I was thinking about how hard it is to accurately determine whether a screenshot posted online is real or not. I’m thinking there could be an option in the browser to take a “secure screenshot”, which would tag the screenshot with the date, url, and whether the page was modified on your computer. It could then hash both the tag and the image data and automatically upload this hash to some secure server somehow. There would need to be a way to guarantee that only the browser could do this, or at least some way to tell exactly what the source was. I’m not much of a cryptography person, but I would be surprised if it isn’t possible to do this. Then, you could check if the screenshot you see is legitimate by seeing if it’s hash exists in the list of real hashes.
I wanted to archive that tone-deaf tweet in case that Nazi deletes it, but apparently Wayback Machine has trouble archiving Twitter in particular.
Yeah, that’s kinda why I thought a screenshot thing would be better. It could also ideally work on private data like DMs. The idea also includes having the URL as tagged unencrypted metadata on the image, that anyone can access by opening the image in a metadata website (or the hypothetical authenticity checking service)
From what others are saying though, it sounds like my original screenshot idea would probably be impossible, so linking to the source is the best we can actually do
Encoding the source URL in the screenshot’s metadata is not bad. That would preserve the source credit in places where people simply copy your image and post it somewhere else. We’d have to make sure it’s not saving the full URL of a private conversation, where the full URL might leak a private key or a session ID. Can’t let someone turn on this feature and then accidentally doxx themselves.