Submitted 8 months ago by L4s@lemmy.world [bot] to technology@lemmy.world
The White House wants to ‘cryptographically verify’ videos of Joe Biden so viewers don’t mistake them for AI deepfakes::Biden’s AI advisor Ben Buchanan said a method of clearly verifying White House releases is “in the works.”
I have said for years all media that needs to be verifiable needs to be signed. Gpg signing lets gooo
Very few people understand why a GPG signature is reliable or how to check it. Malicious actors will add a “GPG Signed” watermark to their fake videos and call it a day, and 90% of victims will believe it.
As soon as VLC adds the gpg sig feature, it’s over.
Yeah but all it takes is proving it doesn’t have the right signature and you can make the Social Media corpo take every piece of media with that signature just for that alone.
What’s even better is that you can attack entities that try to maliciously let people get away with misusing their look and fake being signed for failing to defend their IP, basically declaring you intend to take them to court to Public Domainify literally everything that makes them any money at all.
If billionaires were willing to allow disinformation as a service then they wouldn’t have gone to war against news as a service to make it profitable to begin with.
I just mentioned this in another comment tonight; cryptographic verification has existed for years but basically no one has adopted it for anything. Some people still seem to think pasting an image of your handwriting on a document is “signing” a document somehow.
It doesn’t help that in a lot of cases, this is actually accepted by a shit ton of important institutions that should be better, but aren’t.
Still trying to get people to sign their emails lol
The average Joe won’t know what any of what you just said means. Hell, the Joe in the OP doesn’t know what any of you just said means. There’s no way (IMO) of simultaneously creating a cryptographic assurance and having it be accessible to the layman.
There is, but only if you can implement a layer of abstraction and get them to trust that layer of abstraction.
Few laymen understand why Bitcoin is secure. They just trust that their wallet software works and because they were told by smarter people that it is secure.
Few laymen understand why TLS is secure. They just trust that their browser tells them it is secure.
Few laymen understand why biometric authentication on their phone apps is secure. They just trust that their device tells them it is secure.
Huh. They actually do something right for once instead of spending years trying to ban A.I tools. I’m pleasantly surprised.
Bingo. If at the limit, the purpose of an AI is to be indistinguishable from human generated content, then watermarking and AI detection algorithms will be absolutely useless.
The ONLY means to do this is to have creators verify their human-generated (or vetted) content at the time of publication (providing positive proof), as opposed to attempting to retroactively trying to determine if content was generated by a human (proving a negative).
I mean banning use cases is deffo fair game, generating kiddy porn should be treated as just as heinous as making it the “traditional” way IMO
Yikes! The implication is that it does not matter if a child was victimized. It’s “heinous”, not because of a child’s suffering, but because… ?
Idk, making CP where a child is raped vs making CP where no children are involved seem on very different levels of bad to me.
Both disgusting, but certainly not exactly the same. One has a non-consenting child being abused, the other doesn’t. One is worse than the other.
Yeah good luck getting to general public to understand what “cryptographically verified” videos mean
The general public doesn’t have to understand anything about how it works as long as they get a clear “verified by …” statement in the UI.
The problem is that even if you reveal the video as fake,the feeling it reinforces on the viewer stays with them.
“Sure that was fake,but the fake that it seems believable tells you everything you need to know”
It could work the same way the padlock icon worked for SSL sites in browsers back in the day. The video player checks the signature and displays the trusted icon.
It needs to focus on showing who published it, not the icon
I mean, how is anyone going to crytographically verify a video? You either have an icon in the video itself, meaning nothing, fakers just copy that in theirs, or you have to sign or make file hashes for each permutation of the video file sent out. At that point how are normal people actually going to verify? At best their trusting the player of whatever site they’re on to be truthful when it says that it’s verified.
Saying they want to do this is one thing, but as far as I’m aware, we don’t have a solution that accounts for the rampant re-use of presidential videos in news and secondary reporting
I have a terrible feeling that this would just be wasted effort beyond basic signing of the video file uploaded on the official government website, which really doesn’t solve the problem for anyone who can’t or won’t verify the hash on their end.
Just make it a law that if as a social media company you allow unverified videos to be posted, you don’t get safe harbour protections from libel suits for that. It would clear right up. As long as the source of trust is independent of the government or even big business, it would work and be trustworthy.
Back in the day, many rulers allowed only licensed individuals to operate printing presses. It was sometimes even required that an official should read and sign off on any text before it was allowed to be printed.
Freedom of the press originally means that exactly this is not done.
As long as the source of trust is independent of the government or even big business, it would work and be trustworthy
That sounds like wishful thinking
“Not everybody will use it and it’s not 100% perfect so let’s not try”
That’s not the point. It’s that malicious actors could easily exploit that lack of knowledge to trick users into giving fake videos more credibility.
If I were a malicious actor, I’d put the words “✅ Verified cryptographically by the White House” at the bottom of my posts and you can probably understand that the people most vulnerable to misinformation would probably believe it.
I don’t blame them for wanting to, but this won’t work. Anyone who would be swayed by such a deepfake won’t believe the verification if it is offered.
Agreed and I still think there is value in doing it.
I honestly do not see the value here. Barring maybe a small minority, anyone who would believe a deepfake about Biden would probably also not believe the verification and anyone who wouldn’t would probably believe the administration when they said it was fake.
The value of the technology in general? Sure. I can see it having practical applications. Just not in this case.
I don’t think that’s what this is for. I think this is for reasonable people, as well as for other governments.
Besides, passwords can be phished or socially engineered, and some people use “abc123.” Does that mean we should get rid of password auth?
Deepfakes could get better. And if they do, a lot more people will start to get fooled
Fucking finally. We’ve had this answer to digital fraud for ages.
Sounds like a very Biden thing (or for anyone well into their Golden Years) to say, “Use cryptography!” but it’s not without merit. How do we verify file integrity? How to we digitally sign documents?
The problem we currently have is that anything that looks real tends to be accepted as real (or authentic). We can’t rely on humans to verify authenticity of audio or video anymore. So for anything that really matters we need to digitally sign it so it can be verified by a certificate authority or hashed to verify integrity.
This doesn’t magically fix deep fakes. Not everyone will verify a video before distribution and you can’t verify a video that’s been edited for time or reformatted or broadcast on the TV. It’s a start.
We’ve had this discussion a lot in the Bitcoin space. People keep arguing it has to change so that “grandma can understand it” but I think that’s unrealistic. Every technology has some inherent complexities that cannot be removed and people have to learn if they want to use it. And people will use it if the motivation is there. Wifi has some inherent complexities people have become comfortable with. People know how to look through lists of networks, find the right one, enter the passkey or go through the sign on page. Some non-technical people know enough about how Wifi should behave to know the internet connection might be out or the route might need a reboot. None of this knowledge was commonplace 20 years ago. It is now.
The knowledge required to leverage the benefits of cryptographic signatures isn’t beyond the reach of most people. The general rules are pretty simple. The industry just has to decide to make the necessary investments to motivate people.
The President’s job isn’t really to be an expert on everything, the job is more about being able to hire people who are experts.
If this was coupled with a regulation requiring social media companies to do the verification and indicate that the content is verified then most people wouldn’t need to do the work to verify content (because we know they won’t).
It obviously wouldn’t solve every problem with deepfakes, but at least it couldn’t be content claiming to be from CNN or whoever. And yes someone editing content from trusted sources would make that content no longer trusted, but that’s actually a good thing. You can edit videos to make someone look bad, you can slow it down to make a person look drunk, etc. This kind of content should not considered trusted either.
Someone doing a reaction video going over news content or whatever could have their stuff be considered trusted, but it would be indicated as being content from the person that produced the reaction video not as content coming from the original news source. So if you see a “news” video that has it’s verified source as “xXX_FlatEarthIsReal420_69_XXx” rather than CNN, AP News, NY Times, etc, you kinda know what’s up.
The number of 80 year olds that know what cryptography is AND know that it’s a proper solution here is not large. I’d expect an 80 year old to say something like “we should only look at pictures sent by certified mail” or “You cant trust film unless it’s an 8mm and the can was sealed shut!”
This doesn’t solve anything. The White House will only authenticate videos which make the President look good. Curated and carefully edited PR. Maybe the occasional press conference. The vast majority of content will not be authenticated. If anything this makes the problem worse, as it will give the President remit to claim videos which make them look bad are not authenticated and should therefore be distrusted.
It needs to be more general. A video should have multiple signatures. Each signature relies on the signer’s reputation, which works both ways. It won’t help those who don’t care about their reputation, but will for those that do.
A photographer who passes off a fake photo as real will have their reputation hit, if they are caught out. The paper that published it will also take a hit. It’s therefore in the paper’s interest to figure out how trustworthy the supplier is.
I believe canon recently announced a camera that cryptographically signs photographs, at the point of creation. At that point, the photographer can prove the camera, the editor can prove the photographer, the paper can prove the editor, and the reader can prove the newspaper. If done right, the final viewer can also prove the whole chain, semi-independently. It won’t be perfect (far from it) but might be the best will get. Each party wants to protect their reputation, and so has a vested interest in catching fraud.
For this to work, we need a reliable way to sign images multiple times, as well as (optionally) encode an edit history into it. We also need a quick way to match cryptographic keys to a public key.
An option to upload a time stamped key to a trusted 3rd party would also be of significant benefit. Ironically, Blockchain might actually be a good use for this. In case a trusted 3rd can’t be established.
Great points and I agree. I also think the signature needs to be built into the stream in a continuous fashion so that snippets can still be authenticated.
I don’t think that’s practical or particularly desirable.
Today, when you buy something, EG a phone, the brand guarantees the quality of the product, and the seller guarantees the logistics chain (that it’s unused, not stolen, not faked, not damaged in transport, …). The typical buyer does not care about the parts used, the assembly factory, etc.
When a news source publishes media, they vouch for it. That’s what they are paid for (as it were). If the final viewer is expected to check the chain, they are asked to do the job of skilled professionals for free. Do-your-own-research rarely works out, even for well-educated people. Besides, in important cases, the whole chain will not be public to protect sources.
I don’t understand your concern. Either it’ll be signed White House footage or it won’t. They have to sign all their footage otherwise there’s no point to this. If it looks bad, don’t release it.
Anyone can digitally sign anything (maybe not easily or for free). The Whitehouse can verify or not verify whatever they choose but if you, as a journalist let’s say, want to give credence to video you distribute you’ll want to digitally sign it. If a video switches hands several times without being signed it might as well have been cooked up by the last person that touched it.
It would become quite easy to dismiss anything for not being cryptographically verified simply by not cryptographically verifying.
I can see the benefit of having such verification but I also see how prone it might be to suppressing unpopular/unsanctioned journalism.
Unless the proof is very clear and easy for the public to understand the new method of denial just becomes the old method of denial.
You could go a really long way by just giving all photographers the ability to sign their own work. If you know who took the photo, then you can make good decisions about wether to trust them or not.
Random account on a social network shares a video of a presidential candidate giving a speech? Yeah maybe don’t trust that. Look for someone else who’s covered the same speech instead, obviously any real speech is going to be covered by every major news network.
That doesn’t stop a ordinary people from sharing presidential speeches on social networks. But it does make it trivial for other people to credibly call out fake content.
Once people get used to cryptographical signed videos, why only trust one source? If a news outlet is found signing a fake video, they will be in trouble. Loss of said trust if nothing else.
We should get to the point we don’t trust unsigned videos.
the technology to do this has existed for decades and it’s crazy to me that people aren’t doing it all the time yet
I’m sure they do. AI regulation probably would have helped with that. I feel like congress was busy with shit that doesn’t affect anything.
I salute whoever has the challenge of explaining basic cryptography principles to Congress.
I see no difference between creating a fake video/image with AI and Adobe’s packages. So to me this isn’t an AI problem, it’s a problem that should have been resolved a couple of decades ago.
Government also puts backdoor in said math, gets hacked, official fakes released
Or more likely they will only discredit fake news and not verify actual footage that is a poor reflection. Like a hot mic calling someone a jackass, white House says no comment.
Why not just official channels of information, e.g. White house Mastodon instance with politicians’ accounts, government-hosted, auto-mirrored by third parties.
You mean to tell me that cryptography isn’t the enemy and that instead of fighting it in the name of “terrorism and child protection” that we should be protecting children by having strong encryption instead??
When it comes to misinformation I always remember when I was a kid I’m the early 90s, another kid told me confidently that the USSR had landed on Mars, gathered rocks, filmed it and returned to earth(it now occurs to me that this homeschooled kid was confusing the real moon landing.) I remember knowing it was bullshit but not having a way to check the facts. The Internet solved that problem. Now, by God , the Internet has recreated the same problem.
I think this is a great idea. Hopefully it becomes the standard soon, cryptographically signing clips or parts of clips so there’s no doubt as to the original source.
what if I meet Joe and take a selfie of both of us using my phone? how will people know that my selfie is an authentic Joe Biden?
Ultimately, reputation based trust, combined with cryptographic keys is likely the best we can do. You (semi automatically) sign the photo, and upload it’s stamp to a 3rd party. They can verify that they received the stamp from you, and at what time. That proves the image existed at that time, and that it’s linked to your reputation. Anything more is just likely to leak, security wise.
That’s the big question. How will we verify anything as real?
Probably a signed comment from the Double-Cone Crusader himself, basically free PR so I don’t see why he or any other president wouldn’t at least have an intern give you a signed comment fist bump of acknowledgement
I’ve been saying for a long time now that camera manufacturers should just put encryption circuits right inside the sensors. Of course that wouldn’t protect against pointing the camera at a screen showing a deepfake or someone painstakingly dissolving top layers and tracing out the private key manually, but that’d be enough of the deterrent from forgery. And also media production companies should actually put out all their stuff digitally signed. Like, come on, it’s 2024 and we still don’t have a way to find out if something was filmed or rendered, cut or edited, original or freebooted.
If you’ve been saying this for a long time please stop. This will solve nothing. It will be trivial to bypass for malicious actors and just hampers normal consumers.
They’re doing something like that I think
I’ve always thought that bank statements should require cryptographic signatures for ledger balances. Same with individual financial transactions, especially customer payments.
Without this we’re pretty much at the mercy of trust with banks and payment card providers.
I imagine there’s a lot of integrity requirements for financial transactions on the back end, but the consumer has no positive proof except easily forged statements.
Yeah but that would require banks to actually invest money to improve customer trust… Not something banks are very interested in, really. It’s easier and cheaper to just have the marketing department come up with some nonsense claim and advertise that instead.
We need something akin to the simplicity and ubiquity of Google that does this, government funded and with transparent oversight. We’re past the point of your aunt needing a way to quickly check if something is obvious bullshit.
Call it sitting like Exx-Ray, the two Xs mean double check - “That sounds very unlikely that they said that Aunt Pat… You need to Exx-Ray shit like that before you talk about it at Thanksgiving”
Or same thing, but with the word Check, CHEXX - “No that sounds like bullshit, I’m gonna CHEXX it… Yup that’s bullshit, Randy.”
This is sadly necessary
Joe Biden NFTs comfirmed
So should Taylor Swift
It’s a good idea. And I hope to see more of this in other types of communications.
Maybe the White House should create a hash of the video and add it to a public blockchain. Anyone can then verify if the video is authentic.
Wait. Did the White House just discover a legitimate use-case for NFTs?
Can someone try to explain, relatively simply, what cryptographic verification actually entails? I’ve never really looked into it.
I mean they could just create a highly-secure official Fediverse server/account?
I’m more interested in how exactly you’d implement something like this.
It’s not like videos viewed on tiktok display a hash for the file you’re viewing; and users wouldn’t look at that data anyway, especially those that would be swayed by a deep fake…
This is the best summary I could come up with:
The White House is increasingly aware that the American public needs a way to tell that statements from President Joe Biden and related information are real in the new age of easy-to-use generative AI.
Big Tech players such as Meta, Google, Microsoft, and a range of startups have raced to release consumer-friendly AI tools, leading to a new wave of deepfakes — last month, an AI-generated robocall attempted to undermine voting efforts related to the 2024 presidential election using Biden’s voice.
Yet, there is no end in sight for more sophisticated new generative-AI tools that make it easy for people with little to no technical know-how to create fake images, videos, and calls that seem authentic.
Ben Buchanan, Biden’s Special Advisor for Artificial Intelligence, told Business Insider that the White House is working on a way to verify all of its official communications due to the rise in fake generative-AI content.
While last year’s executive order on AI created an AI Safety Institute at the Department of Commerce tasked with creating standards for watermarking content to show provenance, the effort to verify White House communications is separate.
Ultimately, the goal is to ensure that anyone who sees a video of Biden released by the White House can immediately tell it is authentic and unaltered by a third party.
The original article contains 367 words, the summary contains 218 words. Saved 41%. I’m a bot and I’m open source!
If the White House actually makes the deep fakes, do they count as “fakes?”
CyberSeeker@discuss.tchncs.de 8 months ago
Digital signature as a means of non repudiation is exactly the way this should be done. Any official docs or releases should be signed and easily verifiable by any public official.
mods_are_assholes@lemmy.world 8 months ago
Maybe deepfakes are enough of a scare that this becomes standard practice, and protects encryption from getting government backdoors.
RVGamer06@sh.itjust.works 8 months ago
Image
otter@lemmy.ca 8 months ago
Would someone have a high level overview or ELI5 of what this would look like, especially for the average user. Would we need special apps to verify it? How would it work for stuff posted to social media
linking an article is also ok :)
AbouBenAdhem@lemmy.world 8 months ago
Depending on the implementation, there are two cryptographic functions that might be used (perhaps in conjunction):
Cryptographic hashes: An arbitrary amount of data (like a video file) is used to create a “hash”—a shorter, (effectively) unique text string. Anyone can run the file through the same function to see if it produces the same hash; if even a single bit of the file is changed, the hash will be completely different.
Public key cryptography: A pair of keys are created, one of which can only encrypt data (but can’t decrypt its own output), and the other can only decrypt data that was encrypted by the matching key. Users (like the White House) can post their public key on their website; then if a subsequent message purporting to come from that user can be decrypted using that key, it proves it came from them.
AtHeartEngineer@lemmy.world 8 months ago
The best way this could be handled is a green check mark near the video that you could click on it and it would give you all the meta data of the video (location, time, source, etc) with a digital signature (what would look like a random string of text) that you could click on and your browser would show you the chain of trust, where the signature came from, that it’s valid, probably the manufacturer of the equipment it was recorded on, etc.
pupbiru@aussie.zone 8 months ago
it would potentially be associated with a law that states that you must not misrepresent a “verified” UI element like a check mark etc, and whilst they could technically add a verified mark wherever they like, the law would prevent that - at least for US companies
General_Effort@lemmy.world 8 months ago
For the average end-user, it would look like “https”. You would not have to know anything about the technical background. Your browser or other media player would display a little icon showing that the media is verified by some trusted institution and you could learn more with a click.
In practice, I see some challenges. You could already go to the source via https, EG whitehouse.gov, and verify it that way. An additional benefit exists only if you can verify media that have been re-uploaded elsewhere. Now the user needs to check that the media was not just signed by someone (EG whitehouse.gov.ru), but if it was really signed by the right institution.
Starbuck@lemmy.world 8 months ago
Adobe is actually one of the leading actors in this field, take a look at the Content Authenticity Initiative (contentauthenticity.org)
Like the other person said, it’s based on cryptographic hashing and signing. Basically the standard would embed metadata into the image.
PhlubbaDubba@lemm.ee 8 months ago
Probably you’d notice a bit of extra time posting for the signature to be added, but that’s about it, the responsibility for verifying the signature would fall to the owners of the social media site and in the circumstances where someone asks for a verification, basically imagine it as a libel case on fast forward, you file a claim saying “I never said that”, they check signatures, they shrug and press the delete button and erase the post, crossposts, and if it’s really good screencap posts and those crossposts of the thing you did not say but is still being attributed falsely to your account or person.
It basically gives absolute control of a person’s own image and voice to themself, unless a piece of media is provable to have been made with that person’s consent, or by that person themself, it can be wiped from the internet no trouble.
Where it comes to second party posters, news agencies and such, it’d be more complicated but more or less the same, with the added step that a news agency may be required to provide some supporting evidence that what they said is not some kind of misrepresentation or such as the offended party filing the takedown might be trying to insist for the sake of their public image.
Of course there could still be a YouTube “Stats for Nerds”-esque addin to the options tab on a given post that allows you to sign-check it against the account it’s attributing something to, and a verified account system could be developed that adds a layer of signing that specifically identifies a published account, like say for prominent news reporters/politicians/cultural leaders/celebrities, that get into their own feed so you can look at them or not depending on how ya be feelin’ that particular scroll session.
Cocodapuf@lemmy.world 8 months ago
It needs some kind of handler, but we mostly have those in place. A web browser could be the handler for instance. A web browser has the green dot on the upper left, telling you a page is secure, that https is on and valid. This could work like that, the browser can verify the video and display a green or red dot in the corner, the user could just mouse over it/tap on it to see who it’s verified to be from. But it’s up to the user to mouse over it and check if it says whitehouse.gov or dr-evil-mwahahaha.biz
dejected_warp_core@lemmy.world 8 months ago
TL;DR: one day the user will see an overlay or notification that shows an image/movie is verified as from a known source. No extra software required.
Honestly, I can see this working great in future web browsers. Much like the padlock in the URL bar, we could see something on images that are verified. The image could display a padlock in the lower-left corner or something, along with the name of the source, demonstrating that it’s a securely verified asset. “Normal” images would be unaffected. The big problem is how to put something on the page that cannot be faked by other means.
It’s a little more complicated for software like phone apps like X or Facebook, but doable. The problem is that those products must choose to add this feature. Hopefully, losing reputation to being swamped with unverifiable media will be motivation enough to do so.
The underlying verification process is complex, but should be similar to existing technology (e.g. GPG). The key is that images and movies typically contain a “scratch pad” area in the file for miscellaneous stuff (metadata). This is where the image’s author can add a cryptographic signature for the file itself. The user would never even know it’s there.
pupbiru@aussie.zone 8 months ago
i wouldn’t say signature exactly, because that ensures that a video hasn’t been altered in any way: no re-encoded, resized, cropped, trimmed, etc… platforms almost always do some of these things to videos, even if it’s not noticeable to the end-user
there are perceptual hashes, but i’m not sure if they work in a way that covers all those things or if they’re secure hashes. i would assume not
perhaps platforms would read the metadata in a video for a signature and have to serve the video entirely unaltered if it’s there?
thantik@lemmy.world 8 months ago
You don’t need to bother with cryptographically verifying downstream videos, only the source video needs to be able to be cryptographically verified. That way you have an unedited, untampered cut that can be verified to be factually accurate to the broadcast.
AbouBenAdhem@lemmy.world 8 months ago
Rather that using a hash of the video data, you could just include within the video the timestamp of when it was originally posted, encrypted with the White House’s private key.
Natanael@slrpnk.net 8 months ago
Apple’s scrapped on-device CSAM scanning was based on perceptual hashes.
The first collision demo breaking them showed up in hours with images that looked glitched. After just a week the newest demos produced flawless images with collisions against known perceptual hash values.
In theory you could create some ML-ish compact learning algorithm and use the compressed model as a perceptual hash, but I’m not convinced this can be secure enough unless it’s allowed to be large enough, as in some % of the original’s file size.