VodkaPundit

Emailgate: It Just Gets Worse

"I always get the IRQ and IRC mixed up, Mrs. Clinton."

“I always get the IRQ and IRC mixed up, Mrs. Clinton.”

Gawker talked to a security expert about clintonemail.com:

“It is almost certain that at least some of the emails hosted at clintonemails.com were intercepted,” independent security expert and developer Nic Cubrilovic told Gawker.

Within the instant classic “ClintonEmail.com” domain, it appears there are three separate servers. The domain’s blank landing page is hosted by Confluence Networks, a web firm in the British Virgin Islands, known for monetizing expired domain names and spam.

But the real worry comes from two other public-facing ClintonEmail.com subdomains, which can allow anyone with the right URL to try to sign in.

One is sslvpn.clintonemail.com, which provides a login page that apparently uses an SSL VPN—a protocol that allows your web browser to create an encrypted connection to a local network from any internet connection—to users to access their email. That sounds secure, and under the right circumstances, for regular users, it can be.

You’ll want to read the whole thing, which is frightening as hell — especially when you consider how fruitless even our lousy diplomatic efforts have been. Why, it’s almost as though someone has been reading our mail.

I’ll also add that “regular users” does not include the kind of professional hackers hired by foreign governments to try and read our mail.

UPDATE: ‘Nuff said.