| HN Mirror

Y	Hacker News new \| ask \| show \| jobs

by geofft 3629 days ago

And what were Clinton's intentions? We can all imagine what we'd do if we had a job that required us to have reliable, working e-mail and our employer's IT systems sucked - we'd just use an outside email account. If we knew our job required higher security standards than Gmail would really be appropriate for, we'd self-host. I've thrown infrastructure for a former employer onto a personal server because it needed to work and our IT department was overworked and unfamiliar with how to run it. I'm sure all of us have used personal laptops, or Dropbox, or SSH tunnels, or AWS, or not-really-freeware, or something that violates IT policy in order to get the job done, and we had a clear conscience about it.

Now imagine that your job isn't merely writing some app but literally about making or breaking world peace, and that your IT department isn't just some tired Windows admins down the hall but the entire disaster that is the same federal government that tried to launch healthcare.gov. And that at no point in your job did anyone even set you up with an official email account in the first place. What would you do?

Both of them broke the law; both of them had very good reasons for doing so. There are arguments that they made Americans less safe by their actions, but there are definitely arguments in both cases that they made Americans more safe by their actions.

1 comments

josho 3629 days ago

Ok. What if you were a high level employee that could force change and you still circumvented the systems in place to protect information systems. And while you went around the secure systems you left your server unpatched and open to compromise from competitors.

geofft 3629 days ago

It's pretty hard for a high-level employee to force change in a bureaucracy the size of the federal government. Remember healthcare.gov - if the CEO launches the project that will define his legacy, and the infrastructure melts down on the first day, you think some other executive can get the email systems fixed?

And in any case, fixing the email systems for an organization this big is a messy project. There are countless employees who have the existing system set up and have workflows depending on it. There's special handling of classified information, records-keeping, and so forth. All of this will break, somehow, when you try to migrate it. I'm sure Hillary could have chosen to be the meddling exec who demands an IT overhaul to suit her needs if she really wanted to prioritize that, but it does not actually seem like that would have been better for America. (Or for her public perception, for that matter.)