Emails are notoriously hard to validate. Emails are like typed, signed contracts with no section or page numbers: you can take out or add whatever pages you want as long as you keep the signatures.
Intelligence expert Malcom Nance has tweeted that Wikileaks’ recent collection of Podesta emails contain “obvious forgeries.” It is hard to detect emails forgeries in general, but easy to find obvious forgeries. For details, check out Chapter 15 of Elementary Information Security, my textbook.
I searched recent news reports highlighting specific Podesta emails. I looked at about a dozen of those emails, plus similar “unimportant” emails. I checked the email delivery data for tampering or forgery. The email headers look correct. Thus there are no “obvious forgeries.”
Continue reading #PodestaEmails are NOT obvious fakes
I’m not often a fan of conspiracy theories, except for entertainment value. This one is interesting because it combines international intrigue, the elections, and our world of notoriously poor email security.
The conspiracy arises from foreigners trying to influence the United States election. They spy on unprotected emails and leak the contents to influence US public opinion. This isn’t limited to attacks on the Democratic candidate Hillary Clinton. Some suggest that Fox News and the Trump campaign have also been attacked this way.
We could be blocking this threat, except that pressure groups within the government want to leave as much information unprotected as possible, notably law enforcement and intelligence agencies. I think we face a greater threat from foreign exploitation of our unprotected emails than we face from impeded investigations or even a few terrorist bombs.
Continue reading Election Crypto Conspiracy Theory
Early last month, Edward Snowden criticized former Secretary of State Hillary Clinton for obviously and intentionally mishandling classified information by using a private email server. A recent Huffington post argues that, if true, Snowden’s comments could cost Clinton the Democratic Presidential nomination.
This rests on technical questions of security and classified information. Based on the information I have seen, Clinton committed no crime. Her security mistakes are typical of politicians of her (my) generation. She was exercising the authority and discretion (or lack thereof) belonging to her role as Secretary of State. I will explain why.
DISCLAIMER: I personally neither support nor oppose Hillary Clinton’s bid for a Presidential nomination.
UPDATE (March 22, 16): Richard Lempert, a professor of law and sociology, has posted a more detailed parsing of the laws and regulations to come to the same conclusion.
Continue reading Clinton’s Email Server Isn’t Her Scandal
The text attached to this post was submitted as a web site comment. No doubt some spambot was supposed to select randomly from the text to produce a unique-looking spam message. I know I’ve received lots of spam comments that this script might have generated: personal-sounding messages that are content-free.
I’ve used similar scripts to show how one could generate several different texts that all mean the same thing but contain different digital content.
Continue reading A Script to Generate Spam Comments