this post was submitted on 23 Jan 2025
15 points (89.5% liked)

Showerthoughts

30467 readers
774 users here now

A "Showerthought" is a simple term used to describe the thoughts that pop into your head while you're doing everyday things like taking a shower, driving, or just daydreaming. The most popular seem to be lighthearted, clever little truths, hidden in daily life.

Here are some examples to inspire your own showerthoughts: 1

Rules

  1. All posts must be showerthoughts
  2. The entire showerthought must be in the title
  3. No politics
    • If your topic is in a grey area, please phrase it to emphasize the fascinating aspects, not the dramatic aspects. You can do this by avoiding overly politicized terms such as "capitalism" and "communism". If you must make comparisons, you can say something is different without saying something is better/worse.
    • A good place for politics is c/politicaldiscussion
    • If you feel strongly that you want politics back, please volunteer as a mod.
  4. Posts must be original/unique
  5. Adhere to Lemmy's Code of Conduct

If you made it this far, showerthoughts is accepting new mods. This community is generally tame so its not a lot of work, but having a few more mods would help reports get addressed a little sooner.

Whats it like to be a mod? Reports just show up as messages in your Lemmy inbox, and if a different mod has already addressed the report the message goes away and you never worry about it.

founded 2 years ago
MODERATORS
vatlark
forkball
Thekingoflorda
15
"secure screenshot" idea (self.showerthoughts)
submitted 1 week ago by AdrianTheFrog to c/showerthoughts
21 comments fedilink hide all child comments
 

I was thinking about how hard it is to accurately determine whether a screenshot posted online is real or not. I'm thinking there could be an option in the browser to take a "secure screenshot", which would tag the screenshot with the date, url, and whether the page was modified on your computer. It could then hash both the tag and the image data and automatically upload this hash to some secure server somehow. There would need to be a way to guarantee that only the browser could do this, or at least some way to tell exactly what the source was. I'm not much of a cryptography person, but I would be surprised if it isn't possible to do this. Then, you could check if the screenshot you see is legitimate by seeing if it's hash exists in the list of real hashes.

you are viewing a single comment's thread
view the rest of the comments
[–] [email protected] 2 points 1 week ago

This is a very hard problem to solve, and people have tried.

Let's say you do as you said: hash the data (screenshot, date, etc) and upload it to a trusted server. Nothing can stop me from generating fake data, hashing that and uploading it instead.

Ok, so maybe you decide to add a cryptographic signature to prove that it was the web browser that made this hash, not an unauthorized one. That might work for a while, but the private key needs to be shipped with the browser software, so a sophisticated person could extract that key and then generate fake data. Especially is the browser is open source (like most are).

Alright, what about if we add a special chip on the device that is hard to tamper with and keep the private key on there and do all the signing on that chip. Those do exist somewhat already, but hackers have found ways to break them.

Ok then you move everything to the cloud. Have the entire web browser running on a cloud machine by a trusted authority. Maybe then you can do what you're discussing, but you've also entered a privacy nightmare where everything you're doing can be monitored in real time.

What would be a better situation (and where I think we're going eventually with Gen-AI) would be to put the responsibility on the website publisher to provide cryptographic proof of their content. For example, the NYTimes could create a digital signature of a photo and publish it on a blockchain or other trusted tamper-proof ledger as they publish the photo. Then anyone can verify that the photo is from the NYTimes and the date it was created.