Consider all of that can be used for forced confessions and forced plea bargains also. In those cases, the "evidence" doesn't even need to exist at all, or be on the record in any way.
This is a very very intense claim, and if true, would represent a monumental institutional failure across hundreds or even thousands of disparate organizations.
Shouldn't it be the exact opposite here ? The burden of proof is the other way around.
The big claim is here: the state has grandiose claims that the overwhelming majority is fair, but there is no proof of it.
Therefore you and the state should prove that more than 90% of the cases are legitimate, fair, not coerced, and not motivated by the pressure to interrupt the proceedings.
Also, note that 97% of people choose plea deals or out-of-court settlement, it is a huge amount.
It means that in real practice, not imaginary internet, people who face court consider that justice is a big machine that can crush you no matter if you are innocent or not.
An absurd system where innocent people are guaranteed to bear the financial burden, fear and stress as a punishment.
When DNA matching was introduced, we discovered that at minimum 10% of people on death row were innocent. Death row cases are among the most litigated and examined cases. So, 10% is a reasonable floor, and we're already in double digits.
A few years ago, one of my coworkers was arrested for a domestic violence complaint. Looking into his case, I found an extremely specific lurid description of the allegations -- and then I found the same lurid description copy/pasted to every other person recently arrested for the same crime. I'm probably getting the specific terms wrong, but I did click through to see it on a government website, because my first suspicion was the aggregator, but no, the police just had a boilerplate story full of specifics which could not possibly apply to each and every person they carelessly slapped it onto. This absolutely blew my mind at the time, but it fits with smaller subsequent observations. In any case: a double digit percentage of institutional failure does not upset my priors about how carefully the police operate.
If you believe parallel construction should be illegal (it sure seems like it is unconstitutional to me), then 100% of prosecutions that rely on it are unjust. I don't think anyone truly knows how common it is, though, and that's by design. Double-digits wouldn't shock me at all.
i do wonder, that in the age where we have image and video creation out of the bag, whether or not this will result in whole classes of evidence becoming completely unreliable.
There's a big gap between "theoretically unreliable" and courts actually recognizing that, unfortunately. Lots of forensics is much more dubious than CSI would have you believe.
You should see what people were capable of in the darkroom, let alone before all this. You could always manipulate imagery ever since there was imagery to manipulate.
The roll itself can be manipulated too. Most of the techniques used in modern photoshop are basically 1:1 carry overs of darkroom processes. Layers, dodge and burn, masking, etc.
There was a time you could take this class in highschool.
We've gone from highly skilled people being able to forge some specific photos and documents using substantial time/energy/resources, to any asshole being able to generate realistic full-motion video in minutes.
I get that there is a certain type of moron who thinks that the collapse in cost of misinformation has no harm... but all you've done is announce to the world that you are a moron.
It is really not any different. People would throw a hubcap in the air and pitch it as a UFO photo and idiots would latch on to that. You could take a photo of the empire state building and use a double exposure to make it look like you were king kong. Kids were doing this sort of stuff. Stop motion home movies where you'd look like you were levitating or your head got cut off.
There used to be - probably still are - cameras that would digitally sign all their images. Used in crime scenes? Maybe we will end up seeing wider adoption of this, despite the privacy implications. Hackers attention then will focus (once again) on the certificate supply chain and crypto hardware.
What about a system that saves in some way the hash in a Blockchain, and if you, eg, XOR the hash of the video with the hash of the previous block you will "certainly" know that the video was created between the previous block and the block where the hash is saved in. That's a starting point.
Like when people discuss voting, I believe a blockchain [0] is a terrible pitfall compared to a classic distributed database system of predefined nodes run by different organizations. For example, imagine a couple hundred predefined nodes run by different states, federal agencies, etc.
An attacker altering the ledger would still require compromising an unreasonably large number of independent groups at once, and even then the rest would be able to clearly see that some unusual and suspicious event occurred.
By limiting membership a bunch of problems simply vanish, like long-clearing times, wasting hardware on mining, vulnerability to foreign botnets, etc.
[0] A blockchain is distinguished by its core requirement, from which a cascade complexity flows: Uncontrolled node membership. Don't be fooled by people pitching "private blockchain", its a contradiction in terms designed to rehabilitate hype, like "multi-sample Theranos test" or a bicycle as "Segway passively stabilized inline wheel model."
"Crack the hash"? Does this mean you were employing some novel hashing algorithm and relying on its secrecy? If so your employer were never serious about security in the first place. Hardware attestation is more or less a solved problem, and that solution does not involve secret algorithms.
Eh. It was some kind of hash of the image. I was not involved in that project, so can't tell you exactly how it worked, but the images were "signed," and someone figured out how to "re-sign" an altered image.
I imagine in this age of blockchains you could embed into a media file a signature that proved it was no older than the timestamp of when it occurred, the digital equivalent of a hostage-proof-of-life photo with a recent newspaper
But I don't know of a cryptographic mechanism to ensure that a digital image is not more recent than a particular time
> But I don't know of a cryptographic mechanism to ensure that a digital image is not more recent than a particular time
Many (most?) blockchain mechanisms include a timestamp in each transaction on the chain, so while multiple records from the same owner prove little (the timestamps could be faked over a given period of time) the interaction with the wider network and the chain would give some confidence that the record happened between within a small amount of time.
The other possibility, that doesn't require a chain with many independent active participants, is to have things signed by an external trusted authority. Submit a hash of the content and appropriate metadata to them, and have them sign it with a signing timestamp. I've considered abusing ACME certificates for document signing like that: the hash of content (or some signature based upon it) becomes the subdomain to sign¹ and you get a certificate that even after expiry is evidence that the CA saw that value at the signing timestamp. Note of the signing will also be in the public certificate transparency log. This wouldn't, on its own, prove anything about the authenticity of the content, that could have been doctored before signing, but it does prove that the content+metadata existed at that time (so might be more useful in copyright claim type cases, or agreed contract situations where all parties have signed the content and the signatures are included in the metadata, than for proving authenticity).
----------------
[1] based64²-ed with non-alphanumeric characters removed and truncated³ to fit or split, so acodha3sf7whsrhtqestkabtx0b4bbhyveee0ajnrpqcuxrjjvmhsujgcex.domain.tld or acodha3sf7whsrhtqestkabtx0b4bbhyveee0ajnrpqcuxrjjvmhsujgcex.w5jmmkpmyfgshx2jecsfordpnq.domain.tld
[2] names not being case-sensitive drops some of the entropy, if that is a concern use a 32-bits-per-character encoding instead and have names twice as long
Interesting, There aren't any newspapers left in my country, neither printed nor not printed. The closest you can find is the weekly advertising booklet here and there. Which is irrelevant now because a computer can either stich new content to an old picture, or entirely producing a custom picture.
That would be a use case for a block chain. But I still don't understand how you are securing the integrity of the validity of the certificate stating the authenticity of the media. I only understand you are stamping media with a "at least as old as [timestamp]
If you want to prove that "happened at or after this timestamp" you can use a randomness beacon. NIST[0] and others publish a random number every N minutes. Embed that (or a combination) of those seeds to prove that you observed this value. This does not work for the harder problem of proving an event happened before a timestamp.
I suspect so. Tbh, I'm surprised it hasn't happened already with the amount of processing that cell phones do on photos, with generative fill/expand/perspective change, etc.
We are quickly going to reach a point where any photo or video taken on a smartphone is inadmissible by default.
The end-game is that people will willingly surveil themselves 24/7 on behalf of The System because that will be the only way to prove what they didn't do.
I’m still shocked we have not seen an extremely convincing AI video of a famous person or world leader announcing something huge like UBI or WW3 or aliens.
[The Derbyshire Police] declined to give more detail
about what the evidential material consisted of.
The term [evidential material] can be used to
describe witness statements.
I don't know if it's still the case in the UK, but in the common law and still in the US this why all substantive evidence, with very rare exception (e.g. dying statements), is witness testimony given on the stand. It may seem absurd when a witness or expert is given a transcript of an earlier statement or report just to recite it, but this is exactly why.
The loophole is all the powers the police and government have to more-or-less punish someone before a trial, or even before charges.
This is a very very intense claim, and if true, would represent a monumental institutional failure across hundreds or even thousands of disparate organizations.
Do you have any data to support your hunch?
Strong claims require strong evidence.
The big claim is here: the state has grandiose claims that the overwhelming majority is fair, but there is no proof of it.
Therefore you and the state should prove that more than 90% of the cases are legitimate, fair, not coerced, and not motivated by the pressure to interrupt the proceedings.
Also, note that 97% of people choose plea deals or out-of-court settlement, it is a huge amount.
It means that in real practice, not imaginary internet, people who face court consider that justice is a big machine that can crush you no matter if you are innocent or not.
An absurd system where innocent people are guaranteed to bear the financial burden, fear and stress as a punishment.
I disagree wrt reasonableness. It’s just too big a leap. There are a lot of crimes, and not many land you on death row.
It’s easy to say things that sound true on the surface, but even if true, it’s still irresponsible to say them on the back of a hunch.
[0] https://en.wikipedia.org/wiki/Parallel_construction
- the whole roll of negatives was prime evidence;
- police forces were one of the biggest users of Polaroid instant film.
And moreover, who had a darkroom and the skills to edit substantially a picture?
Whereas here we have nobodies being able to generate pixel-perfect fake "evidence" from the computers they already have.
https://www.metmuseum.org/exhibitions/objects/objects@exhibi...
The roll itself can be manipulated too. Most of the techniques used in modern photoshop are basically 1:1 carry overs of darkroom processes. Layers, dodge and burn, masking, etc.
There was a time you could take this class in highschool.
I get that there is a certain type of moron who thinks that the collapse in cost of misinformation has no harm... but all you've done is announce to the world that you are a moron.
It always comes down to provenance.
How long did it take?
Now it’s a lot easier and faster
https://www.metmuseum.org/exhibitions/objects/objects@exhibi...
Took about six months for someone to crack the hash.
I suspect that the cops wouldn’t like the chain public, though.
An attacker altering the ledger would still require compromising an unreasonably large number of independent groups at once, and even then the rest would be able to clearly see that some unusual and suspicious event occurred.
By limiting membership a bunch of problems simply vanish, like long-clearing times, wasting hardware on mining, vulnerability to foreign botnets, etc.
[0] A blockchain is distinguished by its core requirement, from which a cascade complexity flows: Uncontrolled node membership. Don't be fooled by people pitching "private blockchain", its a contradiction in terms designed to rehabilitate hype, like "multi-sample Theranos test" or a bicycle as "Segway passively stabilized inline wheel model."
I think it was a fairly well-known technique.
But I don't know of a cryptographic mechanism to ensure that a digital image is not more recent than a particular time
Many (most?) blockchain mechanisms include a timestamp in each transaction on the chain, so while multiple records from the same owner prove little (the timestamps could be faked over a given period of time) the interaction with the wider network and the chain would give some confidence that the record happened between within a small amount of time.
The other possibility, that doesn't require a chain with many independent active participants, is to have things signed by an external trusted authority. Submit a hash of the content and appropriate metadata to them, and have them sign it with a signing timestamp. I've considered abusing ACME certificates for document signing like that: the hash of content (or some signature based upon it) becomes the subdomain to sign¹ and you get a certificate that even after expiry is evidence that the CA saw that value at the signing timestamp. Note of the signing will also be in the public certificate transparency log. This wouldn't, on its own, prove anything about the authenticity of the content, that could have been doctored before signing, but it does prove that the content+metadata existed at that time (so might be more useful in copyright claim type cases, or agreed contract situations where all parties have signed the content and the signatures are included in the metadata, than for proving authenticity).
----------------
[1] based64²-ed with non-alphanumeric characters removed and truncated³ to fit or split, so acodha3sf7whsrhtqestkabtx0b4bbhyveee0ajnrpqcuxrjjvmhsujgcex.domain.tld or acodha3sf7whsrhtqestkabtx0b4bbhyveee0ajnrpqcuxrjjvmhsujgcex.w5jmmkpmyfgshx2jecsfordpnq.domain.tld
[2] names not being case-sensitive drops some of the entropy, if that is a concern use a 32-bits-per-character encoding instead and have names twice as long
The image contains the previous block’s hash.
Wouldn’t this establish both a lower bound and an upper bound on the time the image could have been produced?
That would be a use case for a block chain. But I still don't understand how you are securing the integrity of the validity of the certificate stating the authenticity of the media. I only understand you are stamping media with a "at least as old as [timestamp]
[0] https://csrc.nist.gov/projects/interoperable-randomness-beac...
We are quickly going to reach a point where any photo or video taken on a smartphone is inadmissible by default.
Surely it’s just a matter of time.
The loophole is all the powers the police and government have to more-or-less punish someone before a trial, or even before charges.