Gee, maybe one of these CNN clowns can ask her about this at the geriatric debate tonight, assuming she’s still awake.
The private email server running in Hillary Rodham Clinton’s home basement when she was secretary of state was connected to the Internet in ways that made it more vulnerable to hackers, according to data and documents reviewed by The Associated Press.
Clinton’s server, which handled her personal and State Department correspondence, appeared to allow users to connect openly over the Internet to control it remotely, according to detailed records compiled in 2012. Experts said the Microsoft remote desktop service wasn’t intended for such use without additional protective measures, and was the subject of U.S. government and industry warnings at the time over attacks from even low-skilled intruders.
Records show that Clinton additionally operated two more devices on her home network in Chappaqua, New York, that also were directly accessible from the Internet. One contained similar remote-control software that also has suffered from security vulnerabilities, known as Virtual Network Computing, and the other appeared to be configured to run websites.
The new details provide the first clues about how Clinton’s computer, running Microsoft’s server software, was set up and protected when she used it exclusively over four years as secretary of state for all work messages. Clinton’s privately paid technology adviser, Bryan Pagliano, has declined to answer questions about his work from congressional investigators, citing the U.S. Constitution’s Fifth Amendment protection against self-incrimination.
Some emails on Clinton’s server were later deemed top secret, and scores of others included confidential or sensitive information. Clinton has said that her server featured “numerous safeguards,” but she has yet to explain how well her system was secured and whether, or how frequently, security updates were applied.
Clinton has apologized for running her homebrew server, and President Barack Obama said during a “60 Minutes” interview Sunday it was “a mistake.” Obama said national security wasn’t endangered, although the FBI still has yet to complete its review of Clinton’s server for evidence of hacking.
She apologized? Really? She seems so smug about it of late.
“That’s total amateur hour,” said Marc Maiffret, who has founded two cyber security companies. He said permitting remote-access connections directly over the Internet would be the result of someone choosing convenience over security or failing to understand the risks. “Real enterprise-class security, with teams dedicated to these things, would not do this,” he said.
The government and security firms have published warnings about allowing this kind of remote access to Clinton’s server. The same software was targeted by an infectious Internet worm, known as Morta, which exploited weak passwords to break into servers. The software also was known to be vulnerable to brute-force attacks that tried password combinations until hackers broke in, and in some cases it could be tricked into revealing sensitive details about a server to help hackers formulate attacks.
“An attacker with a low skill level would be able to exploit this vulnerability,” said the Homeland Security Department’s U.S. Computer Emergency Readiness Team in 2012, the same year Clinton’s server was scanned.
Do we really need this criminal in the White House?