Often when we read news stories, we find them lacking any technical substance. It would seem that the writer aborted the story before asking any interesting questions that would allow us, as technical professionals, to fully understand the story and draw our own conclusions.
For example, over the last two years, Hillary Clinton’s private email server received extensive press coverage, with little technical content. Network professionals know that an email server can be properly configured and made relatively secure. This would require provisioning for authentication and privacy, encryption locally and on the wire, two factor authentication, and the whole gamut of security protocols and procedures. So exactly how was Clinton’s email server configured?
The tech news sites Ars Technica and Mashable had a little more information. Ars Technica reported that the server used Microsoft Exchange 2010, but not much more than that; Mashable reported that Clinton never actually used a state.gov email address, and, since the State Department had been hacked, it is possible that Clinton’s personal email was more secure!
So the questions remain: How, exactly, was Clinton’s email server set up and configured? How were backups handled? Since Hillary Clinton is no longer a candidate for president, can this information now be shared? And, how is the current U.S. Secretary of State handling email outside of office hours and when traveling? (We have submitted our questions to the U.S. Department of State.)
A more recent instance of insufficient technical content is the breaking news about Clinton email messages found on Anthony Weiner’s laptop. James Comey, then Director of the FBI, testified that hundreds of thousands of emails were forwarded by Huma Abedin (Clinton’s staff member) to Weiner. Abedin and Weiner were married, but are now separated.
Did Abedin actually forward Clinton’s emails to Weiner? Did Abedin and Weiner each have their own laptop?
The FBI’s “clarification” of Comey’s comments suggests that certain emails on Abedin’s laptop were backed up on Weiner’s laptop. This indicates that each individual had his/her own laptop. But again, the FBI has not provided complete information or a complete picture; it seems the FBI merely wished to ensure the accuracy of Comey’s comments as opposed to illuminating those comments.
People often use IMAP (Internet Message Access Protocol) as part of their email set up and rely on a central server to store the emails; only the email header information is stored locally. Given this fact, we have come up with the following hypothesis:
- Abedin did not forward Clinton’s emails to Weiner for printing and/or to store on his laptop.
- Abedin did not copy Clinton’s emails to a USB thumb drive for Weiner to copy to his laptop.
- Abedin did not copy Clinton’s emails to a CD or DVD as backup and then hand that to Weiner to save on his laptop.
Instead, Abedin and Weiner used a cloud-based IMAP email system or another type of cloud storage system. When the emails were “saved”, the emails became “files” that could now be stored on a cloud storage system. In other words, when Abedin saved an email as a file to her laptop hard drive, it was automatically synchronized to a cloud-based storage system, and then synchronized to other computers linked to her account.
Next, whether it was cloud-based email or cloud-based storage, it is likely that Abedin and Weiner either shared an account or were “members” of each other’s “group”. These types of storage systems are made by Spider Oak, Tresortit, Dropbox, and others. Unfortunately none of these companies are very open about their storage methodologies – none have “Theory of Operation” information on their websites.
So Why Is This a Problem?
The FBI has extensive tools for examining data on disk drives – even disk drives that have “crashed”. (In contrast, trashed disk drives are beyond the repair capabilities of your local PC fix-it shop.) It is probable that the FBI applied these tools to Weiner’s laptop and discovered all of the Clinton emails. It is also entirely likely that this would be a complete shock to both Abedin and Weiner, since Abedin would believe that the files were stored on the cloud-based storage system and not locally stored on her laptop or Weiner’s laptop.
The FBI team likely informed Comey that all these emails were found on Weiner’s laptop, but they did not specify the manner in which the emails were put there. It is also entirely likely that Comey and/or his top staff assumed these emails were consciously forwarded by Abedin to Weiner. (Some of the emails were forwarded, but not thousands, as reported.) Based on our hypothesis, neither Abedin or Weiner understood the full implications of using cloud-based email or storage and of being members of a group.
So Why Is This an Important Distinction?
If State Department employees at the very top level do not understand how to safeguard emails and related files, and how to securely backup that information, then this is a sign of a systemic breakdown that threatens national security. It is not simply a case of intentional wrongful acts by specific individuals. This discovery would inform the appropriate remedy for the problem.
This is also why it is so important for members of The Press to collect all of the technical facts when breaking the news.