This is a very very intense claim, and if true, would represent a monumental institutional failure across hundreds or even thousands of disparate organizations.
Do you have any data to support your hunch?
Strong claims require strong evidence.
Took about six months for someone to crack the hash.
But I don't know of a cryptographic mechanism to ensure that a digital image is not more recent than a particular time
- the whole roll of negatives was prime evidence;
- police forces were one of the biggest users of Polaroid instant film.
And moreover, who had a darkroom and the skills to edit substantially a picture?
Whereas here we have nobodies being able to generate pixel-perfect fake "evidence" from the computers they already have.
I get that there is a certain type of moron who thinks that the collapse in cost of misinformation has no harm... but all you've done is announce to the world that you are a moron.
How long did it take?
Now it’s a lot easier and faster
We are quickly going to reach a point where any photo or video taken on a smartphone is inadmissible by default.
Surely it’s just a matter of time.
[The Derbyshire Police] declined to give more detail
about what the evidential material consisted of.
The term [evidential material] can be used to
describe witness statements.The loophole is all the powers the police and government have to more-or-less punish someone before a trial, or even before charges.
It always comes down to provenance.
https://www.metmuseum.org/exhibitions/objects/objects@exhibi...
The roll itself can be manipulated too. Most of the techniques used in modern photoshop are basically 1:1 carry overs of darkroom processes. Layers, dodge and burn, masking, etc.
There was a time you could take this class in highschool.
Many (most?) blockchain mechanisms include a timestamp in each transaction on the chain, so while multiple records from the same owner prove little (the timestamps could be faked over a given period of time) the interaction with the wider network and the chain would give some confidence that the record happened between within a small amount of time.
The other possibility, that doesn't require a chain with many independent active participants, is to have things signed by an external trusted authority. Submit a hash of the content and appropriate metadata to them, and have them sign it with a signing timestamp. I've considered abusing ACME certificates for document signing like that: the hash of content (or some signature based upon it) becomes the subdomain to sign¹ and you get a certificate that even after expiry is evidence that the CA saw that value at the signing timestamp. Note of the signing will also be in the public certificate transparency log. This wouldn't, on its own, prove anything about the authenticity of the content, that could have been doctored before signing, but it does prove that the content+metadata existed at that time (so might be more useful in copyright claim type cases, or agreed contract situations where all parties have signed the content and the signatures are included in the metadata, than for proving authenticity).
----------------
[1] based64²-ed with non-alphanumeric characters removed and truncated³ to fit or split, so acodha3sf7whsrhtqestkabtx0b4bbhyveee0ajnrpqcuxrjjvmhsujgcex.domain.tld or acodha3sf7whsrhtqestkabtx0b4bbhyveee0ajnrpqcuxrjjvmhsujgcex.w5jmmkpmyfgshx2jecsfordpnq.domain.tld
[2] names not being case-sensitive drops some of the entropy, if that is a concern use a 32-bits-per-character encoding instead and have names twice as long
The image contains the previous block’s hash.
Wouldn’t this establish both a lower bound and an upper bound on the time the image could have been produced?
That would be a use case for a block chain. But I still don't understand how you are securing the integrity of the validity of the certificate stating the authenticity of the media. I only understand you are stamping media with a "at least as old as [timestamp]
[0] https://csrc.nist.gov/projects/interoperable-randomness-beac...
The big claim is here: the state has grandiose claims that the overwhelming majority is fair, but there is no proof of it.
Therefore you and the state should prove that more than 90% of the cases are legitimate, fair, not coerced, and not motivated by the pressure to interrupt the proceedings.
97% of people choose plea deals or out-of-court settlement, it is a huge amount.
It means that in real practice, not imaginary internet, people who face court consider that justice is a big machine that can crush you no matter if you are innocent or not.
In the best case you are acquitted at the end, but you are guaranteed to bear the financial burden, fear and stress as a punishment.
Being held in jail before trial is a very convincing reason to plea deal too.
It's a system engineered to make pleading the only reasonable option, no matter if you did anything or not.
That's the rule for criminal court in the US, but each of us is free to pick his own standard for his own purposes.
It’s easy to say things that sound true on the surface, but even if true, it’s still irresponsible to say them on the back of a hunch.
I suspect that the cops wouldn’t like the chain public, though.
An attacker altering the ledger would still require compromising an unreasonably large number of independent groups at once, and even then the rest would be able to clearly see that some unusual and suspicious event occurred.
By limiting membership a bunch of problems simply vanish, like long-clearing times, wasting hardware on mining, vulnerability to foreign botnets, etc.
[0] A blockchain is distinguished by its core requirement, from which a cascade complexity flows: Uncontrolled node membership. Don't be fooled by people pitching "private blockchain", its a contradiction in terms designed to rehabilitate hype, like "multi-sample Theranos test" or a bicycle as "Segway passively stabilized inline wheel model."
I think it was a fairly well-known technique.