The White House wants to 'cryptographically verify' videos of Joe Biden so viewers don't mistake them for AI deepfakes - eviltoast

The White House wants to ‘cryptographically verify’ videos of Joe Biden so viewers don’t mistake them for AI deepfakes::Biden’s AI advisor Ben Buchanan said a method of clearly verifying White House releases is “in the works.”

  • AtHeartEngineer@lemmy.world
    link
    fedilink
    English
    arrow-up
    12
    ·
    11 months ago

    The best way this could be handled is a green check mark near the video that you could click on it and it would give you all the meta data of the video (location, time, source, etc) with a digital signature (what would look like a random string of text) that you could click on and your browser would show you the chain of trust, where the signature came from, that it’s valid, probably the manufacturer of the equipment it was recorded on, etc.

    • wizardbeard@lemmy.dbzer0.com
      link
      fedilink
      English
      arrow-up
      4
      ·
      11 months ago

      The issue is making that green check mark hard to fake for bad actors. Https works because it is verified by the browser itself, outside the display area of the page. Unless all sites begin relying on a media player packed into the browser itself, if the verification even appears to be part of the webpage, it could be faked.

      • brbposting@sh.itjust.works
        link
        fedilink
        English
        arrow-up
        4
        ·
        11 months ago

        Hope verification gets built in to operating systems as compromised applications present a risk too.

        But I’m sure a crook would build a MAGA Verifier since you can’t trust liberal Apple/Microsoft technology.

      • dejected_warp_core@lemmy.world
        link
        fedilink
        English
        arrow-up
        2
        ·
        edit-2
        11 months ago

        The only thing that comes to mind is something that forces interactivity outside the browser display area; out of the reach of Javascript and CSS. Something that would work for both mobile and desktop would be a toolbar icon that is a target for drag-and-drop. Drag the movie or image to the “verify this” target, and you get a dialogue or notification outside the display area. As a bonus, it can double for verifying TLS on hyperlinks while we’re at it.

        Edit: a toolbar icon that’s draggable to the image/movie/link should also work the same. Probably easier for mobile users too.

        • Natanael@slrpnk.net
          link
          fedilink
          English
          arrow-up
          2
          ·
          edit-2
          11 months ago

          If you set the download manager icon in the browser as permanently visible, then dragging it there could trigger the verification to also run if the metadata is detected, and to then also show whichever metadata it could verify.

    • Natanael@slrpnk.net
      link
      fedilink
      English
      arrow-up
      2
      ·
      11 months ago

      Do not show a checkmark by default! This is why cryptographers kept telling browsers to de-emphasize the lock icon on TLS (HTTPS) websites. You want to display the claimed author and if you’re able to verify keypair authenticity too or not.

      • AtHeartEngineer@lemmy.world
        link
        fedilink
        English
        arrow-up
        1
        ·
        11 months ago

        Fair point, I agree with this. There should probably be another icon in the browser that shows if all, some, or none of the media on a page has signatures that can be validated. Though that gets messy as well, because what is “media”? Things can be displayed in a web canvas or SVG that appears to be a regular image, when in reality it’s rendered on the fly.

        Security and cryptography UX is hard. Good point, thanks for bringing that up! Btw, this is kind of my field.

        • Natanael@slrpnk.net
          link
          fedilink
          English
          arrow-up
          1
          ·
          11 months ago

          I run /r/crypto at reddit (not so active these days due to needing to keep it locked because of spam bots, but it’s not dead yet), usability issues like this are way too common

          • AtHeartEngineer@lemmy.world
            link
            fedilink
            English
            arrow-up
            1
            ·
            11 months ago

            I ran /r/cryptotechnology for years, and am good friends with the /r/cc mods. Reddit is a mess though, especially in the crypto areas.