|
Background: I was quoted in the Wired piece. I made sure to emphasize that us outsiders can't say, with any certainty, whether this server was more or less secure than the State Department infrastructure. Matt Blaze, faculty at Penn, made the same point. But, alas, non-expert sensational spin won the day.[1] With that out of the way, I suspect some HN readers might have an interest in the attribution process. 1) Find the mail servers for clintonemail.com, using DNS MX records. These days, they're run through McAfee. Back in 2010, though, the records pointed to mail.clintonemail.com. (There are a handful of services that keep those historical records, e.g. dnshistory.org.) 2) Find the IP address for mail.clintonemail.com, using DNS A records. Today, it's 64.94.172.146.[2] Back in 2010, it was 24.187.234.187. 3) Run an ARIN WHOIS on the old IP address. It's a static IP range through Optimum Online, allocated to "Eric Hoteham" at the Clinton home in Chappaqua. The surrounding IP ranges map to small businesses in the area.[3] So, there is some nontrivial technical evidence that the email server was at the Clinton residence. But it's hardly definitive. It's possible, for instance, that the registered address is merely for billing purposes. [1] There's even a glaring a factual error in the story. It was a web hosting service offered by Network Solutions that was hacked in 2010, not their DNS service. That would've been a much bigger deal. [2] There's still a live server at mail.clintonemail.com. It's running Windows Server 2008 R2 with a valid SSL certificate. And it appears to be colo'd at Internap. Between that and the MXLogic protection, hardly a slapdash setup. [3] Quite a few of these records have odd contractions or typos, suggesting the misspelled name wasn't intentional. |