Ask HN: Tamper resistant geolocated pictures

2 points by danmaz74 ↗ HN
In this time of easy Photoshop for everybody, I think often about how useful it would be be able to create have digitally signed pictures with time and geolocation, so that it would be very easy to know if the picture (with its location and time) could be trusted or not.

Intuitively, I would think that it would be impossible to give this kind of guarantee with a software-only solution that ran on standard smart phones, as it would be easy enough to run the software on a development virtual machine that could be undetectable by the software, and could feed any picture and GPS data the faker wanted.

On the contrary, with a hardware solution which integrated the camera, GPS, end encryption on the same chip, registering also the focus, exposition and other data, I would expect the system to be much more difficult to tamper with.

So what I'd like to ask anybody expert in the field is:

* is there anything like this already on the market, or being worked on? Any chance to see something like this hit the consumer market anytime soon?

* how easy would it be to trick a dedicated hardware solution using fake GPS signals?

* does any cell phone on the market have any hardware encryption solution that would allow creating a difficult-to-tamper software solution?

Thx!

1 comment

[ 2.6 ms ] story [ 13.1 ms ] thread
I'm not expert in the field.

My gut feeling is that tamper resistance boils down to cryptographic signatures and that boils down to the problem of trusted sources rather than self identifying artifacts.

An analogy would be checksums when downloading an archive. There are two digital artifacts and only when the source of the checksum is trusted is the integrity of the archive trusted.

In terms of a consumer market, I dabble in photography and I don't see signs that it is in demand nor do I see an interest in creating demand from the companies developing photography platforms.

In terms of developing a solution, something like an iPhone app that encrypts photos using standard public/private key techniques on the device might create an infrastructure for trust. Putting something like that on a DSLR would be next to impossible because the platforms are even more proprietary than Apple or Android.

In the end, the ways in which digital images are like chemical film form some of the significant boundaries of the attack surface: namely chain of trust.

Good luck.