[TUHS] 30th Anniversary of most epic netnews post
John Floren
john at jfloren.net
Fri Apr 2 02:14:28 AEST 2021
On Thu, Apr 1, 2021 at 8:29 AM Larry McVoy <lm at mcvoy.com> wrote:
> It's always amazed me that courts will take emails as "evidence" because it is
> absolutely trivial to fake them. Unless they've added some crypto host
> identification (have they?)
>
> --lm
To some extent, yes, via DKIM:
https://en.wikipedia.org/wiki/DomainKeys_Identified_Mail
This came up during the Hunter Biden email, uh, "situation". Basically
you can use the DKIM signature to verify that an email was actually
sent from a particular user account on a particular server. Of course,
it makes no guarantee of who actually *wrote* that email, only that it
was sent by someone with access to the account... or, more sinisterly,
that the owner of the mail server has helped to fake the email! Here's
a POC: https://github.com/robertdavidgraham/hunter-dkim
For unrelated reasons, late last year people started calling for
Google to periodically rotate DKIM keys and release the old ones,
which would mean anyone could spoof an email from a few years ago:
https://blog.cryptographyengineering.com/2020/11/16/ok-google-please-publish-your-dkim-secret-keys/
John
More information about the TUHS
mailing list