Clinton’s Use Of Email Scrubbing Tool May Not Have Been Detectable To FBI, Developer Says
Even the FBI may not have been able to determine that Hillary Clinton used a piece of software to wipe her email server clean, the lead developer of the software tells The Daily Caller.
Andrew Ziem, the lead developer of BleachBit, says that if Clinton — or her computer technicians — used the open-source software in portable mode, such as through a USB drive, FBI investigators would not have been able to determine that someone used the product to clean Clinton’s system of its emails.
If BleachBit was downloaded, its use would be much easier to detect. Some users operate the software portably in order to “to avoid showing that a cleaning tool was used, which could look bad.”
Clinton’s use of the product, which is available for free online, was first revealed on Thursday by South Carolina Rep. Trey Gowdy.
“She and her lawyers had those emails deleted,” Gowdy said during an interview on Fox News.
He was referring to the FBI’s notes from its Clinton email investigation, which were given to Congress earlier this month on condition that they not be released to the public.
“And they didn’t just push the delete button; they had them deleted where even God can’t read them. They were using something called BleachBit. You don’t use BleachBit for yoga emails or bridesmaids emails. When you’re using BleachBit, it is something you really do not want the world to see,” Gowdy continued.
In Dec. 2014, Clinton gave the State Department 30,000-plus work-related emails. She withheld an equal number, claiming that they were personal in nature and regarded yoga routines and her daughter’s wedding plans.
But FBI director James Comey said last month that investigators recovered “several thousand” work emails that Clinton did not give the State Department.
Many details about Clinton’s use of BleachBit are unclear as Gowdy did not go into detail about what the FBI’s notes said about the product.
It is not known whether the FBI learned of Clinton’s use of BleachBit through their own forensic investigation or from a witness. It’s also unclear when the tool was used. Gowdy suggested that it was towards the time period when Clinton was deciding which emails to give the State Department. He questioned why, if Clinton wanted to delete her emails, she did not do so right after she left the agency in Feb. 2013. (RELATED: Company Hillary Used To Wipe Server Brags About ‘Stifling Investigation’)
Some computer security experts on Friday questioned whether BleachBit is as sinister as Gowdy suggested.
“It looks like the type of tool someone would run who’s conscious of cleaning old crud off their system,” computer expert Jonathan Zdziarski told CNN Money. “Someone trying to cover their tracks would likely pay for and use a much more expensive, specialized data destruction tool.”
Ziem acknowledges that Clinton & Co. could have used BleachBit for reasons other than trying to hide deleted emails. For instance, the software could have been used merely to free up space on Clinton’s computer system, he said.
“If BleachBit is installed on the hard drive it can be detected, and this is fine for the many users who use it for non-privacy purposes like freeing up disk space or other maintenance.”
“To avoid detection BleachBit can be used in portable mode, like when run from a USB drive.”
“When used in portable mode BleachBit should leave no trace of its use,” said Ziem, who referred to BleachBit as a “digital shredder.”
Asked whether the FBI’s ability to recover “several thousand” Clinton emails shows that she did not intend to conceal the fact that a cleaning tool was used, Ziem pointed out that investigators could have recovered Clinton’s emails from backup copies or from accounts of people she corresponded with.
The FBI has not elaborated on its investigative methods or from where it obtained Clinton’s scrubbed emails.
It is known that Clinton’s email server was backed up to a data storage cloud, reportedly against her wishes.
McClatchy reported that a company called Datto Inc. realized last August that it had been backing up Clinton’s server to the cloud. Platte River Networks, a data security company that operated as the middleman between Clinton and Datto, expressed frustration with Datto, asserting that Clinton did not want her emails backed up on the cloud.
Datto gave the FBI all of Clinton’s backed up emails in October.
Ziem says there are other privacy benefits to using BleachBit that may have benefited Clinton.
“Many people who value privacy worry about the United States government installing backdoors in software, so the government can monitor or control their systems,” he said, nothing that those concerns heightened after Edward Snowden leaked National Security Agency documents.
“BleachBit’s open source software development model gives users a greater sense and guarantee of security because the full source code, or blueprints, are available to everyone to inspect for backdoors or accidental flaws,” Ziem says.
There are also advantages in using a product that can be acquired anonymously, as BleachBit can, according to Ziem.
Gowdy’s congressional office did not respond to a request for additional detail on the FBI notes’ mention of BleachBit. But as part of the FBI’s agreement to provide its investigative notes to Congress, the bureau insisted that information from the files not be made public.
Follow Chuck on Twitter