Tag Archives: Vulnerability (computing)

The Techie Take On The Clinton Email Server

Posted on by

James Rosen posted an article at Fox News yesterday about some technical people who decided to investigate some of Hillary Clinton’s claims about her private, secure email server.

Some findings from the article:

Now, working with publicly available tools that map network connectivity, experts have established that the last “hop” before the mail server’s Internet Protocol, or IP, address (listed as 64.94.172.146) is Internap’s aggregator in Manhattan (listed as 216.52.95.10). 

 “This is a very strong indication that the clintonemail.com server is in Manhattan,” the source told Fox News.  

 Obviously the server is not in Chappaqua being guarded by the Secret Service–most likely it is in President Clinton’s Manhattan office. Not that physically guarding a server is worth anything anyway unless someone is going to steal the server itself.

The ‘good hackers’ also discovered:

  Perhaps most concerning, private analysts determined that clintonemail.com has been running an older model of Microsoft Internet Information Services, or IIS – specifically version 7.5, which has been documented to leave users exposed on multiple fronts. The website CVEDetails.com, which bills itself as “the ultimate security vulnerability datasource,” is awash with descriptions of serious security vulnerabilities associated with version 7.5, including “memory corruption,” “password disclosure vulnerability,” and the enabling of “remote attackers to execute arbitrary code or cause a denial of service.”  

The cyberlab technician who discovered the Clintons’ use of version 7.5 marveled at “the vulnerabilities the Clintons are ignoring” in an email to Fox News. “This is a big deal and just the thing real-world hackers look for in a target and will exploit to the max,” the source said.  

“Several of these vulnerabilities have been known since 2010 and yet HRC is running official State comms through it.”  

The article concludes:

Just the original decision to use a private email account, with Clinton’s own surname embedded in it, has baffled the hacker community. The analyst with experience in the intelligence community, a “white hat” hacker — the kind corporate firms retain to conduct “penetration testing” that exposes businesses’ cybersecurity lapses — told Fox News: “If we learned that the foreign minister of a major foreign country was using her own private server to send and receive emails, and was relying on outdated commercial software to operate and protect it, that’d be a hallelujah moment for us.”

As you read this article, please understand a few things. It sounds as if the people who set up the server for the Clintons lacked some of the knowledge they needed to make the server totally secure. Making a server totally secure is nearly impossible and you need really good technical people to do it. If the server was hacked during Mrs. Clinton’s time as Secretary of State, there is no reason to believe that the Clintons or anyone else would know about it. That is a serious problem. The other thing I would appreciate anyone reading this article to be aware of is that I have very little knowledge of how this all works. I have a husband and a daughter that hopefully keep me (and my computer) out of trouble. I do know, however, from being around serious techies that computer security is an issue, particularly in our government. Foreign countries that do not love America are constantly attempting to hack into military, commercial, and government computers. The last thing we need to do is to make it easy for them.

 

Another Security Problem With ObamaCare

Posted on by

Yesterday the Washington Free Beacon posted an article expressing concern about the software in ObamaCare.

The article states:

U.S. intelligence agencies last week urged the Obama administration to check its new healthcare network for malicious software after learning that developers linked to the Belarus government helped produce the website, raising fresh concerns that private data posted by millions of Americans will be compromised.

The intelligence agencies notified the Department of Health and Human Services, the agency in charge of the Healthcare.gov network, about their concerns last week. Specifically, officials warned that programmers in Belarus, a former Soviet republic closely allied with Russia, were suspected of inserting malicious code that could be used for cyber attacks, according to U.S. officials familiar with the concerns.

The article reports that last year there was an Internet data “hijacking” involving Belarusian state-controlled networks. Belarus is a dictatorship aligned with Russia.

The article further reports:

David Kennedy, head of the security firm TrustedSec, said the Obamacare website was not designed well and has “a lot of security flaws.”

One major concern is that the system connects the healthcare network to other sensitive U.S. government networks, including the Internal Revenue Service and the Department of Homeland Security.

“That makes it a treasure trove for hackers,” Kennedy said in an interview, adding that a major concern would be cyber attacks from sophisticated state-sponsored adversaries.

The threat of “backdoor” access points is a particular worry. The Chinese military-linked Huawei Technologies is suspected of using that technique in its network equipment, Kennedy said.

HHS technology officials recently contacted him about the security vulnerabilities and indicated the department is interested in taking measures to mitigate the security flaws.

White House National Security Council spokeswoman Caitlin Hayden has stated that the Belarusian software was “recalled by the intelligence community shortly after it was issued.”

To me, this is just another reason to avoid the ObamaCare website. Lately, I tend not to believe a lot of what White House spokespeople are saying.

Enhanced by Zemanta