[Cryptography] "we need to protect [our dox] by at least encrypting them"

Arnold Reinhold agr at me.com
Fri Nov 4 16:28:09 EDT 2016

On Thu, 03 Nov 2016 16:06 Henry Baker <hbaker1 at pipeline.com> pointed out:

> FYI --
> https://wikileaks.org/podesta-emails/emailid/43625 <https://wikileaks.org/podesta-emails/emailid/43625>
> Fw: hey
> From:dmcdonough at barackobama.com <mailto:dmcdonough at barackobama.com>
> To: john.podesta at gmail.com <mailto:john.podesta at gmail.com>
> Date: 2008-11-03 18:28
> Subject: Fw: hey
> Hey, John, 
> I know I'm like a broken record on this, but I think we should arrange a briefing on the cyber threat for all associated with your effort.  We have a real security threat on our stuff here. 
> I would gladly work up something with our techie.  We've developed a lot of expertise in this, unfortunately. 
> DM 

For her fiftieth birthday, Hillary Clinton received a copy of "Internet Email for Dummies" from her staff to help her communicate with Chelsea who was going off to college. Both Time and Newsweek reported this at the time, with some amusement. I was co-author of that book (along with John Levine, Margey Levine and Carol Baroudi) and I wrote the chapters on E-Mail Security and PGP. So maybe it’s all my fault. 

Back in 1996 we warned her and other readers (first edition, pp. 255-256):

“…the general lack of security for e-mail is a real threat to personal privacy.” …

“When e-mail was a toy for computer geeks, its lack of privacy may not have mattered. With e-mail poised to become a nearly universal means of communication in the 21st century, privacy matters now.”

There is a policy question that has not been adequately discussed in all the commotion about Hillary’s email: to what extent does a high government official require and deserve a confidential way to communicate unclassified messages with others? Yes, there is a need to maintain a historical record, but while in office, governmental leaders need privacy to carry out their duties. But there is no evidence the e-mail system then provided by the State Department had any provision to shield Secretary Clinton’s email from the small army of technicians that would have had administration access to her email account. Civil servants frequently leak sensitive data, and we know the State Department email was hacked by foreign powers at least once.  

A Secretary of State is especially in need of private communications. International negotiations are often about economic issues affect multiple parties within the US as well as in other nations--there are always winners and losers. Information on what the Secretary of State is thinking or even with whom he or she is talking can help marshal forces against an agreement under negotiation or, more likely, to apply pressure to modify its terms. Having a private server provided a modicum of privacy that likely helped Mrs. Clinton do her job. And if it is true that Russia is orchestrating the DNC leaks, it’s hard to think of a reason why they wouldn’t also  leak her private server’s data if they have it. 

Neither her servers nor the State Department’s were suitable for classified material, but most cables at the Secret level and below from that era were leaked by Pvt, Manning via Wikileaks. If there were messages on her server at that level, they may be among the few that are not already on Wikileaks.

Eschewing email altogether would likely have impaired her effectiveness, so given the limited tools she had available at the time, her use of a private server may have been in the country’s best interest.

Arnold Reinhold

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://www.metzdowd.com/pipermail/cryptography/attachments/20161104/04541eda/attachment.html>

More information about the cryptography mailing list