February 20th, 2017

My one year adventures of using only a smart phone ONLY for all my Internet access is almost over

Just spent $249 on a Lenovo Thinkpad T410 from USA Notebooks ( http://usanotebook.com/ ). I’ve done this before and the last refurbished Laptop lasted for 4 years and I spent less than $250. This Laptop even has a Nvidia display card so it should be adequate for light gaming.

Today’s post will be on email server security 

This won’t be a tutorial on how to set up an email server, it will be a discussion on what is good security practice and what what isn’t for those of us who want to understand what’s the issue on Hillary Clinton’s illegal email server.

Passwords.  The key to security.  And how a server deals with passwords determines how secure a server is.

A teller in training learns to spot counterfeit money by handling real money.  When they take your $20 bill from you they will mostly just glance at the metallic security strip but most of their check is merely how the bill FEELS.  If it doesn’t pass the feel test then the teller looks closer.

So what would good government level security “feel”  like?

I worked for a number of years at Hughes as an IT professional.  Hughes is a government contractor so the email servers had to be government security compliant.

The first password needs to changed,  it’s temporary.

Passwords need to be changed every 30 days.  Each new password has to be unique (can’t perpetually reuse two favorite passwords)  and

after 3 incorrect passwords the email account locks and cannot be accessed without IT help.

No one sits at the server 24/7 enforcing these rules,  they get programmed into the server.

But rules can be changed.  People decide what level of security they want and you can have anything from high level government to ZERO.

You can actually have email accounts that have no security.  No password is needed.

Doing a forensic analysis on Hillary’s private &  illegal email server isn’t possible for me,  as I don’t have access to the server.  In fact,  rumor has it that the server has been wiped (all data destroyed)

So I can’t really give any expert opinion on Hillary’s server.

However, There are a few things that cause me to doubt Hillary’s server security.

First is that John Podesta kept the word “password” as his password .  He wasn’t forced to change it.

Second is rumor has it one of Bill’s Secret Service agents set up the server.  Don’t know if he was competent or not,  but I remember when I was doing IT it was a nearly full-time chore just to keep up with changes in the field.

And thirdly,  the server WAS hacked.  You can read Hillary & minions emails on Wikileaks ( http://www.wikileaks.org )

Hopefully this has been helpful it helping to sort out server security for you. 

But the biggest question for me is what was in the estimated 50,000 emails that the FBI thinks got deleted…

Advertisements

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s

%d bloggers like this: