This is a known problem in this space called 're-broadcasting' do a Google patent search on Serelay and you'll see several solutions (including spoofing of other sensor metadata)
I’m not seeing what this is product is trying to solve? A zero knowledge proof to say it isn’t AI ? I think you could do this with a disposable camera or Polaroids and a photo scanner that makes the zero knowledge proofs .
A different thread mentions "what if you take a photo of an AI photo with the Roc camera?" - I still think that would be hard due to perspective, lighting, various other artifacts.
Scanning an image would be much easier to dupe though - scanners are basically controlled perspective/lighting environments so scanning an actual polaroid vs an ai generated polaroid printed on photo paper would be pretty indistinguishable I think.
> This is rather expensive for what looks like a home 3D printed toy with some cute software.
This attitude really rubs me the wrong way, especially on a site called Hacker News.
I think we absolutely should be supporting projects like this (if you think they're worth supporting), else all we're left with is giant corporation monoculture. Hardware startups are incredibly difficult, and by their nature new hardware products from small companies will always cost more than products produced by huge companies that have economies of scale and can afford billions of losses on new products.
So yes, I'm all for people taking risks with new hardware, and even if it doesn't have the most polished design, if it's doing something new and interesting I think it's kinda shitty to just dismiss it as looking like "a 3D printed toy with some cute software".
Simple, you remove the sdcard and mount it on linux, the security of a Pi is a joke.
I wouldn't mind if it was 3D printed if it wasn't done with like a layer height of 0.28, half transparent so it looks weird, and intended for outdoor use where 3D prints are porous and water will seep through. The housing needs at the very least some spray painting and a clearcoat.
What I do mind is the cheapest off the shelf diy button lmao. They are like cents a piece, just add a fucking metal one that are like a few cents more if you're selling a $400 camera, cheapass. I wouldn't be surprised if the software side with the "proof" being a similarly haphazardly brittle implementation as the construction.
I have been happily using fujifilm x100 for about 10 years now? I bought a second hand one for about $300. You can buy a decent camera cheaper than a smartphone, as it should be.
Could Apple or Google do this without updating their hardware? I see a relevant patent (US20220294640A1) and it looks like one of the inventors is at Google now.
What concerns me most in the era of gen AI irt photography is journalism. We need truth, most especially when limited-means citizen journalism is the only reliable source of that truth.
But I feel like the only way to accomplish fool-proof photos we can trust in a trustless way (i.e. without relying on e.g. the Press Association to vet) is to utterly PACK the hardware with sensors and tamper-proof attestation so the capture can’t be plausibly faked: multi-spectral (RGB + IR + UV) imaging, depth/LiDAR, stereo cameras, PRNU fingerprinting, IMU motion data, secure GPS with attested fix, a hardware clock and secure element for signing, ambient audio, lens telemetry, environmental sensors (temperature, barometer, humidity, light spectrum) — all wrapped in cryptographic proofs that bind these readings to the pixels.
In the meantime however, I'd trust a 360deg go-pro with some kind of signature of manafacture. OR just a LOT of people taking photos in a given vicinity. Hard to fake that.
This is probably one of those scenarios where if someone wants to fake it they're going to fake it (or at least it will be a never ending arms race, and I expect AI to keep close chase), while a basic security solution will suffice for 99% of use cases, including standard journalism. After all, skilled photoshop+computational tools can already do expert fakery in journalism. (Just look at the last Abroadinjapan video earlier today for a good callout of Photoshop editing to increase engagement).
Seems to me that a camera like this is necessarily, at least in part, a closed system that blocks you from controlling the software or hardware on the device you supposedly own. It's hard for me to think this is a good direction. And as others have pointed out, it can't prevent attacks through the analog hole, e.g. photographing a display.
It's not feasible or desirable for our hardware devices to verify the information they record autonomously. A real solution to the problem of attribution in the age of AI must be based on reputation. People should be able to vouch for information in verifiable ways with consequences for being untrustworthy.
There's simply no technical solution to authenticating photographs as far as I can tell.
The only real solution I can think of is just to have multiple independent parties photograph the same event and use social trust. Luckily this solution is getting easier now that almost everyone is generally no further than 3 feet away from multiple cameras.
I don’t know what this gives that a film camera with slide film loaded doesn’t.
Both cameras still allow “staging” a scene and taking a shot of that. Both cameras will both say that the scene was shot in the physical world, but that’s it.
I would argue that slide film is more “verifiable” in the ways that matter: easier to explain to laypeople how slide film works, and it’s them that you want to convince.
If I was a film or camera manufacturer I would try and go for this angle in marketing.
133 comments
[ 206 ms ] story [ 920 ms ] threadHow do you stop someone from taking a picture of an AI picture? It will still come from the sensor.
Scanning an image would be much easier to dupe though - scanners are basically controlled perspective/lighting environments so scanning an actual polaroid vs an ai generated polaroid printed on photo paper would be pretty indistinguishable I think.
[0]: https://authenticity.sony.net/camera/en-us/
[1]: https://petapixel.com/2023/10/26/leica-m11-p-review-as-authe...
* https://petapixel.com/2010/12/01/russian-software-firm-break...
* https://www.elcomsoft.com/presentations/Forging_Canon_Origin...
Other than that it's a 16MP Sony CMOS, I'd expect a pretty noisy picture...
It would be more interesting if the software was open source.This attitude really rubs me the wrong way, especially on a site called Hacker News.
I think we absolutely should be supporting projects like this (if you think they're worth supporting), else all we're left with is giant corporation monoculture. Hardware startups are incredibly difficult, and by their nature new hardware products from small companies will always cost more than products produced by huge companies that have economies of scale and can afford billions of losses on new products.
So yes, I'm all for people taking risks with new hardware, and even if it doesn't have the most polished design, if it's doing something new and interesting I think it's kinda shitty to just dismiss it as looking like "a 3D printed toy with some cute software".
I wouldn't mind if it was 3D printed if it wasn't done with like a layer height of 0.28, half transparent so it looks weird, and intended for outdoor use where 3D prints are porous and water will seep through. The housing needs at the very least some spray painting and a clearcoat.
What I do mind is the cheapest off the shelf diy button lmao. They are like cents a piece, just add a fucking metal one that are like a few cents more if you're selling a $400 camera, cheapass. I wouldn't be surprised if the software side with the "proof" being a similarly haphazardly brittle implementation as the construction.
It’s possible that this could have value in journalism or law enforcement.
Just make it look the part. Make it black and put some decent lens on it.
But I feel like the only way to accomplish fool-proof photos we can trust in a trustless way (i.e. without relying on e.g. the Press Association to vet) is to utterly PACK the hardware with sensors and tamper-proof attestation so the capture can’t be plausibly faked: multi-spectral (RGB + IR + UV) imaging, depth/LiDAR, stereo cameras, PRNU fingerprinting, IMU motion data, secure GPS with attested fix, a hardware clock and secure element for signing, ambient audio, lens telemetry, environmental sensors (temperature, barometer, humidity, light spectrum) — all wrapped in cryptographic proofs that bind these readings to the pixels.
In the meantime however, I'd trust a 360deg go-pro with some kind of signature of manafacture. OR just a LOT of people taking photos in a given vicinity. Hard to fake that.
Before long, it might be somewhat "easy" to prove anything.
It's not feasible or desirable for our hardware devices to verify the information they record autonomously. A real solution to the problem of attribution in the age of AI must be based on reputation. People should be able to vouch for information in verifiable ways with consequences for being untrustworthy.
Like, how is this any different than having each camera equipped with a vendor controlled key and then having it sign every photo?
If you can spoof the sensor enough to reuse the key, couldn't you spoof the sensor enough to fool a verifier into believing your false proof?
The only real solution I can think of is just to have multiple independent parties photograph the same event and use social trust. Luckily this solution is getting easier now that almost everyone is generally no further than 3 feet away from multiple cameras.
Both cameras still allow “staging” a scene and taking a shot of that. Both cameras will both say that the scene was shot in the physical world, but that’s it.
I would argue that slide film is more “verifiable” in the ways that matter: easier to explain to laypeople how slide film works, and it’s them that you want to convince.
If I was a film or camera manufacturer I would try and go for this angle in marketing.
Not trolling. Genuinely don’t understand.
https://www.amazon.com/Camera-Digital-Toddler-Christmas-Birt...
That's it. That's the verification?
So what happens when I use a Raspberry Pi to attach a ZK proof to an AI- generated image?