Wow, someone finally made the effort to explain this all in one place, in what is a fairly objective piece. One thing I disagree with is:
“They felt that it was more reliable if they controlled their own server (which few would argue was a bad idea). “
Holy crap, “few” of whom? You can’t tell me that they had all the site security, requisite redundant and hardened servers, enterprise-class firewalls, intrusion detection and prevention devices, regular tests and audits, exploit mitigation process, and all the other things you would get in a commercial datacenter IN THEIR RESIDENTIAL BASEMENT. Anyone who is even remotely an IT professional would argue this was a bad idea, are you kidding me? Even Gmail would have been far more secure, because you have an army of Googlers protecting it, and it would be redundant to the extreme.
Now, there’s no way Clinton would have any clue about this stuff — as the article says, she’s no technophile, and her role is to simply hire the chief of staff who would in turn hire the right people to ensure information security is handled appropriately. If her people told her she was all good, I’m sure she just went with it.
But regardless of the reasons this whole thing happened (which otherwise I think the article portrays accurately, based on my own research on this topic) one of these dudes, Justin Cooper or Bryan Pagliano, was frighteningly incompetent, and if I was Clinton I would not only be saying the stuff the article says she should say, I’d also have one or both of these guys’ asses in a sling.