this post was submitted on 21 Nov 2023
146 points (92.0% liked)

Technology

59323 readers
4805 users here now

This is a most excellent place for technology news and articles.


Our Rules


  1. Follow the lemmy.world rules.
  2. Only tech related content.
  3. Be excellent to each another!
  4. Mod approved content bots can post up to 10 articles per day.
  5. Threads asking for personal tech support may be deleted.
  6. Politics threads may be removed.
  7. No memes allowed as posts, OK to post as comments.
  8. Only approved bots from the list below, to ask if your bot can be added please contact us.
  9. Check for duplicates before posting, duplicates may be removed

Approved Bots


founded 1 year ago
MODERATORS
top 49 comments
sorted by: hot top controversial new old
[–] BitSound@lemmy.world 44 points 11 months ago (1 children)

This is tilting at windmills. If someone has physical possession of a piece of hardware, you should assume that it's been compromised down to the silicon, no matter what clever tricks they've tried to stymie hackers with. Also, the analog hole will always exist. Just generate a deepfake and then take a picture of it.

[–] hyperhopper@lemmy.ml 39 points 11 months ago (1 children)

You have it backwards. This is not too stop fake photos, despite the awful headline. It's to attempt to provide a chain of custody and attestation. "I trust tom only takes real photos, and I can see this thing came from Tom"

[–] BitSound@lemmy.world -2 points 11 months ago

And Tom's camera gets hacked by an evil maid and then where are you? Exactly. This is snake oil.

[–] coolmule0@lemmy.world 34 points 11 months ago* (last edited 11 months ago)

If only I knew how to create my own firmware for Leica... then I could call the same crypto-chip and sign any picture I'd like. (Oh wait! There's a github for hacking Leica M8 firmware!)

Source

[–] makyo@lemmy.world 32 points 11 months ago

I think this is probably great for specific forensic work and similar but the problem with deepfakes isn't that people can't determine their veracity. The problem is that people see a picture online and don't bother to even check. We have news sources that care about being accurate and trustworthy yet people just choose to ignore them and believe what they want.

[–] Bizarroland@kbin.social 29 points 11 months ago (3 children)

So basically I would just have to screenshot the image or export it to a new file type that doesn't support their fancy encryption and then I can do whatever I want with the photo?

[–] Phrodo_00@lemmy.world 19 points 11 months ago

The point is that they can show anybody interested the original with the signature from the camera.

The problem is that you can likely attack the camera's security chip to sign any photo, as internally the photo would come from the cmos without any signing and the camera would sign it before writing it to storage.

[–] pHr34kY@lemmy.world 9 points 11 months ago (1 children)

Just like stealing an NFT.

[–] lemming741@lemmy.world 1 points 11 months ago (1 children)

You wouldn't download a car

[–] nutsack@lemmy.world 1 points 11 months ago

i would probably download a cock and suck it

[–] cynar@lemmy.world 7 points 11 months ago

It's signed, not encrypted. Think of it as a chain of custody mark. The original photo was signed by person X, and then edited by news source Y. The validity of that chain can be verified, and the reliability judged based on that.

Effectively it ties the veracity and accuracy of the photo to a few given parties. E.g. a photo from a known good war photographer, edited under the "New Your Times" newspaper's licence would carry a lot more weight than a random unsigned photo found online, or one published by a random online rag print.

You can break the chain, but not fake the chain.

[–] NAXLAB@lemmy.world 26 points 11 months ago (2 children)

"that it’s a true representation of what someone saw."

Someone please correct me if I'm wrong but photography has never ever ever been a "true" representation of what you took a picture of.

Photography is right up there with statistics in its potential for "true" information to be used to draw misleading or false conclusions. I predict that a picture with this technology may carry along with it the authority to impose a reality that's actually not true by pointing to this built-in encryption to say "see? the picture is real" when the deception was actually carried out by the framing or timing of the picture, as has been done often throughout history.

[–] CrayonRosary@lemmy.world 9 points 11 months ago* (last edited 11 months ago) (1 children)

You're talking about "the whole truth". If the whole is true, then all of the parts are true, so photographing only a subset of the truth (framing) is still true. If a series of events are true, then each event is true, so taking a picture at a certain time (timing) is also true.

Photos capture real photons that were present at real scenes and turn them into grids of pixels. Real photographs are all "true". Photoshop and AI don't need photons and can generate pixels from nothing.

That's what is being said.

[–] NAXLAB@lemmy.world -1 points 11 months ago (1 children)

Nah, lying by omission can still tell a totally wrong narrative. Sometimes it has to be the whole truth to be the truth.

[–] CrayonRosary@lemmy.world 2 points 11 months ago (1 children)

You'd make a bad programmer or mathematician.

[–] NAXLAB@lemmy.world 1 points 11 months ago (1 children)

Well... Mathematicians would agree with me

[–] CrayonRosary@lemmy.world 1 points 11 months ago (1 children)
[–] NAXLAB@lemmy.world -1 points 11 months ago* (last edited 11 months ago) (1 children)

Your position assumes also that no photos can be staged. That's a whole category of "true" photos that tell a false narrative.

[–] CrayonRosary@lemmy.world 1 points 11 months ago* (last edited 11 months ago)

Neither of us were talking about that. Not in your original comment, and not in my reply. Obviously, I was arguing against your original comment.

I said nothing about staged photos, and bringing that up and saying it's part of my argument is intellectual dishonesty.

[–] dhork@lemmy.world 7 points 11 months ago (1 children)

As I understand it, it's a digital signature scheme where the raw image is signed at the camera, and modifications in compliant software are signed as well. So it's not so much "this picture is 100% real, no backsies". Nor is it "We know all the things done to this picture", as I doubt people who modify these photos want us to know what they are modifying.

So it's more like "This picture has been modified, like all pictures are, but we can prove how many times it was touched, and who touched it". They might even be able to prove when all that stuff happened.

[–] lolcatnip@reddthat.com 5 points 11 months ago

Even that doesn't do much to prove the image is an authentic representation of anything. People have been staging photos for as long as there have been photos, and no camera can guard against that.

[–] EurekaStockade@lemmy.world 18 points 11 months ago

Everyone talking about hacking the firmware to extract the private key

Me just taking a photo of the deepfake

[–] FoundTheVegan@kbin.social 16 points 11 months ago* (last edited 11 months ago) (1 children)

Ctrl + F "Blockchain"

... Oh?

Well that's a suprise, a system that actually is comperable to block chain in a different medium doesn't plaster it everywhere. We've certainly seen more use over much much less relevance.

Neat tech. Hope it catches on.

[–] GigglyBobble@kbin.social 8 points 11 months ago* (last edited 11 months ago)

And where do you see any resemblance to a blockchain?

From the article it is just cryptographic signing - once by the camera with its built-in key and once on changes by the CAI tool which has its own key.

[–] luthis@lemmy.nz 16 points 11 months ago (2 children)

Maybe I am misunderstanding here, but what is going to stop anyone from just editing the photo anyway? There will still be a valid certificate attached. You can change the metadata to match the cert details. So... ??

[–] lolcatnip@reddthat.com 10 points 11 months ago (1 children)

I don't know about this specific product but in general a digital signature is generated based on the content being signed, so any change to the content will make the signature invalid. It's the whole point of using a signature.

[–] luthis@lemmy.nz 2 points 11 months ago (1 children)

I was too tired to investigate further last night. That is the case here, sections of data are hashed and used to create the certs:

https://c2pa.org/specifications/specifications/1.3/specs/C2PA_Specification.html#_hard_bindings

Which means that there isn't a way to edit the photo and have the cert match, and also no way to compress or change the file encoding without invalidating the cert.

[–] nutsack@lemmy.world 1 points 11 months ago* (last edited 11 months ago)

so it's for jpeg shooters, basically. unfortunately the leica bodies aren't really known for producing good jpegs.

[–] aidan@lemmy.world 3 points 11 months ago

I'm not expert in encryption, but I think you could store a key in the device that encrypts the hash, then that encrypted hash is verified by Leica servers?

[–] Dedh@lemmy.world 6 points 11 months ago

Informacam has a similar "chain of custody" goal but was developed for existing devices. Guardian Project was involved with CameraV, the android version for mobile devices. It looks like Proofmode is now the active project & it's available for ios as well as android. https://proofmode.org/

[–] LilDumpy@lemmy.world 4 points 11 months ago (1 children)
[–] babyfarmer@lemmy.world 23 points 11 months ago (1 children)
[–] ColeSloth@discuss.tchncs.de 5 points 11 months ago (1 children)

Yeah. In eurotrip a dork got a BJ just for owning a Leica.

[–] SkyezOpen@lemmy.world 3 points 11 months ago (1 children)

You mean young Ben shapiro

[–] MNByChoice@midwest.social 3 points 11 months ago (3 children)

I don't think that was him. https://m.imdb.com/name/nm5458588/

Also, WTF is he just cranking trash out?

[–] SkyezOpen@lemmy.world 3 points 11 months ago

Not literally him lol, just looks like him. And yeah, you expect a grifter to make quality media?

[–] Deceptichum@kbin.social 3 points 11 months ago

Alt-Right Bluey will always make me laugh.

What a pathetic person.

[–] Fal@yiffit.net 1 points 11 months ago

Do they really have literally nothing except being contrarians? https://m.imdb.com/title/tt8052768/?ref_=nm_flmg_t_3_prd

[–] bitwolf@lemmy.one 1 points 11 months ago (1 children)

This is cool and all. But I am more concerned about finding a way to prevent my images from being scraped for AI training.

Something like an imperceptible gray grid over the image that would throw off the AI training, and not force people to use certain browsers / apps.

[–] HumbertTetere@feddit.de 2 points 11 months ago (1 children)
[–] bitwolf@lemmy.one 1 points 11 months ago (1 children)

This is awesome, thanks for sharing!

After reading I think it perceptively alters the image, but I'm definitely going to play around with it and see what's possible.

[–] Even_Adder@lemmy.dbzer0.com 3 points 11 months ago

Beware, this is made by Ben Zhao, the University of Chicago professor who stole open source code for his last data poisoning scheme.

[–] Kbin_space_program@kbin.social 1 points 11 months ago (2 children)

Ah, DRM for your photos.

Great.

[–] FaceDeer@kbin.social 0 points 11 months ago (2 children)

Not at all. From what I understand of this article, it wouldn't stop you from doing anything you wanted with the image. It just generates a signed certificate at the moment the picture is taken that authenticates that that particular image existed at that particular time. You can copy the image if you like.

[–] burliman@lemm.ee 1 points 11 months ago (1 children)

This is an adorable show of optimism.

[–] lolcatnip@reddthat.com -1 points 11 months ago

🙄

Digital signatures are not nefarious. Quit freaking out about things just because you don't understand them.

[–] Kbin_space_program@kbin.social 1 points 11 months ago

Forgive the cynicism, but: free, for now.

What happens when the company decides all of a sudden to lock the service behind a subscription pay wall?

Do you still maintain rights to your photos when you use this service?

[–] lolcatnip@reddthat.com -1 points 11 months ago

This isn't DRM. I can't believe you have so many upvotes for such blatant FUD.

[–] culprit@lemmy.ml -1 points 11 months ago

I was wondering when crypto content would become a thing like this.