This piece was reprinted by OpEdNews with permission or license. It may not be reproduced in any form without permission or license from the source.
Reprinted from downwithtyranny.blogspot.com
So here are three data points, just three. They line up perfectly so the main idea is easy to grasp. (Consider this the first in a series, "The Clinton Server Story for Progressives." If events move too quickly, it will be the last, as everyone from Time to the Washington Post will be telling you what's what and you won't need me at all.)
This means that email going to and from the server was unencrypted during transmission. Messages were sent and received in plain text. This is the Washington Post from last March (my emphasis):
The server was nothing remarkable, the kind of system often used by small businesses, according to people familiar with its configuration at the end of her tenure. It consisted of two off-the-shelf server computers. Both were equipped with antivirus software. They were linked by cable to a local Internet service provider. A firewall was used as protection against hackers.The Post article is much longer and contains a great deal of information. If this subject interests you, I encourage you to click through.
Few could have known it, but the email system operated in those first two months without the standard encryption generally used on the Internet to protect communication, according to an independent analysis that Venafi Inc., a cybersecurity firm that specializes in the encryption process, took upon itself to publish on its website after the scandal broke.Not until March 29, 2009 -- two months after Clinton began using it -- did the server receive a "digital certificate" that protected communication over the Internet through encryption, according to Venafi's analysis.- Advertisement -
It is unknown whether the system had some other way to encrypt the email traffic at the time. Without encryption -- a process that scrambles communication for anyone without the correct key -- email, attachments and passwords are transmitted in plain text.
"That means that anyone could have accessed it. Anyone," Kevin Bocek, vice president of threat intelligence at Venafi, told The Post.
The system had other features that made it vulnerable to talented hackers, including a software program that enabled users to log on directly from the World Wide Web.
Four computer-security specialists interviewed by The Post said that such a system could be made reasonably secure but that it would need constant monitoring by people trained to look for irregularities in the server's logs.
"For data of this sensitivity... we would need at a minimum a small team to do monitoring and hardening," said Jason Fossen, a computer-security specialist at the SANS Institute, which provides cybersecurity training around the world.
- Advertisement -The man Clinton has said maintained and monitored her server was Bryan Pagliano, who had worked as the technology chief for her political action committee and her presidential campaign. It is not clear whether he had any help. Pagliano had also provided computer services to the Clinton family. In 2008, he received more than $5,000 for that work, according to financial disclosure statements he filed with the government.
I hope you noticed the name "Bryan Pagliano" above. He's among the key people the FBI are talking to. In March, Pagliano was granted immunity in exchange for information. Pagliano is also the subject of a Judicial Watch FOIA request, and he's on the Judicial Watch deposition list. (For more on Pagliano, see below.)
Your first takeaway -- Unless there was encryption employed by Clinton's private email service that no one knows about, email communications to and from it were readable as plain text. Certainly not deliberately so, but a fact nonetheless.