<div dir="ltr"><div class="gmail_default" style="font-size:small"><br></div><div class="gmail_extra"><br><div class="gmail_quote">On Sat, Nov 12, 2016 at 9:10 PM, Jonathan Thornburg <span dir="ltr"><<a href="mailto:jthorn@astro.indiana.edu" target="_blank">jthorn@astro.indiana.edu</a>></span> wrote:<br><blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex">Someone whose message I mistakenly deleted :( wrote (paraphrased) that<br>
if Hillary Clinton's had been encrypted, she would have won the election.<br>
<br>
Hmm. The emails were stolen by using spear-phishing to steal the<br>
credentials (passwords) of legitimate users. I see no way in which<br>
email encryption would have been even a speed-bump.<br>
<br>
2FA as it's usually done (via an SMS to the user's cellphone) would have<br>
helped a bit... until the KGB (or whoever else) deployed an iOS/Android<br>
0day or spear-phish to intercept the SMS. 2FA via a secure token would<br>
have helped a lot... although with the endpoint pc pwned there are still<br>
straightforward ways around this (see attacks on 2FA online banking).<br>
<br>
Basically, good security with pwned endpoints is just about impossible. :(<br>
There are no silver bullets. And we've always been at war with Eastasia.<br></blockquote><div><br></div><div><div class="gmail_default" style="font-size:small">There were three separate email issues:</div><div class="gmail_default" style="font-size:small"><br></div><div class="gmail_default" style="font-size:small">1) The private Secretary of State server.</div><div class="gmail_default" style="font-size:small"><br></div><div class="gmail_default" style="font-size:small">The GOP would not have been able to turn this into a campaign issue at all, let alone win with it had the messages been end-to-end encrypted using S/MIME. </div><br></div><div><div class="gmail_default" style="font-size:small">Further, I am certain that the real reason for the private server was that Clinton (correctly) assumed that Republican operatives in the GSA would pilfer the emails and leak them to political enemies. As it turns out, Manning did exactly that with the State dept cables.</div><div class="gmail_default" style="font-size:small"><br></div><div class="gmail_default" style="font-size:small">A lesson that needs to be drawn here is that it is not enough to be secure, you have to be able to prove that the system is secure. This is something we understood early on in the CA business and the reason why it isn't quite as simple as many assume.</div><div class="gmail_default" style="font-size:small"><br></div><div class="gmail_default" style="font-size:small">2) The DNC emails.</div><div class="gmail_default" style="font-size:small"><br></div><div class="gmail_default" style="font-size:small">The attack on the DNC computers did begin with spearfishing, but some of the most damaging information was again found in emails stored on the mail server. Again, end to end encryption would have mitigated the problem</div><div class="gmail_default" style="font-size:small"><br></div><div class="gmail_default" style="font-size:small">3) The Podesta emails</div><div class="gmail_default" style="font-size:small"><br></div><div class="gmail_default" style="font-size:small">Podesta's email account was hacked after an aide sent him the account password in a cleartext email. Again, good end-to-end encryption could have prevented this.</div><br></div><div><br></div><div><div class="gmail_default" style="font-size:small">Now these are not the only lessons to be learned and email is not the only link in the chain that needs to be locked down. But it is a good starting point for discussion.</div><br></div><div><div class="gmail_default" style="font-size:small">Those of us in the business understand that there is more to security than encryption. But one of the consequences of the election result is that henceforth, all political discussion will take place in tweets of 140 characters or less.</div><div class="gmail_default" style="font-size:small"><br></div><div class="gmail_default" style="font-size:small">Hilary could also have won by finding a way to give his twitter account access back. But that is out of scope here.</div><br></div></div></div></div>