‘A pattern of mischaracterization, misrepresentation, and outright alteration of breached data has emerged in two of the latest headline-grabbing batches of hacked files. Investigators discovered that recently published data from anti-doping testing at the 2016 Olympics in Rio de Janeiro had been altered by parties connected to a Russia-based hacking group behind the breach, according to a report issued by the World Anti-Doping Agency (WADA) yesterday.’ – Ars Technica
What is the world coming to…? we can’t even trust honest breaches anymore! Well, actually nothing could be trusted before this either. When we talk about the authenticity of documents (leaked or not, it makes no difference) it all boils down to a single issue: trust in digital evidence.
During the last two years, while I was working on my book, I was trying to understand the nature of digital evidence and how its value has changed over the years. I’ve found that even before the digital age, manipulating evidence had already reared its head. The propaganda machinery of the former Soviet Union literally erased people from photographs and destroyed books or papers that did not support the ruling regime.
What’s changed today is that there is no more paper, stamp or signature to serve as the authenticity of anything, so we have had no choice but to rapidly integrate and accept digital proof into our legal and social norms. We did that without using any of the methods that had been previously invented to prevent the falsifying of digital documents (i.e. digital signature). And this brings us to where we are today.
Ideally, the authenticity of any leaked document should not even be considered without an authentic digital signature that proves both the source and the fact that it has not been tampered with. Without these countermeasures, a piece of digital evidence is nothing more than a stream of bytes. Only its content can serve as some kind of proof of origin, but that hangs only by a thread, especially when the whole package comes from hackers.
In no more than 10 years, this situation will cause major confusion to the point where digital evidence will either be disqualified as useless information, or humanity will start using methods of digital authenticity more efficiently. Until that happens we believe what we want to believe, that is why hackers can use everything they get hold of to their advantage, no matter what the victims of account hacks or data leaks may say or claim in response.