8
Image Standards Bodies have failed us (self.pgp)
submitted 1 day ago by florencia to c/pgp@sh.itjust.works
1 comments fedilink hide all child comments 
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

Seems like a super easy way to get ahead of all the fake AI News would be for stuff like "JPG" "PNG" "GIF" or video files to have a field that allows for an embedded signature of the file. Your phone OS loads a meme and tapping on picture shows it was signed by FuckedYoMama2838. Or Putin hugging Trump with an Associated Press signature.
-----BEGIN PGP SIGNATURE-----

iHUEARYKAB0WIQQAVrj5LUhAjGXg4hJtaH2ZThPr1gUCZ/3HiwAKCRBtaH2ZThPr
1jt/AP96LkzwJ7qJvEB51pYaqSi+RU4hlSFthYHoifN6rZdr8QD+N7r9QA/pKcOi
qhyuAPn8wbUhgy3q1DHCXweLJ4iakwg=
=ta2y
-----END PGP SIGNATURE-----
top 1 comments
sorted by: hot top controversial new old
[-] wizardbeard@lemmy.dbzer0.com 2 points 1 day ago

This leaves no room for "reasonable" edits, like resizing the image. Most sites you can upload images to use some form of image compression that would also kill this as well.

If the signature was kept through edits, then it's no longer actually linked to the image contents and is just added fluff for the appearance of trust. No real way to discern if an edit materially changes the content or not (the reasonable assumption is that most edits do change the content).

If the sig isn't kept through edits, then this would only work for directly shared images with no middle man hosting compressing things in the middle (at least if it wasn't 100% reversible compression).

This could be useful in a lot of situations and use cases (like press releases and news articles), but it simply wouldn't work for so many other image sharing situations.

this post was submitted on 15 Apr 2025
8 points (100.0% liked)

PGP Practice

108 readers
9 users here now

A community for practicing and/or discussing PGP (or GPG) encryption.

founded 2 years ago
MODERATORS
bash@sh.itjust.works