[Cryptography] How to prove Wikileaks' emails aren't altered
Bill Frantz
frantz at pwpconsult.com
Tue Oct 25 17:21:15 EDT 2016
On 10/24/16 at 6:38 PM, hbaker1 at pipeline.com (Henry Baker) wrote:
>This Politifact post muddles over whether the Wikileaks leaked
>emails have been doctored, specifically the one about Tim Kaine
>being picked a year ago. The post is wrong -- we can verify
>this email and most of the rest.
>
>http://www.politifact.com/truth-o-meter/article/2016/oct/23/are-clinton-wikileaks-emails-doctored-or-are-
>they-/
>
>In order to bloc spam, emails nowadays contain a form of
>*digital signatures* that verify their authenticity. This is
>automatic, it happens on most modern email systems, without
>users being aware of it.
>
>This means we can indeed validate most of the Wikileaks leaked
>DNC/Clinton/Podesta emails. There are many ways to do this,
>but the easiest is to install the popular *Thunderbird* email
>app along with the DKIM Verifier addon. Then go to the
>Wikileaks site and download the raw source of the email https://wikileaks.org/podesta-emails/emailid/2986.
How easy would it be for a nation-state attacker to modify these
signatures? There are some indications that nation state
attackers are interested in influencing the US elections.
Improving the believability of damaging lies seem a perfect technique.
Cheers - Bill
-------------------------------------------------------------------------
Bill Frantz | Airline peanut bag: "Produced | Periwinkle
(408)356-8506 | in a facility that processes | 16345
Englewood Ave
www.pwpconsult.com | peanuts and other nuts." - Duh | Los Gatos,
CA 95032
More information about the cryptography
mailing list