I am trying to grasp the significance of why it is apparently an important distinction that it was the email server TRAFFIC that was compromised, not a login to the server itself and retrieval of the emails that way.
I can feel the significance of it in my head, I can almost pin it down logically, but I just cannot put my finger on it. It eludes me...I have to go listen to the podcast again. If I can discern his emphasis on it, I will post it here to provide the context.
However, the LHM also stated that the FBI identified one successful compromise of an account belonging to one of former President Clinton’s staffers on a different domain within the same server former Secretary Clinton used during her tenure. The FBI was unable to identify the individual responsible for the compromise, but confirmed that the individual had logged in to the former staffer’s account and “browsed email folders and attachments.”
That's a server compromised, not just traffic monitoring. It's almost a certainty that the "traffic" was "compromised". That's pretty basic whether the server is in a hosting center or on cable at someone's house. The traffic can pretty much be sniffed. More importantly routers anywhere in the world can sniiff traffic to their heart's content and it is a certainty that foreign intel agents would monitor their network traffic especiallly from a high profile visitor.
So the question is what was the link and was the link encrypted. If they used HTTPS which seems most likely, then it is unlikely that any email was revealed that way (via traffic). For the first two months they didn't have link encryption so there was no protection from traffic monitoring whatsoever.
But there are other possibilities like using IMAP and SMTP with some email clients, and those may or may not have been protected with SSL. For the first two months (Jan-Mar 2009) they definitely were not.
Note that a "traffic compromise" could also be done by an HTTPS compromise (man-in-the-middle attack). I've read that was possible, due to a self-signed cert, until they started using a Network Solutions cert. It's not known if that was done. I have not found a definite source on whether or how long they used a self-signed cert. It might be in the original FBI report.
What is the significance of “Email Traffic being compromised, rather than the server hacked”? Here is a speculative answer:
That sounds to me like they have discerned that data sent from Hillary’s Blackberry and/or iPad devices was being intercepted by someone before it ever got to her home brew server. The important thing is that her server wasn’t the weak point. The weak link was the Blackberry, and it’s user. That should not surprise anyone.
IIRC, some if not all of Hillary’s many Blackberry devices were NOT specially secure devices. She asked for one of Presidential timber and was turned down. Hillary was warned that Blackberry’s were susceptible to having the signal intercepted if used outside of secure settings, such as special areas at her office. She reportedly ignored this routinely, even using a Blackberry device in Russia to correspond with Obama.
The distinction you have focused upon is potentially the key to showing Clinton’s contempt for data security rules clearly laid out for her. Her crime was not “gross negligence” — it was deliberate misconduct.