> On March 16, 2016, AP reported that in February 2009, secretary of state Hillary Clinton also wanted a secured BlackBerry like the one used by Obama, but that NSA denied that request. A month later, Clinton began using a private server, located in the basement of her home, to exchange e-mail messages with her top aides through her regular, non-secure BlackBerry. Later it came out that this rather risky solution was also used for sensitive messages.
A good reminder how IT departments need to provide solutions that actually work and are accessible to everyone. If not, "shadow IT" will emerge, rather sooner than later.
And Clinton was Secretary of State, not some low level clerk.
Thank you - I was about to post this. It’s worth noting Comey reopened an email inquiry four days before the election; this was widely seen as the reason for her loss at the time.
Reminder: this was a really big deal to people.
Investigation was closed shortly thereafter; he said in interviews at the time he was unhappy with Bill; I vaguely remember a clandestine meeting at a private jet fbo.
I’ve always imagined there was a little bit of payback from Obama in this story: the Clintons absolutely did not open up resources for Barack in his first term, and it cost him a lot. My head canon is like: “bury hatchet with Clintons for sec state apptment: fine. Deny Hillary a blackberry: very fine.”
A friend who works for the FBI flagged this long ago as the origin story for Clinton's "but her emails!" woes. It's distinctly possible that if the NSA had just secured her Blackberry, there would never have been a president Trump. Funny how small things spiral out.
You might draw many possible lessons from this story, though. One is the lesson you draw, which is that the NSA should have secured her damn Blackberry. The second is that this was really about egos, and Clinton couldn't accept that she was less important, and deserved a less important phone, than Obama, so she went ahead anyway. A third is that if you want to be president someday, you can't cut corners, and you need to use whatever clunky tech the government gives you -- so that one day, you can be the boss, summon the head of the NSA into your office, and humiliate and then fire him in front of his peers. But Clinton didn't have that kind of patience: she had emails to send.
> One is the lesson you draw, which is that the NSA should have secured her damn Blackberry. The second is that this was really about egos, and Clinton couldn't accept that she was less important, and deserved a less important phone, than Obama, so she went ahead anyway.
It could be ego. It could just be the hold of the crackberry. I didn't know many people that were full on in thrall to the Temple of Blackberry, but those few were willing to do what it takes to keep using them (until eventually they gave in and accepted the inevitable loss and usually moved to iPhone)
I had to spend about a week to figure out how to get a Blackberry to send DKIM compliant email before I could turn on DKIM. One of the acceptable alternatives for the CEO was just enabling anyone with a blackberry to send email from our domain.
The President and Secretary of State have less power than you think; they aren't corporate CXOs. They are subject to the laws, and NSA must follow laws made by Congress. That's intentional - the division of power is that Congress makes the rules and the executive branch implements them.
The Secretary of State should have a secure mobile communication device, as should most everyone else in national security positions (and other jobs). It's absurd that they didn't. Just think of the productivity hit and the capability hit - imagine how it interferes with responses to crises.
> The President and Secretary of State have less power than you think; they aren't corporate CXOs. They are subject to the laws, and NSA must follow laws made by Congress. That's intentional - the division of power is that Congress makes the rules and the executive branch implements them.
Indeed indeed... but sadly, as we're seeing (especially, but not just) with DOGE this keeps on eroding.
> It's distinctly possible that if the NSA had just secured her Blackberry, there would never have been a president Trump. Funny how small things spiral out.
She was a neocon warhawk who was shrill and unlikable. There were a lot of reasons she lost. The blackberry was the smallest part of it.
It's also distinctly possible that if the government had enacted appropriate oversight over it's cabinet level secretaries that the illegal configuration would have been detected and remediated before it became an embarrassment.
They're using Signal to circumvent the Presidential Records act - the US government nowadays has ample ways to officially and quickly communicate with each other, while being in compliance with recordkeeping and national secrets requirements.
Use of Signal has been rife in Washington DC since COVID times.
During COVID they closed many of the secure facilities indefinitely. Building access was on a rotation, so many people couldn’t see or communicate with their counterparts for weeks or months unless their rotation intersected. The government had no plan for how to conduct classified business with their facilities closed for extended periods. It is in this milieu that Signal became established as an alternative way to communicate.
They required almost everyone to work at home without a plan for how that is supposed to work when most people don’t have a SCIF[0] in their house. As bad as it is that the US DoD converged on using Signal, there is an identical issue in many European countries with the pervasive use of WhatsApp for sensitive communication. It is a classic case of shadow IT taking over.
It is first-hand knowledge, I was doing quite a bit of government work in Washington DC during COVID. Everything ground to a halt because it was so difficult to connect with people. I use Signal today primarily because of working in Washington DC.
That is what I assumed as well. In both the current and previous admins.
But as more details come out about the current admins use of signal, this appears to not be the case.
They are using a shitty third party patched version of signal specifically designed to archive messages.
Leaving aside the security issues with the version they are using and the lack of public facing policy, the use of a Signal variant that archives chats is a reasonable compromise.
Instead of walling off users, creating a barrier to use and therefore extensive bypassing of the security standards, they have met users where they are and provided them with what the user cannot distinguish from official signal. This allows them to interface internally and externally through signal, preserving records and maintaining a much better level of security than the other options.
This represents a huge breach of trust between external parties and government signal users, but most of the government signal users are probably completely unaware that it's being logged.
My issue is not that they are using Signal. I think it's one of the better options. My issue is that they use a shitty version of it when there should be an in house maintained version for government use.
A good reminder how IT departments need to provide solutions that actually work and are accessible to everyone. If not, "shadow IT" will emerge, rather sooner than later.
And Clinton was Secretary of State, not some low level clerk.