Am I oversimplifying stuff too much?
I don’t understand how this will help deep fake and fake news.
Like, if this post was signed, you would know for sure it was indeed posted by @[email protected], and not by a malicious lemm.ee admin or hacker*. But the signature can’t really guarantee the truthfulness of the content. I could make a signed post that claiming that the Earth is flat - or a deep fake video of NASA’a administrator admitting so.
Maybe I’m missing your point?
(*) unless the hacker hacked me directly
But the signature can’t really guarantee the truthfulness of the content. I could make a signed post that claiming that the Earth is flat.
important point, but in a federated or distributed system,
thissigned posts/comments may actually be highly beneficialforwhen tying content directly to an account for interaction purposes. I have already seen well-ish known accounts seemingly spoofed on similar looking instance domains.distribution of trusted public keys would be an interesting problem to address but the ability to confirm the association of a specific account to specific content (even if the account is “anonymous” and signing is optional) may lend a layer
toof veracity to interactions even if the content quality itself is questionable.edit: clarity (and potential case in point - words matter, edits matter).
Sure, but that has little to do with disinformation. Misleading/wrong posts don’t usually spoof the origin - they post the wrong information in their own name. They might lie about the origin of their “information”, sure - but that’s not spoofing.
Misleading/wrong posts don’t usually spoof the origin - they post the wrong information in their own name.
You could argue that that’s because there’s no widely-accepted method for verifying sources—if there were, information relayed without a verifiable source might come to be treated more skeptically.
No, that’s because social media is mostly used for informal communication, not scientific discourse.
I guarantee you that I would not use lemmy any differently if posts were authenticated with private keys than I do now when posts are authenticated by the user instance. And I’m sure most people are the same.
Edit: Also, people can already authenticate the source, by posting a direct link there. Signing wouldn’t really add that much to that.
Deepfakes are about impersonating the person in the video, fake news is… Well, just someone lying. Signatures are meant to verify the source of information, not the contents of it.
Simple example, we can be nearly 100% confident that the person posting tweets under the Trump account is (atleast authorized by) Trump. Doesnt stop him from lying nor uploading a deepfake video.
How would key signing prevent deep fakes?
