Selling NFTs with no physical existence is what is pointlessly stupid.
Before they came along i considered the idea of a blockchain linked video camera where metadata of footage gets written into the chain to combat fake news and misinformation.
The goal would be to create a proof and record of original footage, to which media publishers and people who share can link towards to verify authenticity/author.
If the media later gets manipulated or reframed you would be able to verify this by comparing to the original record.
It was never a finished idea but when i first read nft i thought this is the right direction.
And then capitalism started selling apes and what the actual disgusting money possessed fuck was that.
The certificate/signature part seems okay for verification.
It’s the transferable virtual deeds being sold that are the scam. I could sell you a virtual deed to the Golden Gate Bridge right now, you could buy it but it doesn’t really mean anything.
I could sell you a virtual deed to the Golden Gate Bridge right now, you could buy it but it doesn’t really mean anything.
Yeah, that’s possibly the most famous scam in history (people selling deeds to the Brooklyn Bridge), enough to where “I’ve got a bridge to sell you” is a figure of speech for calling someone gullible or naive.
And then despite the world knowing about the Brooklyn Bridge scam, the cryptobros actually went and found a bunch of suckers to fall for the exact same scam, only with blockchains instead of notary seals.
Wouldn’t a code signing be a simpler way to achieve that? The video camera can produce a hash code with each video and you can always run the same hash function against the video file to confirm that it wasn’t tampered with.
I guess the problem NFTs try to solve is authority holding the initial verification tied to the video. If it’s on a blockchain, theoretically no one owns it and the date/metadata is etched in stone, whereas otherwise some entity has to publish the initial hash.
In other words, one can hash a video, yeah, but how do you know when that hashed video was taken? From where? There has to be some kind of hard-to-dispute initial record (and even then that only works in contexts where the videos earliest date is the proof, so to speak, like recording and event as it happens).
This is actually a pretty decent idea considering what’s coming now with AI video. I have no idea if it could be implemented, or if media even cares anymore, but I sure would appreciate it.
A private key would be built in to the camera. It would be stored in a way that’s hard to get at, physically or in software (like the secure enclaves in phones).
The pics or videos are signed using the private key (again, this process needs to happen in a secure way without revealing the secret key).
The camera manufacturer publishes the matching public key. Anyone can use it to verify that the file matches the signature. But no one can sign a fake image unless they can get at the private key.
This would work even if the camera manufacturer no longer existed. The camera does need to ever be online.
The public/private key pairs are also part of what makes blockchains work, but for this process blockchains would add nothing.
This still fundamentally suffers from the oracle problem like all blockchains solutions. You can always attack these blockchain solutions at the point where they need to interact with the real world. In this case the camera is the “oracle” and nothing prevents someone from attacking the proposed camera and leveraging it to certify some modified footage. The blockchain doesn’t add anything a public database and digitally signed footage wouldn’t also achieve.
This is a very legit concern. But to my understanding, it is possible to make the the camera that’s very hard to crack, by putting security enclave or whatever it is that makes phones hard to unlock, right inside the CCD chip. Even if somebody manages to strip off the top layer, chart out the cryptographic circuit, probe the ROM inside, etc and extract the private key, it should be possible upon finding it to revoke the key to that camera or even the entire model and make it even more painful in further models.
Another concern is of camera being pointed to the screen with a fake image, but I’ve searched and yet to find a convincing shot that doesn’t look like, well, a photo of a screen. But for this concern I think the only counter-measure would be to add photographer and publisher signatures to the mix, so that if anyone is engaging in such practice is caught, their entire library goes untrusted upon revocation. Wouldn’t be completely foolproof, but better than nothing, I guess.
That’s security by obscurity. Given time, an attacker with physical access to the device will get every bit data from it. And yes, you could mark it as compromised, but then there’s nothing stopping the attacker from just buying another camera and stripping the key from that, too. Since they already know how. And yes, you could revoke all the keys from the entire model range, and come up with a different puzzle for the next camera, but the attacker will just crack that one too.
Hiding the key on the camera in such a way that the camera can access it, but nobody else can is impossible. We simply need to accept that a photograph or a video is no longer evidence.
The idea in your second paragraph is good though, and much easier to implement than your first one.
No, it is not security through obscurity. It’s a message signature algorithm, which are used in cryptography all the time.
You’re falling for the classic paradox of security: it has to work for someone. OF COURSE if you get all of the keys and every detail of the process you can crack it. That’s true of ALL CRYPTOGRAPHY. If someone knows everything including the keys, it’s too late for any ‘secure’ device.
No, it is not security through obscurity. It’s a message signature algorithm, which are used in cryptography all the time.
Yes it is. The scheme is that when you take a picture, the camera signs said picture. The key is stored somewhere in the camera. Hence the secrecy of the key hinges on the the attacker not knowing how the camera accesses the key. Once the attacker knows that, they can get the key from the camera. Therefore, security hinges on the secrecy of the camera design/protocol used by the camera to access the key, in addition to the secrecy of the key. Therefore, it is security by obscurity.
Yes, people vehemently hate when you point this out because to the general public NFT = stupid overpriced digital art, and they don’t care to be convinced otherwise. My personal conspiracy theory is that the two were purposefully conflated to keep the technology from ever being taken seriously.
The sad thing is the concept wasn’t.
Selling NFTs with no physical existence is what is pointlessly stupid.
Before they came along i considered the idea of a blockchain linked video camera where metadata of footage gets written into the chain to combat fake news and misinformation.
The goal would be to create a proof and record of original footage, to which media publishers and people who share can link towards to verify authenticity/author.
If the media later gets manipulated or reframed you would be able to verify this by comparing to the original record.
It was never a finished idea but when i first read nft i thought this is the right direction.
And then capitalism started selling apes and what the actual disgusting money possessed fuck was that.
The certificate/signature part seems okay for verification.
It’s the transferable virtual deeds being sold that are the scam. I could sell you a virtual deed to the Golden Gate Bridge right now, you could buy it but it doesn’t really mean anything.
Wait just a second! You have a bridge for sale? Tell me more.
Well first of all, it allows travel between point A and point B, usually above the ground
I’m in! Name your price.
And time travel! But you have to drive real slow for it to work
Or you could travel at any speed.
Yeah, that’s possibly the most famous scam in history (people selling deeds to the Brooklyn Bridge), enough to where “I’ve got a bridge to sell you” is a figure of speech for calling someone gullible or naive.
And then despite the world knowing about the Brooklyn Bridge scam, the cryptobros actually went and found a bunch of suckers to fall for the exact same scam, only with blockchains instead of notary seals.
It’s kind of like selling a website that redirects to Facebook, and thinking that therefore you own Facebook.
The virtual deeds would be great for game licences and trading second hand games online
Wouldn’t a code signing be a simpler way to achieve that? The video camera can produce a hash code with each video and you can always run the same hash function against the video file to confirm that it wasn’t tampered with.
I guess the problem NFTs try to solve is authority holding the initial verification tied to the video. If it’s on a blockchain, theoretically no one owns it and the date/metadata is etched in stone, whereas otherwise some entity has to publish the initial hash.
In other words, one can hash a video, yeah, but how do you know when that hashed video was taken? From where? There has to be some kind of hard-to-dispute initial record (and even then that only works in contexts where the videos earliest date is the proof, so to speak, like recording and event as it happens).
This is such a funny thing to say since NFTs were all about “owning” stuff on the blockchain.
Those would probably be a part of it.
Comparing a hashcode implies you have a verifiable source for the original footage.
You can do this manually and dig for the author but thats not always that simple.
A second step would be to build In a reference to the record in each media file, expressed as a small clickable logo.
You grandma deserves to be capable to verify.
This is actually a pretty decent idea considering what’s coming now with AI video. I have no idea if it could be implemented, or if media even cares anymore, but I sure would appreciate it.
A private key would be built in to the camera. It would be stored in a way that’s hard to get at, physically or in software (like the secure enclaves in phones).
The pics or videos are signed using the private key (again, this process needs to happen in a secure way without revealing the secret key).
The camera manufacturer publishes the matching public key. Anyone can use it to verify that the file matches the signature. But no one can sign a fake image unless they can get at the private key.
This would work even if the camera manufacturer no longer existed. The camera does need to ever be online.
The public/private key pairs are also part of what makes blockchains work, but for this process blockchains would add nothing.
I initially thought they were like numbered art prints, with a more robust way of guaranteeing authenticity.
This still fundamentally suffers from the oracle problem like all blockchains solutions. You can always attack these blockchain solutions at the point where they need to interact with the real world. In this case the camera is the “oracle” and nothing prevents someone from attacking the proposed camera and leveraging it to certify some modified footage. The blockchain doesn’t add anything a public database and digitally signed footage wouldn’t also achieve.
This is a very legit concern. But to my understanding, it is possible to make the the camera that’s very hard to crack, by putting security enclave or whatever it is that makes phones hard to unlock, right inside the CCD chip. Even if somebody manages to strip off the top layer, chart out the cryptographic circuit, probe the ROM inside, etc and extract the private key, it should be possible upon finding it to revoke the key to that camera or even the entire model and make it even more painful in further models.
Another concern is of camera being pointed to the screen with a fake image, but I’ve searched and yet to find a convincing shot that doesn’t look like, well, a photo of a screen. But for this concern I think the only counter-measure would be to add photographer and publisher signatures to the mix, so that if anyone is engaging in such practice is caught, their entire library goes untrusted upon revocation. Wouldn’t be completely foolproof, but better than nothing, I guess.
That’s security by obscurity. Given time, an attacker with physical access to the device will get every bit data from it. And yes, you could mark it as compromised, but then there’s nothing stopping the attacker from just buying another camera and stripping the key from that, too. Since they already know how. And yes, you could revoke all the keys from the entire model range, and come up with a different puzzle for the next camera, but the attacker will just crack that one too.
Hiding the key on the camera in such a way that the camera can access it, but nobody else can is impossible. We simply need to accept that a photograph or a video is no longer evidence.
The idea in your second paragraph is good though, and much easier to implement than your first one.
No, it is not security through obscurity. It’s a message signature algorithm, which are used in cryptography all the time.
You’re falling for the classic paradox of security: it has to work for someone. OF COURSE if you get all of the keys and every detail of the process you can crack it. That’s true of ALL CRYPTOGRAPHY. If someone knows everything including the keys, it’s too late for any ‘secure’ device.
Yes it is. The scheme is that when you take a picture, the camera signs said picture. The key is stored somewhere in the camera. Hence the secrecy of the key hinges on the the attacker not knowing how the camera accesses the key. Once the attacker knows that, they can get the key from the camera. Therefore, security hinges on the secrecy of the camera design/protocol used by the camera to access the key, in addition to the secrecy of the key. Therefore, it is security by obscurity.
Yes, people vehemently hate when you point this out because to the general public NFT = stupid overpriced digital art, and they don’t care to be convinced otherwise. My personal conspiracy theory is that the two were purposefully conflated to keep the technology from ever being taken seriously.
I was actually going to note that i feel similar about this conspiracy but i left it out in the end.
Glad not to be the only person to conceive this. Kill it before people discover a good use.