• Explore the magic and the mystery!
  • The Tech Night Owl's Home Page
  • Namecheap.com





  • The Very Dumb Debate Over the Infamous Clinton Emails

    August 9th, 2016

    It’s easy to become sick and tired of the political byplay that’s going on in the U.S. now, and I’m not about to argue for or against any candidate. But I will argue against stupid, and there’s been plenty of that from all sides in the ongoing nonsense about Hillary Clinton’s emails.

    On one side of the political aisle, it demonstrates a carelessness that may have allowed national secrets to be disclosed, theoretically a criminal act. But the other side denies any such wrongdoing, yet admits that Sec. Clinton was wrong in using a private email server. Unfortunately, this is one of those “process” debates that’s being advanced by people who have little or no clue about the technical issues involved. So you get confusing and contradictory stories that really have only a passing connection to how things work.

    To put matters in perspective, until former Senator John Kerry became Secretary of State, the occupants of that office routinely used a private email address, at least when they actually sent email, rather than rely on the State Department’s system. That was the way things were done. Former Secretary of State Colin Powell actually used an AOL account to manage his mail, regarding the government system as “woefully inadequate.” Although it has gotten better in recent years, AOL was hardly the paragon of security.

    Where Clinton differed from her predecessors was not to use a commercial email service, but a private server that was, at first, placed in the home she shared with her husband at their Chappaqua, New York home. According to the Wikipedia entry on the subject, the hardware ran a version of Microsoft Server with Microsoft Exchange 2010, a business-class email system that can manage messages via a secure TLS certificate. This is a setup familiar to many businesses around the world, and has been shown to be relatively secure. Well, so long as proper settings and secure passwords are used.

    It doesn’t matter why Secretary Clinton chose this route, other than to have more control over the system. Her problem is that, for all intents and purposes, she’s a luddite when it comes to technology. Therefore, she depended on others to set up and manage the server.

    So politics took over. Using carefully crafted focus group talking points, the Republican opposition routinely referred to her server as “insecure,” even though the very same technology has been tested and proven for a number of years. This doesn’t mean it couldn’t be hacked. But despite claims that the Russians and others have had their way with Clinton’s server, FBI Director James Comey conceded there is no actual evidence of hacking. That didn’t stop him from suspecting that there were intrusions, but that was never confirmed.

    Now since Sec. Clinton left office in 2013, the State Department’s requirements have been tightened. So her successor is required to use the government’s email system. But that may be a mixed bag, since there have been many hacks of those systems over the years. But it does give the government control over those messages, in theory at any rate.

    Unfortunately, government regulations in place when Sec. Clinton was in office allowed an employee to determine which of their own messages they can delete. This honor system doesn’t really survive the logic test, because a less ethical person might rely on a lax system to hide incriminating messages. There is no guarantee that the improperly deleted message can be successfully recovered.

    in response to a Freedom of Information request to release her emails, Sec. Clinton had her lawyers determine which were personal, the ones she could delete if she wanted, and which involved State Department business. Here her lack of technical knowledge may have conspired to make her seem to be deceptive in her responses to the media. So while she evidently believed that her lawyers would examine all of the messages — highly impractical with tens of thousands to check — they actually used search terms to separate the business from the personal. Search systems are notoriously imperfect, and if the search terms aren’t comprehensive enough, thousands of messages may be mistakenly flagged as personal, which is evidently what happened. So she was accused of being dishonest, trying to hide the truth. But the messages that were recovered did not appear to exhibit evidence of shady behavior.

    In contrast, Sec. Powell deleted all his AOL emails. Evidently he believed that, since they involved State Department communications, the agency would have captured all of them. That may or may not be true, but that’s hardly relevant. Recovering deleted messages from AOL would probably be impossible after the passage of a few months.

    The other argument is whether Sec. Clinton sent or received classified emails over her private server. Here’s where the process argument becomes awfully confusing. Government agencies frequently disagree over what should be classified, and quite often messages containing content that’s already public will receive such classifications.

    Now Sec. Clinton claims that such messages were marked classified after she sent or received them. The FBI determined that to be mostly true, but found some that were classified at the time they were sent. Now here’s where the process argument gets mighty confusing. It appears that three messages bore some sort of classified markings, which should supposedly warn the recipient of the nature of their content. Perhaps. But it also appears those messages, which were mostly about phone call schedules, weren’t properly marked because the message headers didn’t flag them correctly. At least two of them were actually marked confidential by mistake according to the State Department.

    So Sec. Clinton continued to maintain that she never sent or received any message marked classified, which from her point of view might be true. But the FBI pointed to those questionable messages to say that wasn’t so. With tens of thousands of messages involved, simple human error is also possible.

    Two other FBI arguments are curiously ill-informed. So Director Comey disputed Sec. Clinton’s contention that she only used one smartphone. He said a number were used over the four-year period of her service, but at the end of the day both statements appear to be true. So she used one device at a time before replacing it with a newer model. She also used an iPad. In short, Comey was speaking about matters he knew nothing about.

    The other dispute is whether more than one email server was used, and that might simply involve replacing hardware or, when the data was moved to a web host, sharing it among multiple servers. Here’s where the media’s lack of knowledge of the technology made matters all the more confusing. I heard one report on a cable news network referring to it as a “virtual private server,” and I’m sure the anchor had no clue what that meant. For those who might be wondering, such a server, often referred to as VPS, is a single computer with multiple virtual machines, each of which contains a full operating system and software environment. This is similar to a Parallels Desktop or VMWare Fusion virtual machine on your Mac. It’s a way for web hosts to offer the full control of a dedicated server at a much lower price, since you’re sharing the hardware with other users. I do not know if Clinton’s email setup was managed that way when it transferred to the host.

    What her opponents seize on is the FBI’s conclusion that she was careless in managing her email. That may be true. Or maybe not, but it hasn’t stilled the “lock her up” demands. Unfortunately, she stands alone in having her email use so closely examined. The authorities have not considered the email practices of other Secretaries of State, or any cabinet official, to see how well they managed their messages. So there no way to know whether Sec. Clinton was more or less careless in handling email.

    It’s an argument that’ll never be settled, as both sides dig in on their positions. Forgetting about her use of the phrase “short circuit” to describe one of her faulty answers to questions about the controversy, she really should be screaming at her handlers and campaign people for failing to manage the message responsibly. They don’t seem to understand the issues involved any more than she does. But the opposition is happy to turn her missteps, or apparent missteps, into a major scandal.

    Again, without any way to compare her performance to her predecessors, or her successor for that matter, this is a matter that will never be resolved. As I said, it’s really all about process, since no claim is being made by the FBI that she may have seriously compromised national security. There are legitimate reasons to choose either Hillary Clinton or Donald Trump for President. But speaking as someone who has managed email servers for many years, those reasons have nothing whatever to do with an email server.

    Let the flames begin.



    Share
    | Print This Article Print This Article

    Tech Night Owl Comments

    Your email address will not be published. Required fields are marked *

    This site uses Akismet to reduce spam. Learn how your comment data is processed.