So now we are essentially bricking the devices of real users? Without doing anything meaningful to real attackers who just grab the next key out of their list of 10 million stolen from insecure androids.
What? No. The signature needs to be added by the image sensor as it gathers data.
It shouldn't be easy to extract it and that's it. It's even less difficult than keeping the DVD/Blueray keys secure because each device has a separate key, so if a line of devices gets compromised easily it's easy to spot.
Then you put a legal framework around what can be presented by media, the requirement for signature collection and so. And one of problems with photo/video authenticity is essentially solved.
uuidgen|4 years ago
It shouldn't be easy to extract it and that's it. It's even less difficult than keeping the DVD/Blueray keys secure because each device has a separate key, so if a line of devices gets compromised easily it's easy to spot.
Then you put a legal framework around what can be presented by media, the requirement for signature collection and so. And one of problems with photo/video authenticity is essentially solved.