this post was submitted on 11 Feb 2024
643 points (97.9% liked)

Technology

59581 readers
3051 users here now

This is a most excellent place for technology news and articles.


Our Rules


  1. Follow the lemmy.world rules.
  2. Only tech related content.
  3. Be excellent to each another!
  4. Mod approved content bots can post up to 10 articles per day.
  5. Threads asking for personal tech support may be deleted.
  6. Politics threads may be removed.
  7. No memes allowed as posts, OK to post as comments.
  8. Only approved bots from the list below, to ask if your bot can be added please contact us.
  9. Check for duplicates before posting, duplicates may be removed

Approved Bots


founded 1 year ago
MODERATORS
 

The White House wants to 'cryptographically verify' videos of Joe Biden so viewers don't mistake them for AI deepfakes::Biden's AI advisor Ben Buchanan said a method of clearly verifying White House releases is "in the works."

you are viewing a single comment's thread
view the rest of the comments
[–] captain_aggravated 22 points 9 months ago (2 children)

I just mentioned this in another comment tonight; cryptographic verification has existed for years but basically no one has adopted it for anything. Some people still seem to think pasting an image of your handwriting on a document is "signing" a document somehow.

[–] [email protected] 4 points 9 months ago

It doesn't help that in a lot of cases, this is actually accepted by a shit ton of important institutions that should be better, but aren't.

[–] [email protected] 2 points 9 months ago (1 children)

Still trying to get people to sign their emails lol

[–] captain_aggravated 1 points 9 months ago (1 children)

I mean, part of it is PGP is the exact opposite of streamlined and you've got to be NSA levels of paranoid to bother with it.

[–] [email protected] 1 points 9 months ago (1 children)

It's automated in all mainstream email clients, you don't even have to think about it if a contact has it set up

[–] [email protected] 3 points 9 months ago* (last edited 9 months ago) (1 children)

if a contact has it set up

Well, there's your problem.

The most commonly-used mail client in the world is the Gmail web client which does not support it. Uploading your PGP key to Gmail and having them store it server-side for use in a webmail client is obviously problematic from a security standpoint. Number 2 I would guess is Outlook, which appears also not to support it. For most people, I don't think they understand the value of cryptographically signing emails and going through the hassle of generating and publishing their PGP keys, especially since Windows has no built-in easy application for generating and managing such keys.

There's also the case that for most people, signing their emails provides absolutely no immediate benefit to them.

[–] captain_aggravated 1 points 9 months ago (1 children)

Plus that's email. What about... Literally everything else?

[–] [email protected] 1 points 9 months ago

Yeah, almost nothing has good PGP integration.

Except Git, apparently.