This is a most excellent place for technology news and articles.
I don't blame them for wanting to, but this won't work. Anyone who would be swayed by such a deepfake won't believe the verification if it is offered.
When it comes to misinformation I always remember when I was a kid I'm the early 90s, another kid told me confidently that the USSR had landed on Mars, gathered rocks, filmed it and returned to earth(it now occurs to me that this homeschooled kid was confusing the real moon landing.) I remember knowing it was bullshit but not having a way to check the facts. The Internet solved that problem. Now, by God , the Internet has recreated the same problem.
You mean to tell me that cryptography isn't the enemy and that instead of fighting it in the name of "terrorism and child protection" that we should be protecting children by having strong encryption instead??
We need something akin to the simplicity and ubiquity of Google that does this, government funded and with transparent oversight. We're past the point of your aunt needing a way to quickly check if something is obvious bullshit.
Call it something like Exx-Ray, the two Xs mean double check - "That sounds very unlikely that they said that Aunt Pat... You need to Exx-Ray shit like that before you talk about it at Thanksgiving"
Or same thing, but with the word Check, CHEXX - "No that sounds like bullshit, I'm gonna CHEXX it... Yup that's bullshit, Randy."
Man some Chex mix sounds good right now. They have this one that has chocolate pieces now.
It's a good idea. And I hope to see more of this in other types of communications.
Maybe the White House should create a hash of the video and add it to a public blockchain. Anyone can then verify if the video is authentic.
Don’t need to involve a blockchain to make cryptographically provable authenticity. Just a digital signature.
The only thing a hash in a blockchain would add is proof the video existed at the time the hash was added to the blockchain. I can think of cases where that would be beneficial too, but it wouldn’t make sense to put a hash of every video on a public blockchain.
Wouldn't this be defeated by people re-uploading the video? I think all these sites will re-encode the videos uploaded so the hash will not match, then people will use that as proof that the video is not real.
Blockchain is the opposite of what you want for this problem, I'm not sure why people bring this up now. People need to take an introductory cryptography course before saying to use blockchain everywhere.
Putting it on the blockchain ensures you can always go back and say "see, at this date/time, this key verified this file/hash".. If you know the key of the uploader (the white house), you can verify it was signed by that key. Guatemala used a similar scheme to verify votes in elections using Bitcoin. Could the precinct lie and put in the wrong vote count? Of course! But what it prevented was somebody saying "well actually the precinct reported a different number" since anybody could verify that on chain they didn't. It also prevented the precinct themselves from changing the number in the future if they were put under some kind of pressure.
All of this could be done without blockchain. Once they sign a signature with their private key they can't unsign it later. Once you attest something you cannot un-attest it.
Just make the public key known and sign things. Please stop shoehorning blockchain where it doesn't belong, especially when you aren't even giving any examples of things that blockchain is doing for you with 100000x the cost and complexity, that normal crypto from the 80s/90s cant do better.
This is sadly necessary
Government also puts backdoor in said math, gets hacked, official fakes released
Or more likely they will only discredit fake news and not verify actual footage that is a poor reflection. Like a hot mic calling someone a jackass, white House says no comment.
Can someone try to explain, relatively simply, what cryptographic verification actually entails? I've never really looked into it.
Click the padlock in your browser, and you'll be able to see that this webpage (if you're using lemmy.world) was encrypted by a server that has been verified by Google Trust Services to be a server which is controlled by lemmy.world. In addition, your browser will remember that... and if you get a page from the same server that has been verified by another cloud provider, the browser (should) flag that and warn you it might be
The idea is you'll be able to view metadata on an image and see that it comes from a source that has been verified by a third party such as Google Trust Services.
How it works, mathematically... well, look up "asymmetric cryptography and hashing". It gets pretty complicated and there are a few different mathematical approaches. Basically though, the white house will have a key, that they will not share with anyone, and only that key can be used to authorise the metadata. Even Google Trust Services (or whatever cloud provider you use) does not have the key.
There's been a lot of effort to detect fake images, but that's really never going to work reliably. Proving an image is valid, however... that can be done with pretty good reliability. An attack would be at home on Mission Impossible. Maybe you'd break into a Whitehouse photographer's home at night, put their finger on the fingerprint scanner of their laptop without waking them, then use their laptop to create the fake photo... delete all traces of evidence and GTFO. Oh and everyone would know which photographer supposedly took the photo, ask them how they took that photo of Biden acting out of character, and the real photographer will immediately say they didn't take the photo.
Thanks a lot, that helped me understand. Seems like a good idea
I'll be talking about digital signatures which is the basis for such things. I assume basic understanding of asymmetric cryptography and hashing.
Basically, you hash the content you want to verify with a secure hashing function and encrypt the value with your private key. You can now append this encrypted value to the content or just release it alongside it.
To now verify this content they can use your public key to decrypt your signature and get the original hash value, and compare it to their own. To get that, they just need to hash the content themselves with the same function.
So by signing their videos with the white house private key and publishing their public key somewhere, you can verify the video's authenticity like that.
For a proper understanding check out DSA :)
