The technology would be extremely easy to adapt, with the certs being tied to the original recording equipment hardware. Given i don’t see a $60 ip cam having a dolphin board it would probably be relegated to much higer end equipment, but any modification with a new key would break the chain of veracity
This is blatantly not true, it would be extremely simple to circumvent. How do you “tie” the cert to a specific hardware without trusting manufacturers? You just can’t, it’s like putting a padlock on a pizzabox.
As with everything, trust is required eventually. It’s more about reducing the amount of trust required than removing it entirely. It’s the same with HTTPS - website certificates only work if you trust the root certificate authorities, for example.
Root manufacturer keys may only be certified if they have passed some level of trust with the root authority/authorities. Proving that trust is well-founded is more a physical issue than an algorithmic one. As it is with root CAs it may involve physical cybersecurity audits, etc.
Yep, totally fair. It’s kind of crazy actually how we all trust that stuff, and when there’s a breach people just want to expire certificates more often etc.
I bet there is a better way but as long as no one is paying, we’re stuck with this mess. I have programmed stuff with x509 in the medical sector, what a trusty spaghetti mess that was, but when you finally got your cert, you could basically do whatever.
Sorry for the rant 😅 I just want to show people that even if the mathematics behind RSA is fantastic and secure, the human side is always there to break that 🤷🏼♀️.
The technology would be extremely easy to adapt, with the certs being tied to the original recording equipment hardware. Given i don’t see a $60 ip cam having a dolphin board it would probably be relegated to much higer end equipment, but any modification with a new key would break the chain of veracity
This is blatantly not true, it would be extremely simple to circumvent. How do you “tie” the cert to a specific hardware without trusting manufacturers? You just can’t, it’s like putting a padlock on a pizzabox.
As with everything, trust is required eventually. It’s more about reducing the amount of trust required than removing it entirely. It’s the same with HTTPS - website certificates only work if you trust the root certificate authorities, for example. Root manufacturer keys may only be certified if they have passed some level of trust with the root authority/authorities. Proving that trust is well-founded is more a physical issue than an algorithmic one. As it is with root CAs it may involve physical cybersecurity audits, etc.
Yep, totally fair. It’s kind of crazy actually how we all trust that stuff, and when there’s a breach people just want to expire certificates more often etc.
I bet there is a better way but as long as no one is paying, we’re stuck with this mess. I have programmed stuff with x509 in the medical sector, what a trusty spaghetti mess that was, but when you finally got your cert, you could basically do whatever.
Sorry for the rant 😅 I just want to show people that even if the mathematics behind RSA is fantastic and secure, the human side is always there to break that 🤷🏼♀️.
I literally explained earlier how this exact technology is used in digital cinema dude c’mon.
That doesn’t mean it’s useful for forensics, IMO.
Edit: not saying it wont be though, just that it’s not as bullet proof as you’d think, IMO.