drathvedro

Yes, I've mentioned that in the initial comment, and, I gotta confess, I don't know shit about photography, but to me it sounds like a very non-trivial task to make such shot appear legitimate.

I think you are misunderstanding things or don’t know shit about cryptography. Why the fuck are y even talking about publicly unlockable encryption, this is a use case for verification like a MAC signature, not any kind of encryption.

Calm down. I was just dumbing down public key cryptography for you

The actual answer is just replace the sensor input to the same encryption circuits

This will not work. The encryption circuit has to be right inside the CCD, otherwise it will be bypassed just like TPM before 2.0 - by tampering with unencrypted connection in between the sensor and the encryption chip.

For your scheme to work, personal ownership rights would have to be severely hampered.

You still don't understand. It does not hamper with ownership rights or right to repair and you are free to not even use that at all. All this achieves is basically camera manufacturers signing every frame with "Yep, this was filmed with one of our cameras". You are free to view and even edit the footage as long as you don't care about this signature. It might not be useful for, say, a movie, but when looking for original, uncut and unedited footage, like, for example, a news report, this'll be a godsend.

You must be severely misunderstanding the idea. The idea is not to encrypt it in a way that it's only unlockable by a secret and hidden key, like DRM or cable TV does, but to do the the reverse - to encrypt it with a key that is unlockable by publicly available and widely shared key, where successful decryption acts as a proof of content authenticity. If you don't care about authenticity, nothing is stopping you from spreading the decrypted version, so It shouldn't affect consumers one bit. And I wouldn't describe "Get a bunch of cameras, rip the sensors out, carefully and repeatedly strip the top layers off and scan using electron microscope until you get to the encryption circuit, repeat enough times to collect enough scans undamaged by the stripping process to then manually piece them together and trace out the entire circuit, then spend a few weeks debugging it in a simulator to work out the encryption key" as "trivial"

Oh, so Adobe already screwed it up miserably. Thanks, had a good laugh at it

Oh, they've actually been developing that! Thanks for the link, I was totally unaware of C2PA thing. Looks like the ball has been very slowly rolling ever since 2019, but now that the Google is on board (they joined just a couple days ago), it might fairly soon be visible/usable by ordinary users.

Mark my words, though, I'll bet $100 that everyone's going to screw it up miserably on their first couple of generations. Camera manufacturers are going to cheap out on electronics, allowing for data substitution somewhere in the pipeline. Every piece of editing software is going to be cracked at least a few times, allowing for fake edits. And production companies will most definitely leak their signing keys. Maybe even Intel/AMD could screw up again big time. But, maybe in a decade or two, given the pace, we'll get a stable and secure enough solution to become the default, like SSL currently is.

I've been saying for a long time now that camera manufacturers should just put encryption circuits right inside the sensors. Of course that wouldn't protect against pointing the camera at a screen showing a deepfake or someone painstakingly dissolving top layers and tracing out the private key manually, but that'd be enough of the deterrent from forgery. And also media production companies should actually put out all their stuff digitally signed. Like, come on, it's 2024 and we still don't have a way to find out if something was filmed or rendered, cut or edited, original or freebooted.

Yes. Putin is famous for dodging questions by rambling about random shit, but this time he really outdid himself by starting rambling not even a minute into the "interview" and going on for 2 hours straight.

many Republican politicians are anti-Ukraine aid, and support policies that could help Russia

The anti-Ukraine-aid(as in, not giving Ukraine military aid) I can understand. Support policies to help Russia, not so much. But what I'm talking about is I frequently see these nutjobs on Twitter who praise Putin and Russia, while piling up on Zelensky and Ukrainian media resources. Usually those seem to be some kind of religious fundamentalists who think that Russia is some kind of bastion of christian and traditional values. There are even a few who actually moved to Russia and are now used as token "Americans who fled the evil woke culture" on the Russian TV and other media. What these guys are failing to realize, though, is that what they perceive as "christian and traditional values", are actually remnants of criminal/jail culture of the 90s where prisoners would commit homosexual acts against each other to establish hierarchy, and, outside of it, excommunicate or even murder their friends, who came out as gay, out of irrational fear of same acts being done to them. The Russian Christianity... it's more of a "Pacification & Penitence Inc." rather than strict adherence to any particular set of of biblical doctrines. And for Putin... if there was a contest for "inventor of the most non-binding and legally undefined terms and half-measures" he'd definitely be the winner - ffs, he hasn't even properly declared a war to Ukraine, what "strong leader" are they talking about.

What's particularly cringe and really pisses me off though is when those guys try to flip Ukrainian patriotic symbolism, e.g. chanting "Slava Russia", wearing Russian flags, or making fun of Ukrainian casualties - in Russian culture, wearing a literal flag as a cape is disrespectful, "Slava X! [to] Y slava!" originates from a nazi chant and doesn't really make sense in Russian language, while the last one is just plain distasteful.

Ruskie commies were the supposed mortal enemy of them

As a Ruskie commie, I gotta say, the fact there exist people who praise Russia in the USA is absolutely fucking insane, you should really put them all into mental asylum because whatever is going in their head must be complete bonkers. I don't mean that everyone should turn russophobe, of course, but modern Russia is objectively a complete shithole. It is a miracle that it's still standing as a major global power, despite the government actions and post-soviet cultural heritage.

I think you’re vastly overstating the danger of travelling through Russia

Eh, a red passports in my pocket, along with a military id of same color say otherwise

But it doesn’t degrade performance for a seedbox. You connect to it and stream your files when you need them, it’s less hassle than if you download things to your own home. Doesn’t degrade performance for most private tasks to be honest.

Actually, this sounds like a one good use-case for VPS in Russia because I didn't even know what a seedbox is. I have used transmission on a router solely for silent operation and only once encountered an ISP who limited bittorrent traffic, but then I just told them to fuck off and switched to a different one. It never crossed my mind that people might want a torrent box outside their country. Just use an encrypted connection to it, though, because who knows what the fuck is Russian(or your) government might be up to. Though I'd advice to consider one in Armenia, if possible. It's close, but much more liberal and the internet speeds are just as good. Though computer part imports seem to be problematic in there so I'm not sure if there are any good providers.

Almost always left to the discretion of the ISPs when it comes to implementation

It'd be interesting to see how they actually implement this, as I couldn't find much info. But the fact that this is passed down to ISP's to implement and there are seemingly no strict rules gives a hope that there might be some leeway between different providers, and ones that don't use it as a pretense to infringe on your privacy. But it's sad to see that they are, too, going political with this.

relying on a simple domain block-list. There’s domain blocking where I live too. I imagine it’s handled similarly on a technical level

To block a domain, it requires looking at the HTTP headers, though. So the only ways to do this with HTTPS is by either somehow breaking SSL or blocking based on domain's IP, which causes high collateral damage due to cohosting, especially if the infringing domain is behing clourflare or is on amazon/azure/google infra. Oh and you can't just block whatever IP's the DNS is responding with, they got burned by it already when someone intentionally got their domain into blocklist and made DNS server resolve to 127.0.0.1. If your place also does this and it has a working democratic and judicial systems, I would suggest starting to raise questions about it.

This just says blocked, not outlawed. I also couldn’t find any other articles about Tor being outlawed. As long as it’s not illegal it’s no practical problem for me/you. According to this article, Tor and someone else is suing, which they wouldn’t do if they didn’t have a legal basis for operating. It even says it’s unconstitutional.

You're right. I've looked into it and it seems that the reasoning behind the ban isn't that it allows anonymity but the fact that exit nodes don't restrict access to blocked sites, which is not at all possible for Tor. So I imagine they will soon, if not already, start going after it using DPI methods like they do with VPN's already.

Based on what you’ve provided, it sounds like the anonymous computer in a cave scenario in the meme would go completely unnoticed by an averagely aggressive and averagely competent police state.

Well, based on what this computer is actually doing, it's going to get cut off from all communications the moment anyone in that police state notices it. If it's just pirate stuff then it'll happen fairly quickly based on the amount and the obscurity of the sites in the blocklist. If it's political - the owner of the server will be called for questioning. They'll throw some of the bullshit laws at them to stack up (Got camera on your phone? Spy equipment! $2000 fine + confiscation! Liked any racist meme at any point in time? bam, extremism, 6 years in prison!) possible fines and jail time, but it's all just to coerce them into cooperation.

Come on. I’m not planning to spy on the Russian military for the MI6! That’s several levels of shady beyond ‘anti-establishment website’.

Who knows what you might want to do with that server in the cave. This was just to show that they can and do reach outside the country in some cases. It's not just for spies, though, they tried to do the same with Navalny and Kara-Murza, and a bunch of other less prominent figures. Also note, that all of those are botched attempts. In case of success, there will be no signs of poisoning as those chemicals are designed to break down quickly and leave no traces.

It can also be mitigated with a VPN and not using the state’s DNS

True, if your VPN protocol of choice isn't banned already. But then, renting a box in Russia just to break out of it using a VPN kind of defeats the whole purpose.

Overall, you put it fairly accurate at "averagely aggressive and averagely competent police state", we're just going back and forth over specific details, but the point is that if you're dealing with anything in Russia, you're basically dealing with said police state, and the more you get involved with it, the harder you'll eventually get rolled over by it. That's why I suggest not getting involved with it at all in the first place. Having said that, I myself have certain obligations to visit Russia at some point in the future and I honestly dread of that moment. Wish me luck, I guess, but do you happen to know any good "dead hand" kind of software?

The NY Times article is especially bad because the tool they’re talking about, whois, is included standard with Mac and Linux. It’s not scary spy software. Inspecting and blocking traffic on the fly isn’t supported by the article as far as I can tell

Sorry, the article is terrible but I couldn't find better English articles. Here are couple of auto-translated articles with some technical details on said spy-boxes. I remember there was a great combined push of state-owned market majority ISP Rostelecom along with state's truth agency Roskomnadzor to implement all of this, for the first it was to push out independent ISP's who couldn't afford any of it, and for latter to erase and block out any info that the government doesn't like, e.g. protest movements. The pretense was that it was for protection against foreign threats and autonomous operation of Russian side of the internet in case of hostile actions from the west, which has a grain of sense - e.g. of the 13 root DNS servers, 10 are operated by US and the rest by it's allies. But the fact that this was not a joint initiative with other countries who are not on good terms with the US, and that those tools were used to combat political opposition, tells that this was not at all the real reason for it.

In the case of that last link. He did go to jail for 20 days, but on the other hand, running Tor did literally save him from prison. This isn’t from that article but looking up his name, it seems he was cleared of all charges a week after he got out of jail and the judge’s reasoning was that because of Tor there wasn’t undeniable evidence

That's a dangerous precedent though, that a person can be arrested and held for indefinite amount of time without any significant evidence - just based on IP address. And in Russia, the laws are often written backwards, like the religious people feelings law in response to pussy riot case, the veteran feelings law for Navalny, the meme laws... for everyone.... and...

He wasn’t asked to stop hosting Tor either

the entire Tor network was outlawed in Russia, so it won't work as a defense any further.

This case sounds like positive confirmation that if I rent a Russia VPS and use it for Tor, I’m not breaking any laws and don’t need to worry about regular downtime, which was the original premise.

If you are not located in Russia, and you are not a figure in Russian politics, you indeed have nothing to worry about, except for the downtime, and certain protocols and endpoints being unreachable... and having your business ruined, but I figure if you're not planning on doing any if you don't care about downtime.

Though, if you are a political figure, the advice would still be to not touch anything Russian even with a 10-foot pole

And finally, having someone’s root certificate does not at all stop you from encrypting data. It lets websites that have been verified by the issuer have a green check mark in Firefox. You likely have tens or hundreds of root certificates installed on your computer

This allows them to perform MITM attacks by connecting to the website on your behalf, decrypting it, then re-encrypting it with their own cert and you'd still get the checkmark. Do you ever click on it to see who issued the certificate? They can, and most definitely will use it to attack their political enemies. Currently, they're still forcing users to install it by holding online payments hostage, but even if you don't pay online, nothing stops them from forcing it on all outbound communications in the future.