Witness is a camera app that certifies your photos and videos as real the moment you take them. It embeds a cryptographic signature directly into the file, no cloud or upload. This makes every image and video self-verifiable. Free for regular users on iOS and Android.
apothegm•1h ago
And what prevents a malicious actor from doing exactly the same thing with an AI-generated image?
rh-app-dev•1h ago
The security in the app does. The signatures use the captured content and other data as criteria. If any of it or the file is tampered with, it fails validation. And you can only apply the signature to content captured by the camera. Can't be added afterwards.
pavel_lishin•1h ago
Is it possible to run in an emulator, with a fake camera input?
rh-app-dev•1h ago
Haven't tried that, but the big hurdle is getting validation of those test cases from App Attest and Play Integrity. Those are required for running the app.
uberman•1h ago
Does this app somehow interface directly with the hardware? Last I looked iOS saved photos to files that apps had to them open up?
rh-app-dev•1h ago
Yes it does. It uses the camera but creates its own content files and stores in its own location. The content files can be exported via sharing in the app.
oxw•1h ago
Is there any way to sign an image/photo with the exact time/location it was taken in a way that can't be forged?
Time + location are measurements that can be fooled.
rh-app-dev•1h ago
Timestamp is already there. Geo-location will be added at a later date. Some devices already add that information but the app doesn't use it. It will be added eventually though.
pavel_lishin•1h ago
What happens if the user alters the date on their device?
rh-app-dev•1h ago
The timestamp is based on the device. However, some of the security data comes from the Witness validation server and others from the platform (Google Play Integrity/Apple App Attest). Altering the date/time on the device would conflict with that information, and possibly fail the device validation. One of the key criteria for using the app is it will only run on a device that passes validation from the platform. So rooted devices can't run the app, as they can't pass validation.
PaulHoule•1h ago
I process photos a lot to remove noise, sharpen, clean up dust spots, color grade, occasionally remove distractions, and once in a while I'll ask Photoshop to draw another row of bricks at the bottom of a photo to make it visually balanced.
So I'm not interested.
rh-app-dev•1h ago
Making the app and the validated content files editable is actually the next major feature. Once we conquer that, its onto making it work for live content.
PaulHoule•41m ago
If I could document the process that would be great.
rh-app-dev•14m ago
We haven't started that phase of development yet but the original image would still be immutable. Subsequent edits to the image metadata would be would be done via Photoshop with a plugin for tracking those edits and then saving and certifying that the original image was still locked with the added visual changes. Haven't decided how those additional changes would be tracked, but I'm guessing it's necessary to do so.
beardyw•7m ago
I can see this might be of value to some people, but it feels like a relatively small group. I might one day wish I had this, but it feels so unlikely I probably wouldn't have installed it. Am I missing something?
rh-app-dev•1h ago
apothegm•1h ago
rh-app-dev•1h ago
pavel_lishin•1h ago
rh-app-dev•1h ago
uberman•1h ago
rh-app-dev•1h ago