New research from the University of Waterloo's Cybersecurity and Privacy Institute demonstrates that any artificial intelligence (AI) image watermark can be removed, without the attacker needing to know the design of the watermark, or even whether an image is watermarked to begin with.
I think maybe an update to the image format standards, where it like somehow includes a hash of the instrument that has taken the photo and video, and thus, only such media that can be verified to have been taken by a physical instrument can be used in like legal matters, or reporting or journals.
Either this hash can be verified by some algorithm, or maybe the media could depend on this hash in such a way that the media is corrupted if it gets altered.
The obvious limitation being that you can take a real photo with attestation with a real camera of a real computer screen displaying any fake shit you can imagine, then you have an officially hashed photo of anything.
If you’ve ever tried this, the moire pattern of pixels is obvious. You’d need a much higher resolution display than image sensor.
There are already plans for metadata signing. I think some high end Canon cameras might do it already. It basically allows proof (via public private key of the hash) that a particular camera took that photo.
The idea is that you can create a chain of custody with an image. Each edit requires a new signature, with each party responsible for verifying the previous chain, to protect their own reputation.
It’s far from perfect, but will help a lot with things like legal cases.
So you want to EMB make, model and SN into images now? Metadata on crack
If the hash can be created at the time the inage/media is created then it can be faked.
Depends on the hash - some are tracable to a crypotographic public key and thus cannot be faked. Most are not but there are options that can be. Normally we refer to such things as signed not a hash but same thing to the layman who doesn’t understand this.
In order for it to be traceable with a public key, it needs to be signed with the private key. That means the private key has to be on the camera. That means it can be extracted from the camera and leaked.
Maybe. There are ways to assign a private key that is not easy to extract. a chip that creates a private key on first poweron and then saves to internal memory for example.
Not easy to extract sure, but is it secure enough for you to claim that it hasnt been leaked and so forms a secure chain of custody? Once one has been leaked then that can be used to sign any fake pictures you like. I woudnt buy that for anything for serious than is this meme picture real.
There are ways to be sure of authenticity, ways that can’t be faked.
So we should all have to throw away or phones, cameras, etc. And buy new ones that have proprietary hardware attestation?
Oh come on, you’re gonna do that in two years anyway.
No <3