[messaging] deniability data point

Joseph Bonneau jbonneau at cs.stanford.edu
Fri Oct 28 17:10:50 PDT 2016


Politifact has a better breakdown: http://www.politifact.com/
truth-o-meter/article/2016/oct/23/are-clinton-wikileaks-
emails-doctored-or-are-they-/

A few key points:
*There is evidence that previous leaks did modify some material
*Not all of the emails are signed, so some could be doctored.
*DKIM wouldn't prevent doctoring by omission (not leaking some emails)

All reporting seems to ignore an (admittedly unlikely) scenario: it's
possible that HillaryClinton.com was compromised and the DKIM signing keys
were stolen. The story so far is that a few campaign aides had their
accounts compromised by spear phishing, but that could be a cover story. If
we're to believe this is really a state-level attacker it's by no means
beyond belief.

Of course, it's a bad look for the Clinton campaign to say the leaks may
not be accurate because the breach was actually worse than reported.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://moderncrypto.org/mail-archive/messaging/attachments/20161028/163e8b5a/attachment.html>


More information about the Messaging mailing list