I am not an expert, but from the examples in the article I think the author is looking for a bit more than read-your-writes.
E.g. They mention reading a list of attachements and want to ensure they get all currently created attachements, which includes the ones created by other processes.
So they want to have "read-all-writes" or something like that.
While it does not seem enough to guarantee authenticity, this scheme does seem like it would prevent creating a video from scratch pretending to be taken at a protected location without having express knowledge of the key or the flickering at that moment in time.
Definitely interesting for critical event and locations, but quite niche.
It's similar to any other private/public key scheme: it just serves to prove the signature was generated by the owner (here whoever owns the location at which the video is taken).
But I guess you could imagine multiple flickering patterns per location, with each pattern being owned by a different entity (an NGO + a governement + a private company for example), in essence doing a multi-sig of the video.
Read it rather quickly, but looks fine at least on the surface. Sadly, there is no way I would trust anything as sensitive as DNS with the EU given their dreadful record of creeping surveillance.
Depends a bit on which machine really. Overall, I am more confident trusting a company with a good track record or non-profit with DNS. Mullvad have great offerings with optional content blocking and DNS over both HTTPS and TLS:
If there are other entities (commercial or not) with similar DNS services I would be happy to hear about them.
I find some reactions here to my initial comment a bit puzzling. Yes, the EU has a number of great attempts at getting privacy legislation right. Personally, I even have sympathies for the cookie banners. But it is equally true that we have seen attempts and successes to introduce surveillance measures as well. I remember the fight against the Data Retention Directive [1] and we still have "Chat Control" lurking in the shadows. Thus, I do not think I am entirely wrong in feeling less than chuffed about the prospect of handing all my DNS queries straight over to an entity working directly under the European Commission.
There were many laws on surveillance proposed in the EU context as there are many parties that make proposals. But there's no actual such law in place. And the EU is bound by GDPR and EDPR and actually does a huge circus to respect them, so I'd trust them more than any other party, be it my provider or the mega corps collecting data for ads.
Where do you see negativity? I just expressed surprise someone would use it, given current situation. If I am wrong and people find it useful - by all means.
I think for any given job there's a tool thats likely best. If you hire me to paint your car and I show up with a paint brush you're probably not amused, because you know that it needs to be spray painted. If I hire you to program a microcontroller and you try to use Ruby..
reply