I have just finished reading an article that my daughter was first author on. “Old Threats, New Name? Generative AI and Visual Journalism
Phoebe Matich, T. J. Thomson & Ryan J. Thomas”
https://www.tandfonline.com/doi/full/10.1080/17512786.2025.2451677
It got me wondering, do #photojournalists use public key cryptography to sign their work? Similarly to how some people use cryptography to sign their emails.
It would provide a way for consumers to distinguish between computer generated images and actual photojournalists work if they were able to digitally sign their images, in a way that #news organisations would honour in their publications. That is, published images or videos would include a digital signature created using public key cryptography. The photojournalist has the private key, and the public key is available online in some photojournalist public key service. So anyone who views the image in a news story can verify that it was produced by the photojournalist using the public key, but of course they can’t sign images with the public key. They can only verify the existing signature. If the photojournalist is the only one that has the private key, they are the only one that can sign the image. Then we would have a way to know which images are real and which are computer generated. Computer generated images won’t have a photojournalist signature unless they wanted them to.
Perhaps this is being done already?
@phoebematich
=> More informations about this toot | More toots from spmatich@ioc.exchange
@spmatich @phoebematich
Don't put the public keys in a new special key server. By all means put a list of photojournalists up, with pointers to the existing key servers.
But yes, the PGP/GPG system, with the Web of Trust and PKI offers a solution to this problem.
The trust thing - you need assurance the entity claiming to be the photojourno and signing the image actually is, so get their key signed by people who in catenation lead to you.
And notarise it, against replacement. GNotary exists.
=> More informations about this toot | More toots from midgephoto@photog.social
@midgephoto @spmatich @phoebematich You would also need to somehow verify that an entity claiming to be a photojournalist actually is one. And not, for example, a skilfully deployed bot.
=> More informations about this toot | More toots from ibk@aus.social
@ibk @midgephoto @phoebematich the media/news organisation would provide some means of establishing their identity. They have the relationship with the photojournalist. The problem to be solved, is how do we know an image / video has been generated by a particular person or entity. Not only that but we can publicly verify this with little effort, and be sure that digital signature is unique. So a photojournalist can provide a guarantee that an image or video is genuine. That would make their work much more valuable than say something randomly uploaded from some unknown entity. At the moment photojournalists value can subverted by unscrupulous content generators, because they have no way of asserting the origin of their content. A digital signature would not guarantee that the image won’t have been manipulated, but it will identify who provided it.
=> More informations about this toot | More toots from spmatich@ioc.exchange
@spmatich @ibk @phoebematich
We did quite a lot of thinking about this in relation to medical records, last century and into about 2004.
Organisations depart. They also discard stuff. And some have lied.
The classic crptographer's answer was to publish the hash of the record, at the time, in the Personal ads columns of the New York Times.
GNotary was a time-binding solution on similar principles.
Ross Anderson wrote the book Security Engineering, one edition of which is free on the Web.
=> More informations about this toot | More toots from midgephoto@photog.social
@spmatich @ibk @phoebematich
For medical records you can imagine we want to know, and show, that the record we see is the record that was made, all of it, and only it.
This may be accomplished by passing the (element of the) record through a #trapdoor #function, or #hashing #algorithm such as SHA1 (secure hash algorithm 1) and sending the hash somewhere else.
The hash is small, compared with the medical note, and tiny compared to a photograph.
…
=> More informations about this toot | More toots from midgephoto@photog.social
@spmatich @ibk @phoebematich
…
On challenge we retrieve a copy of the hash, hash the purported original picture/record again, and compare the two.
Now, there are digital signatures for who as well as for what, and we can hash collections of hashes and so on, but it rapidly becomes plausible to the intelligent that the record is as submitted. Or occasionally, that it isn't.
Survivors from when "crypto" meant secret writing, not money and scams, can go on for hours about this because …
=> More informations about this toot | More toots from midgephoto@photog.social
@spmatich … (another/probably too many)
… Because although it is an Enigma to most, it is fascinating to some, and ¡useful!
There's a lot about it in #Cryptonomicon , fiction by Neal Stephenson.
=> More informations about this toot | More toots from midgephoto@photog.social
@ibk @spmatich @phoebematich
Web of Trust.
=> More informations about this toot | More toots from midgephoto@photog.social This content has been proxied by September (3851b).Proxy Information
text/gemini