Clinton's server had classified material beyond 'top secret'

Started by jimmy olsen, January 21, 2016, 08:42:55 AM

Previous topic - Next topic

KRonn

This is the most secret stuff, classified SAP and on a need to know basis. Considered extremely damaging info if it gets out. There really is no justification for it being on a private server. Who ever sent it to "Hillary.com" may also be culpable, along with sending other classified emails to an unsecured server. And indeed the State dept did tell Hillary's aides that she should get a "government.com" email so lots of people knew about this.

The idea that something is or is not "stamped" classified isn't necessarily the point either. All the officials who will handle classified info are trained on what classified means and sign off on it. That includes info that won't have some official classified "stamp" on it, but officials are trained to know what could be classified. When in doubt consider it classified. Some info/emails are born classified depending on the subject matter regardless of some geek stamping it with a label. 

This latest, on top of all the others, is from the Intel Inspector General and was apparently first reported by the NY Times or maybe another news paper. Calling this, again, a right wing conspiracy doesn't hold up as it's part of an FBI and IG investigation, but that's just the first pass of the Hillary campaign. And certainly they will come up with more views on it. If this weren't Hillary and the place she is in running for President, I would think it very likely that person would already be indicted a while ago. But the FBI is taking its time and making sure they have everything set properly before they decide whether or not to go to the Justice Department. I'll be very surprised if less than a few indictments come out of this for other people, whether Hillary also gets one or not.

garbon

Quote from: KRonn on January 21, 2016, 11:41:36 AM
This is the most secret stuff, classified SAP and on a need to know basis. Considered extremely damaging info if it gets out. There really is no justification for it being on a private server. Who ever sent it to "Hillary.com" may also be culpable, along with sending other classified emails to an unsecured server. And indeed the State dept did tell Hillary's aides that she should get a "government.com" email so lots of people knew about this.

The idea that something is or is not "stamped" classified isn't necessarily the point either. All the officials who will handle classified info are trained on what classified means and sign off on it. That includes info that won't have some official classified "stamp" on it, but officials are trained to know what could be classified. When in doubt consider it classified. Some info/emails are born classified depending on the subject matter regardless of some geek stamping it with a label. 

This latest, on top of all the others, is from the Intel Inspector General and was apparently first reported by the NY Times or maybe another news paper. Calling this, again, a right wing conspiracy doesn't hold up as it's part of an FBI and IG investigation, but that's just the first pass of the Hillary campaign. And certainly they will come up with more views on it. If this weren't Hillary and the place she is in running for President, I would think it very likely that person would already be indicted a while ago. But the FBI is taking its time and making sure they have everything set properly before they decide whether or not to go to the Justice Department. I'll be very surprised if less than a few indictments come out of this for other people, whether Hillary also gets one or not.


And this is exactly the response that such an 'article' hopes to elicit. :rolleyes:
"I've never been quite sure what the point of a eunuch is, if truth be told. It seems to me they're only men with the useful bits cut off."
I drank because I wanted to drown my sorrows, but now the damned things have learned to swim.

frunk

Quote from: alfred russel on January 21, 2016, 11:36:00 AM
What I don't understand is this...apparently other government officials have also used private email servers, so it isn't just Clinton. But how is that possible?

I don't deal with anything approaching top secret clearance, but if I decided to use a personal email address rather than a work email address, that would never fly. No one would agree to send me emails. It is just basic data security. One client I had back in the day prohibited any thumb drives from their facilities to keep data from leaving their network security.

With email it's not nearly so straightforward.  Setting up forwarding accounts is trivial, so you can use the work address but receive it on your personal.  It's also pretty easy (and quite common) to set it up so that email is read from one server to another for a variety of different reasons.  Depending on how it is set up it won't necessarily be obvious to the originating server that the emails are being saved that way. 

To me this whole thing seems like a non-story.  Email shouldn't be considered a good way to keep data from getting outside of a system.  I hope they at least used pgp and/or tls when sending/receiving though.

Malthus

We have been told not to send truly confidential stuff by email, no matter where the server is located, because it is allegedly inherently not secure, and things can be learned from it even if the message is encrypted. Not being a techie, I have no idea how true that is.
The object of life is not to be on the side of the majority, but to escape finding oneself in the ranks of the insane—Marcus Aurelius

alfred russel

Quote from: frunk on January 21, 2016, 11:54:16 AM
With email it's not nearly so straightforward.  Setting up forwarding accounts is trivial, so you can use the work address but receive it on your personal.  It's also pretty easy (and quite common) to set it up so that email is read from one server to another for a variety of different reasons.  Depending on how it is set up it won't necessarily be obvious to the originating server that the emails are being saved that way. 

To me this whole thing seems like a non-story.  Email shouldn't be considered a good way to keep data from getting outside of a system.  I hope they at least used pgp and/or tls when sending/receiving though.

From a worker bee perspective, this all sounds insane, and I am sure I would be fired if I tried to use a personal server for work email, and probably would be fired if I sent work related emails to a coworkers personal account on a regular basis to facilitate such an arrangement.
They who can give up essential liberty to obtain a little temporary safety, deserve neither liberty nor safety.

There's a fine line between salvation and drinking poison in the jungle.

I'm embarrassed. I've been making the mistake of associating with you. It won't happen again. :)
-garbon, February 23, 2014

frunk

Quote from: alfred russel on January 21, 2016, 11:58:00 AM
From a worker bee perspective, this all sounds insane, and I am sure I would be fired if I tried to use a personal server for work email, and probably would be fired if I sent work related emails to a coworkers personal account on a regular basis to facilitate such an arrangement.

Let me ask you this, do you read your work email on your laptop/desktop using outlook or other email program that isn't web based?  Boom, your laptop/desktop probably has most if not all of your work email stored.  The only difference between your machine and Hillary's is that she could forward the email to other machines.  Yours could easily be set up the same way.

alfred russel

Quote from: frunk on January 21, 2016, 12:05:53 PM

Let me ask you this, do you read your work email on your laptop/desktop using outlook or other email program that isn't web based?  Boom, your laptop/desktop probably has most if not all of your work email stored.  The only difference between your machine and Hillary's is that she could forward the email to other machines.  Yours could easily be set up the same way.

My company computer definitely has it stored, but we also can't access our email from a non work computer using outlook or an email program. I could forward my email to a non company email server, but as i was saying, I think that would end up threatening my employment status. It is a big no no.
They who can give up essential liberty to obtain a little temporary safety, deserve neither liberty nor safety.

There's a fine line between salvation and drinking poison in the jungle.

I'm embarrassed. I've been making the mistake of associating with you. It won't happen again. :)
-garbon, February 23, 2014

alfred russel

Frunk, to add to this...I used to work as a third party auditor of companies, and currently work with third party auditors.

As a third party auditor, it was common that the client was unable to send sensitive files via email to me, so they would give them via thumbdrive. Except at the one client I mentioned where thumbdrives were prohibited. (I don't remember how we ended up getting the data)

At my current company, we prohibit sending sensitive files to third parties via email, so we have given all our auditors company email accounts that they can use to receive sensitive files.
They who can give up essential liberty to obtain a little temporary safety, deserve neither liberty nor safety.

There's a fine line between salvation and drinking poison in the jungle.

I'm embarrassed. I've been making the mistake of associating with you. It won't happen again. :)
-garbon, February 23, 2014

Berkut

While I am pretty sure the right is exaggerating this, at the same time I am stunned that Clinton would think it was ok to use a personal computer to engage in any kind of State department business. Obviously nearly everything she does has some level or another of either real or even just practical "classification" to it, her normal daily business is about how the highest level of the US government is run, and no matter what they formally classify, or do not classify, or whatever, it should pretty much ALL be controlled, encrypted, and the risks associated with her communication carefully understood and controlled. Which is simply not possible on her personal server.

If she was some flunky, she would be fired for this, without question I think.

Could you imagine a CIA analyst, for example, doing work related stuff on their personal computer, even if they assured everyone they don't do *classified" stuff on it, of course? Fuck that - they don't get to make those decisions, and neither does the Secretary of State.

This isn't, IMO, a deal breaker in regards to her candidacy, but it is certain;y a significant negative mark against her judgement.
"If you think this has a happy ending, then you haven't been paying attention."

select * from users where clue > 0
0 rows returned

lustindarkness

I would get in deep doodoo if I tried sending classified or PII on a webmail or such.
Grand Duke of Lurkdom

frunk

Quote from: alfred russel on January 21, 2016, 12:19:19 PM
Frunk, to add to this...I used to work as a third party auditor of companies, and currently work with third party auditors.

As a third party auditor, it was common that the client was unable to send sensitive files via email to me, so they would give them via thumbdrive. Except at the one client I mentioned where thumbdrives were prohibited. (I don't remember how we ended up getting the data)

At my current company, we prohibit sending sensitive files to third parties via email, so we have given all our auditors company email accounts that they can use to receive sensitive files.

Which is all good policies.  I don't think there's been any indication that there was sensitive information sent through email (apart from, apparently, a NYT article).  I think it would be tough to tell the secretary of state that they can't send or receive email with anybody without a government email though.

frunk

Quote from: Berkut on January 21, 2016, 12:23:02 PM
While I am pretty sure the right is exaggerating this, at the same time I am stunned that Clinton would think it was ok to use a personal computer to engage in any kind of State department business. Obviously nearly everything she does has some level or another of either real or even just practical "classification" to it, her normal daily business is about how the highest level of the US government is run, and no matter what they formally classify, or do not classify, or whatever, it should pretty much ALL be controlled, encrypted, and the risks associated with her communication carefully understood and controlled. Which is simply not possible on her personal server.

If she was some flunky, she would be fired for this, without question I think.

Could you imagine a CIA analyst, for example, doing work related stuff on their personal computer, even if they assured everyone they don't do *classified" stuff on it, of course? Fuck that - they don't get to make those decisions, and neither does the Secretary of State.

This isn't, IMO, a deal breaker in regards to her candidacy, but it is certain;y a significant negative mark against her judgement.

I think I downplayed it a bit too much, but it is a lapse of judgement rather than anything nefarious.  The extent to which it was risky is the extent to which it was permitted under the existing rules.

alfred russel

Quote from: frunk on January 21, 2016, 12:40:14 PM
Which is all good policies.  I don't think there's been any indication that there was sensitive information sent through email (apart from, apparently, a NYT article).  I think it would be tough to tell the secretary of state that they can't send or receive email with anybody without a government email though.

And this is where there is a huge culture gap that I don't understand. When I've audited high level executives, I would have no problem pointing out mistakes and potential issues to them. I've never gotten the pushback "those rules shouldn't apply to me"--explicit or implicit.

Outside of audit, I've never felt shy about discussing policy compliance in the same way. Not with the attitude of: "Hey Senior Executive--you are not following the rules! You need to comply!" But with the attitude of, in a private setting, saying, "Just want to help keep us out of trouble with the auditors or to avoid something bad happening, but in order to ensure xxx we have this policy yyy." Again I've never gotten pushback--the experience I have is that executives want to follow the rules to set a good example and to keep out of trouble. If the issue here is that people were scared to speak up to the secretary of state, that didn't seem to serve her very well, did it?
They who can give up essential liberty to obtain a little temporary safety, deserve neither liberty nor safety.

There's a fine line between salvation and drinking poison in the jungle.

I'm embarrassed. I've been making the mistake of associating with you. It won't happen again. :)
-garbon, February 23, 2014

viper37

Quote from: Berkut on January 21, 2016, 12:23:02 PM
While I am pretty sure the right is exaggerating this, at the same time I am stunned that Clinton would think it was ok to use a personal computer to engage in any kind of State department business.
She's 68 years old.  Basically, the age of your moms/stepmoms.  How confortable are they with technology?  How would you rate their capacity to explain secure and unsecure on-line behavior?  The difference between various types of encryption?
I don't do meditation.  I drink alcohol to relax, like normal people.

If Microsoft Excel decided to stop working overnight, the world would practically end.

lustindarkness

Quote from: viper37 on January 21, 2016, 01:16:47 PM
Quote from: Berkut on January 21, 2016, 12:23:02 PM
While I am pretty sure the right is exaggerating this, at the same time I am stunned that Clinton would think it was ok to use a personal computer to engage in any kind of State department business.
She's 68 years old.  Basically, the age of your moms/stepmoms.  How confortable are they with technology?  How would you rate their capacity to explain secure and unsecure on-line behavior?  The difference between various types of encryption?

Are you saying she was not capable of preforming her job as Secretary of State?  :)
Grand Duke of Lurkdom