| ▲ | scoofy 3 hours ago |
| I think that "impossible to detect" is not something realistic if camera manufacturers are willing to start adding encryption signatures to their cameras outputs and are willing to vouch for them. I realize this would still allow fakes to be presented by governments in all likelihood, but not everyone. |
|
| ▲ | Ajedi32 3 hours ago | parent | next [-] |
| Who posts raw output from cameras anywhere? This doesn't seem useful outside some niche use-cases (like security camera footage). At a minimum just about every recording is going to be re-compressed for streaming. |
| |
| ▲ | mapontosevenths 2 hours ago | parent | next [-] | | Synthid and the like survive compression and decent quality rerecording. | |
| ▲ | AmbroseBierce 3 hours ago | parent | prev | next [-] | | I bet the cameras' companies will start automatically uploading the real footage to their servers for attestation, and allow the camera owners to get those links, so people will just add that link on YouTube or whatever and say "See, its real, Sony vouches for it", heck maybe they will make their buyers to sign up with YouTube and do it for them. | | |
| ▲ | thfuran 2 hours ago | parent | next [-] | | How on top of security do you think all the camera manufacturers are going to be? That is, how long until people can sign videos that were not, in fact, shot with their camera? | | |
| ▲ | AmbroseBierce 2 hours ago | parent [-] | | Proving that you were able to upload something that is not real would go viral so it's very attractive to people to share such findings, meaning it would not last long, then they fix it and that's it, specially because they can require you to upgrade your camera's firmware if you want to keep using their attestation service. | | |
| ▲ | pixl97 2 hours ago | parent [-] | | Depends on what kind of compromise occurs. Hardware level key loss isn't easy, if possible at all to fix. |
|
| |
| ▲ | prirun 2 hours ago | parent | prev | next [-] | | Only if you're paying them | | |
| ▲ | AmbroseBierce 2 hours ago | parent [-] | | Attention is valuable these days, so making people go to their websites for people to check if something is real is good for them, its people they can try to sell more cameras (or phones) and all that. |
| |
| ▲ | exe34 2 hours ago | parent | prev [-] | | They can attest pictures of my hairy pendulous ballsack. | | |
| ▲ | AmbroseBierce 2 hours ago | parent [-] | | Joking and all but sexting would benefit from this technology, if it can vouch about the time, GPS location and email address of the owner then the receiver can have some certainty about the pic (if the sender decides to share such attestation link/info, of course) |
|
| |
| ▲ | scoofy 2 hours ago | parent | prev | next [-] | | I don't think it needs do be raw output. I'm pretty sure that signatures can exist within image and sound outputs that are reproducible when changing to other formats. | |
| ▲ | paulddraper 3 hours ago | parent | prev [-] | | Yeah I’m not sure this makes sense when images are getting their third ifunny watermark. |
|
|
| ▲ | _verandaguy 2 hours ago | parent | prev | next [-] |
| Leica started doing this a few years ago in response to the first wave of AI images[0]. Other, bigger manufacturers (Nikon, Canon, Sony as well I believe) have also joined, though with less fanfare. Adobe is in the loop. As someone with a passing interest in infosec and cryptography, I'm sceptical of the long-term viability of this kind of product; it only takes one person successfully extracting a signing key to undermine the entire project. [0] https://leica-camera.com/en-int/news/partnership-greater-trust-digital-photography-leica-and-content-authenticity-initiative
|
| |
| ▲ | scoofy 2 hours ago | parent [-] | | Yes, you're correct about private keys getting exposed, but it's better than nothing. I suspect though, even after key exposure there may be a way to make new private keys so that compromised keys have a known point when they are compromised, which makes public how much skepticism we should all have about authenticity. I just think there is a world of difference between "certainty" and "plausibility" when it comes to videos on the internet. Yes, state actors might circumvent it, and skepticism should remain, but there is a world of difference between North Korea trying to convince me of some political scandal, and Pepsi Co trying to convince me that someone I trust loves Pepsi. | | |
| ▲ | Gigachad 2 hours ago | parent [-] | | Cameras have a very long lifespan. People will still be using those cameras 20 years after the keys for their model get leaked. | | |
| ▲ | scoofy 2 hours ago | parent [-] | | And they will also get firmware updates. | | |
| ▲ | Gigachad an hour ago | parent [-] | | I currently use a 2008 Fujifilm camera and a 2018 Sony. The Fujifilm doesn’t even have a firmware update mechanism, and the Sony camera doesn’t get updated anymore. These devices are rarely connected to the internet and never go obsolete so they get used until they break. There might be a specialised line of cameras for forensics that signs the output and has lidar to detect when the camera is pointed at a screen, but the average person won’t have a camera with this kind of crypto. It would just be too easy for hackers to extract the keys from. |
|
|
|
|
|
| ▲ | p1necone 2 hours ago | parent | prev | next [-] |
| You still ultimately have the analogue hole here - pull the camera apart, splice your own hardware somewhere between the sensor and the thing that adds the signatures (or in front of the sensor). |
| |
| ▲ | 7jjjjjjj an hour ago | parent [-] | | Or just straight up point the camera at a computer monitor, without even trying to hide it. Most of the security camera footage online is already uploaded this way. |
|
|
| ▲ | Ukv 2 hours ago | parent | prev | next [-] |
| Pointing the camera at a screen could potentially evade that. |
| |
| ▲ | scoofy 2 hours ago | parent [-] | | Right, but my point is that a video of a screen should be less believable than the source video insofar as verifying legitimacy. | | |
| ▲ | Ukv 2 hours ago | parent | next [-] | | I feel it wouldn't be too difficult to get a social-media video to look convincing enough even with just a regular camera and monitor, at least after compression (if end users aren't served raw footage directly, and instead trust the attestation of the site). | | |
| ▲ | scoofy 2 hours ago | parent [-] | | Right, my point is that this should default to "untrustworthy." The idea is that a camera would at the very least include a timestamp and camera type in the signature. That signature should usually be reproducible when being filmed by another camera (these signatures can be part of the physical image). This should mean that a cameras filming screens would have multiple ways to show the images are not legitimate (as something as simple of shadows not matching time of day could show the video is illegitimate). |
| |
| ▲ | Retr0id 2 hours ago | parent | prev [-] | | What if you can't tell it's a video of a screen? |
|
|
|
| ▲ | himata4113 2 hours ago | parent | prev [-] |
| wouldn't that just encourage monopolistic behavior and lockdown of these devices? they're already locked down as-is. |
