Comment by ChrisMarshallNY
1 day ago
I worked for a company that made these. We sold expensive software to the FBI.
Took about six months for someone to crack the hash.
1 day ago
I worked for a company that made these. We sold expensive software to the FBI.
Took about six months for someone to crack the hash.
What about a system that saves in some way the hash in a Blockchain, and if you, eg, XOR the hash of the video with the hash of the previous block you will "certainly" know that the video was created between the previous block and the block where the hash is saved in. That's a starting point.
that does nothing to verify authenticity
it does something, sometimes. it pushes the required fabrication timeline back.
if it is mandated that every photo or video taken for the possible use in evidence is notarized at the time of acquisition, any fabrication would necessitate total premeditation. that is, the fabricators would need to know ahead of time what they were pursuing and what evidence they would need. this seems like a very costly barrier.
for example, altering security footage would require some fantastical elements: a real-time system of ingesting real footage and altering it in real-time to slip it into the notarization pipeline within the error margins.
requiring that any equipment that produces acceptable evidence stream commitment hashes in real-time to public append-only repositories would be an enormous step forward.
This sort of chain doesn't need PoW I take it, just a very secure police server to sign blocks.
And it couldn't be run by the police or any of their friends, since they're the adversary.
Might have a point. This was before blockchain.
I suspect that the cops wouldn’t like the chain public, though.
Like when people discuss voting, I believe a blockchain [0] is a terrible pitfall compared to a classic distributed database system of predefined nodes run by different organizations. For example, imagine a couple hundred predefined nodes run by different states, federal agencies, etc.
An attacker altering the ledger would still require compromising an unreasonably large number of independent groups at once, and even then the rest would be able to clearly see that some unusual and suspicious event occurred.
By limiting membership a bunch of problems simply vanish, like long-clearing times, wasting hardware on mining, vulnerability to foreign botnets, etc.
[0] A blockchain is distinguished by its core requirement, from which a cascade complexity flows: Uncontrolled node membership. Don't be fooled by people pitching "private blockchain", its a contradiction in terms designed to rehabilitate hype, like "multi-sample Theranos test" or a bicycle as "Segway passively stabilized inline wheel model."
1 reply →
"Crack the hash"? Does this mean you were employing some novel hashing algorithm and relying on its secrecy? If so your employer were never serious about security in the first place. Hardware attestation is more or less a solved problem, and that solution does not involve secret algorithms.
Eh. It was some kind of hash of the image. I was not involved in that project, so can't tell you exactly how it worked, but the images were "signed," and someone figured out how to "re-sign" an altered image.
I think it was a fairly well-known technique.
Which still sounds like your employer was simply incompetent because why was any type of perceptual hashing scheme even involved?
Signing digital data with hardware secure tokens is a commodity capability in the iPhone many of HNs users are reading this site with.
5 replies →
Now sell them version 2.