Natanael

If you set the download manager icon in the browser as permanently visible, then dragging it there could trigger the verification to also run if the metadata is detected, and to then also show whichever metadata it could verify.

Most hash functions are 256 bit (they're symmetric functions, they don't need more in most cases).

There are arbitrary length functions (called XOF instead of hash) which built similarly (used when you need to generate longer random looking outputs).

Other than that, yeah, math shows you don't need to change more data in the file than the length of the hash function internal state or output length (whichever is less) to create a collision. The reason they're still secure is because it's still extremely difficult to reverse the function or bruteforce 2^256 possible inputs.

I run /r/crypto at reddit (not so active these days due to needing to keep it locked because of spam bots, but it's not dead yet), usability issues like this are way too common

But then the journalists have to check if the source is trustworthy, as usual. Then they can add their own signature to help other papers check it

Microsoft Hololens (glass and transparent screen) and Google Glass (tiny screen)

The lightfield part is harder do make in high DPI, but yes I had the exact same thought

You're gonna look like a CRT instead

Expensive and difficult to get high resolution (good quality precise microscopic mirrors). Apple went for higher DPI regular display because that's a far more well known engineering problem

That's the default, but you can block it in the command line configuration tool

Transparency logs like that are helpful to show when media was first seen / published

Merkle tree hashes exists for this purpose

Note that videos uses "keyframes" so you can't extract arbitrary frames in isolation, you need to pull multiple if the frame you're snapshotting isn't a keyframe itself

Look up transparency logs for that last part, it's already used for TLS certificates