[munk-a]

Device signing can be used very effectively to tell if a particular devices was involved in an action - but it is far more difficult to tell if some non-specific device was the source or whether it was generated. When it comes to fabricated video evidence we'd need to establish a circle of trust that included every camera ever produced but was somehow secure and unforgeable. We've seen this approach break down previously with Diginotar[1] - it really only takes on weak link in the system to compromise the verification. At the scale with which cameras are demanded it seems unreasonable to expect a centralized signing administration to be able to keep their tokens all completely secured.

1. https://en.wikipedia.org/wiki/DigiNotar

[bigiain]

> When it comes to fabricated video evidence we'd need to establish a circle of trust that included every camera ever produced

Stopping short of that, there'd still be value in being able to cryptographically prove that your home surveillance video (or dash cam video) came from _your_ camera and is unaltered from the original recording.

I think going forward, the "circle of trust" for the next "capital insurrection type event" video evidence will be founded on multiple videos of the same scenes from multiple angles and from devices owned by un related individuals.

Although, the biggest category of cameras these days is cell phones, and all (most?) of them have some sort of hardware trust store with private keys that are extremely difficult to extract, so it wouldn't be to much of a stretch to consider having Android and iOS default camera app being able to digitally sign photos/video - all without "a centralized signing administration" and piggybacking on existing token security methods...