Did the Clinton Email Server Have an Internet-Based Printer? – Krebs on Security

The Associated Press right this moment points to a exceptional footnote in a latest State Department inspector basic report on the Hillary Clinton e-mail scandal: The mail was managed from the vainness area “clintonemail.com.” But right here’s a doubtlessly extra explosive discovering: A evaluation of the historic area registration data for that area signifies that whoever constructed the personal e-mail server for the Clintons additionally had the not-so-bright concept of connecting it to an Internet-based printer.

According to historic Internet tackle maps saved by San Mateo, Calif. based mostly Farsight Security, amongst the handful of Internet addresses traditionally assigned to the area “clintonemail.com” was the numeric tackle The subdomain hooked up to that Internet tackle was….look ahead to it…. “printer.clintonemail.com“.

Interestingly, that area was first seen by Farsight in March 2015, the identical month the scandal broke that in her tenure as United States Secretary of State Mrs. Clinton completely used her household’s personal e-mail server for official communications.

Farsight’s report for twenty-four.187.234.188, the Internet tackle which as soon as mapped to “printer.clintonemail.com”.

I ought to emphasize right here that it’s unclear whether or not an Internet-capable printer was ever linked to printer.clintonemail.com. Nevertheless, it seems somebody set it as much as work that means.

Ronald Guilmette, a personal safety researcher in California who prompted me to lookup this info, stated printing issues to an Internet-based printer arrange this fashion may need made the printer information weak to eavesdropping.

“Whoever arrange their residence community like that was a safety fool, and it’s a dumb factor to do,” Guilmette stated. “Not simply because any fool on the Internet can simply waste all of your toner. Some of those printers have easy vulnerabilities that depart them simple to be hacked into.”

More importantly, any emails or different paperwork that the Clintons determined to print could be despatched out over the Internet — nonetheless briefly — earlier than going again to the printer. And that information could have been sniffable by different prospects of the identical ISP, Guilmette stated.

“People are getting all upset saying hackers may have damaged into her server, however what I’m saying is that folks may have gotten confidential paperwork simply with out breaking into something,” Guilmette stated. “So Mrs. Clinton is sitting there, tap-tap-tapping on her laptop and decides to print one thing out. A intelligent Chinese hacker may have discovered, ‘Hey, I ought to get my very own Internet tackle on the identical block as the Clinton’s server and simply sniff the native community visitors for printer recordsdata.’”

I ought to observe that it’s potential the Clintons had been encrypting all of their personal mail communications with a “virtual private network” (VPN). Other historic “passive DNS” data point out there have been extra, probably fascinating and associated subdomains as soon as straight adjoining to the aforementioned Internet tackle rosencrans.dyndns.ws wjcoffice.com mail.clintonemail.com mail.presidentclinton.com printer.clintonemail.com printer.presidentclinton.com sslvpn.clintonemail.com


Related Posts