Wednesday, August 19, 2015

The Daily Mail Story on Platte River Is Misleading. Why?

From The Daily Mail:

EXCLUSIVE: Hillary's email firm was run from a loft apartment with its servers in the BATHROOM, raising new questions over security of sensitive messages she held

Really? From a loft, with servers in the bathroom?

The Daily Mail article continues to quote a former employee, Tera Dadiotis, who described the company as a 'mom-and-pop' shop. Dadiotis said, "At the time I worked for them they wouldn't have been equipped to work for Hilary Clinton because I don't think they had the resources, they were based out of a loft, so [it was] not very high security, we didn't even have an alarm."

The article notes that the last time Dadiotis worked for them was 2010.

I like using the "Wayback Machine", aka The Internet Archive. Let's take a look at some things. I poked around on their website's archive circa 2013 (when the server was migrated to them), and found this description of services, originally posted in 2012 but still applicable through 2014 (or later). Notice what it says:

Offsite/Online/Data Center Backup
  • Fully Automated Backups Held on Disk for Rapid File Restoration
  • Secure Online Transfer of Fully Encrypted Data to an Offsite Data Center
  • 24x7 Live Customer Support
  • Immediate Access to Restore Data

Italics and underlining added by me for highlighting.

The company was run out of a loft, but the data center, where the [ETA: backup] information was stored, was elsewhere, not in the bathroom.

A press release from 2013 bragged that Platte River was named by Inc. Magazine as "one of the fastest growing companies in America for 2013." Further, the press release asserted them to be "a national leader in the managed services and cloud industry." That hardly sounds 'mom-and-pop' at that time to me.

All of this leaves me with a few questions. The Daily Mail tracked down "ex-employees" of Platte River, including the aforementioned Dadiotis (who was undoubtedly telling the truth about what the company was like back during her tenure). Why did they track down employees from years earlier, when the company was much smaller? Why weren't they talking to current employees who had been there merely two years ago?

Why are they publishing an article talking about what Platte River was like "At the time [Dadiotis] worked for them", 2010 and earlier, and making it sound like this was how it was when they started their involvement with the Clinton server? Why is this article pushing the false impression of the company, minimizing what they do and what their capabilities and offerings are and were in 2013?

Just sloppy reporting? Or is the false impression being deliberately pushed?

I can't help but remember back to earlier Clinton scandals, when false information would get pushed and then used as evidence of a vast right-wing conspiracy against them.

Probably just a coincidence.

Edited to add: The data center, which is where the servers were (and not just backups), was in New Jersey, as The Daily Caller reported last week.

Edited to add, again: Neil Stevens has convinced me that the Intuition brochure linked above suggests that only the backup services were in the offline data center. As such, I have struck-through the last part of the article. However, The points regarding Dadiotis being employed 3 years earlier, before the company grew to a $6M revenue company, remains as does my estimation that it was hardly 'mom-and-pop' by the time the Clinton server entered the picture.

That said, it is possible that there was a server located in a closet and I retract my confident assertion that it wasn't.

Posted by at No comments:

Wednesday, July 15, 2015

From Where is Trump Getting His Support?

Earlier today, Charles Franklin (Director of the Marquette Law School Poll, co-founder of Pollster.com, proprietor of PollsAndVotes.com, etc.) posted the following:

Clearly, since Trump entered the race, his numbers have greatly improved while Walker's and Rubio's have declined markedly. I found that counter-intuitive for a moment, until it dawned on me that nearly all of the candidates who showed little change were those who had little support to begin with. Obviously, if one is polling at 2%, it would be pretty difficult to lose more than 2 percentage points. If a candidate shows a sudden surge in the numbers, the most probable losers would be those with a decent amount of support available to lose.

Walker and Rubio fit that bill.

Another GOP candidate that had a pretty decent base of support before Trump joined the fray is Jeb Bush. Jeb announced mid-June and subsequently gained publicity for some eye-popping fundraising numbers. As such, it isn't all that shocking that he saw his support rise during and despite the Trump boomlet.

But is it all as simple as Trump is hurting the other GOP front-runners excepting Bush, who avoided the decline during a honeymoon phase? I am skeptical.

Since Charles was gracious enough to tell everyone which surveys he was using for his graph, I was able to go back to the surveys he used and look at some other numbers. The surveys he used were Monmouth, Fox Opinion Dynamics, and CNN/ORC International. I found the releases for the most recent iteration of each (linked below), each of which helpfully had earlier results included in them. The data from these made me even more skeptical.

In each of the following charts, the most recent iteration of a survey is to the left. For each survey, only the most recent was conducted after Trump announced. These are for the three candidates I would have called the frontrunners a month ago.

In each, the overall support for the triumvirate has been fairly steady. Within the Monmouth poll, the aggregate has varied by all of one percentage point. In the Fox poll, the spread is four percentage points with the most recent being three off of the maximum. In the CNN poll, one might get the impression that the group fell off in the most recent survey, but concurrent with their collective decline in the late June survey was growth in the combined "none of the above" / "no opinion" cohorts of eight percentage points in May. I believe that these three have been stealing share back and forth from each other for the past few months, and The Donald has not impacted them much, if at all.

The following charts compare Trump with all candidates other than Rubio, Walker, and Bush. Notice again how the aggregate totals remain fairly constant, especially when one keeps in mind the margin of error.

Trump is not hurting the presumed front runners. Instead, he's been sucking some of the air away from the candidates that Republican primary voters have been considering as alternatives to the main three; Christie, Carson, Huckabee, and Cruz hit the most. At least, that's the way it appears to me.

The .pdf files for the surveys are here: CNN/ORC, Fox Opinion Dynamics, Monmouth

Edited to add: If one goes by the Monmouth and Fox polls, you could also say that Paul isn't being impacted by Trump one iota. His numbers have been remarkably steady in each of their surveys. CNN, however, has shown him slipping a bit.

Posted by at No comments:

Wednesday, April 29, 2015

Clinton to propose police body cameras

Good idea.

I am wondering about a hypothetical, though. Let's say that something happens, and the video of a certain timevspan is subpoenaed. Further, that the officer had decided to use a personal camera, and when told to turn over all recordings, scrubbed much of them as being personal and unrelated.

How should we handle that?

Posted by at No comments:

Friday, April 10, 2015

Put a Stop to Using Police as Revenue Streams

There are many reasons to oppose the use of police to generate revenue. It hits the poor the hardest. It leads to abuse. It leads to a disdain for law enforcement. It leads to abuse.

Hopefully, some Republican Presidential candidates will take this up as an issue. Rand Paul seems a natural, but I could see others joining in as well.

I would recommend a simple proposal, such as making states report to the federal government all revenues raised from traffic violations, and using that amount as an offset to the amount given to the state for highway maintenance and similar construction projects. Give the individual states an incentive for discouraging the practice within their own borders, perhaps by doing something similar to their municipalities.

Simple, clean. Have the incentives be towards ticketing the minimum amount required to ensure public safety, which is how things really should be.

Posted by at No comments:

Sunday, March 22, 2015

Aliens and today's audience

I cheered.

Do they do that in theaters today? If so, I haven't seen it.

Audiences of which I was in cheered at Star Wars. They roared in approval when Reiser got his. They were in to it

I've been in quite a few movies of late that the audience clearly loved. Aliens. Avengers. A dozen others across genres, with the most recent being a more modest box-office title, "Kingsman."

It's not that I run out of the theaters early, with a well-practiced "Get off my lawn." No, I wait until the very end (and actually don't need to use the "Get off my lawn" cliche).

Either movies today do not inspire ovations of the kind found on Broadway, or people today aren't inspired to do so in general. I bet it is the former.

In Independence Day, the audience cheered and jumped up into applause when the first titan went down.

When will that happen again? And is the lack of it right now on the studios, or on us?

Posted by at No comments:

Tuesday, March 10, 2015

A Few Questions I Want Answered.

Mr. Halperin, let's put that to the test. Here are a few questions I have. If these are answered in an acceptable fashion, then I will consider it good enough.

  1. Why did you do this?
  2. Why did you ignore the state department manual which stated that "sensitive but unclassified information" should not be transmitted through personal e-mail accounts?
  3. Do you consider emails sent to or from you in the course of your duties as Secretary of State to be your property, or the property of the United States government?
  4. Of the emails turned over so far, why did you have them delivered in printed form, with no metadata and headers?
  5. When will you be turning over all of the emails in their original, electronic form including all metadata and the full internet headers?
  6. Given that the law requires all emails regarding "the formulation and execution of basic policies and decisions and the taking of necessary actions; records that document important meetings; records that facilitate action by agency officials and their successors in office," why had you not turned these over until you had been requested?
  7. What were the complete technical specifications of every part of the email system involved with clintonemail.com? Please include any filtering service (such as MXLogic), any software used, and what hardware was used.
  8. Was there automatic, tamper-proof archiving? If not, why?
  9. Who chose the specific ISP to use, and what information was used to make that choice?
  10. When will you be turning over any and all hardware for forensic analysis?
  11. If you have nothing to hide, why are you trying to control what to turnover and what you get to hold on to? Should that not be done by someone completely independent of you?
  12. Were there emails regarding the Clinton Foundation sent or received through any of your personal accounts? If so, will you provide those to an independent auditor who can look for potential conflicts of interest that you may have a reason to want withheld?
  13. Who was involved in maintaining this system? What security testing was performed? What was the backup schedule? Where are the backups? Which software patches were applied, and when?
  14. If there was nothing sensitive nor classified on these emails, why all the redactions when they are being released?

On a few of these, only a few answers are acceptable. For example, all of the "when will" questions need to be answered "within a few days at the latest."

Posted by at No comments:

Saturday, March 7, 2015

Make Legal What HRC Did

If I were a GOP Congressman, I would introduce bills to do the following:

  1. Repeal the Freedom of Information Act
  2. Forbid any part of the Executive Branch, excepting for overseas offices, from banning the use of personal emails for the conduct of official government business.

The FOIA has proven itself to be ineffective in producing a transparency when faced with determined resistance. We end up getting sanitized information from the corrupt and the unvarnished truth from the moral; the former get protected and the latter get embarrassed or worse. The cost simply is not worth it.

For the latter, a similar argument can be made. It is unenforceable, and restrains only those whose ethics do not need restraining; the dishonest simply ignore such restrictions.

This is a conversation we should be having. After all, there is nothing wrong with failing to be forthright with FOIA requests, nor in avoiding those inconvenient government email systems. At least, I hear very smart people saying this. And the voters don't care, anyways, they say. Let's get these bills on the calendar, and open the floor for debate.

[Edited to add: On second thought, let's hold up and take time in drafting these bills. The wrong time to debate something is when something is fresh in the news; that leads to rash decisions and poor legislation. No, a better approach would be to take some time and wait until the current furor wanes. Once it is all behind us, when we've moved on, when the current story is old news, then that is when we should engage in this very public debate. I am certain the press will take interest.]

Posted by at No comments:

Friday, March 6, 2015

But then, maybe they couldn't afford $0.85 per user per month on their small system

If Begala knows what he's talking about, then this is significant. Why?

Click this link, make sure it is on the DNS records tab, and scroll down to the MX records. Don't worry if you don't know how to read them- this isn't going to be hard. Do you see how the MX records list clintonemail.com.inbound10.mxlogicmx.net and clintonemail.com.inbound10.mxlogic.net? Those records say, "direct emails for this domain (clintonemails.com) to those servers", and those servers are mxlogic.com servers.

The Clitnonemails.com domain is set up to pipe its emails through MXLogic, which is now owned by McAfee. Their service provides email filtering-- spam removal and, more importantly, blocking of malicious email such as phishing attempts and other email-based cyber attacks.

But they also offer archiving services.

What kind of archiving services? This kind. Especially read the section on page 2 under "Document Compliance Made Easy." I screen-grabbed a few excerpts here:

Click on each picture to expand- or just read the brochure I linked. [Edited to add: It turns out it is harder to get to the images in an embedded tweet than I would like. The relevant section says, in part:

  • Tamperproof read-only storage—Messages and message metadata are protected in their original state
  • Dual data centers—Eliminates the threat of a single point of failure, ensuring that no message is ever lost
  • Automatic quality verification—Verifies that stored message copies are identical to the originals
  • Dual commit message capture—Messages aren’t deleted from your email server until accurate copies have been made and verified
  • Auditable message serialization—Adds a unique numeric identifier to each message to comply with SEC requirements that prohibit tampering or deletion of messages
  • Transport and storage encryption—Messages are transported securely via TLS or SSL, and are stored using 256-bit encryption
]

While I did not get a price quote from them directly, I did find this, which does have pricing for McAfee's services as an authorized re-seller. You can bet that these are not far from what it would be. The Email Security & Archiving Suite with Multi-Year Retention? $3.67 per user/month. Given the small number of users on the Clintonemail.com domain, it would be an inconsequential amount for the Clintons. The option without archiving? $2.82 per user/month.

If Hillary has a "non-archival compliant" system, it is because they chose not to spend an extra $0.85 per user per month. And as anyone who has ever signed up for one of these services knows, they try to up-sell you when you do; no way they didn't hear all of the benefits of the extra cost.

[Edited to add: Of course, this means there will never be an incriminating email in anything HRC's camp turns over or has turned over. They're long gone. If there was anything bad, the only way it will come out is from anyone on the other end of those emails, or anyone who intercepted one. Such a person would have some leverage, don't you think?]

{Edited again to add: Also note that the archiving service includes transport and storage encryption. This would have prevented things like a system administrator from being able to read the archived emails-- a nice bit of security that they simply chose to not spend a pittance to get.]

Posted by at No comments:

Saturday, February 21, 2015

Who Summoned the Sharknado?

It’s serendipitous when an old colleague calls one out for teaching him something, and that something is something I had not quite forgotten, but definitely had not been remembering enough of late.

Thanks, Thomas. Blind squirrel, acorn and all that.

We are on day three of a media full-court press on Rudy Giuliani’s comments on Obama’s love of country. We’re at the point where a few journalists are starting to express amazement at how strident the feeding frenzy has been. And without question, the attacks are veering towards Scott Walker. Mark Halperin is merely the latest example of stretching to make an attack. There have been many before.

So, back to the forgotten lesson.

Why is this story out there?

When I ask, I am not talking about the sharks swarming because they smell blood in the water. Sharks are sharks. All they do is eat, swim, and make baby sharks. Similarly, journalists eat, write, and make baby journalists. They are swarming because that’s their nature.

Instead, I am talking about why this story is out there in the first place?

Somewhere, there is someone who was at that event and immediately went to the press with it. Clearly, whoever it was knew how to get the story out, and is likely savvy (eta: sensing the opportunity for a strike is a sign of it). I find it hard to imagine this was a case where someone made a casual aside not knowing it would end up in the news; a casual aside that had fairly specific quotations. No. Someone with an agenda wanted this out there.

Most likely, that would be someone aligned with a campaign who saw an opportunity. Odds say that would be someone who has a large network with the capability of egging a story on behind the scenes. Maybe in a bar, over drinks, just saying, “I agree. This is important.” Who knows?

But make no mistake. A supporter or surrogate of one of the Presidential candidates wanted this story out there.

That should be a story as well. Who threw the chum?

Updated to add: I note the stories do not include a quotation from whoever went to the press here. Fingerprints were avoided.

Another edit: the original post title was "In the Conservatory, With the Candlestick". I changed it because I had gone with a different allusion in the post and thought of one more fitting for it.

Posted by at No comments:

Monday, February 2, 2015

If I Was a GOP Presidential Candidate Asked About Vaccinations

Simple response.

Start with an incredulous blink or two.

Then say, "My kids are vaccinated."

Follow with, "I have not seen this issue on the list of those voters think are important right now, nor have I heard of any major legislation on the matter. So it seems strange to be asking me about it. However, barring a major outbreak or a scientific reason to be concerned that one was imminent, I'd veto anything on the matter in any direction for not being what we need to focus on right now."

ETA this link provided by Maetenloch over at Ace's place.

Posted by at No comments:
Subscribe to: Posts (Atom)