Summary: Email is easy, ubiquitous, and almost trivial to forge or alter. We'll look at why that is, what it means, and one approach to avoiding it.
Hi, I received e-mails (printed out). I am being told by the person who is said to have originally sent the e-mails that they are fabricated e-mails. In other words, he claims that he sent an e-mail to someone and that person modified the content to make it look like they were his words. Can this easily be done. How can I tell if it's been altered or if it is an original?
•
One of email's "dirty little secrets" is the answer to your question: it's trivially easy to alter email as you describe.
In fact, if I understand the scenario you're describing, it might even be easier than that.
There are technologies to help ensure the integrity of messages, but unfortunately they're not something you can apply after-the-fact.
•
If I understand you correctly, you've been handed a print out - a piece of paper - that contains an email message.
You, I or anyone can make a print out look like whatever we want. Just fire up a word processor, text editor, or even a photo editor, and type in what you want. If you have a message to start with, then copy/paste that in as a place to start, but then sure ... edit the heck out of it. There's nothing to stop you.
And once printed, there's no easy way to prove that it was never a real email.
Even without resorting to additional editing tools, some email programs will actually let you edit the message you've received. You can go in, change whatever words you'd like, and then save it, print it out or whatever. Again, it's not that obvious that the message has been altered, particularly once printed.
Where this kind of alteration is more common, though, is not printing, but when forwarding an email.
When you forward an email, most email programs place the original email into the edit window such that you can add your own comments or additional information before you send the message on. The problem is that there's nothing to prevent you from also editing the message being forwarded. Change a "yes" to a "no", a "love" to a "hate" or just add "dis" in front of "agree" and you can completely change the apparent meaning of the original message.
The net result: don't believe everything you read.
There is a solution, but it's something that must be done to a message before it's been sent, and that is to apply a digital signature.
A digital signature uses cryptography to create a fairly random looking string of data that is included with the message being sent:
-----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.3 (MingW32) iD8DBQFErFtgCMEe9B/8oqERAupmAKCLH0gSQUJjXQd/SYfjAWAaP/I6mwCgiAT1 1Rpc2RK7GB29LToJfPrYOwg= =z7A1 -----END PGP SIGNATURE-----
(Specifics may vary, but that's the general idea.)
This isn't random data at all. It actually uses some heavy-duty math to incorporate two important pieces of data:
-
The identity (via public key cryptography) of the sender
-
The entire body of the message
By re-calculating when the message is read, the recipient can then confirm:
-
The sender is who the sender claims to be
-
The message has not been altered in any way
Unfortunately, digital signatures (and email cryptography in general) remain uncommon and have several obstacles to widespread adoption. If you know beforehand that message alteration is an important risk for you to avoid, then it's a useful tool to investigate.
Related:
-
Digital Signatures: what are they, and how do they protect me? Digital Signatures use public key cryptography to validate both message sender and message contents. Digital Signatures rely on simple concepts you should know, built on top of very complex mathematics you don't need to worry about.
-
Email Encryption - Failure to Launch? Email Encryption - it should be easier. Much easier.
Article C3866 - September 12, 2009
I use outlook 2003 and I am unable to edit emails. I have just tried to do so and when I deleted part of the email message the whole email disapeared.
16-Sep-2009
Posted by: Ron at September 15, 2009 10:53 AM
I was told that an e-mail in its electronic original has various codes that allow an expert to verifiy its origin and any alterations made after the original sender. For government disclosure requirements, and I expect any e-mail that will be used for legal purposes, the electronic version of the e-mail must be archived, not a printout.
16-Sep-2009
Posted by: audrey at September 15, 2009 11:57 AM
Could you ask the person who originally sent the e-mails to show you the original e-mail, by logging into his “sent items” folder (in his e-mail account)? What do you think Leo, would an e-mail message in the “Sent items” folder be ‘proof’ enough of the original e-mail content, or can a person alter those also?
16-Sep-2009
Posted by: MissInformation at September 15, 2009 12:01 PM
Any email can be modified, whether in Outlook 2003, in the sent folder or not. The procedure may change depending on the email program, but it can be done. As Leo mentioned, digital signing is one of the ways to ensure what you send stays what you want it to be! This is often required in legal and government situations.
Posted by: Cedric at September 15, 2009 12:18 PMSending an original email I can be who I like to the untrained eye. All I need to do is change "Name" under the account details and the "Reply To" address and I could be Barack Obama!
Posted by: Steve at September 16, 2009 6:39 AMcan the contents of a web mail be altered ?
if emails can be altered, why are they considered as evidence (e.g., Mark Sanford email to mistress - couldn't he have said it was altered )?
26-Oct-2009
Posted by: tex at October 26, 2009 5:07 AM