So we should all have to throw away or phones, cameras, etc. And buy new ones that have proprietary hardware attestation?

This is not surprising because AI mimics plausible patterns in images, watermarks are mostly made with noise

Oh come on, you're gonna do that in two years anyway.

There are ways to be sure of authenticity, ways that can't be faked.

Depends on the hash - some are tracable to a crypotographic public key and thus cannot be faked. Most are not but there are options that can be. Normally we refer to such things as signed not a hash but same thing to the layman who doesn't understand this.

Are we gonna have to start using let's encrypt as part of photography?!

So you want to EMB make, model and SN into images now? Metadata on crack

Leica, Sony, Nikon, and Canon have backed an Adobe-created digital signature solution for authentication of photos directly in the camera, including metadata like time/date stamps. But that's mainly for journalism and professional grade cameras, not the cell phones that 90+% of new images are created on.

In order for it to be traceable with a public key, it needs to be signed with the private key. That means the private key has to be on the camera. That means it can be extracted from the camera and leaked.

The obvious limitation being that you can take a real photo with attestation with a real camera of a real computer screen displaying any fake shit you can imagine, then you have an officially hashed photo of anything.

There is a solution, but y'all aren't going to like it.

The solution is blockchain. Actually, it's even worse, the solution is NFT's.

Not the scammy, crypto bro, nonsense it has been used for; but the actual technology.

A cryptographically secure digital token that can track where something was made, where it's being used, who has the rights to it, and ensures that it's authentic and not some copy made with AI.

Unfortunately, thanks to crypto bros, the technology has become so tainted by scams that most people get upset just hearing the letters NFT, so adoption isn't likely.

I don't think this is that controversial. If you take out NFTs, it's using the block chain as a hash. I think that works, but at that point you might as well use regular hashes to verify the integrity of your video

There are other privacy issues with having an indelible marker as to the origin and chain of custody of every digital artifact. And other non-privacy issues.

So the idea here is that my phone camera attaches a crypro token to the metadata of every photo it takes? (Or worse, embeds it into the image steganographically like printer dots.) Then if I send that photo to a friend in signal, that app attaches a token indicating the transfer? And so on?

If that's a video of say, police murdering someone, maybe I don't want a perfect trail pointing back to me just to prove I didnt deep fake it. And if that's where we are, then every video of power being abused is going to "be fake" because no sane person would sacrifice their privacy, possibly their life, to "prove" a video isnt AI generated.

And those in power, the mainstream media say, aren't going to demonstrate the crypto chain of custody on every video they show on the news. They're going to show whatever they want, then say "its legit, trust us!" and most people will.

These are the fundamental issues with crypto that people actually don't understand: too much of it is actually opt-in, it's unclear to most people what's actually proved or protected, and it doesn't actually address or understsnd where trust, authority, and power actually come from.

Maybe. There are ways to assign a private key that is not easy to extract. a chip that creates a private key on first poweron and then saves to internal memory for example.

Not easy to extract sure, but is it secure enough for you to claim that it hasnt been leaked and so forms a secure chain of custody? Once one has been leaked then that can be used to sign any fake pictures you like. I woudnt buy that for anything for serious than is this meme picture real.

If you've ever tried this, the moire pattern of pixels is obvious. You'd need a much higher resolution display than image sensor.

at that point you might as well use regular hashes to verify the integrity of your video

Generated by what authority, though?

Sorry for blowing this on you, but fuck blockchain, fuck NFTs.

What we need is better understanding of cryptography.

PGP has solved this problems decades ago, and crypto has just borrowed some parts, but made it worse in every possible way and into incomprehensible depths.

Again, fuck crypto, fuck NFTs.

I should make a guide on how to use GPG.

Just fucking sign it. With your private key.

And publish your public key.

Then everyone will be able to verify it's your work, and no deepfake will ever pass that test.

I thought GPG was bad? I don't have enough personal experience with it to quickly summarize or opine on the merits of either of these two articles, but:

The PGP Problem: https://www.latacora.com/blog/2019/07/16/the-pgp-problem

What To Use Instead of PGP: https://soatok.blog/2024/11/15/what-to-use-instead-of-pgp/

I do agree with "fuck NFTs" though, and mostly agree with "fuck cryptocurrency" (mostly because porn and drugs are in my view legitimate use cases for at least a hypothetical non-environmentally-destructive cryptocurrency).