← Back to context

Comment by XorNot

20 hours ago

Which still sounds like your employer was simply incompetent because why was any type of perceptual hashing scheme even involved?

Signing digital data with hardware secure tokens is a commodity capability in the iPhone many of HNs users are reading this site with.

5 comments

XorNot

Reply
ChrisMarshallNY  15 hours ago

> your employer was simply incompetent

You’re probably right. This is easy, basic stuff that any recent college grad can do with their eyes closed.

dzhiurgis  19 hours ago

I think this has been around for not so long

https://en.wikipedia.org/wiki/Content_Authenticity_Initiativ...

  • XorNot  18 hours ago

    Sure but conceptually no one should've been able to crack any hashing scheme anyone half-way decent at their job could come up. SHA256 is the default and it's unbroken. Even SHA1 has scant few known collisions. So like...what the heck were they hashing and how that anyone was able to crack it?

    • phreeza  16 hours ago

      Maybe its more like the hash was a well known secure hash but someone managed to extract the salt/private key/signing certificate from the camera?