The Washington Post has a long piece up on how Hillary Clinton’s private email server scandal unfolded. Though quite restrained by the standards of the blogsphere, it paints a devastating portrait of Clinton and her aides not only blithely unconcerned about security, but plotting to bypass security and accountability from the get-go:
Hillary Clinton began preparing to use the private basement server after President Obama picked her to be his secretary of state in November 2008. The system was already in place. It had been set up for former president Bill Clinton, who used it for personal and Clinton Foundation business.
On Jan. 13, 2009, a longtime aide to Bill Clinton registered a private email domain for Hillary Clinton, clintonemail.com, that would allow her to send and receive email through the server.
Snip.
They were aware of a speech delivered by Joel F. Brenner, then chief of counterintelligence at the Office of the Director of National Intelligence, on Feb. 24 at a hotel in Vienna, Va., a State Department document shows. Brenner urged his audience to consider what could have happened to them during a visit to the recent Beijing Olympics.
“Your phone or BlackBerry could have been tagged, tracked, monitored and exploited between your disembarking the airplane and reaching the taxi stand at the airport,” Brenner said. “And when you emailed back home, some or all of the malware may have migrated to your home server. This is not hypothetical.”
At the time, Clinton had just returned from an official trip that took her to China and elsewhere in Asia. She was embarking on another foray to the Middle East and Europe. She took her BlackBerry with her.
Snip.
Few could have known it, but the email system operated in those first two months without the standard encryption generally used on the Internet to protect communication, according to an independent analysis that Venafi Inc., a cybersecurity firm that specializes in the encryption process, took upon itself to publish on its website after the scandal broke.
Not until March 29, 2009 — two months after Clinton began using it — did the server receive a “digital certificate” that protected communication over the Internet through encryption, according to Venafi’s analysis.
It is unknown whether the system had some other way to encrypt the email traffic at the time. Without encryption — a process that scrambles communication for anyone without the correct key — email, attachments and passwords are transmitted in plain text.
“That means that anyone could have accessed it. Anyone,” Kevin Bocek, vice president of threat intelligence at Venafi, told The Post.
The Post piece is well worth reading, even if it avoids the conclusion already drawn by everyone not already a Hillary Clinton backer: She set up a private server to avoid legal accountability while doing back-channel deals with foreign powers that directly benefited herself, the Clinton Foundation (but I repeat myself), her friends and cronies.
Then there’s this: “Because Clinton did not use desktop computers, she relied on her personal BlackBerry.” Wait, a high ranking government official in the 21st century “doesn’t use personal computers”? Who is she, your grandmother that complains she can’t play solitaire because you closed the games directory on Windows 95?
(Hat tip: Director Blue.)