
Clinton ran own computer system for her official emails - dnetesn
http://news.yahoo.com/clinton-ran-own-computer-system-121721814.html
======
3am
So, anyone with a brain realizes this is a political hit job leading up to the
2016 presidential election. So the promotion of this story has very few honest
brokers involved & a lot of partisan motivation.

But I am genuinely curious about this. It doesn't seem like wrongdoing per se,
or even anything unethical. But I don't like the trend of losing documents
from the historical record. And I think that (while her email security is
probably better than State Dept. as a whole) it probably would have been
better as the leader to hold herself to the same standards as everyone in the
organization as a general principle.

Curious to hear if anyone here has .gov experience and can give useful insight
into the story.

~~~
frogpelt
This is reporting. Fox News is the only media outlet that has any significant
share of the audience in America that would even remotely consider expending
an ounce of resources trying to keep a liberal democrat out of office.

If you don't believe that, then you are probably a liberal democrat.

So, to call this news story about a politician acting in a premeditated,
unscrupulous/unethical manner a "hit job" shows your deep political bias.

To turn it around, would you feel it was a "hit job" if a politician whose
ideas and agendas you disagree with, set up an outside email server for the
express purpose of discussing official government business so that it
wouldn't/couldn't be easily tracked? I don't think you would.

~~~
3am
I find your response a bit insulting and presumptuous.

I'm sufficiently well developed to separate my feelings about a politician
from their political party, and in turn from my own feelings about an abstract
ethical scenario. And none of this is to say anything about my political
beliefs, which are personal and none of anyones beeswax.

This isn't abstract either, as some other poster mentioned, this is
widespread, bipartisan behavior. I think that if there is evidence of
malfeasance, then they should be required to produce their email (privately
served or not) via subpoena. I can see the loophole about having people
policing their own email archiving, but I honestly _do not know_ if that is
illegal, hence why I asked if any experts here knew if this violated any laws
or policies.

EDIT: also, you assume this is sourced from a conservative or Republican
group? Primaries happen before generals.

------
imgabe
Surely, this must have been common knowledge at the State Dept. Wouldn't they
have noticed that her emails came from a domain that wasn't dos.gov? And if
she was communicating with other State Department officials, wouldn't the
emails they received from her at their dos.gov email be part of the public
record anyway, defeating the purpose of running your own server?

~~~
lisper
Her emails may have looked like they did come from dos.gov. It's trivial to
spoof a From header.

~~~
3am
Hah! Try spoofing an email to a recipient in the State Dept and tell me how it
works out :)

~~~
lisper
Find me someone in the State Department willing to be the recipient and I will
happily conduct this experiment. Why do you think it would be any harder to
spoof an email to the State Dept than anywhere else?

~~~
______1
[http://en.wikipedia.org/wiki/Sender_Policy_Framework](http://en.wikipedia.org/wiki/Sender_Policy_Framework)

~~~
rsanders
[http://mxtoolbox.com/SuperTool.aspx?action=spf%3astate.gov&r...](http://mxtoolbox.com/SuperTool.aspx?action=spf%3astate.gov&run..).

"No SPF records found"

Looks pretty spoofable.

------
mergy
I'm okay if she ran Postfix. If she ran Sendmail, I have issues.

------
ratsbane
Was the server actually at her house or was the domain name just registered
with that as an address? Neither option seems even slightly damning.

~~~
tedunangst
Almost certainly the domain registration.

> Hoteham was listed as the customer at Clinton's $1.7 million home on Old
> House Lane in Chappaqua in records registering the Internet address for her
> email server since August 2010.

Does that sound like the information you get from running whois on an IP
address or on a domain name?

> Clinton's private email server was reconfigured again to use a Denver-based
> commercial email provider, MX Logic

How the fuck would anybody know how her private server was reconfigured unless
they're talking about mx records?

~~~
nissimk
It's just poor reporting. I think they're misunderstanding their sources. I
agree with you that the source is DNS, and they mean, "her email domain" was
reconfigured, rather than her server.

------
jstalin
Is there an archive of domain mx records out there? That would seem to clear
up exactly where her email was hosted.

Edit: the current mx records are below:

    
    
       ;; ANSWER SECTION:
       clintonemail.com.       5495    IN      MX      10 clintonemail.com.inbound10.mxlogic.net.
       clintonemail.com.       5495    IN      MX      10 clintonemail.com.inbound10.mxlogicmx.net.

~~~
danellis
Having her email rely on Mexico's DNS servers doesn't seem like a terribly
good idea.

~~~
etcet
The MX in this case refers to mail exchanger rather than Mexico.

~~~
danellis
I was referring to the mx, not the MX, but you're right -- those records were
truncated for some reason. It's actually mxlogicmx.com.

(There is a mail provider using the mx domain, though. I don't recall its
name.)

------
CPLX
From what I have read so far there doesn't appear to be any evidence
whatsoever that the server was hosted in her actual home. And that certainly
would be a strange, strange thing to do. All it would take is an ice storm in
Westchester to put her ability to read and send emails out of commission.

Ockham's razor tells me it's more likely the media is speculating based on a
whois record or similar. Scanning the existing comments I don't see anything
more definitive than that. Is there any actual reason to think the email
server was physically in suburban NY?

~~~
jstalin
See my post below. The mx records point to mxlogic, which provides email
filtering services, not hosting (as far as I can tell). It looks like she may
have indeed run her own email server.

~~~
CPLX
Right, I don't find it implausible at all that she ran her own email server,
by some definition of that expression. I do, however, find it at least
somewhat implausible that said server was in a residential home in Westchester
NY.

More to the point I don't see any evidence at all that it was physically there
besides speculation. If there is such evidence (like IP addresses or similar)
floating around, that would be interesting.

------
vondur
Pretty interesting that it's being run from her own house. I guess if anyone
has any idea about how the NSA operates, it would be her.

------
spoiledtechie
I really hate the fact that this is a technical discussion or its an attack on
her or a smear campaign.

The underlying fact is, she broke the LAW. That means she should be dragged
through the punishment of the law.

Stop supporting her or making excuses. The society of today really stops
caring so much about the rule of law, but rather what they have for an
opinion. But I ask you if you if murder is against the law, do you support it?

We shouldn't be supporting this either way. It was plainly against the law and
she broke that law. If you have a problem with it, then change the law. Stop
sticking up for someone that blatantly broke the law.

~~~
maxerickson
What law did she break?

I don't say that as support, I just haven't seen any clear explanation of that
yet.

~~~
spoiledtechie
Ask Google..

[http://www.reviewjournal.com/news/nation-and-world/did-
hilla...](http://www.reviewjournal.com/news/nation-and-world/did-hillary-
clinton-break-federal-laws-email)

~~~
maxerickson
Your link says _Former U.S. Secretary of State Hillary Clinton may have
violated federal records laws by using a personal email account for all of her
work messages, the New York Times reported on..._ and goes on to quote some
speculation from unnamed experts.

You said _It was plainly against the law and she broke that law._

I was hoping you could explain more than the press articles have been, because
you made it sound like you could.

------
jstalin
I tried sending an email to that domain to see if it would bounce back, but it
didn't. I was hoping to get the server's IP address.

Looks like bouncebacks were working yesterday, but have been disabled:
[http://www.zerohedge.com/news/2015-03-03/hdr22clintonemailco...](http://www.zerohedge.com/news/2015-03-03/hdr22clintonemailcom-
how-romanian-hacker-exposed-hillary-clintons-secret-email-life)

Edit:

I tried to telnet to the server:

    
    
       telnet clintonemail.com 25
       Trying 208.91.197.27...
       telnet: Unable to connect to remote host: Connection timed out
    

Where is that IP address? British Virgin Islands: [http://www.ip-
address.org/lookup/ip-locator.php?track=208.91...](http://www.ip-
address.org/lookup/ip-locator.php?track=208.91.197.27)

------
growupkids
I'll probably get down voted for this, so be it. I worked in the Clinton
whitehouse in the mid-90s. Every time you sent an email, which was on a
cluster of VAX servers, you got a full screen notification about the
presidential records act, and you had to agree affirmatively if something was,
or was not an official record. If you said no, it still got archived, it just
got flagged so a FoIA might not be valid against your email. We simply backed
everything up to tape, and sent it to NARA. My first week there we got
subpeoneDed. I remember being asked to volunteer to go up to greenbelt
Maryland to help restore tapes for records requests.

There is absolutely no way she or anyone else that worked woth here didnt know
your needed to archive emails. Subpoenas happened regularly, and everyone knew
Emails = record. Years later after I left I landed a contract with a
government contractor to recover thse tapes, against federal lawsuits, emails
are records and the courts want them. Par for the course. I'd argue the
Clinton whitehouse was the first administration to truly face electronic
records retention effects with the courts. Nixon maybe being the first with
audio tapes, the clintons got email Subpeonas.

So when I hear she was running her own email server and staying outside
federal records retention requirements, I both nodded knowingly that I would
expect nothing less from the wife of a man that learned first hand: keep no
records, and then shook my head ruefully knowingly why she did it:

Keep no records.

When public leaders avoid record keeping requirements, this prevents public
scrutiny, and that means they no longer work for you because they aren't
accountable to you. Maybe you agree with her, but you'll never know what she
did in your name. Hillary knew what she was doing. I have no doubt of this, as
I said I would expect nothing less. I would be shocked if she didn't do this.
Stunned really. I'm still paranoid about what I put in written form (text,
email, etc.) to this day.

This was calculated, to keep her unaccountable and off the record.

------
hackuser
Without government resources, it's hard to imagine this server could be
secured, copying the data to two private companies creates much more exposure.

The rule of security is to make the attack more expensive than it's worth to
your adversary. How much are the U.S. Secretary of State's emails worth?
Certainly they are worth billions, and I'd guess even trillions of dollars;
the information could make existential differences, for example to security of
entire nations. In addition, the money you could make with foreknowledge of
U.S. policies, for example in oil markets, seems astronomical.

I expect that foriegn intelligence services, with billions in reources and
highly skilled personnel, had access to her mail. I expect some private
interests also did.

~~~
imgabe
It seems the objection to this practice is that government email is supposed
to be insecure by design in that anyone should be able to access it by making
a FOIA request. To me, that seems kind of silly. I can imagine there a lot of
legitimate reasons the Secretary of State would not want their email to be
publicly accessible.

~~~
hackuser
> It seems the objection to this practice is that government email is supposed
> to be insecure by design in that anyone should be able to access it by
> making a FOIA request. To me, that seems kind of silly. I can imagine there
> a lot of legitimate reasons the Secretary of State would not want their
> email to be publicly accessible.

Security doesn't mean everything is inaccessible, it means you control who,
when, and where the data can be utilized. Obviously not all of the Secretary
of State's email should be publicly accessible, but 1) the law as implemented
by the government, and not a private individual, should control access, 2)
someone needs to ensure control is maintained and prevent unauthorized access,
and a private individual probably doesn't have the resources to do it.

------
caseysoftware
I was interviewed by NewsRadio 106.7 about this about an hour ago. The podcast
will be online here in a couple hours:
[http://michaelgraham.com](http://michaelgraham.com)

------
toast0
If Clinton can run her own email server, why are so many people allergic to
running their own servers? (PS, hope she had a business internet connection so
she wasn't violating ToS)

~~~
nissimk
Clinton employs a large staff of people, some of whom are apparently email
experts. I think that probably helps to reduce the allergy symptoms.

~~~
waps
No, because it's a violation of the law. The federal government is supposed to
keep records of everything they do, for several reasons :

1) they are accountable to the people. Granted this is a principle. At some
point in the future, everything the federal government did will become open
knowledge.

2) It must be possible to get them in front of the justice system. This is a
basic principle of a separation-of-powers democracy. The justice system is, by
law, entitled to access any and all documents, emails, everything any agency
has (just so we're clear : not talking about the judge down the street,
although they have some access, but the supreme court has full,
unquestionable, access)

3) FOIA (freedom of information act). Citizens and others can petition the
justice system to make government documents public. Unless the justice system
and the federal government agree something can not be made public, it is made
public.

This is extremely prominently mentioned on every computer system anywhere near
the federal government. Record keeping requirements this, email archival that.

Ms. Hillary Clinton did not miss these requirements. She knowingly violated
the law and conducted official government business in an illegal manner. Ms.
Clinton knowingly, and with the aid of dozens of people working for her on the
public's dime violated the law. In theory the minimum punishment for this is
to become unelectable for 5 years, but "somehow" I doubt that will happen.
Also there seems little doubt that the emails she will make public will be a
filtered version of the original.

This is comparable to fraud (though technically not fraud) : if you did this
as a CEO of a publicly traded company, it would be considered fraud, and you
could very well go to jail for that.

------
fl0wenol
I want to be mad that a high-profile public servant created and used an email
capability that allowed her to skirt record laws if ever challenged.

But... it's a really good idea. Hell, I used to run my own back in the day
before my ISP started prohibiting it (around 2003ish?)

So I'm conflicted.

~~~
lotsofmangos
I left a personal email and webserver running in my parents shed for a few
years on an old debian box. It was useful, I keep meaning to set up another
one.

Personally I think that it is great that a high profile public servant went
and ran their own personal server from their house.

It suggests a level of competency and it encourages other people to try and
set up their own servers from home.

------
bigfaceworm
Not excusing the behavior, but it's not new:
[http://en.wikipedia.org/wiki/Bush_White_House_email_controve...](http://en.wikipedia.org/wiki/Bush_White_House_email_controversy)

------
aw3c2
*Hillary

~~~
sp332
Whoever is the most relevant gets the shorter name, in a kind of Huffman-like
coding. If you say "Bush" now, people think you mean the 43rd president, even
though earlier they would have thought of the 41st president.

~~~
tormeh
But the headline should differentiate because there are more than one Clinton
in the public sphere. "H. Clinton" would have been enough.

~~~
tedunangst
"her" wasn't a sufficient clue?

~~~
tormeh
I don't think Her was in the headline at the time. I think it was just
something a la "Clinton ran email server from home" or something.

~~~
sp332
I think you're right. Here's the old one
[http://hosted.ap.org/dynamic/stories/U/US_DEM_2016_CLINTON_E...](http://hosted.ap.org/dynamic/stories/U/US_DEM_2016_CLINTON_EMAILS_HOMEBREW_SERVER?SITE=AP&SECTION=HOME&TEMPLATE=DEFAULT&CTIME=2015-03-04-03-15-48)
and the newer one
[http://hosted.ap.org/dynamic/stories/U/US_DEM_2016_CLINTON_E...](http://hosted.ap.org/dynamic/stories/U/US_DEM_2016_CLINTON_EMAILS_SERVER?SITE=AP&SECTION=HOME&TEMPLATE=DEFAULT&CTIME=2015-03-04-08-09-46)

~~~
tedunangst
damn impermanence.

------
rubiquity
Are we supposed to pretend the NSA doesn't exist and Hillary Clinton has a
bunch of emails the government doesn't know about?

~~~
o0-0o
The problem is not that the government doesn't know about them, it's that the
PEOPLE don't know about them.

~~~
rubiquity
But if the emails were sent from the government's servers the people still
wouldn't know about them.

~~~
joelrunyon
But you could (in theory), request them under a FIOA

~~~
Mtinie
I don't see a reason that you would be detered from submitting the same FIOA
request for these emails. I expect the likelihood of getting a response and a
set of documents sent to you would be the same as it would be if her emails
were hosted through the Department of State's mail server.

~~~
joelrunyon
Because it's on a private server, not a government operated one. Gives her
legal coverage.

