[delinka]

How do digital signatures solve the problem? The manipulator of the data just re-signs the new manipulated data. If you're suggesting that equipment (smartphones, DV cameras) sign their outputs, you still can't trust the signature-- How do you force the original signature to remain attached? How do you prevent anyone from faking some other device key and producing a new signature? This is effectively a problem related to the DRM realm, and DRM has failed to thwart pirates.

[CyberDildonics]

Leaps in logic to DRM and piracy aside, if you trust that you have the correct public key for a source, someone else's signature is not going to match the original key.

[bcoates]

It's not much of a leap; both depend on trusting potentially attacker-controlled devices. If my sensor drone signs reports it sends back a remotely exploited drone could send back validly signed tampered data.

[brownbat]

Exactly.

It's not a sheep vs. goats problem, where you just have to ID those bad machines and block them.

It's a defector problem. Any 'legitimate' machine can join a botnet at any moment, along with all the permissions and trust you vested it with back when you approved of whatever it was doing.