I was thinking about how hard it is to accurately determine whether a screenshot posted online is real or not. I’m thinking there could be an option in the browser to take a “secure screenshot”, which would tag the screenshot with the date, url, and whether the page was modified on your computer. It could then hash both the tag and the image data and automatically upload this hash to some secure server somehow. There would need to be a way to guarantee that only the browser could do this, or at least some way to tell exactly what the source was. I’m not much of a cryptography person, but I would be surprised if it isn’t possible to do this. Then, you could check if the screenshot you see is legitimate by seeing if it’s hash exists in the list of real hashes.

  • hitstun
    211 hours ago

    I like this, but it’s better to always link to the source of your screenshot. Art communities like mine are strict about always citing sources, and I wish the rest of the internet would cite sources. For example:

    Source: Twitter via Jewish Telegraphic Agency because I’m not giving going to give that tweet any engagement

      • @AdrianTheFrogOPEnglish
        210 hours ago

        Yeah, that’s kinda why I thought a screenshot thing would be better. It could also ideally work on private data like DMs. The idea also includes having the URL as tagged unencrypted metadata on the image, that anyone can access by opening the image in a metadata website (or the hypothetical authenticity checking service)

        From what others are saying though, it sounds like my original screenshot idea would probably be impossible, so linking to the source is the best we can actually do

        • hitstun
          19 hours ago

          Encoding the source URL in the screenshot’s metadata is not bad. That would preserve the source credit in places where people simply copy your image and post it somewhere else. We’d have to make sure it’s not saving the full URL of a private conversation, where the full URL might leak a private key or a session ID. Can’t let someone turn on this feature and then accidentally doxx themselves.

    • hitstun
      110 hours ago

      Suppose I did fake a screenshot, and I supplied a source link. Anyone could click my link, read the real thing, and call me out on my bullshit. That’s the way it should be.

      Source: Reddit after I rewrote the page’s text with Firefox’s developer tools