How WikiLeaks Got Hillary’s Stuff?

The Department of Defense has issued a warning not to use any Lenovo computers on their networks.

Lenovo is the personal computing division that IBM sold to the Chinese several years ago. A simple web search on Lenovo will turn up results like those quoted below.

On Friday the chairman of the House Judiciary Committee wrote to the FBI warning that secrets stored on former secretary of state Hillary Clinton’s private email server may have been compromised by a Clinton aide’s use of a Lenovo computer.

Rep. Bob Goodlatte (R., Va.) stated in a letter to FBI Director James Comey that Heather Samuelson, former White House liaison to the State Department, used two Lenovo laptops to sort some of the thousands of classified emails from Clinton’s server.

“Lenovo computers, and specifically the models used by Heather Samuelson for reviewing classified emails, have been shown by the Department of Homeland Security (DHS) to contain software, dating back to 2010, that permits remote hacking attacks,” Goodlatte stated.

Link: Military Warns Chinese Computer Gear Poses Cyber Spy Threat

Two years ago Chinese firm Lenovo got banned from supplying equipment for networks of the intelligence and defense services various countries due to hacking and spying concerns.

Earlier this year, Lenovo was caught red-handed for selling laptops pre-installed with Superfish malware.

One of the most popular Chinese computer manufacturers ‘Lenovo’ has been caught once again using a hidden Windows feature to preinstall unwanted and unremovable rootkit software on certain Lenovo laptop and desktop systems it sells.

Link: Hacker News-Lenovo Rootkit

Ever when users reinstalled a clean version of Windows on some Lenovo devices, the software would reappear.
Link: ZDNet—Rootkit can’t be deleted

The rootkit Superfish seems to have been written by a company called Komodia and is designed to break SSL encryption and inject web advertising into your browsing session.
Link: Superfish Rootkit

The bottom line is that if your device is connected to the Internet then any information on it should be regarded as public. There is a private, military data system that is like a private Internet but that system is so locked down that more casual users don’t have access to it. Clearly a Secretary of State running a pay-to-play scam is not able to use it for her own enrichment. Instead she was stuck with using the public Internet.