More Security Fears Surround Clinton’s ‘Homebrew’ Email Server

“Clinton’s decision to forgo the State Department’s servers is inexplicable and inexcusable,” says one security expert.

National Journal
Dustin Volz
Add to Briefcase
Dustin Volz
March 4, 2015, 6:15 a.m.

Hillary Clinton’s email controversy turned from bad to worse overnight, as reports surfaced that the former secretary of State relied on her own “homebrew” computer server to send and receive messages, despite apparent security warnings from government officials.

The decision for a high-ranking government official to create a separate email service is something usually reserved for computer geeks and hackers worried about privacy and surveillance. But Clinton’s decision to forgo either a government or commercial email account is further stoking concerns that the nation’s former top diplomat may have been reckless about securing her communications.

The Web domain, which Clinton used exclusively to conduct official business during her four years heading the State Department, was run through an Internet service registered to a family home in Chappaqua, N.Y., according to the Associated Press.

“The task of keeping a mail-server secure isn’t one even the average [system administrator] is up to. I’d be shocked if her server was even remotely secure,” said Nate Cardozo, a staff attorney with the Electronic Frontier Foundation.”Clinton’s decision to forgo the State Department’s servers is inexplicable and inexcusable.”

So far, Clinton has been mum on the controversy, although her aides and the State Department have attempted to downplay the furor by saying no classified information was ever transmitted over email and instead always communicated in person, over phone or secure videolink—an assertion her critics have found highly improbable.

Some have defended Clinton’s decision, noting that email services such as Gmail and Yahoo are far from hackproof—and that the State Department has its own troubled history of protecting its data, from an email breach last year to the Wikileaks release of hundreds of thousands of diplomatic cables back in 2010.

Clinton’s use of a homebrew server was “likely more secure than using some freebie system she signed up for online, which is how several other prominent figures have gotten burned, from Palin to Hollywood types,” said Peter Singer, a strategist and senior fellow at the New America Foundation who recently wrote a book on cybersecurity, in an email. The decision “also points to having some professional IT people working for them on it. … But every type of email system has been hacked at some point.”

Singer noted that Clinton’s homebrew likely would have been exempt from some of the National Security Agency’s surveillance sweeps, especially those that relied on direct access to the data flows of companies like Google, Facebook, and Microsoft. An Edward Snowden-exposed NSA program known as PRISM forces at least 9 U.S. Internet companies to hand over users’ communications, such as email content and file transfers, of foreigners. Data of U.S. persons who communicate with foreigners—something Clinton’s job would have required her to do frequently—are scooped up in that surveillance, a practice the NSA has defended as “incidental” collection.

Others were less convinced that Clinton’s decision afforded her more security and that it was motivated by anything more than an attempt to dodge transparency. Barton Gellman, a reporter for The Washington Post who has access to the Snowden files, tweeted Wednesday that “it is not possible for a high-value target to secure a home-managed email server.”

Adding to Clinton’s email woes are new reports that Clinton was warned by State Department technology experts about the potential security vulnerabilities of using a private email service. But that “those fears fell on deaf ears,” according to Al Jazeera America, which cited an unnamed State employee.

“We tried,” the employee told Al Jazeera. “We told people in her office that it wasn’t a good idea. They were so uninterested that I doubt the secretary was ever informed.”

What We're Following See More »
Government Shutdown Begins, as Senate Balks at Stopgap
12 minutes ago

"A stopgap spending bill stalled in the Senate Friday night, leading to a government shutdown for the first time since 2013. The continuing resolution funding agencies expired at midnight, and lawmakers were unable to spell out any path forward to keep government open. The Senate on Friday night failed to reach cloture on a four-week spending bill the House had already approved."

Mueller’s Team Scrutinizing Russian Embassy Transactions
1 days ago
FBI Investigating Potential Russian Donations to NRA
1 days ago

"The FBI is investigating whether a top Russian banker with ties to the Kremlin illegally funneled money to the National Rifle Association to help Donald Trump win the presidency." Investigators have focused on Alexander Torshin, the deputy governor of Russia’s central bank "who is known for his close relationships with both Russian President Vladimir Putin and the NRA." The solicitation or use of foreign funds is illegal in U.S. elections under the Federal Election Campaign Act (FECA) by either lobbying groups or political campaigns. The NRA reported spending a record $55 million on the 2016 elections.

Mueller Investigation Leads to Hundreds of New FARA Filings
1 days ago

"Hundreds of new and supplemental FARA filings by U.S. lobbyists and public relations firms" have been submitted "since Special Counsel Mueller charged two Trump aides with failing to disclose their lobbying work on behalf of foreign countries. The number of first-time filings ... rose 50 percent to 102 between 2016 and 2017, an NBC News analysis found. The number of supplemental filings, which include details about campaign donations, meetings and phone calls more than doubled from 618 to 1,244 last year as lobbyists scrambled to avoid the same fate as some of Trump's associates and their business partners."

Hicks to Testify on Friday
1 days ago

Welcome to National Journal!

You are currently accessing National Journal from IP access. Please login to access this feature. If you have any questions, please contact your Dedicated Advisor.