14
An open system for proving the originality of, and modifications made to, photographic and video media. (github.com)
submitted 1 day ago by yogthos@lemmy.ml to c/programming@lemmy.ml
9 comments fedilink hide all child comments
top 9 comments
sorted by: hot top new old
[-] Corngood@lemmy.ml 2 points 1 day ago

Wouldn't this suffer from the same 'analog hole' as DRM? i.e. just take a photo of whatever image you want to be verified?

[-] yogthos@lemmy.ml 3 points 1 day ago* (last edited 1 day ago)

You'd need a pretty high resolution source image plotted for that to work well, modern digital cameras have 20+ megapixels, and if you take a picture of a low resolution image it'll be very obvious. I'm sure it's possible, but definitely not that easy to do.

[-] yogthos@lemmy.ml 7 points 1 day ago

This concept describes a hardware anchored proof system for proving the originality of and the precise sensor origin of photographic media. The camera hardware would use a combination of secure enclaves and asymmetric cryptography like RSA to digitally sign images at the moment of capture making it possible to verify the physical origin of the file. The camera manufacturer could operate a Certificate Authority where users can validate the embedded signature against the registered public key of the specific device. This architecture would allow verifying that an image is an actual sensor derived photograph.

The neat part here is that the algorithm survives retouching of the photo, so you can still do typical things like cleaning up contrast, color balance, etc., without destroying the authenticity of the image. Given how good generated images are getting, it seems to me that deepfake detection approach is dead in the water, and something like this would establish a proactive foundation for cryptographic provenance of real photographs.

[-] culpritus@hexbear.net 3 points 1 day ago

This seemed like the inevitable next step in digital media recording devices as generative tools get more advanced.

The neat part here is that the algorithm survives retouching of the photo, so you can still do typical things like cleaning up contrast, color balance, etc., without destroying the authenticity of the image.

This is an interesting feature. Hopefully it is not a potential attack surface for spoofing.

The verification aspect seems like a potential privacy disaster, but as long as there are extensive user controls it hopefully won't be unavoidable.

I could see this being an optional feature you set before the act of recording. The lack of 'verified' media might represent a form of digital divide over time though, especially in the legal sphere.

[-] yogthos@lemmy.ml 6 points 1 day ago

Yeah, I'm thinking this will be mostly useful in the context of stuff like news reporting. If you're a professional photographer, it would be very useful to be able to prove that you took a photo and that it is genuine.

[-] min@lemmy.sdf.org 3 points 1 day ago

How can a camera have access to the signing key and prevent an attacker gaining access to that key?

Also, this would give camera companies (and any entity with leverage over the camera company, including their government) the power to decide what images are 'true' in the public's eye. Companies that control the keys would need to be good at securing the keys.

[-] yogthos@lemmy.ml 3 points 1 day ago

In a similar way to the way DRM works in stuff like consoles today. And I'm not sure I follow the second problem here. Anybody could create this type of system going forward. But you have to produce hardware to take a picture in the first place, so obviously hardware manufacturers would be the ones to apply this process. The key simply links a photo back to a manufacturer. It doesn't give companies monopoly on anything.

[-] min@lemmy.sdf.org 1 points 20 hours ago

DRM has this same problem that I was referring to. Because Blu-ray players need to have a secret key to decode movies, attackers have been able to extract the keys. Same with DRM streaming 4K from video streaming sites like Netflix to phones. Attackers have rooted phones and extracted keys so that there is now software to download from Netflix in full 4K. I don't know of a DRM that hasn't been cracked.

What I meant with my second paragraph is that a government could secretly compel a respected camera company to hand over the keys. Then that government could deep fake photos to provide justification for actions and the photos would appear genuine due to the keys signing them.

[-] yogthos@lemmy.ml 4 points 18 hours ago

Sure, that's possible of course, but that doesn't really change the status quo. The government has always had far more ability to create fake content than individuals. However, this type of system would allow individuals to prove veracity of their content, which is where the real value comes in my opinion. If you have a professional photographer then they can prove that their camera took a particular picture. If you trust that photographer then you can know that a picture came from that individual. I think that's going to be the dynamic going forward. People will decide on what sources they trust, and the technology will provide a way to tell what the source for the media is.

this post was submitted on 17 May 2026
14 points (100.0% liked)

General Programming Discussion

9911 readers
15 users here now

A general programming discussion community.

Rules:

  1. Be civil.
  2. Please start discussions that spark conversation

Other communities

Systems

Functional Programming

Also related

founded 7 years ago
MODERATORS
Restioson@lemmy.ml
Cloak@lemmy.ml