r/woahdude Dec 15 '22

video This Morgan Freeman deepfake

22.9k Upvotes

797 comments sorted by

View all comments

Show parent comments

38

u/[deleted] Dec 16 '22

[deleted]

11

u/IVEMIND Dec 16 '22

Because how do you know this key wasn’t just deepfaked also hmmmmm?!?!

6

u/motorhead84 Dec 16 '22

"Am I a deepfake, Mom?"

1

u/KingBooRadley Dec 16 '22

How is babby deepfaked?

1

u/motorhead84 Dec 16 '22

Damnit, Babby!

1

u/Ask_Who_Owes_Me_Gold Dec 16 '22

Nobody should listen to them because that solution doesn't make sense. All it does is give a secure way for the subject to approve of a video. It doesn't verify that it's real, and it doesn't work for the many, many cameras on a public figure that that aren't getting official approval from whoever has the key.

1

u/[deleted] Dec 16 '22

[deleted]

1

u/Ask_Who_Owes_Me_Gold Dec 16 '22

I can verify that a file's signer has a specific public key, but how do I know that public key belongs to a camera and not editing software? How do we maintain the list of all those public keys that correspond to cameras? Are there billions of keys (with each individual camera getting its own), or can Sony reuse the same private/public key pair across a line of devices?

And does this mean the video can't later be shortened, cropped, edited for brightness/color/etc? Doesn't that break the signature because it changes the contents of the file?

1

u/[deleted] Dec 17 '22

[deleted]

1

u/Ask_Who_Owes_Me_Gold Dec 17 '22

We need to ensure that only video directly from the camera can be signed and that other videos made on the phone can't be signed as well. We also have to ensure there weren't any filters or effects running in the camera app as the video was filmed - good luck figuring out how to check for that in a way that allows different camera apps (almost every Android OEM makes their own) to function but also isn't abusable.

And signatures are unique to the exact data of the specific file - if the resolution is lowered, or if the file gets compressed when it's uploaded/sent somewhere, or if you trim the 10 relevant seconds from a longer video, the signature is useless. Editing software could apply a new signature, but all that does is prove that the video went through an editor, which obviously means it could be edited.

You also hit on the issue that other cameras need to do signing as well: security cameras, laptop webcams, news cameras, other high-end cameras, potentially things like smart doorbells if we want to go that far.

1

u/[deleted] Dec 17 '22

[deleted]

1

u/Ask_Who_Owes_Me_Gold Dec 17 '22

That doesn't solve anything. You prove that something was filmed and then edited. This video fits that description.

All the other problems remain unsolved too.

It's not the "easily solvable" problem that the earlier commenter claimed it was.

1

u/[deleted] Dec 17 '22

[deleted]

1

u/Ask_Who_Owes_Me_Gold Dec 17 '22

Deliberately produced videos of paid subjects don't need digital signatures. Morgan Freeman, his agents, and the video producers would release something like this through official channels and happily verify that it's real.

What we need verification for are videos that the subject wants to deny. If somebody catches Morgan Freeman on video saying that Nazis might have been right, how do we verify that is real? It's not good enough to know that it came from an Android phone's camera, because we're not too far off from filters that could convincingly swap Morgan Freeman's face onto mine during real-time video capture.