanding of instruction on what security and clearance mean.Second, you receive and again have to acknowledge receiving continuous training in maintaining security. Third, she has had access to sensitive and classified information for the last 20 years so she has no excuse outside of less than average IQ (certainly not true) for not understanding the situation she created.

She looked into the cameras and lied to us. And I suppose that is to be expected as she is a politician running for office. This forgivable.

My problem with her is her callous disregard for national security for the sake of protecting herself from being caught in any future lies. I firmly believe this was done so that when she ran for President, we would not have access to her emails. She also knew whether it was marked or not what was and wasn't classified information. She would also be aware that the sum of unclassified information for someone in her position could easily be used by evil doers to extrapolate classified information.

Unfortunately, the only reason anyone is giving her a pass is that she is the lesser of two evils and very few will vote third party because of the belief that if you don' vote red or blue, you are throwing away your vote.

Personally, I'm voting third party or not at all.

 

[ZippyDSMlee]

IT guy keeps telling CEO to not use offsite email for company business, emails leak damage company profits and IT guy gets fried....

Politicians keeps goverment emails in home server and nothing is wrong with it.

Ah goverment officials..... nuke the whole lot of them....

 

[chickensevil]

cogwheel[/url]":27dpe57l]One thing that is rarely mentioned is that, as Secretary of State, Clinton was the person who determined whether any State Department material was classified or not. Attempting to prosecute her for mishandling State Department classified material is pretty silly, since she could declassify it at will.

Just because you receive something doesn't make you the owner of it. I would venture to guess that the stuff referenced about mentioning CIA personnel is owned by the CIA and therefore not something that the State Dept has any control over it's underlying classification.

If it was my secret and I told you, and specifically said, "hey this is a secret don't tell anyone else", does that mean that you control the ownership of said secret? Now you have the power to tell your own personal secrets, and you can then determine what of your secrets are to remain secretive... but you cannot determine that my secrets warrant being told to the world (or really anyone else I don't deem acceptable to know.)

 

[THavoc]

crislevin[/url]":3s5yqad0]

CraigJ[/url]":3s5yqad0]

crislevin[/url]":3s5yqad0]Im not entirely sure why Ars wants to get into the politics. Multiple pieces attacking one party's nominee in a week, what exactly is going on in your editorial office?

If you find the facts uncomfortable, maybe you should look to your candidate, not the people reporting the facts.

Ars has been pretty critical of Clinton. This article is extremely evenhanded and nonbiased.

You must be extremely biased yourself to see an article such as this as somehow being politically biased.

there are gigaton of facts out there, the problem is Ars are not hesitate to select the fact about HRC to attack, while wrote nothing about Trump.

is it because there is no tech related facts about trump that is unflattering?

You would be real stupid to think that is the case.

You must be new to Ars then if you don't think they've written anything about Trump.

Here, use this search to prove yourself wrong:
http://meincmagazine.com/search/?ie=UTF-8&q=Trump

I especially liked the Trump U article:
http://meincmagazine.com/tech-policy/2016 ... niversity/

 

[lankylars]

This article strikes as a mix of an in-depth look at the timeline of events, but there are also cases where it strays into making excuses for her behavior. I take issue with a few things:

1. Comparing to two previous SOS is apples to oranges (let alone the problems with pointing to another rule violator as justification for why you should be allowed): Powell and Rice had far fewer total communications outside of explicitly approved means, 2) HRC trafficked far greater amounts of material classified at the time, 3) rules and policies had evolved since they were in office to further clarify gov't employees' responsibilities regarding creation, transmission, and maintaining of classified and unclassified material.

2. The ignorance plea ("oh, she just didn't know") is also, in my opinion, not valid. 1. She signed various NDAs (as did her top staff) that were very explicit in describing the rules governing classified material. You can't plead ignorance after signing a document. 2) Her fans proclaim how smart and thorough she is, but they rush to play the dumb card with regards to one of the most sensitive, risky aspects of government communications. It concerns me that people are so glib about such an oversight, if she really was ignorant (something I do not believe).

3. In those NDAs and other regulations that you are required to read and sign off on before you obtain your clearance, it is made clear that if there is a breach of classified material, it is your duty to alert the designated security officer/IT security group to the breach. It doesn't matter if you sent or received the email - it is your duty to alert. There were pieces of information with classification markings and others that contained info that a reasonable person (to use Comey's term) would realize are classified. She became complicit by not doing so.

4. This is more a comment in general: the FBI investigation looked narrowly at two statutes and did not address things like pay-to-play, bypassing FOIA, etc. The American people deserve investigations into this; however, the FBI did not look at these issues.

5. This article doesn't commit this error (that I noticed), but the FBI's recommendation not to indict does not mean there were no criminal actions. Comey seemed to indicate that it would be too difficult a burden to prosecute and achieve a conviction (Dept of Justice wouldn't comply or seriously prosecute - that's just my reading into it).

 

[TEAMSWICTHER]

In government you can find someone, somewhere, doing something wrong, nearly every time, if you're willing to look hard enough. During the scope of this investigation, there was a unfortunate attack on Kunduz "Doctors Without Borders" hospital in Afghanistan. US military personnel screwed-the-pooch and 42 innocent civilians were killed by US Military Gross Negligence. Try as I may to get upset about these mishandled EMAILS it pales in significance to what happen to the Kunduz Hospital. To make matters worse, an armored vehicle full of investigators arrived unannounced at the Hospital on October 15 and crashed through its gates, destroying potential evidence, in the process.

I understand there has been some military punishments (suspension and removal from command, letters of reprimand, formal counseling and extensive retraining), but nothing even remotely as public as the investigation into Hillary's EMAIL server. Given the disparity of these improprieties, I don't believe even a second that the Hillary Clinton EMAIL investigation is anything but a political smear attack. Our congress was more concerned about a few mishandled emails, than the deaths of 42 people at the hands of an incompetent and reckless US military? You have got to be fucking kidding me.....

 

[brionl]

NemesisX00[/url]":lmuhursq]Tbecause if Clinton wasn't smart enough to realize she was doing something incredibly stupid, and subsequently is not charged for clearly breaking (or allowing her subordinates to break) federal law, there is no reason to expect she will do anything differently if elected to the position of president.

Though I suppose I would prefer blatant ignorance to willful malice in a president...

According to her own autobiography she was ignorant of Bill cheating on her.

Stupid, or Liar? You decide.

 

[bb-15]

From the article;

it only magnifies how poorly the United States' diplomatic service handles information systems and security. And due to inadequate resources at State and outright resistance from the NSA to provide a solution, the State Department and the National Security Agency failed to provide the kind of support for Clinton early on that would have prevented such a situation from continuing.

This is key.
Federal government officials want email convenience and need top notch security.
And unfortunately the US federal government has lagged in providing a top notch secure alternative.
* Result; many federal government executives use private email for government business.
- Including former Secretary of State Colin Powell who used AOL which is notorious for being hacked.
- One survey found that up to 1/3 of high-level federal executives routinely use personal email for business,
http://dailysignal.com/2015/03/08/high- ... -business/

The article mentioned states that "'State’s technology is so antiquated that NO ONE uses a State-issued laptop and even high officials routinely end up using their home e-mail accounts to be able to get their work done quickly and effectively.'"
- But imo I use the information of broader use of private email throughout the federal government by top level officials. This is a system wide issue.

* Next problem; more than 30,000 emails in the Clinton case are being investigated.
Of that number, eight message threads contained extremely sensitive information classified above Top Secret which should have never been on State Department's internal unclassified e-mail system.
- A huge problem but one that is about the security of the Department's system as a whole and how it was used by staff.
The IT system oversite allowed for this insecure use of email to take place.

* Next issue is that the NSA would not provide more a secure system with the appropriate equipment as requested by Clinton.
That is a key failure for the monitoring of system security.
And later attempts to improve the security of Clinton's system did not have close to adequate followup.

* Now there is specific negligence by Clinton's support staff, that attempts to hack her server were not reported to the State Department's IT security team.
- And the emails were not regularly backed up to the State Department archive.
- These are serious procedural problems but they are in the context of a federal government IT system which in terms of security, is generally flawed.
* And this applies to the attempts to get into the minutia of emails that were improperly sent to Clinton or not properly identified before being sent to Clinton.
This again points to a need for an upgrade to security of the entire system and additional training for all federal government employees.

** The article asks;

It can’t happen again, can it?

1. Clinton is not and was not the only person in the federal government handling secret information.
She was qualified to receive that secret information because she was Secretary of State.
2. The issue is the use of private email by federal officials for government business which is widespread.
3. This is not really a Hillary Clinton problem but a federal government IT security problem.
So, of course whatever was happening (use of private email for government business) is happening again because Clinton never = the entire federal government.

- What is going on? The blame game and politics.
Instead of stepping back and examining the entire issue of federal government email security, some members of Congress want a single person as a target and then the overall issue of security gets lost.
Why/ Because of politics of course and the upcoming Presidential election.
Imo at least.

Edit; clarity

 

[tycheung]

The pieces that put this in perspective is Dana Priest's excellent condemnation of the "top secret" culture of federal government that emphasizes an overly complex "top secret" classification system. (see http://projects.washingtonpost.com/top-secret-america/ plus associated book) The catch really is that if you pushed Comey and Clapper to accurately account for all of the classified levels of data, they can't actually tell you - the system has grown immeasurably complex, and needlessly so; between some low level official classifying his laundry bill to something actually sensitive with regards to North Korea. This brings up questions of unfair standard - my hypothesis is that if you search everyone's emails - you would find equal amounts of breaches given that the whole Top Secret classification system has run amok, and the question becomes that of applying unfair standards to HRC just because of her unique standing with regards to the GOP. I shudder to think of the breaches Gowdy and Chaffetz have probably already committed in their Benghazi crusade. If Petraeus used gmail, Clinton is well within her right to use the service of her choosing.

It is telling that Comey does not have enough evidence to indict, but he is doing his damnest to convict her without a trial, except in the court of public opinion.

The other piece is - I find this whole brouhaha regarding which emails on what server is moot - because Comey didn't (perhaps by design) talk about encryption. If State emails are not encrypted by default, it really doesn't matter which server they're on. However; Comey's other agenda is proposing back doors and weakening encryption, so of course he isn't going to comment on the state (sorry or not) of Federal end-to-end email encryption.

 

[baksdesign]

Vinceslayer[/url]":27qvbbg8]...because other people did it too...

This does not lessen the absolute stupidity, carelessness, selfishness, shadiness, and possibly nefariousness of her actions. Anyone who does something like this should have, at a minimum, security clearance revoked for life.

Based on your downvote, I didnt realize that there is so many Hillary supporters on this site...

Im with you.

 

[BullBearMS]

bb-15[/url]":2w5140sg]From the article;

it only magnifies how poorly the United States' diplomatic service handles information systems and security. And due to inadequate resources at State and outright resistance from the NSA to provide a solution, the State Department and the National Security Agency failed to provide the kind of support for Clinton early on that would have prevented such a situation from continuing.

This is key.
Federal government officials want email convenience and need top notch security.
And unfortunately the US federal government has lagged in providing a top notch secure alternative.
* Result; many federal government executives use private email for government business.
- Including former Secretary of State Colin Powell who used AOL which is notorious for being hacked.
- One survey found that up to 1/3 of high-level federal executives routinely use personal email for business,
http://dailysignal.com/2015/03/08/high- ... -business/

The article mentioned states that "'State’s technology is so antiquated that NO ONE uses a State-issued laptop and even high officials routinely end up using their home e-mail accounts to be able to get their work done quickly and effectively.'"
- But imo I use the information of broader use of private email throughout the federal government by top level officials. This is a system wide issue.

* Next problem; more than 30,000 emails in the Clinton case are being investigated.
Of that number, eight message threads contained extremely sensitive information classified above Top Secret which should have never been on State Department's internal unclassified e-mail system.
- A huge problem but one that is about the security of the Department's system as a whole and how it was used by staff.
The IT system oversite allowed for this insecure use of email to take place.

* Next issue is that the NSA would not provide more a secure system with the appropriate equipment as requested by Clinton.
That is a key failure for the monitoring of system security.
And later attempts to improve the security of Clinton's system did not have close to adequate followup.

* Now there is specific negligence by Clinton's support staff, that attempts to hack her server were not reported to the State Department's IT security team.
- And the emails were not regularly backed up to the State Department archive.
- These are serious procedural problems but they are in the context of a federal government IT system which in terms of security, is generally flawed.
* And this applies to the attempts to get into the minutia of emails that were improperly sent to Clinton or not properly identified before being sent to Clinton.
This again points to a need for an upgrade to security of the entire system and additional training for all federal government employees.

** The article asks;

It can’t happen again, can it?

1. Clinton is not and was not the only person in the federal government handling secret information.
2. The use of private email by federal officials is widespread.
3. This is not really a Hillary Clinton problem but a federal government IT security problem.
So, of course whatever was happening (use of private email) is happening again because Clinton never = the entire federal government.

- What is going on? The blame game and politics.
Instead of stepping back and examining the entire issue of federal government email security, some members of Congress want a single person as a target and then the overall issue of security gets lost.
Why/ Because of politics of course and the upcoming Presidential election.
Imo at least.

Clinton refused to use a PC because she, quite literally, does not know how to use a PC.

Clinton’s chief of staff, Cheryl Mills, told State Department official Lewis Lukens that there could be a “problem,” because Clinton “does not know how to use a computer to do email — only [Blackberry],” he wrote in a 2009 email released on Monday."

http://thehill.com/policy/national-secu ... state-dept

Her unwillingness to learn how to use a computer does not excuse her use of a much less secure device to access mail on a much less secure server.

When the F.B.I. director, James B. Comey, said on Tuesday that his investigators had no “direct evidence” that Hillary Clinton’s email account had been “successfully hacked,” both private experts and federal investigators immediately understood his meaning: It very likely had been breached, but the intruders were far too skilled to leave evidence of their work.

Mr. Comey described, in fairly blistering terms, a set of email practices that left Mrs. Clinton’s systems wide open to Russian and Chinese hackers, and an array of others. She had no full-time cybersecurity professional monitoring her system. She took her BlackBerry everywhere she went, “sending and receiving work-related emails in the territory of sophisticated adversaries.” Her use of “a personal email domain was both known by a large number of people and readily apparent.”

www.nytimes.com/2016/07/07/us/hillary-c ... s-say.html

 

[TerranUp16]

snarfbot[/url]":3lidpptu]liberal arstechnica shilling for Hillary, i was surprised they hadn't tried to spin the damage yet but here it is. amazing mental gymnastics on show here, seriously. bravo /puke.

How many mental gymnastics does it take to support Trump? 9001 quadrillion?

 

[lordneeko]

CraigJ[/url]":1kdaan6u]

Aethera[/url]":1kdaan6u]I wouldn't consider the deliberate intention to avoid Freedom of Information Act requests on her multifarious e-mails connecting her to bribes as ignorance.

Why aren't people more upset about the fact that the US government is run by bribery? Like there aren't enough instances and clear examples of it?

Academically I agree with you. In reality corruption and bribery are how things have worked for 5,000 years. It's a constant struggle, and can never be completely eliminated.

The REPUBLIC was established in such a fashion to protect against this. If "we the people" weren't electing unethical people to government then there would not be unethical people in government. We can point fingers at the government all day long, but at the end of the day, the PEOPLE elected them. Oh wait...voter turn out is abysmal. The constitution provides "the people" with more power than "the government" but most of relinquished their power in order for a more "comfortable" living.

 

[beebee]

Isahaya[/url]":38x8evg4]Sounds familiar. This guy did very similar things and was prosecuted by the FBI for it:
https://www.fbi.gov/sacramento/press-re ... -materials

Except he pulled it off of a classified network. (I'm guessing SIPRNRT. ) You do realize this is not the same as Secretary Clinton.

I hope Fox News pays you well because it must be embarrassing to lose your dignity like this.

 

[Jorgie_SC]

Leaving aside the political discussion, this is a classic example of what happens when the IT Security tail wags the Operations dog in any large organization. Information has value to an organization based on its ability to use that information - to make decisions, to inform research, to make products, etc. Information also has the potential to damage the organization if it falls into the wrong hands. Security classification addresses the potential for damage, but not the inherent value. Information that can't be effectively used is only a potential vulnerability - you're better off not having it at all. When faced with a request from the users of the information, the job of IT should be to find a means of getting the information they need in as secure a manner as possible. Too often the actual response is "You're not allowed to do that." Given that this does nothing to allow the user to actually get their job done, more often then not the result is that they bypass security. Until the security folks start to recognize this, this type of situation will continue to occur. They need to build usable solutions, not just erect roadblocks.

A classified document put in a thick metal box, welded shut and buried under several tons of concrete is very secure. It's also utterly useless.

 

[bb-15]

BullBearMS[/url]":gt4sba73]

bb-15[/url]":gt4sba73]From the article;

it only magnifies how poorly the United States' diplomatic service handles information systems and security. And due to inadequate resources at State and outright resistance from the NSA to provide a solution, the State Department and the National Security Agency failed to provide the kind of support for Clinton early on that would have prevented such a situation from continuing.

This is key.
Federal government officials want email convenience and need top notch security.
And unfortunately the US federal government has lagged in providing a top notch secure alternative.
* Result; many federal government executives use private email for government business.
- Including former Secretary of State Colin Powell who used AOL which is notorious for being hacked.
- One survey found that up to 1/3 of high-level federal executives routinely use personal email for business,
http://dailysignal.com/2015/03/08/high- ... -business/

The article mentioned states that "'State’s technology is so antiquated that NO ONE uses a State-issued laptop and even high officials routinely end up using their home e-mail accounts to be able to get their work done quickly and effectively.'"
- But imo I use the information of broader use of private email throughout the federal government by top level officials. This is a system wide issue.

* Next problem; more than 30,000 emails in the Clinton case are being investigated.
Of that number, eight message threads contained extremely sensitive information classified above Top Secret which should have never been on State Department's internal unclassified e-mail system.
- A huge problem but one that is about the security of the Department's system as a whole and how it was used by staff.
The IT system oversite allowed for this insecure use of email to take place.

* Next issue is that the NSA would not provide more a secure system with the appropriate equipment as requested by Clinton.
That is a key failure for the monitoring of system security.
And later attempts to improve the security of Clinton's system did not have close to adequate followup.

* Now there is specific negligence by Clinton's support staff, that attempts to hack her server were not reported to the State Department's IT security team.
- And the emails were not regularly backed up to the State Department archive.
- These are serious procedural problems but they are in the context of a federal government IT system which in terms of security, is generally flawed.
* And this applies to the attempts to get into the minutia of emails that were improperly sent to Clinton or not properly identified before being sent to Clinton.
This again points to a need for an upgrade to security of the entire system and additional training for all federal government employees.

** The article asks;

It can’t happen again, can it?

1. Clinton is not and was not the only person in the federal government handling secret information.
2. The use of private email by federal officials is widespread.
3. This is not really a Hillary Clinton problem but a federal government IT security problem.
So, of course whatever was happening (use of private email) is happening again because Clinton never = the entire federal government.

- What is going on? The blame game and politics.
Instead of stepping back and examining the entire issue of federal government email security, some members of Congress want a single person as a target and then the overall issue of security gets lost.
Why/ Because of politics of course and the upcoming Presidential election.
Imo at least.

Clinton refused to use a PC because she, quite literally, does not know how to use a PC.

Clinton’s chief of staff, Cheryl Mills, told State Department official Lewis Lukens that there could be a “problem,” because Clinton “does not know how to use a computer to do email — only [Blackberry],” he wrote in a 2009 email released on Monday."

http://thehill.com/policy/national-secu ... state-dept

Her unwillingness to learn how to use a computer does not excuse her use of a much less secure device to access mail on a much less secure server.

When the F.B.I. director, James B. Comey, said on Tuesday that his investigators had no “direct evidence” that Hillary Clinton’s email account had been “successfully hacked,” both private experts and federal investigators immediately understood his meaning: It very likely had been breached, but the intruders were far too skilled to leave evidence of their work.

Mr. Comey described, in fairly blistering terms, a set of email practices that left Mrs. Clinton’s systems wide open to Russian and Chinese hackers, and an array of others. She had no full-time cybersecurity professional monitoring her system. She took her BlackBerry everywhere she went, “sending and receiving work-related emails in the territory of sophisticated adversaries.” Her use of “a personal email domain was both known by a large number of people and readily apparent.”

http://www.nytimes.com/2016/07/07/us/hi ... s-say.html

Fact; President Obama used a Blackberry device though much of his presidency (approved by the NSA).
H. Clinton requested such a Blackberry system from the NSA.

Why do federal officials want to use a smartphone for emails? Because of convenience.
And the fact that the President and the current Secretary of State use smartphones to this day for government emails is clear evidence for that.

 

[JulianS]

Clinton also instructed aides to strip the headings off of classified emails and send to her on non-secure systems. Not sure why this keeps getting ignored: http://thehill.com/blogs/ballot-box/pre ... x-by-email

 

[danbert2000]

passive0[/url]":1dz186w3]One point that is mentioned, but I feel deserves greater emphasis:

The State Department's e-mail system and network have been repeatedly hacked in the last four years, including intrusions by attackers from Russia, China, and Iran

From everything I've read, these emails were better off on Clinton's server. Not saying that means it was the right way to address the situation, but from an absolute perspective, it seems like there's a demonstrable good to it, while any bad effects are just speculation. As an IT Professional who deals with poorly secured system every day, that's a pretty reasonable outcome.

That's ridiculous. In no way were her emails more safe through obscurity, like you suggest. The State Department knew when they were getting hacked and were able to assess the damage and keep an airgap between SBU and ClassNet servers. Clinton openly discussed classified information over unencrypted email traffic and had no way of knowing if the attacks on her server were successful or not. The bad effects are speculation because her IT setup was so incompetent that we can't know how many times her email server was hacked, or for what duration.

I don't believe you're in security if you're suggesting it's a good thing she was on her own server with an unqualified aide as her entire IT staff when she was the target of hacking attempts. That, or you're trying to justify why you'll vote for her anyway.

 

[Krause]

calson33[/url]":31d7v9zg]This sounds a lot like something I have seen in many companies - An inflexible/incompetent IT team that pushes non-IT people to use insecure outside solutions just to get their job done.

This is actually the exact opposite though, the IT people were told to shut up by staff when they would raise concern over the insecure setup. No idea if it was due to overprotective staff not wanting to bug the boss with things they considered a nuisance or the boss itself, but it doesn't sound like it was the IT's fault.

 

[bb-15]

JulianS[/url]":afganhco]Clinton also instructed aides to strip the headings off of classified emails and send to her on non-secure systems. Not sure why this keeps getting ignored: http://thehill.com/blogs/ballot-box/pre ... x-by-email

You are incorrect.
1. There were no emails in question. The issue was about one email that involved talking points which could not be faxed and she requested that the information be sent by email.
2. The reason this story got ignored was because the issue was resolved by the talking points being sent by secure fax.

State Department Says Clinton's Requested Talking Points Were Transmitted By A Secure Method

Associated Press: State Department's "Records ... Turned Up A Secure Fax Transmission Shortly After Clinton's Email Exchange With Adviser Jake Sullivan." On January 9, the Associated Press reported that the State Department "checked its records and found no indication that the document in question was sent to Secretary Clinton using nonsecure fax or email," and "instead turned up a secure fax transmission shortly after Clinton's email exchange":

http://mediamatters.org/research/2016/0 ... m-t/207884

Case closed imo.

Edit; grammar

 

[Snark218]

Peldor[/url]":41b6her6]

Steveha7[/url]":41b6her6]I've always heard that ignorance of the law is no excuse for breaking the law.

Ignorance of the law is also a terrible way to judge whether the law is being applied correctly. The FBI understands the relevant law far better than the public.

Well stated. The FBI and DoJ both declined to recommend prosecution. It's cute that the wingnuts think they're a better authority on the relevant statutes than the people whose job it is to enforce them, but are the rest of us really expected to humor them?

 

[shadedmagus]

snarfbot[/url]"fkramyx]liberal arstechnica shilling for Hillary, i was surprised they hadn't tried to spin the damage yet but here it is. amazing mental gymnastics on show here, seriously. bravo /puke.

crislevin[/url]"fkramyx]

CraigJ[/url]"fkramyx]

crislevin[/url]"fkramyx]Im not entirely sure why Ars wants to get into the politics. Multiple pieces attacking one party's nominee in a week, what exactly is going on in your editorial office?

If you find the facts uncomfortable, maybe you should look to your candidate, not the people reporting the facts.

Ars has been pretty critical of Clinton. This article is extremely evenhanded and nonbiased.

You must be extremely biased yourself to see an article such as this as somehow being politically biased.

there are gigaton of facts out there, the problem is Ars are not hesitate to select the fact about HRC to attack, while wrote nothing about Trump.

is it because there is no tech related facts about trump that is unflattering?

You would be real stupid to think that is the case.

I guess you've done the article right if we're seeing this from both sides, Sean.

 

[Hack-n-Slash]

JulianS[/url]":2tknrlxd]Clinton also instructed aides to strip the headings off of classified emails and send to her on non-secure systems. Not sure why this keeps getting ignored: http://thehill.com/blogs/ballot-box/pre ... x-by-email

FWIW:

http://www.nytimes.com/live/james-comey ... -congress/

"Mr. Comey said that email in particular had piqued his interest and was a focus of the investigation. It was also a subject of the investigators’ interview with her. Mr. Comey said that he learned that “nonpaper” was a term of art in the State Department for an unclassified form of a document that could be shared with, for example, foreign officials."

 

[bb-15]

Krause[/url]":38vf4n3f]

calson33[/url]":38vf4n3f]This sounds a lot like something I have seen in many companies - An inflexible/incompetent IT team that pushes non-IT people to use insecure outside solutions just to get their job done.

This is actually the exact opposite though, the IT people were told to shut up by staff when they would raise concern over the insecure setup. No idea if it was due to overprotective staff not wanting to bug the boss with things they considered a nuisance or the boss itself, but it doesn't sound like it was the IT's fault.

Let's ignore Clinton's involvement for a moment.
Up to 1/3 of top federal officials are using personal email for business.
Classified information is being sent on insecure email systems.

Sorry but that points to a major IT problem.

 

[TheAGM]

She must've known that she was breaking the rules but took the gamble because the greater evil for her would be FoIA requests to State for her emails, which she might not be able to do anything about. Too much about personal things like the Clinton Foundation had to be kept under her control and not get out. Even if she thought she was doing nothing wrong, words can be twisted by political enemies. She knew she'd be running for president (the first female president -- historic), so she needed to have final say on releasing information. Her lawyers finally surrendered carefully redacted, limited emails -- printed on paper. Best outcome for her, perhaps, even with everything that's happened. We may never know what was deleted and whether there were any bombshells there. Maybe there were none, but it was all about info control. However, anyone who has worked for the government or in a regulated industry at a high level -- especially a manager or senior person -- absolutely knows about information security and protocols. It's part of everyone's mandatory training. Probably every time you log into the State email system there are splash-screen warnings about infosec. Senior people especially know the rules because they are head of the supervisory hierarchy for their area and have to enforce best practices. There is probably mandatory annual training. It seems literally impossible that she did not know she was breaking the rules. But at this point, she can't admit that. First woman prez! Gotta get the big win.

 

[Snark218]

bb-15[/url]":111e2ke8]

Krause[/url]":111e2ke8]

calson33[/url]":111e2ke8]This sounds a lot like something I have seen in many companies - An inflexible/incompetent IT team that pushes non-IT people to use insecure outside solutions just to get their job done.

This is actually the exact opposite though, the IT people were told to shut up by staff when they would raise concern over the insecure setup. No idea if it was due to overprotective staff not wanting to bug the boss with things they considered a nuisance or the boss itself, but it doesn't sound like it was the IT's fault.

Let's ignore Clinton's involvement for a moment.
Up to 1/3 of top federal officials are using personal email for business.
Classified information is being sent on insecure email systems.

Sorry but that points to a major IT problem.

And everybody who's ever worked for a Federal agency is now exclaiming, in unison, "YA THINK?"

Seriously, the three agencies I've worked for, and the two I've been a contractor with, have IT problems well into the realm of the absurd.

 

[SvnLyrBrto]

calson33[/url]":cyy4lkf6]This sounds a lot like something I have seen in many companies - An inflexible/incompetent IT team that pushes non-IT people to use insecure outside solutions just to get their job done.

^^^ This. So very much this.

The entire hullaballoo is a bog-standard case of "shadow IT"; which is a problem at any number of organizations and is usually caused by the inflexibility of the IT department and a failure to meet the users' needs and to keep up with the times technologically. It's definitely a failure case. But it's typical and routine and, were it not for the witch hunt by the republicans, it would barely be a blip.

IT needs to understand that they're a support organization, not a means unto themselves. And it's their job to help the revenue-generating departments do their job more effectively. If your users have a need, figure out a way to meet it. If the big boss wants to use her brand-new iPhone instead of the company-standard relic of a Blackberry, figure out a way to make it happen. Your job is to solve problems, not to be the problem that other people try to solve.

And hell, don't think I haven't been there. In a previous job, we became afflicted with a Dropbox problem. Instead of being a BOFH and just blocking it or having the AD guy push a GPO to flush it from user machines or trying to get people punished; I actually took the time to (*GASP* Human interaction!!!) talk to the users who'd started using Dropbox instead of our file server, understand their use case and why the existing tool wasn't meeting their needs, and work out a solution. I wound up soliciting security white papers from Dropbox and a few of their competitors, wrote up a proposal to management, got it approved, took bids, and rolled out the new solution to our users. It wasn't Dropbox, but it was functionally identical from the users' POV. (And THEN I blocked Dropbox and had the AD guy GPO it off of everyone's machine.). I did that because I understand that IT is a cost center, not a revenue center. And helping the productive people do their jobs better WAS my job. My job was NOT to sit on my goddamned ass and mindlessly and unceremoniously block Dropbox because "policy".

 

[bb-15]

Hack-n-Slash[/url]":58rewi6x]

JulianS[/url]":58rewi6x]Clinton also instructed aides to strip the headings off of classified emails and send to her on non-secure systems. Not sure why this keeps getting ignored: http://thehill.com/blogs/ballot-box/pre ... x-by-email

FWIW:

http://www.nytimes.com/live/james-comey ... -congress/

"Mr. Comey said that email in particular had piqued his interest and was a focus of the investigation. It was also a subject of the investigators’ interview with her. Mr. Comey said that he learned that “nonpaper” was a term of art in the State Department for an unclassified form of a document that could be shared with, for example, foreign officials."

I already discussed this.
The issue brought up to Comey was about the one email that involved talking points which could not at first be faxed and Clinton requested that the information be sent by email.
- But the issue was resolved by the talking points being sent by secure fax.

State Department Says Clinton's Requested Talking Points Were Transmitted By A Secure Method

Associated Press: State Department's "Records ... Turned Up A Secure Fax Transmission Shortly After Clinton's Email Exchange With Adviser Jake Sullivan." On January 9, the Associated Press reported that the State Department "checked its records and found no indication that the document in question was sent to Secretary Clinton using nonsecure fax or email," and "instead turned up a secure fax transmission shortly after Clinton's email exchange":

http://mediamatters.org/research/2016/0 ... m-t/207884

 

[BullBearMS]

bb-15[/url]":2p8vbu6x]

BullBearMS[/url]":2p8vbu6x]

bb-15[/url]":2p8vbu6x]From the article;

it only magnifies how poorly the United States' diplomatic service handles information systems and security. And due to inadequate resources at State and outright resistance from the NSA to provide a solution, the State Department and the National Security Agency failed to provide the kind of support for Clinton early on that would have prevented such a situation from continuing.

This is key.
Federal government officials want email convenience and need top notch security.
And unfortunately the US federal government has lagged in providing a top notch secure alternative.
* Result; many federal government executives use private email for government business.
- Including former Secretary of State Colin Powell who used AOL which is notorious for being hacked.
- One survey found that up to 1/3 of high-level federal executives routinely use personal email for business,
http://dailysignal.com/2015/03/08/high- ... -business/

The article mentioned states that "'State’s technology is so antiquated that NO ONE uses a State-issued laptop and even high officials routinely end up using their home e-mail accounts to be able to get their work done quickly and effectively.'"
- But imo I use the information of broader use of private email throughout the federal government by top level officials. This is a system wide issue.

* Next problem; more than 30,000 emails in the Clinton case are being investigated.
Of that number, eight message threads contained extremely sensitive information classified above Top Secret which should have never been on State Department's internal unclassified e-mail system.
- A huge problem but one that is about the security of the Department's system as a whole and how it was used by staff.
The IT system oversite allowed for this insecure use of email to take place.

* Next issue is that the NSA would not provide more a secure system with the appropriate equipment as requested by Clinton.
That is a key failure for the monitoring of system security.
And later attempts to improve the security of Clinton's system did not have close to adequate followup.

* Now there is specific negligence by Clinton's support staff, that attempts to hack her server were not reported to the State Department's IT security team.
- And the emails were not regularly backed up to the State Department archive.
- These are serious procedural problems but they are in the context of a federal government IT system which in terms of security, is generally flawed.
* And this applies to the attempts to get into the minutia of emails that were improperly sent to Clinton or not properly identified before being sent to Clinton.
This again points to a need for an upgrade to security of the entire system and additional training for all federal government employees.

** The article asks;

It can’t happen again, can it?

1. Clinton is not and was not the only person in the federal government handling secret information.
2. The use of private email by federal officials is widespread.
3. This is not really a Hillary Clinton problem but a federal government IT security problem.
So, of course whatever was happening (use of private email) is happening again because Clinton never = the entire federal government.

- What is going on? The blame game and politics.
Instead of stepping back and examining the entire issue of federal government email security, some members of Congress want a single person as a target and then the overall issue of security gets lost.
Why/ Because of politics of course and the upcoming Presidential election.
Imo at least.

Clinton refused to use a PC because she, quite literally, does not know how to use a PC.

Clinton’s chief of staff, Cheryl Mills, told State Department official Lewis Lukens that there could be a “problem,” because Clinton “does not know how to use a computer to do email — only [Blackberry],” he wrote in a 2009 email released on Monday."

http://thehill.com/policy/national-secu ... state-dept

Her unwillingness to learn how to use a computer does not excuse her use of a much less secure device to access mail on a much less secure server.

When the F.B.I. director, James B. Comey, said on Tuesday that his investigators had no “direct evidence” that Hillary Clinton’s email account had been “successfully hacked,” both private experts and federal investigators immediately understood his meaning: It very likely had been breached, but the intruders were far too skilled to leave evidence of their work.

Mr. Comey described, in fairly blistering terms, a set of email practices that left Mrs. Clinton’s systems wide open to Russian and Chinese hackers, and an array of others. She had no full-time cybersecurity professional monitoring her system. She took her BlackBerry everywhere she went, “sending and receiving work-related emails in the territory of sophisticated adversaries.” Her use of “a personal email domain was both known by a large number of people and readily apparent.”

http://www.nytimes.com/2016/07/07/us/hi ... s-say.html

Fact; President Obama used a Blackberry device though much of his presidency (approved by the NSA).
H. Clinton requested such a Blackberry system from the NSA.

Why do federal officials want to use a smartphone for emails? Because of convenience.
And the fact that the President and the current Secretary of State use smartphones to this day for government emails is clear evidence for that.

Fact: The NSA assigned full time staff to ride herd on Obama's Blackberry to keep it secure.

Fact: They refused to do the same thing for the rest of the Government's personnel and directly told Clinton not to use a Blackberry for anything classified.

Fact: Clinton refused to listen to them and did exactly what the NSA warned her not to do.

 

[BullBearMS]

bb-15[/url]":3vhc8oxw]

Hack-n-Slash[/url]":3vhc8oxw]

JulianS[/url]":3vhc8oxw]Clinton also instructed aides to strip the headings off of classified emails and send to her on non-secure systems. Not sure why this keeps getting ignored: http://thehill.com/blogs/ballot-box/pre ... x-by-email

FWIW:

http://www.nytimes.com/live/james-comey ... -congress/

"Mr. Comey said that email in particular had piqued his interest and was a focus of the investigation. It was also a subject of the investigators’ interview with her. Mr. Comey said that he learned that “nonpaper” was a term of art in the State Department for an unclassified form of a document that could be shared with, for example, foreign officials."

I already discussed this.
The issue brought up to Comey was about the one email that involved talking points which could not at first be faxed and Clinton requested that the information be sent by email.
- But the issue was resolved by the talking points being sent by secure fax.

State Department Says Clinton's Requested Talking Points Were Transmitted By A Secure Method

Associated Press: State Department's "Records ... Turned Up A Secure Fax Transmission Shortly After Clinton's Email Exchange With Adviser Jake Sullivan." On January 9, the Associated Press reported that the State Department "checked its records and found no indication that the document in question was sent to Secretary Clinton using nonsecure fax or email," and "instead turned up a secure fax transmission shortly after Clinton's email exchange":

http://mediamatters.org/research/2016/0 ... m-t/207884

Using Media Matters as a source is every bit as stupid as using Fox News as a source.