posted on Sep, 16 2013 @ 10:54 AM
reply to post by kangajack
digital signatures CANNOT be faked.
reply to post by ML8715
no. yahoo accounts were hacked, not the military account - to log in there, the hacker would need the smart card (CAC) of the colonel, which stores
his digital certificate and acts as an authorization card when using military email account. and you can bet he doesn't have that card - if he would
have it, military wouldn't have to say a word, but you can be sure that they would revoke colonel's certificate so when verified online, it would be
displayed as invalid. that is not the case. and the most important email comes from Eugene Furst, so the hacker would actually need his certificate to
fake that one. also, regardless of email account and the way of accessing it, you need the certificate to sign the email - if you forward a message,
the signature becomes invalid and you have to regenerate it. every single change of the email contents invalidate the signature - it doesn't matter
that the messages are stored as plain text in those .eml files, the signature acts as a checksum signed with sender's certificate, which cannot be
so unless one would hit the sender in the head and stole his certificate - which isn't the case, because DoD didn't revoke those signatures, neither
colonel's, nor Furst's - when the signature is verified as valid, the email contents ARE real and couldn't be tampered with.
the only issue we're facing right now with this is that it isn't easy to verify signatures on colonel's mail, because the messages were damaged by
yahoo mail service. i've managed to restore some of them to their original form and validate them as real, but all of them were sent from colonel's
military email to his yahoo email. the crucial email we need to validate, comes from Eugene Furst, and i didn't validate it yet, nor for example a
notification email from AKO - which isn't important, but was sent from different military email account as well. the exact form of email headers and
so on, depend on email client used and its configuration, and because all that original structure was destroyed by yahoo, it's a matter of changing
the headers and encoding to all possible combinations that could be used in original message - if by a chance one particular combination gets the
signature to verify successfully, you can be certain you've 'guessed' the original contents before they were damaged by yahoo. also, all the emails
with attachments cannot be verified, because yahoo destroyed some of the headers (one of multipart separators) and that cannot be undone. luckily,
email from Eugene Furst doesn't contain any attachments, just the signature.
edit on 16-9-2013 by jedi_hamster because: (no reason