Barbara Simons
simons@acm.org
650-328-8730
I believe that this is a more serious situation than perhaps Secretary Clinton and her aides realize. Fortunately, there is a positive step that can and should be taken.
The problem. There is a very real risk that the system was broken into, possibly by Republican operatives (or China or some other country or organization). If this has happened and if there is anything that might appear problematic in those emails, whether or not it actually is, the relevant emails might be released to the press shortly before the election. Even if the system was not broken into, there is the threat that opponents might release forged emails that are difficult to impossible to distinguish from real ones.
In addition, there are questions that any computer security expert will ask, such as was the system backed up regularly. If so, then it might be possible at least to respond to forged emails. Of course the claim that the server has been wiped clean (was that also done with any backups that were created?) suggests that there may not be adequate backups.
Incidentally, depending on how the deletions on the server were done, it might be possible for the email to be recovered by a forensics expert.
What should be done. Unfortunately, nothing can be done to prevent the risks described above. Given that, it's important to know how real those risks might be. Therefore, I recommend that a forensics investigator be hired to examine the server and any backups and logs that might still exist to see if there may have been a break-in.
Jeremy Epstein is a prominent computer security expert who has recommended a company called Mandiant. (Neither Jeremy nor I have any involvment with Mandiant of any kind, including financial). According to Jeremy, they are frequently brought in after major corporate breakins. They are very discrete and, in his view, competent. I can put anyone who is interested in touch with Jeremy, who lives in Virginia.
In my opinion it is critical that a highly qualified forensics expert examine the system as soon as possible. It is important to know if there may be a problem or if an attack may have occurred, so that there can be a well thought out response prepared beforehand.
Finally, if nothing serious is uncovered by a forensics examination, that does not prove that nothing happened. Regrettably, the absence of proof of a break-in is not proof of the absence of a break-in.
“the absence of proof of a break-in is not proof of the absence of a break-in”
This is key. The system was horribly insecure, all they could possibly uncover is worry, there is no upside for them.
REFERENCE---How Podesta's emails got hacked: revealed in WikiLeaks dump
Foxnews.com ^ | October 29, 2016 / FR Posted by dirtboy
WikiLeaks has released what may be the key email that led to one of the biggest cybersecurity breaches in presidential campaign history -- allowing hackers to gain access to Clinton Campaign Chairman John Podesta’s Gmail account.
A new email thread released Friday shows Podesta got a March 19 email from “Google” notifying him someone had his "password" and tried to sign in from Ukraine.
The IT team told Podesta the message was legit and he should change his password. But it appears the email actually was a phishing ploy. Podesta's stupidity likely gave the entire world access to the contents of his account. (Excerpt) Read more at foxnews.com ...
==============================================
(SMIRK) betcha Podesta jumped in feet first when Nigerian General Kachinga Cheatchusuckah emailed Podesta. The General said all Podesta had to do to get Billions is buy some black ink for a 10 million dollar down payment. (Same scam that got Chelsea's felon FIL in a federal prison).
Right there. Admission of intent to destroy evidence.
There's also a concern about "forged email".
In other threads, I've noted that Wikileaks has started adding a green header that the message has been authenticated with DKIM. But, the messages originating from clintonemail.com do not have that authentication.
However, if someone on GMail subsequently forwards that message, the DKIM signature will be added to the header and validate that email.
There is an additional X-AnalysisOut header being added by clientonemail.com, but I haven't been able to find any information about what those fields contain. It appears to be an anti-spam measure, but I don't know if it also contains a message digest that could be used to authenticate it.
One of the lessons learned is that no one should use Yahoo, Google or Hotmail for business. It is too easy to be fooled into providing access because it is expected that these servers are targets.
With a smaller, work related server, you can at least verify, make a phone call etc. before providing passwords inside a VPN like control.
Wow bombshell!
I want to point out that the Wikileaks Podesta emails are not the result of hacking Hillary’s server, but of hacking Podesta’s gmail account because 1. he had a weak password and then 2. he fell for a whaling scam to reset his password.
More on the moron!
Thank you for the post !
Very incriminating (to illary & minions) info coming out...
So it looks like these clowns should have know they were dealing with computer systems that have or had been hacked no telling how many times. What bozos.
Great find by the way.
PING!!!
This shows INTENT.
Their own internal emails explicitly mention the possibility of a hack by a foreign government and back-checking to try to rule that out.
Article and comments, esp. #1, #3, #4, #5, #6, #7, #11, #12, #29, #38
Thanks, grey_whiskers