RE: clintonemails.com: Who is Eric Hoteham?

[TheL8Elvis]

IOW you got nothing.

Lolz. Asking venafil to prove a negative while you refuse to support you claim.

I'm not making asking venafi to prove a negative,and we already covered this earlier in the thread, so there seems to be no reason to cover it again.

And I'm not making a claim I need to support.

Your post makes no sense.

 

[The Big Dog]

I'm not making asking venafi to prove a negative

:

Yes, evidence is required for the original claim by venafi that, "Therefore, from January to end of March 2009 access to clintonemail.com did not use encryption."

and then....

And I'm not making a claim I need to support.

:

It's not only possible, but plausible they simply installed a self-signed cert until they purchased the NetSol one.
Or, equally as possible, didn't actually start using the server until after obtaining the netsol cert.

.....

Hooray for FUD and misinformation.

'k.

Your post makes no sense.

'k.

 

[TheL8Elvis]

I Already covered this earlier, when Venafi made some unprovable claims about security:

https://www.venafi.com/blog/post/what-venafi-trustnet-tells-us-about-the-clinton-email-server/
Starting in late March 2009, mail.clintonemail.com was enabled with a Network Solutions’ digital certificate and encryption for web-based applications like Outlook Web Access. This was 3 months after Secretary Clinton took office. The clintonemail.com domain was registered with Network Solutions in January 2009 – 8 days before Secretary Clinton was confirmed by the U.S. Senate. Therefore, from January to end of March 2009 access to clintonemail.com did not use encryption.

EVIDENCE? You don't expect anyone to prove a negative, particularly when Hillary and her cabal REFUSE to show that it was secure, let alone how it was secure.

So now you are flat out making stuff up? Typical...

:
and then....
:
'k.
'k.

I am not asking anyone to prove a negative. The argument is simply not sound.

1:March 2009, mail.clintonemail.com was enabled with a Network Solutions’ digital certificate
2:clintonemail.com domain was registered with Network Solutions in January 2009
3:Therefore, from January to end of March 2009 access to clintonemail.com did not use encryption

3 does not follow from 1 and 2.

They could easily provide evidence for 3. A network packet capture, for example, showing plain text communication with the server in question.

I can't tell whether you are failing because you don't understand the technology involved, the logic involved, or if you are simply being intentionally obtuse.

 

[The Big Dog]

The Next Tranche is due out Today!

Thousands more Hillary Clinton emails to be released The State Department on Wednesday is due to reveal more than 6,000 pages of messages from late 2010 and early 2011.

Tonight is the monthly release. Will we see another Rube Goldberg like system for ordering ice tea? More Top Secret classified data? Sneering Contempt for Governmental Transparency?

Stay Tuned for the Case of the Cowboy Server: Hilly and Billy get Silly!

 

[DavidJames]

1:March 2009, DavidJames purchased a bus pass to get to work.
2: DavidJames started work January 2009
3:Therefore, from January to end of March 2009 DavidJames never got to work.

Yeah, that makes sense.

 

[The Big Dog]

I am not asking anyone to prove a negative. The argument is simply not sound.

1:March 2009, mail.clintonemail.com was enabled with a Network Solutions’ digital certificate
2:clintonemail.com domain was registered with Network Solutions in January 2009
3:Therefore, from January to end of March 2009 access to clintonemail.com did not use encryption

3 does not follow from 1 and 2.

They could easily provide evidence for 3. A network packet capture, for example, showing plain text communication with the server in question.

I can't tell whether you are failing because you don't understand the technology involved, the logic involved, or if you are simply being intentionally obtuse.

Or, ya know, Hillary and her Cabal could release the certificate, which they refuse to do.... Oh wait, that does not fit in with your rank speculation.

Venafi? Bad guys, cause they can't prove a negative!
Clinton? How dreamy....

Cool snipe at me at the end because I am calling shenanigans on baseless speculation....

 

[TheL8Elvis]

Or, ya know, Hillary and her Cabal could release the certificate, which they refuse to do.... Oh wait, that does not fit in with your rank speculation.

They couldn't possibly provide anything that would satisfy you ....

Venafi? Bad guys, cause they can't prove a negative!

So at this point, after having had it explained to you numerous times, you are just being willfully obtuse.

Clinton? How dreamy....

Cool snipe at me at the end because I am calling shenanigans on baseless speculation....

 

[The Big Dog]

1:March 2009, DavidJames purchased a bus pass to get to work.
2: DavidJames started work January 2009
3:Therefore, from January to end of March 2009 DavidJames never got to work.

Yeah, that makes sense.

No that doesn't... man, people are terrible with analogies around here....

1. Hillary sets up Cowboy server in her basement, claims it is totally secure and stuff.
2. people quite reasonably say, hey show us proof it was secure.
3. crickets

 

[The Big Dog]

They couldn't possibly provide anything that would satisfy you ....

So at this point, after having had it explained to you numerous times, you are just being willfully obtuse.

They couldn't possibly provide anything that would satisfy 16.5, so they are just not going release the certificate that you speculate they have, or in fact anything at all! So there! Hee hee, that is some skepticism!

By the way, gainsaying is not "explaining." You pulled that "possible, but plausible" right out of thin air, and are asking Venifi to provide something, but not making the same demand of Hillary and her Cabal.

I'd suggest you have a double standard, but in fact you are doing nothing but carrying water for Hillary and making excuses for her sneering contempt of transparency.

Post something about my being "obtuse" or some similar ********. Avid readers know better.

 

[TheL8Elvis]

They couldn't possibly provide anything that would satisfy 16.5, so they are just not going release the certificate that you speculate they have, or in fact anything at all! So there! Hee hee, that is some skepticism!

By the way, gainsaying is not "explaining." You pulled that "possible, but plausible" right out of thin air, and are asking Venifi to provide something, but not making the same demand of Hillary and her Cabal.
I'd suggest you have a double standard, but in fact you are doing nothing but carrying water for Hillary and making excuses for her sneering contempt of transparency.

Post something about my being "obtuse" or some similar ********. Avid readers know better.

Yes, I'm asking the companymaking the claim "Therefore, from January to end of March 2009 access to clintonemail.com did not use encryption" to provide evidence.

As I am not making any claims, I don't have the same burden.

I've already explained why I don't think Clinton will be providing any technical evidence to the general public.

As has been pointed out, it's perfectly normal to use self-signed certs while waiting for a cert from CA. It's unremarkable, and I have no reason to believe they weren't doing that. Skepticism doesn't mean I have to doubt every little detail until it has been proven to me.

 

[The Big Dog]

Yes, I'm asking the companymaking the claim "Therefore, from January to end of March 2009 access to clintonemail.com did not use encryption" to provide evidence.

As I am not making any claims, I don't have the same burden.

I've already explained why I don't think Clinton will be providing any technical evidence to the general public.

As has been pointed out, it's perfectly normal to use self-signed certs while waiting for a cert from CA. It's unremarkable, and I have no reason to believe they weren't doing that. Skepticism doesn't mean I have to doubt every little detail until it has been proven to me.

1. You want Venifi to prove a negative.
2. You don't think that Clinton should have to provide evidence to support their claim that the server was secure.
3. You have no evidence that they were using self signed certs, but are just going to go ahead and claim it anyway.

wowsers.

You "doubt" Venifi but are just going to go ahead and take Hillary's word for it.

CHECK!

Hillary 2016, You are Just Going to Have to Take our Word for it!

 

[davefoc]

On Clinton's server security:
CNN said this:

But it only works if it's configured correctly. CNN found that Clinton's computer server wasn't using trusted Web certificates -- something that's frowned upon by computer security experts. Running a personal mail server is generally harder to protect than, say, the State Department, which has a dedicated computer security team

TheL8elvis believed they were referring to this from Venafi

Starting in late March 2009, mail.clintonemail.com was enabled with a Network Solutions’ digital certificate and encryption for web-based applications like Outlook Web Access. This was 3 months after Secretary Clinton took office. The clintonemail.com domain was registered with Network Solutions in January 2009 – 8 days before Secretary Clinton was confirmed by the U.S. Senate. Therefore, from January to end of March 2009 access to clintonemail.com did not use encryption.

TheL8elvis believes that Venafi could have only known that Clinton's email server was unsecured with their authentication. Clinton's email server could have been secured with a different certificate.

Kenneth Bocek a commenter on the Venafi blog said this:

TrustNet performs a full Internet scan from various locations. Scan is non-invasive handshaking to retrieve certificates Because of this, TrustNet can collect CA issued and self-signed certificates.

Was he wrong? Was what he said inconsistent with what TheL8elvis said?

I'm confused about the terms and players. Perhaps somebody could clear things up a bit?

Venafi
NetSol
NetworkSolutions
TrustNet
Digital Certificate
self-signed certificate
Encrypted email

 

[plague311]

Perhaps Plague311 could give us some technical information about this and tell us whether this is significant or not?

Sorry, I didn't realize you were unable to use the internet. I figured since you had at least a room temp IQ you'd be able to just...google stuff. Don't worry, I've done it for you. All you have to do now is read the links listed. It's really not complicated at all. It looks like TheL8Elvis held your hand for you though. Apparently 16.5 doesn't understand it, doesn't want to click Elvis's links, or just doesn't have the ability to comprehend how things work, but I'm holding out hope for you. Your snarky comments continuously strawmanning the claims I've made about my knowledge and experience in the field leads me to believe that you might not get it, but again, I've got hope.

If you need anything else googled, or dumbed down for you, just inbox me. I can hold your hand if you'd like, that way Elvis doesn't have to clutter the thread with explanations that people refuse to read or understand.

 

[The Big Dog]

I'm confused about the terms and players. Perhaps somebody could clear things up a bit?

Venafi
NetSol
NetworkSolutions
TrustNet
Digital Certificate
self-signed certificate
Encrypted email

Hillary could, but won't.

 

[plague311]

I'm confused about the terms and players. Perhaps somebody could clear things up a bit?

Venafi
NetSol
NetworkSolutions
TrustNet
Digital Certificate
self-signed certificate
Encrypted email

Have you even attempted to learn anything on your own? You want someone to give you a *********** class on Net Security on an internet forum? Does the fact that you don't know any of this give you pause, at all, in your accusations? Does the fact that the only person taking the time, AT ALL, to explain ANY of this to you is defending Hillary and speaking from technical outlook, change anything for you?

So far you've sucked up everything 16.5 has said, including but not limited to posting stupid memes of Hillary, but you hesitate to take TheL8Elvis's word for things. That is awesome. "Avid Readers" should take note of something like that. Critical thinking, skepticism and all.

 

[The Big Dog]

Sorry, I didn't realize you were unable to use the internet. I figured since you had at least a room temp IQ you'd be able to just...google stuff. Don't worry, I've done it for you. All you have to do now is read the links listed. It's really not complicated at all. It looks like TheL8Elvis held your hand for you though. Apparently 16.5 doesn't understand it, doesn't want to click Elvis's links, or just doesn't have the ability to comprehend how things work, but I'm holding out hope for you. Your snarky comments continuously strawmanning the claims I've made about my knowledge and experience in the field leads me to believe that you might not get it, but again, I've got hope.

If you need anything else googled, or dumbed down for you, just inbox me. I can hold your hand if you'd like, that way Elvis doesn't have to clutter the thread with explanations that people refuse to read or understand.

I actually, honest to goodness burst out laughing at this!

TheL8Elvis has been posting evidence free speculation designed solely to muddy the water from three facts:

1. Hillary claims that her server was secure.
2. Hillary's cowboy server did not have a certificate until March
3. Hillary won't release any evidence that the server was secure.

.... Let me break down the argument for any of those posters who are less 'technically inclined'
SSL secures communications sent across the internet
SSL requires a digital certificate
clintonemail.com domain was registered with Network Solutions in January 2009
mail.clintonemail.com was enabled with apurchased Network Solutions’ digital certificate March 2009,
Therefore, from January to end of March 2009 access to clintonemail.com did not use encryption.

So what's the problem ?

Having a "digital certificate" and securing communications does not require purchasing a cert from NetSol. It's easy, and an accepted practice to create your own CA and certificates:
https://www.google.com/search?q=crea...+certificate
It's not only possible, but plausible they simply installed a self-signed cert until they purchased the NetSol one.
Or, equally as possible, didn't actually start using the server until after obtaining the netsol cert.



See how easy that is? All the parts I've struck through are obvious BS.

Further, when I asked him for evidence of his "self signed certs," he made up some lame excuse about how he "wasn't making any claim," which is nonsense.

Let me dumb it down for you:

Did Hillary have a self signed cert? Yes or No.
If yes? Evidence please.

If you need anything else googled, or dumbed down for you, just inbox me. I can hold your hand if you'd like, that way I don't have to explain that Elvis has never posted any explanations whatsoever.

 

[TheL8Elvis]

1. You want Venifi to prove a negative.

No, I don't.

1) You haven't addressed that their argument is not valid:

1:March 2009, mail.clintonemail.com was enabled with a Network Solutions’ digital certificate
2:clintonemail.com domain was registered with Network Solutions in January 2009
3:Therefore, from January to end of March 2009 access to clintonemail.com did not use encryption

3 does not follow from 1 and 2.

2) You don't understand that the opposite of encrypted is plain text

If Venafi wants to claim that information was sent in plain text, they have to provide evidence that it was sent in plain text

If you still can't understand this is not asking to prove a negative, then I can't help you any further.

2. You don't think that Clinton should have to provide evidence to support their claim that the server was secure.

Strawman. That's not what I said, which is why you don't quote me.

3. You have no evidence that they were using self signed certs, but are just going to go ahead and claim it anyway.

I didn't claim they were. I claimed the practice of doing that was unremarkable, and I have no reason to believe they didn't do that.

wowsers. <SNIP>

Wowsers indeed. If i hadn't been in this thread for so long, I might be amazed at the dishonesty in your arguments.

 

[The Big Dog]

snip

1. Hillary claims that her server was secure.
2. Hillary's cowboy server did not have a certificate until March
3. Hillary won't release any evidence that the server was secure.

Therefore,

Did Hillary use encryption? Yes or No.

If yes? Evidence please.

You see how simple that is? And how I don't have to use bs phrases like "i have no reasons to believe" blah blah blah.

 

[davefoc]

Have you even attempted to learn anything on your own? You want someone to give you a *********** class on Net Security on an internet forum? Does the fact that you don't know any of this give you pause, at all, in your accusations? Does the fact that the only person taking the time, AT ALL, to explain ANY of this to you is defending Hillary and speaking from technical outlook, change anything for you?

So far you've sucked up everything 16.5 has said, including but not limited to posting stupid memes of Hillary, but you hesitate to take TheL8Elvis's word for things. That is awesome. "Avid Readers" should take note of something like that. Critical thinking, skepticism and all.

I was hoping to get a discussion going by people who know more than me about this on the details of this discussion on Clinton's net security.

I don't know about sucking up everything that 16.5 said. I think 16.5 may not agree with you completely on that because before this thread 16.5 and I were barely on the same planet with regards to our previous discussions. But of course it's possible that I've now seen the light and understand that 16.5 is always right about everything so I should just go along with what he says or maybe I think the facts and what 16.5 says in this case are consistent.

The nutjob right wing blog HuffingtonPost just ran another article critical of Clinton. Has 16.5 gotten to them as well?

http://www.huffingtonpost.com/john-a-tures/how-gen-david-petraeus-ge_b_8215778.html

If you don't want to give me "a *********** class" perhaps you could respond to this comment by somebody responding to a comment on the Venafi blog:

TrustNet performs a full Internet scan from various locations. Scan is non-invasive handshaking to retrieve certificates Because of this, TrustNet can collect CA issued and self-signed certificates.

I posted this not to defend a position. I don't know what kind of security Clinton had and I'm not qualified to sort through various claims. I thought it would be interesting to see what people better informed than me had to say about it.

Who was the person attempting to explain any of this at all to me? What accusations by me were they responding to?

 

[DavidJames]

On Clinton's server security:
CNN said this:


TheL8elvis believed they were referring to this from Venafi



TheL8elvis believes that Venafi could have only known that Clinton's email server was unsecured with their authentication. Clinton's email server could have been secured with a different certificate.

Kenneth Bocek a commenter on the Venafi blog said this:


Was he wrong? Was what he said inconsistent with what TheL8elvis said?

I'm confused about the terms and players. Perhaps somebody could clear things up a bit?

Venafi
NetSol
NetworkSolutions
TrustNet
Digital Certificate
self-signed certificate
Encrypted email

Did anyone scan HRC's server during the period in question, simple yes or no question. I know the answer and so should you.