About E-Mail Trails

04/14/2007

Paul Munnis


In my opinion the White House is creating an impression of extraordinary incompetence in the use of computers for e-mail at best and outright illegal behavior of sensitive records at worst. What’s more it may hold even worse news for the GOP since if the missing 5 million e-Mails are found they may all be subpoenaed to prevent tampering of evidence thus laying bare the complete inner workings of the White House from the president all the way down the chain-of-command to secretaries ordering luncheon items for cabinet meetings.

The probability of retrieving most of the missing e-mails at both the RNC server and the White House server is pretty good. Once these are retrieved then more sparks will fly.

Why am I so optimistic? Large amounts of hard-drive space mean large segments of data were erased. These must be written over by another 5 million or so e-mails. If that process is incomplete, and it may take years for that to happen, then the old records can be retrieved. This is true for both the White House and the RNC servers. It is true that gap eraser software exists but it would not be in the interest of national security or RNC business continuity to employ it.

Also, and nobody is talking about this, there are mandatory backups having nothing to do with the law. They are procedural and are done for national security in the event of a disaster at either the RNC or the White House. In the wake of 9/11 these disaster recovery files are preserved, usually using a mirror-server approach wherein the disaster recovery computers at the secure site that will become the emergency White House in the event of a disaster (Cheyenne Mountain) and these are refreshed real-time.

Mirroring means that a copy of every transaction on the master server is kept on the mirror image server and that a technology called SAR is used to back-up the mirror-image servers. This is not under political control but is a technical requirement of the national disaster recovery plan. Such a plan exists in the event of fire, flood, or attack. Not only is the White House and its Agencies covered by the disaster plan but so is Congress. There is a business continuity site established for Congress and there are also mirror-image e-mail servers involved for them.

If the mirror-image files are gone missing then you can bet that somebody has been deliberately tampering with the records since these are used to assure continuity of government operations. For those to be missing after the 9/11 attack, it would be a signal of deliberate complicity or deliberate tampering. Both are traceable since in bulk transactions it is not possible to do selective erasure except by special action using special software and database commands. These are logged transactions.

We hasten to add that these mirror image servers are also routinely backed up using SAR (Standardized Account Recovery). IT Departments work overtime to assure that accidental erasures can be recovered because they are frequent.

So when Senator Leahy asserts that there are too many servers involved, he is getting good advice and he is standing on pretty solid ground. He should not accept the excuses from the White House and the Justice Department. Instead he should subpoena the mirrored server files. Once he gets his hands on those its “Katy Bar The Door,” for the Bushies. The whole nine yards of content will be laid bare and another nine yards that were not intended for Congress to see will be attached. Senator Waxman will hunt down every missing semicolon before he is done with the investigation and the trail should not go cold.

We would not be surprised to see many more revelations ahead to the embarrassment and detriment of the White House.

If by some magic the White House assertion of accidental loss holds up then it means the whole government is vulnerable and that our national security has been compromised in a major way. Heads will roll in that event.