Does the DomainKeys Identified Mail signature within metadata of the New York Post's "smoking gun" Hunter Biden email prove the correspondence is "unquestionably authentic"? That's a stretch: DKIM can validate who sent an email and what text and other content was included. But it does not prove if the content consists of true statements.
An email Hunter Biden received in April 2015 from a Burisma executive discussing an introduction to then-Vice President Joe Biden, which lies at the heart of a New York Post investigation, is unquestionably authentic, a cybersecurity expert told the Daily Caller News Foundation on Thursday.
Users on social media saw this at the time of writing:
EXCLUSIVE: A cybersecurity expert told us that the @nypost's smoking gun April 2015 Hunter Biden email from a Burisma executive discussing an introduction to then-Vice President Joe Biden is 100% authentic-- Daily Caller (@DailyCaller) October 30, 2020
via @AndrewKerrNC https://t.co/SdYKwZVnnB
The Daily Caller reported that it has a complete copy of Biden's alleged laptop, courtesy of former New York Mayor Rudy Giuliani, who says he got it from a computer repair shop that says it was left for repairs and never retrieved.
A bit of background: Last month, the New York Post published a front-page article based on materials that were purportedly taken from the hard drive of Biden's laptop. According to the Post, which cited the owner of a computer repair shop in Delaware, the computer was dropped off at the shop. The repairman reportedly made a copy of the hard drive and gave it to Giuliani's lawyer. Giuliani is then said to have given it to the Post and now -- apparently -- to the Daily Caller.
The Daily Caller enlisted cybersecurity expert Robert Graham to help determine the authenticity of an email found on that purported laptop. Specifically, it wanted to verify an email Biden allegedly received in April 2015 from Vadym Pozharskyi, an adviser to Burisma Holdings, the Ukrainian oil and gas company on whose board Hunter Biden served from 2014-2019. That email, which discusses an introduction to Joe Biden, can be seen below. President Donald Trump and his supporters have accused Democratic presidential nominee Joe Biden of using his former position as vice president to enrich his son.
Graham reportedly tested the contents of the email against the DKIM signature in its metadata. DKIM adds an encrypted signature to the header of outgoing messages and is used to help prevent email spoofing. Here's what the Daily Caller said:
Graham used the DKIM signature within the email to verify with a private key on Google's servers that the sender, recipient, subject, date and body of the message that the DCNF [Daily Caller News Foundation] obtained from Giuliani were unchanged from when the email was originally sent in April 2015.
Graham said the only way the email could have been faked is if someone hacked into Google's servers, found the private key and used it to reverse engineer the email's DKIM signature.
In other words, he was reportedly able to verify that an account used by Pozharskyi in 2015 emailed an account used by Hunter Biden -- and that the body of the message was not altered. That's significant.
But it doesn't tell the whole story.
In a post, Graham himself points to at least two shortcomings of the validation process. One, it obviously doesn't provide any context. DKIM does not prove the content of an email consists of true statements. Here's Graham:
Remember that while the email is validated, the context isn't. It's possible this reflects a secret meeting to conspire with Vice President Biden. Or, it's possible the guy attended one of the many Washington D.C. social functions whereby people shake hands with politicians and exchange pleasantries. As [Cardinal] Richelieu is claimed to have said 'Give me six words by the most honest of men and I'll find something to hang him by'. Give me an email dump from the most honest of persons, and I'll pull one out of context to hang them in the court of social media.
Two, it does not verify that the accounts themselves are not fake -- nor does it show who controlled the accounts at the time in question. In theory, someone claiming to be Pozharskyi could have sent the email. However, Graham considers that possibility unlikely. Remember: DKIM is able to determine during what time period an email is sent. Here's Graham:
It would mean somebody who knew intimate details about Hunter Biden sending him fake messages on the off chance that in a future election they would be able to hack into Hunter's email account to expose them.
Like the theory of them hacking into GMail to obtain the private-key, if the conspiracy was this sophisticated, they could do better emails. This one is lame.
In response to allegations stemming from the release of emails on Hunter Biden's purported laptop, the campaign of Joe Biden released a statement saying that his official schedule did not include a meeting with Pozharskyi. Politico later reported that the campaign could not rule out the possibility that the two had had some sort of interaction, but stressed that such an encounter would have been brief.
Earlier this year, the Republican-chaired U.S. Senate Homeland Security & Governmental Affairs Committee announced the results of its investigation into allegations that Joe Biden had misused the office of the vice president to help his son, Hunter Biden. It found no evidence of wrongdoing or improper influence by the elder Biden.
Lead Stories has written about the Bidens before. See our latest coverage here:
- Fact Check: This Photo Does NOT Show Joe Biden Golfing With Burisma's CEO
- Fact Check: ABC, CBS, NBC Have NOT Given 'Zero Coverage' To Hunter Biden Story -- All Three Have Reported The Story
- Fact Check: The White House Is NOT Confirmed To Be Set To Release Footage Of Hunter Biden Raping And Torturing Little Girls
NewsGuard, a company that uses trained journalist to rank the reliability of websites, describes api.dailycaller.com as:
A news site co-founded by Fox News host Tucker Carlson that primarily covers politics and the media from a conservative perspective that it does not disclose.
According to NewsGuard the site can generally be trusted to maintain journalistic standards. Read their full assessment here.