If you don't know about the RTF/RSID evidence already - please read this first.
Now we can take a look at the metadata - and see that it corroborates and helps provide more detail to what we know about the process used.
|File||Created By||Time||Modified By||Time|
|1.doc||Warren Flood||1:38pm||Феликс Эдмундович||2:08pm|
|2.doc||Warren Flood||1:38pm||Феликс Эдмундович||2:11pm|
|3.doc||Warren Flood||1:38pm||Феликс Эдмундович||2:12pm|
We can see that "Warren Flood" is credited as author for all 3 documents. The reason why we see this relates to a separate document that Flood authored in 2008.
We then see that "Феликс Эдмундович" (the founder of the soviet secret police and someone who has been deceased for 90 years!) opens the files in sequence 30 minutes later, doing something (copying in the contents from original documents into the blank 'pre-tainted' template) and then saving the files, within the space of a few minutes.
SUMMARY: The files were constructed from the same template document (initially based on a document authored by Flood) with a Russian stylesheet entry added to it and then each file, in sequence, was opened to add a second layer (writing the Russian name to metadata) when content was copied into them. - TWO layers of Russian "fingerprints", with one existing in the documents even before the main content was present in them!
Guccifer 2.0, from day one, was using a Russian masquerade and knew anything he could forge a perceived attribution with would later be easy to discredit because of their association with the 'Russian Hacker' persona.
Everything shown on RTF/RSID & metadata can be CHECKED and VERIFIED independently and immediately.