Detecting fake on the new internet might be very important for a future happy humanity. On the other side, not being able to reliably tell apart original from fake content (text, sound, image, video) might lead to the situation where an enormous share of the public have the wrong conviction on a few, ill-selected, people.
As indicated here, impersonation, spam, identity theft are more and more common. Here we go a step further, proposing steps to indicate true origin of an internet resource (web pages, movies, pictures).
Fake can be fun and legitimate, up to a certain point. Software like OpenAI Dalle2 shows impressive capacities of synthesis of artificial art. Furthermore, different apps and services can synthesize talking instances of famous people carrying advertising messages which were not actually pronounced by them.
Can they be safely and automatically tagged as fake?
The automatic analysis of text, pictures and videos is an AI domain which is probably vivid and depasses the scope of this article.
Certificates and resource signing
But one tool for asserting originality already exists: they are certificates. They are already used for asserting the origin of internet domains.
Also, proprietary origin certification systems have flourished. On Twitter, since recently, you can buy a blue check mark, that truly identifies you, up to a certain epsilon apparently, as the real deal. Tiktok and other platforms offer similar features.
But integrating certification into the internet standards might be a more general idea.
You might use a certificate stored on a special usb-like device that you insert into your computer, as a reliable password replacement. It may act as password management software, it may emit new passwords so that different sites have different passwords.
You could have a JPG picture which identifies three people as being definite persons, and that identification might be signed by certificates by those precise people. You might have the power, as an individual, holder of a certificate, to sign, that you are in that photo. Everything else would be then fake.
You might be able to use your certificate to sign a piece of text, of video, a song.
Of course the problem, the abuse of this technology would be similar to what happens in everyday life: in order to buy or benefit from the least product or service, in basically any shop or office, you have to sign an impressive number of documents that you cannot possibly read and comprehend. Once this technology is established, there is little hope that abusers will not try to make people sign by forcing or otherwise trying to forcefully get their signature as it so often happens in the physical world.
Usage scenario
You boot or wake up your computer. You stick a Yubikey-like device into a usb-like port on your computer. It contains your password, in the form of a private key, which is hardcoded on the device. It cannot be altered, rewritten, changed or removed, in any shape or form. The key also comes has a small amount of software that can generate new keys (gpg, for example).
Of course you no longer have to remember or input your password. If you lose the password key, you simply go to the shop, you say you lost it, they give you another one. If you payed a subscription to the provider, you get your data back which will work with the new key. If you didn’t, you don’t. Or thereabouts.
With this device, you can sign your digital artifacts: Let us say you take a photo on the phone: it is signed by the OS of the phone as being made by you. You can also predicate different things on the artifact: you appear in it, you created it, modified or reshaped it etc. There are a number of predicates that you can sign, the most frequent being probably creation and appearing in.
You copy your photo on the computer. The certification stays the same. You mark another person on the photo, let’s say, on Facebook. A notification is received by the other person who uses their own private keys/certificates, to sign their ‘appear into’ photo.
Same goes for videos, text, blog and vlog articles.
This signing process would be part of web standards and, as such, would be implemented by any web application, including major ones, like Facebook, Twitter, Google etc. Signing and authentication of content would become normal and expected behaviour of web content and there would be APIs for them in all frameworks/languages, like there are already APIs for authentication, MVC, web services and so on.
Non sanz droict 