danso
6 hours ago
Subhed and archive link: “Methods included cryptographic analysis, metadata analysis and corroboration with external sources.”
Relates to this main story about the contents of Epstein’s yahoo email account (which is less technical)
https://www.bloomberg.com/features/2025-jeffrey-epstein-emai...
Don’t often see mainstream articles refer to Python libraries by name:
> Whenever emails included cryptographic “DomainKeys Identified Mail” signatures, or DKIM, in their headers, we used Python’s dkimpy library to verify that signatures matched their messages. A valid signature match is strong evidence that the message is genuine and unaltered, but a failed DKIM check is not, by itself, evidence of fabrication. Our analysis of emails from the years when DKIM was widely seen in the inbox (2013-2022) validated roughly 45% of the messages, rising from about 20% in 2013 to nearly two-thirds by 2020 as DKIM adoption broadened. For these messages we also checked DKIM-based DMARC identifier alignment—whether the DKIM d= domain aligned with the visible “From:” domain—and 55% of messages were aligned. We manually inspected the emails that weren’t aligned and found all matched to known mailing list providers and other similar services.