• Did Spam Filtering Service Have Full Access to Clinton Emails?

    March 19, 2015 // 20 Comments »

    readyclinton

    A researcher says the commercial spam filtering service Hillary Clinton used for her personal email server had full, unfettered access to her messages. A person at the company — or someone who could hack into the company — could read and save any of her messages.

    Marc Perkel tells us that “Hillary Clinton used a spam filtering service MxLogic to filter her spam and viruses. What this means is employees at MxLogic, now owned by McAfee (which has been bought out by Intel), had full access to all her State Department email in unencrypted form.”

    Perkel explains email from the Internet is routed by DNS records called MX records which are used to look up where to deliver email. When someone uses an external spam filtering service they point their MX records to that service and all email for that domain goes to the spam filtering service first. They clean it and forward the good email on to the recipient.”

    So, without such a filtering service, your email goes from You straight to Me. When I sign up for such a service, your email goes from You to the MxLogic Company to Me.

    Setting things up is pretty easy, once you sign up for the filtering service. McAfee says “activation starts with a simple mail exchanger (MX) record redirection.” That redirects emails from you to them, and then them to me.

    Exposing Clinton’s Technical Details

    Did Hillary use the services of MxLogic/McAfee? Perkel says yes, that the MX records for clintonemail.com are:

    clintonemail.com. 7200 IN MX 10 clintonemail.com.inbound10.mxlogicmx.net.
    clintonemail.com. 7200 IN MX 10 clintonemail.com.inbound10.mxlogic.net.

    We know that Clinton’s server was fully unencrypted for her first three months of overseas travel. It is unclear exactly when after that encryption was employed, but it does not matter. McAfee had to be able to read the email messages to filter them. So a message might have been encrypted into McAfee, and it might have left McAfee encrypted, but inside the company it was visible. A company employee could have accessed it. A foreign intelligence service could have planted someone inside the company. Someone could have hacked into McAfee from outside.

    Now one of the ways all this could be quickly checked and parsed through is to examine the header information on Clinton’s emails, the technical stuff you usually don’t see when you open a message (but it is in there.) Oh, wait. You can only see that information if you have the actual electronic email. If someone prints the message out, as Clinton did in delivering 55,000 pages to the State Department, the technical information is lost forever. In that sense, Clinton did not deliver her actual records to State as required by law, just partial copies.

    Now if someone — anyone — who received an actual Clinton email and has it electronically would share that with some responsible technical people, much would be revealed. Someone with access should also look to see if Guccifer leaked full headers with Sidney Blumenthal’s email from the Clinton server.

    Is Clinton Secure?

    So how secure is Clinton’s email server? Well, first of all, the log-in page is still online. Go here and let me know if you get in, please. Keep in mind this may be considered felony hacking and you could go to jail for a long time, so don’t do it.

    But in addition to that, let’s see what security company Qualys’ online server security checker does with Clinton’s rig. Here are the results. Oops! She got only a “B,” with lots of technical stuff marked as “weak.”

    One recalls Clinton in her press conference stating that her server was in a location guarded by the Secret Service. However, researcher Perkel claims to have evidence that the server is at a commercial facility, and not in Clinton’s home or another known location guarded by the Secret Service.

    To be fair, all of the information above pertains to the current state of Clinton’s email server. We do not know much about the state of the server during her four years as Secretary of State. It does seem funny to think, however, that there was any reason to downgrade security at any point. That does not make sense, especially since until recently all of the State Department emails were still on the server.

    Important Note

    Trying to figure out these details is at the edge of my own limited technical knowledge, so I invite readers to clarify, debunk or support all this.

    It also seems that large media companies who can pose questions to Clinton have smart IT personnel. It remains a source of great frustration that these significant issues are being raised exclusively in non-mainstream forums. THE INTERCEPT, WIRED, NEW YORK TIMES — where are you?




    Related Articles:




    Copyright © 2019. All rights reserved. The views expressed here are solely those of the author(s) in their private capacity.

    Facebooktwittergoogle_plusredditpinterestlinkedin

    Posted in Democracy

IP Blocking Protection is enabled by IP Address Blocker from LionScripts.com.