[nonameiguess]

What's the threat vector you're trying to mitigate here? If you're wondering whether a movie that claims to be produced by Disney really was, if it's in theaters or on Disney+, then you can trust it was actually made by Disney or at least licensed to them. As long as the Washington Post still employs its own photographers and doesn't accept imagery submission from the general public, you should be able to trust a photo published in the Washington Post is at least of something real, unless you just don't trust the Post itself. If you're thinking a YouTube channel or something, unless the channel got hacked, seemingly anything published there was really published by the channel owner. Maybe they're showing you something made by AI that isn't real, but as the owner of their own signing key, nothing would prevent them from signing an AI-generated image.

If you're talking someone on Twitter or Facebook is putting a photo in your feed claiming a human photographed BLM throwing bricks through a window, don't trust shit being posted on Facebook or Twitter no matter what, probably, but even there, unless the profile was hacked, you either trust the person who owns it or you don't. Nothing would prevent them from signing a forgery of reality that they legitimately forged themselves. Even with device-level keys, what are you trying to prove? You can pay actors to throw bricks through windows.

I guess the concern is this doesn't scale as well as asking Midjourney to do it, but I wonder to what extent that is even true. With 8 billion people on the planet and counting and a whole lot of them doing this shit, given the limited input bandwidth of human sense organs, there is seemingly some maximum saturation of bullshit a person can be exposed to that a lot of people have already hit, and having the Internet host even more of it doesn't mean they'll grow bigger eyes and a faster brain that can actually ingest more bullshit than it already does.

[atestu]

Well, a lot of people don't trust the Washington Post and might want proof that the photos they're posting are of real events.

The Washington Post might not trust its photographers completely either (journalists making stuff up happens[0]), so they too might want proof the photos they're getting are real.

[0]: https://www.nytimes.com/2003/05/11/us/correcting-the-record-...

[danShumway]

I don't know; are you imagining a world where the people who believe the Washington Post would purposefully fabricate photos will be convinced by running a signature check on those photos?

Also bear in mind that Photoshop does exist today, and even without AI it would be well within the budget of the Washington Post to do edits to photographs that would be good enough to convince most non-experts. I don't run into many people saying their photos are doctored, but the conspiracy theories around photos today don't seem to be swayed by saying, "experts say it's not doctored."

I think if a chain of trust requires ordinary people to check signatures, it's probably not going to matter very much? I've seen people comparing this to HTTPS; people don't check HTTPS certificates either. There's a reason why PGP and signed messages haven't taken off. And the biggest criticism of Matrix that I see today when I introduce new users is that identity verification is too hard and they don't care about it. And these are the reasonable people.

I'm trying to imagine talking to someone who believes the mainstream media is lying about everything and telling them that, "no, it's OK, Google the tech company that you hate and that you think is trying to swing the election checked some math from its hardware and it says the photo is real." I don't think that's going to persuade those people of anything.

[jacobr1]

Well, if I see a clip on youtube claiming to be from Disney ... it really might not be.

If I see a photo on twitter claiming to come from the Washington Post, it might not be.

If I see a photo in my facebook feed of a rioter, did it come from poster, or are they just reposting something else? Did that repost come from a newsource I trust, like the WP in this case, or from some reddit post, maybe edited or synthetically generated?

> Maybe they're showing you something made by AI that isn't real, but as the owner of their own signing key, nothing would prevent them from signing an AI-generated image

That's right. This only helps narrow the source down, then you still need to decide if you trust the originator. But I think a lot of the problems we've seen with social media disinformation is the wide dispersion of content claiming trustworthiness from a reputable source, falsely.

[danShumway]

All of those are current problems though. Signing media isn't hard, determining who is trustworthy and how to do identity is hard. This the HTTPS problem; you can show that the connection is secure (assuming people care enough to check in the first place), but you still have to check if the connection isn't actually to Target and is to Torget instead.

Signing only helps if we have a reliable way to verify identities out of band, and we don't, that's one of the reasons the other problems you mention still exist today. Today, how do you determine that an article is actually from the Washington Post? You check the website. It's not like verification of whether an article exists is hard today -- it's everything else around it that's hard.

If checking if an article is actually on a website is too hard for people, importing a signing key is also going to be too hard. If people are confused remembering the Washington Post's URL, they won't learn how to use a signing key to check identity. Now maybe a website could automate that and put some kind of verification badge next to trustworthy verified identities, but I'm skeptical because Facebook did try to do that with news sources and it was a disaster and a bunch of politicians accused them of censorship.

We have a lot of mechanisms for verifying identity and sources of information that aren't leveraged today, and I think the immediate question to ask about a chain of trust is "what's going to make this different from all of the other chains of trust that people are already ignoring today?"