RE: Hilary so incompetent State Dept spam filters were blocking her correspondence
June 26, 2016 at 10:45 am
(This post was last modified: June 26, 2016 at 10:46 am by Tiberius.)
I've seen a lot of talk about cyber security in this thread, and a lot of misinformation about it, so I thought I'd at least chime in. Full disclosure, I'm against both Hillary and Trump, but I'll restrict my comments to purely the cyber security issues.
A spam filter in itself isn't a national security issue, but a spam filter on the state department's email system that is turned off most definitely is one. Most spam filters block malicious content. If a malicious file got through and was executed by a user who had access to confidential files, that's a national security issue.
Then that IT guy is the idiot. You do not solve a problem of emails not getting through by disabling a spam filter. Instead, you configure the spam filter to whitelist those email addresses.
Yes, a spam filter is a cyber security protocol. At the end of the day, it prevents malicious emails, adding to cyber security. The spam filter that the State Department used isn't just a filter in the email application people were using, so it doesn't just route stuff to junk folders, they were using Trend Micro's ScanMail, which is installed on the email servers themselves, and performs rigorous checks to prevent spam, viruses, phishing attacks, etc.
From the Trend Micro website, it also does this:
"Drops up to 85 percent of all incoming email using email sender reputation to free network resources"
This is presumably what was happening to Clinton's emails. They were getting dropped by the system because the address was untrusted. They weren't getting through to people's spam folders at all.
Also, the IT professional didn't simply mark her .org as not spam; he disabled the filter entirely. If you read the email from the OP, it makes this clear. Quote from the email:
To explain that in laymans terms to people. The content filtering is your basic spam filtering, but the fact he had to "restart SMTP services" means that yes, this was installed on the email servers rather than just a configuration option in people's email applications. The AV filtering is the eye opening one. If he disabled AV (anti-virus) filtering, then emails containing malicious executable files may have made it through to people working in the State Department, and if clicked on, could have infected State Department computers.
That most definitely is a security issue, and therefore a national security issue.
The problem with this statement is, ironically, that Hotmail is probably more secure than the server Hillary had in her basement, for multiple reasons.
The people Hillary had set up the server did not know much about cyber security at all. They were run of the mill IT guys, and I can tell you from professional experience, that most IT people do not know much about security. In contrast, Microsoft actually have people who know about cyber security, and they will had performed numerous security tests against Hotmail infrastructure.
The insecurities of Clinton's server are already well known from scans of the Internet that were performed a few years ago. We know it was running a vulnerable version of RDP (which didn't need to be running), and didn't have a certificate installed for months.
In short, perhaps a spam filter itself isn't a big issue, but turning the spam filter for the entire State Department off most certainly is, especially considering all the crap that's emerged about Clinton's server in the first place.
--
On a separate note, I see a lot of insinuation that people complaining about Clinton's emails will be voting Trump, or want Trump to win. I don't really see the logic in this. Can we not complain about the shitty nature of both candidates?
(June 25, 2016 at 11:17 am)SteelCurtain Wrote: I'm well aware of how a spam filter works. A spam filter is not a national security issue.
A spam filter in itself isn't a national security issue, but a spam filter on the state department's email system that is turned off most definitely is one. Most spam filters block malicious content. If a malicious file got through and was executed by a user who had access to confidential files, that's a national security issue.
(June 25, 2016 at 11:20 am)Minimalist Wrote: Idiot.
Some IT guy in State decided this was the best way to solve a problem.
Then that IT guy is the idiot. You do not solve a problem of emails not getting through by disabling a spam filter. Instead, you configure the spam filter to whitelist those email addresses.
(June 26, 2016 at 6:47 am)SteelCurtain Wrote: A spam filter is not a fucking cyber security protocol. It's a fucking routing filter. All emails still come, they just get routed to junk folders if they are deemed junk. Even still, her layman's request to disable the spam filter was likely accomplished by an IT professional who simply marked her .org as not spam, meaning her emails bypass the filter. This is child's play.
Yes, a spam filter is a cyber security protocol. At the end of the day, it prevents malicious emails, adding to cyber security. The spam filter that the State Department used isn't just a filter in the email application people were using, so it doesn't just route stuff to junk folders, they were using Trend Micro's ScanMail, which is installed on the email servers themselves, and performs rigorous checks to prevent spam, viruses, phishing attacks, etc.
From the Trend Micro website, it also does this:
"Drops up to 85 percent of all incoming email using email sender reputation to free network resources"
This is presumably what was happening to Clinton's emails. They were getting dropped by the system because the address was untrusted. They weren't getting through to people's spam folders at all.
Also, the IT professional didn't simply mark her .org as not spam; he disabled the filter entirely. If you read the email from the OP, it makes this clear. Quote from the email:
Quote:...
our next steps will be:
A: Disable content filtering and restart SMTP services
...
C: Disable AV filtering and restart SMTP services
...
To explain that in laymans terms to people. The content filtering is your basic spam filtering, but the fact he had to "restart SMTP services" means that yes, this was installed on the email servers rather than just a configuration option in people's email applications. The AV filtering is the eye opening one. If he disabled AV (anti-virus) filtering, then emails containing malicious executable files may have made it through to people working in the State Department, and if clicked on, could have infected State Department computers.
That most definitely is a security issue, and therefore a national security issue.
Quote:Private email accounts come from other servers just like Clinton's. If you think a fucking Hotmail account is more secure than whatever Hillary had built in her basement by people that clearly know a fuck ton more about cyber security than you, then you are just determined to be a nut job and there's nothing anyone can do to stop you.
The problem with this statement is, ironically, that Hotmail is probably more secure than the server Hillary had in her basement, for multiple reasons.
The people Hillary had set up the server did not know much about cyber security at all. They were run of the mill IT guys, and I can tell you from professional experience, that most IT people do not know much about security. In contrast, Microsoft actually have people who know about cyber security, and they will had performed numerous security tests against Hotmail infrastructure.
The insecurities of Clinton's server are already well known from scans of the Internet that were performed a few years ago. We know it was running a vulnerable version of RDP (which didn't need to be running), and didn't have a certificate installed for months.
In short, perhaps a spam filter itself isn't a big issue, but turning the spam filter for the entire State Department off most certainly is, especially considering all the crap that's emerged about Clinton's server in the first place.
--
On a separate note, I see a lot of insinuation that people complaining about Clinton's emails will be voting Trump, or want Trump to win. I don't really see the logic in this. Can we not complain about the shitty nature of both candidates?
