It looks like you're using an Ad Blocker.

Please white-list or disable AboveTopSecret.com in your ad-blocking tool.

Thank you.

 

Some features of ATS will be disabled while you continue to use an ad-blocker.

 

Hillary's Server and the Air Gap Problem

page: 1
12
<<   2 >>

log in

join
share:

posted on Aug, 19 2016 @ 09:14 AM
link   
There's a problem I have with presence of Top Secret and above material on Clinton's server. I'd like to hear from those in the know how information that sensitive gets onto an unsecured email server in someone's closet.

As an opener there's this link.

Air Gap


It takes a very conscious effort to move a classified e-mail or cable from the classified systems over to the unsecured open system and then send it to Hillary Clinton’s personal e-mail account,” said Raymond Fournier, a veteran Diplomatic Security Service special agent. “That’s no less than a two-conscious-step process.” He says it’s clear from some of the classified e-mails made public that someone on Clinton’s staff essentially “cut and pasted” content from classified cables into the messages sent to her. The classified markings are gone, but the content is classified at the highest levels — and so sensitive in nature that “it would have been obvious to Clinton.” Most likely the information was, in turn, e-mailed to her via NIPRNet


And then there's this.


The daily revelations over classified information finding its way onto Hillary Clinton’s personal email server are raising perplexing questions for former government officials who wonder how classified information made its way onto the former secretary of state’s non-classified server — especially since the two systems are not connected. “It is hard to move classified documents into the non-classified system. You couldn’t move a document by mistake,” said Willes Lee, a former operations officer for the U.S. Army in Europe and former operations officer for the Joint Chiefs of Staff. State Department spokesman Alec Gerlach confirmed the two systems don’t connect. “The classified and unclassified system are separate and you cannot email between the two,” Gerlach told Fox News.


So this is the question. How would you transfer the information? I'm assuming these guys are savvy enough to be able to log the usage of a usb stick being stuck into a secure workstation. Are there cameras in those areas to monitor what people are doing? Could you pull off a straight up tradecraft technique of just taking a photo of the monitor?

If this was done it's plain old espionage. Pay a reasonable amount into the Clinton Foundation and the info you want shows up on an unsecured email server. To me this is gobsmacking for someone who may be about to become the President.

Tell us the details of how this works.
edit on 19-8-2016 by TheAiIsLying because: Posted too soon




posted on Aug, 19 2016 @ 09:24 AM
link   
a reply to: TheAiIsLying


it’s clear from some of the classified e-mails made public that someone on Clinton’s staff essentially “cut and pasted” content from classified cables into the messages sent to her. The classified markings are gone, but the content is classified at the highest levels — and so sensitive in nature that “it would have been obvious to Clinton.”

Too funny, I dind't know that. Censored out the classified heading to cover up what they knew they were doing.

IOW, they were using sensitive information illicitly to topple other nations (like Libya) and run guns from there to Syria.

Tsk Tsk, and the good ship Hillary keeps chugging along. They should come to her next live rally, stride up to the podium and cuff her, announcing to everyone, "Hillary Rodham Clinton, you are being placed under arrest for high crimes and treason against the state".

Edit: sorry, I know that doesn't answer your question. Snowden said the only way to prevent snooping was wth air gap systems, that was a while ago. Still, if it goes over the ether it is 'out there'...
edit on 19-8-2016 by intrptr because: Edit:



posted on Aug, 19 2016 @ 09:42 AM
link   
a reply to: TheAiIsLying

Cut and pasting Top Secret (and above) material in order to hide the fact that it's sensitive material?

That sounds pretty intentional to me



posted on Aug, 19 2016 @ 09:54 AM
link   
The air gap will.not.save. ye.
air gap malware



posted on Aug, 19 2016 @ 10:02 AM
link   
You can get it if the person in charge of security at the originating site leaves active ports on the machines. Or removable discs with write capability.

Ours have been modified with a soldering iron - no USB, no firewire, no esata, no CD writers, nada. You can't re-enable them, because they're physically GONE.

Not every place does this. And it makes it easy to move info from an authorized system to an unauthorized one.



posted on Aug, 19 2016 @ 10:03 AM
link   
Most TS material is in a SCIF (Sensitive Compartmented Information Facility).

You'd have to go into the SCIF and take out the information. I'm assuming you'd have to be senior enough to be able to take it out of there.

If you're interested in seeing some of the security awareness training you can take this flash test. Pick the Department of Defense Employees test.

iatraining.disa.mil...



posted on Aug, 19 2016 @ 10:06 AM
link   
a reply to: Bedlam

We disabled our USB ports via windows policy to disallow the use of usb thumb drives. And you need an admin in order to use any USB device.

It's a pain because keyboard and mice won't work if you move them to a different port.

However it's secure.



posted on Aug, 19 2016 @ 10:08 AM
link   
Best security money can buy, didn't disable "copy/paste" for the content "classified at the highest levels"?



posted on Aug, 19 2016 @ 10:11 AM
link   

originally posted by: grey580

You'd have to go into the SCIF and take out the information. I'm assuming you'd have to be senior enough to be able to take it out of there.


You just need a stupid or lax security officer. Bradley Manning got his data out by carrying in CD-RW disks, and rewriting them with the still operational rewriters in the SCIF systems.

You can get very very small USB drives now, as well, and you could get info out that way, if the USB connectors were left on.

It depends, too, on where you are posted, you'd be frisked and looked at a lot more carefully in Tampa coming out of the SCIF than you would at some diplomatic posting in lower Slobovia.



posted on Aug, 19 2016 @ 10:18 AM
link   

originally posted by: grey580
a reply to: Bedlam

We disabled our USB ports via windows policy to disallow the use of usb thumb drives. And you need an admin in order to use any USB device.


I don't trust Windows all that much to be secure even if you set the policy for it. However, it's a good start.

It's going to be an issue if they ever have to change out the keyboards or mice, those are the only USB ports remaining and they're sort of permanently attached.



posted on Aug, 19 2016 @ 10:29 AM
link   
If the keyboard and mouse are not permanently attached, you wouldnt need the keyboard to copy and paste. Or could they temporarily swap out the keyboard with one that has a usb port?



posted on Aug, 19 2016 @ 11:00 AM
link   
a reply to: Bedlam

yeah one of these guys.

everything is so small now it's insane

www.sandisk.com...




posted on Aug, 19 2016 @ 11:02 AM
link   

originally posted by: Bedlam

originally posted by: grey580
a reply to: Bedlam

We disabled our USB ports via windows policy to disallow the use of usb thumb drives. And you need an admin in order to use any USB device.


I don't trust Windows all that much to be secure even if you set the policy for it. However, it's a good start.

It's going to be an issue if they ever have to change out the keyboards or mice, those are the only USB ports remaining and they're sort of permanently attached.


There are so many enterprise tools now that monitor everything.

Cisco has some software and servers that will monitor a pc and tell you everything users do. It's expensive. $15K just to start.

But if you need it. it's worth the price.



posted on Aug, 19 2016 @ 11:04 AM
link   
a reply to: cactusman23
No, I don't know his system but if you unplug the keyboard then you will need an IT admin to plug it back in.

As soon as you remove the USB you are keyboard-less until admin turns the USB back on



posted on Aug, 19 2016 @ 11:05 AM
link   
I've been saying things like this since this mess began. It took conscious effort to move this classified/top secret info. And imo it was espionage, or at the very least should be regarded as such... gone are the old days of dead drops, secret meetings in public parks, and handoffs of classified files and film to foreign agents. Spying is electronic- transfer of physical materials is totally unnecessary and obsolete.

And I don't think there's any chance that the top hackers for foreign intelligence services weren't aware of the existence of an unsecured, frequently updated goldmine of U.S. Government information, much of it classified, at the home of the Secretary of freaking State. To suggest that every byte of this information wasn't being copied and immediately studied and exploited for whatever advantages it might offer is ridiculous. And when one considers the possibility (as has been suggested before, but quickly glossed over by the media) that the identities of American undercover agents abroad might've been compromised, things quickly take a very dark turn. I don't even want to think about that one too much.

The very ACT of placing this data on an unsecured server is espionage. Or if it were any of us who had done the same thing, you can bet your sweet ass we'd be punished as if it was.



posted on Aug, 19 2016 @ 11:28 AM
link   

originally posted by: Bedlam

Ours have been modified with a soldering iron - no USB, no firewire, no esata, no CD writers, nada. You can't re-enable them, because they're physically GONE.

Not every place does this. And it makes it easy to move info from an authorized system to an unauthorized one.

Interesting to note the Swiss offer underground vault storage of you hard drives, unplugged, behind lock and key. You want access, you have to break in and steal the hardware device.

Also telling how trusting some are about security of their data in the electronic age.

Swiss data vaults
edit on 19-8-2016 by intrptr because: spelling



posted on Aug, 19 2016 @ 11:28 AM
link   
I've been out since 2005, but we had 2 separate laptops, NIPR and SIPR. Occasionally, we would have to put NonClassified info on the classified network and usually resorted to retyping it. However, we still had CD/DVD drives and USB. They were not tracked, nor prevented. Our OPSEC was based on our performance and knowledge. Heck, the data was in our heads, nothing to prevent us from typing that up except integrity.

To move from Unclass to Classified is indeed an very conscious decision. Had we gone from Secret to Non Classified, I'd be in Kansas turning big rocks into little rocks.



posted on Aug, 19 2016 @ 11:48 AM
link   
a reply to: cosmania

As a small contractor handling red hot stuff at times, we have to be like Caesar's wife.



posted on Aug, 19 2016 @ 02:25 PM
link   

originally posted by: TheAiIsLying
There's a problem I have with presence of Top Secret and above material on Clinton's server. I'd like to hear from those in the know how information that sensitive gets onto an unsecured email server in someone's closet.

As an opener there's this link.

Air Gap


It takes a very conscious effort to move a classified e-mail or cable from the classified systems over to the unsecured open system and then send it to Hillary Clinton’s personal e-mail account,” said Raymond Fournier, a veteran Diplomatic Security Service special agent. “That’s no less than a two-conscious-step process.” He says it’s clear from some of the classified e-mails made public that someone on Clinton’s staff essentially “cut and pasted” content from classified cables into the messages sent to her. The classified markings are gone, but the content is classified at the highest levels — and so sensitive in nature that “it would have been obvious to Clinton.” Most likely the information was, in turn, e-mailed to her via NIPRNet


And then there's this.


The daily revelations over classified information finding its way onto Hillary Clinton’s personal email server are raising perplexing questions for former government officials who wonder how classified information made its way onto the former secretary of state’s non-classified server — especially since the two systems are not connected. “It is hard to move classified documents into the non-classified system. You couldn’t move a document by mistake,” said Willes Lee, a former operations officer for the U.S. Army in Europe and former operations officer for the Joint Chiefs of Staff. State Department spokesman Alec Gerlach confirmed the two systems don’t connect. “The classified and unclassified system are separate and you cannot email between the two,” Gerlach told Fox News.


So this is the question. How would you transfer the information? I'm assuming these guys are savvy enough to be able to log the usage of a usb stick being stuck into a secure workstation. Are there cameras in those areas to monitor what people are doing? Could you pull off a straight up tradecraft technique of just taking a photo of the monitor?

If this was done it's plain old espionage. Pay a reasonable amount into the Clinton Foundation and the info you want shows up on an unsecured email server. To me this is gobsmacking for someone who may be about to become the President.

Tell us the details of how this works.


If Sec State asked for a hard copy, could she get it? Take hard copy, scan, send.



posted on Aug, 19 2016 @ 03:03 PM
link   

originally posted by: grey580
everything is so small now it's insane


We designed something even smaller for one of those infiltration exercises. It's a little bigger than your thumbnail, and flat. No connector. It just jams under the USB fingers. Got a processor and some bulk storage on, you can set the USB interface to look like whatever you want, including changing behaviors in mid stream, so to speak.

It protrudes just enough to grasp, has a thumbnail hook on one side to get it back.




top topics



 
12
<<   2 >>

log in

join