Last week, we wrote about the Leica M11-P, the world’s first camera with Adobe’s Content Authenticity Initiative (CAI) credentials baked into every shot. Essentially, each file is signed with Leica’s encryption key such that any changes to the image, whether edits to the photo itself or the metadata, are tracked. The goal is to not only prove ownership, but that photos are real — not tampered with or AI-generated. At least, that’s the main selling point.

Although the CAI has been around since 2019, it’s adoption is far from widespread. Only a handful of programs support it, although this list includes Photoshop, and its unlikely anybody outside the professional photography space was aware of it until recently. This isn’t too surprising, as it really isn’t relevant to the casual shooter — when I take a shot to upload to Instagram, I’m rarely thinking about whether or not I’ll need cryptographic proof that the photo wasn’t edited — usually adding #nofilter to the description is enough. Where the CAI is supposed to shine, however, is in the world of photojournalism. The idea is that a photographer can capture an image that is signed at the time of creation and maintains a tamper-proof log of any edits made. When the final image is sold to a news publisher or viewed by a reader online, they are able to view that data.

At this point, there are two thoughts you might have (or, at least, there are two thoughts I had upon learning about the CAI)

1. Do I care that a photo is cryptographically signed?
2. This sounds easy to break.

Well, after some messing around with the CAI tools, I have some answers for you.

1. No, you don’t.
2. Yes, it is.

What’s The Point?

There really doesn’t seem to be one. The CAI website makes grand yet vague claims about creating tamper-proof images, yet when you dig into the documentation a bit more, it all sounds quite toothless. Their own FAQ page makes it clear that content credentials don’t prove whether or not an image is AI generated, can easily be removed from an image by taking a screenshot of it, and doesn’t really tackle the misinformation issues.

That’s not to say that the CAI fails in their stated goals. The system does let you embed secure metadata, I just don’t really care about it. If I come across a questionable image with CAI credentials on a news site, I could theoretically download it and learn, quite easily, who took it, what camera they used, when they edited it and in which software, what shutter speed they used, etc. And thanks to the signature, I would willingly believe all of those things are true. The trouble is, I don’t really care. That doesn’t tell me whether or not the image was staged, or if any of those edits obscure some critical part of the image changing its meaning. At least I can be sure that the aperture was set to f/5.6 when that image was captured.

Comparing Credentials

At least, I think I can be sure. It turns out that it isn’t too hard to misuse the system. The CAI provides open-source tools for generating and verifying signed files. While these tools aren’t too difficult to install and use, terminal-based programs do have a certain entry barrier that excludes many potential users. Helpfully, Adobe provides a website that lets you upload any image and verify it’s embedded Content Credentials. I tested this out with an image captured on the new CAI-enabled camera, and sure enough it was able to tell me who took the image (well, what they entered their name as), when it was captured (well, what they set the camera time to), and other image data (well — you get the point). Interestingly, it also added a little Leica logo next to the image, reminiscent of the once-elusive Blue Check Mark, that gave it an added feel of authenticity.

I wondered how hard it would be to fool the Verify website — to make it show the fancy red dot for an image that didn’t come from the new camera. Digging into the docs a bit, it turns out you can sign any old file using the CAI’s c2patool — all you need is a manifest file, which describes the data to be encoded in the signed image, and an X.509 certificate to sign it with. The CAI website advises you to purchase a certificate from a reputable source, but of course there’s nothing stopping you from just self-signing one. Which I did.

Masquerading Metadata

I used openssl to create a sha256 certificate, then subsequently sign it as “Leica Camera AG” instead of using my own name. I pointed the c2pa manifest file at my freshly minted certificate set, pasted in some metadata I had extracted from a real Leica M11-P image, and ran c2patool. After some trial and error in which it kept rejecting my fake certificate for some reason or another, it finally spit out a genuine fake image. I uploaded it to the Verify tool and — lo and behold — not only did the website say that my fake had been taken on a Leica camera and signed by “Leica Camera AG,” but it even sported the little red Leica logo.

One of the images above was taken on a Leica M11-P, and the other on a Gameboy Camera. Can you tell the difference? Adobe’s Verify tool can’t. Download the original left image here, the right image here, then head over to https://contentcredentials.org/verify to try for yourself.

Of course, a cursory inspection of the files with c2patool would reveal the signature’s public key, and it would be a simple matter to compare that key to Leica’s key to find out that something were amiss. Surprisingly, Adobe’s Verify tool didn’t seem to do that. It would appear that it just string matches — if it sees “Leica” in the name, it slaps the red dot on there. While there’s nothing technically wrong with this, it does lend the appearance of authenticity to the image, making any other falsified information easier to believe.

Of course, I’m not the only one who figured out some fun ways to play with the CAI standard. [Dr. Neal Krawetz] over at the Hacker Factor Blog recently dove into several methods of falsifying images, including faked certificates with a method a bit more straightforward than the one I worked out. My process for generating a certificate took a few files and different commands, while his distills it into a nice one-liner.

Secure Snapshots?

So, if the system really doesn’t seem to work that well, why are hundreds of media and tech organizations involved in the project? As a consumer, I’m certainly not going to pay extra for a camera just because it has these features baked in, so why are companies spending extra to do so? In the CAI’s perfect world, all images are signed under their standard when captured. It becomes easy to immediately tell both whether a photograph is real or AI-generated, and who the original artist is, if they’ve elected to attach their name to the work. This serves a few purposes that could be very useful to the companies sponsoring the project.

In this perfect world, Adobe can make sure that any image they’re using to train a generative neural network was captured and not generated. This helps to avoid a condition called Model Autophagy Disorder, which plagues AIs that “inbreed” on their own data — essentially, after a few generations of being re-trained on images that the model generated, strange artifacts begin to develop and amplify. Imagine a neural network trained on millions of six-fingered hands.

To Adobe’s credit, they tend to be better than most other companies about sourcing their training data. Their early generative models were trained solely on images that they had the rights to, or were explicitly public domain or openly-licensed. They’ve even talked about how creators can attach a “Do Not Train” tag to CAI metadata, expressing their refusal to allow the image to be included in training data sets. Of course, whether or not these tags will be respected is another question, but as a photographer this is the main feature of Content Credentials that I find useful.

Other than that, however, I can’t find many benefits to end users in Content Credentials. At best, this feels like yet another well-intentioned yet misguided technical solution to a social issue, and at worst it can lend authenticity to misleading or falsified images when exploited. Misinformation, AI ethics, and copyright are complicated issues that require more than a new file format to fix. To quote Abraham Lincoln, “Don’t believe everything you read on the internet.”

In the days before every piece of equipment was an internet-connected box with an OLED display, engineers had to be a bit more creative with how they chose to communicate information to the user. Indicator lights, analog meters, and even Nixie tubes are just a few of the many methods employed, and are still in use today. There are, however, some more obscure (and arguably way cooler) indicators that have been lost to time.

[Aart Schipper] unearthed one such device while rummaging around in his father’s shed: a pair of Burroughs Bar Graph Glow-Transfer Displays. These marvelous glowing rectangles each have two bars (think the left and right signals on an audio meter, which is incidentally what they were often used for), each with 201 neon segments. Why 201, you may ask? The first segment on each bar is always illuminated, acting as a “pilot light” of sorts. This leaves 200 controllable segments per channel. Each segment is used to “ignite” its neighboring segment, something the manufacturer refers to as the “Glow-Transfer Principle.” By clever use of a three-phase clock and some comparators, each bar is controlled by one analog signal, keeping the wire count reasonably low.

Don’t get us wrong, the warm, comforting glow of Nixie tubes will always have a special place in our hearts, but neon bar graphs are just hard to beat. The two do have a similar aesthetic though, so here’s hoping we see them used together in a project soon.

Thanks to [Jan] for the tip!

Have 73 hours to kill and fancy a 4,609-mile road trip? Then you can check out some of the best observatories in the US (although we would probably recommend taking a couple of weeks rather than cramming the trip into three days, so you can spend at least one night stargazing at each).

Matador Network compiled a list of what they call the top ten US observatories, and published the daunting map you see above. Even if your trip is plagued by cloudy skies, rest assured the destinations will still be worth a visit. From Arizona’s Lowell Observatory, where the evidence Edwin Hubble used to formulate the Big Bang Theory was collected, to the Green Bank National Radio Observatory in West Virginia, home of Earth’s largest fully-steerable radio telescope, each site has incredibly rich history.

All of the observatories are open to the public in some way or another, but some are only accessible a few days per month, so make sure you plan your trip carefully! You may even want to travel with your own homemade telescope, Game Boy astrphotography rig, or, if you’re really dedicated, portable radio telescope.

[googlemaps https://www.google.com/maps/d/embed?mid=1L71ogpZmOaN7JQC-uKR37TVvEXMtevw&ehbc=2E312F&w=640&h=480%5D

Designing 3D environments is hard, but it doesn’t have to be. A week ago, if you decided to design an entire city in Blender, say for a game or animation, you probably would have downloaded some asset pack full of building shapes and textures and painstakingly placed them over the course of days, modifying the models and making new ones as needed. Now, you would just need to download Buildify, feed it an asset pack, and watch the magic happen.

Buildify, made by [Pavel Oliva], is one of the most impressive bits of Blender content we’ve seen in a long time. It lets you generate entire cities by drawing the outlines of buildings. You can grab walls and resize individual structures, and the walls, windows, doors, textures, and everything else will automatically rearrange as needed. You can even select a region on Open Street Maps and watch as Buildify recreates the area in Blender using your chosen asset pack (maybe a KiCad PCB design could be used as the source material too?). It’s really something incredible to see, and you’ve just got to watch the video below to understand just how useful this tool can be.

The pay-what-you-want .blend file that you can grab off of [Pavel]’s website doesn’t include all the beautiful assets you can see in the video, but instead generates simple grey block buildings. He made one of the packs used in the video, and will be releasing it online for free soon. In the meantime, he links to other ones you can buy, or you can get really ambitious and create your own. We know it won’t be long until we’re seeing animations and games with Buildify-generated cities.

Sometimes a gizmo seems too cheap to be true. You know there’s just no way it’ll work as advertised — but sometimes it’s fun to find out. Thankfully, if that gadget happens to be a MILESEEY PF210 Hunting Laser Rangefinder, [Phil] has got you covered. He recently got his hands on one (for less than 100 euros, which is wild for a laser rangefinder) and decided to see just how useful it actually was.

The instrument in question measures distances via the time-of-flight method; it bounces a laser pulse off of some distant (or not-so-distant) object and measures how long the pulse takes to return. Using the speed of light, it can calculate the distance the pulse has traveled).

As it turns out, it worked surprisingly well. [Phil] decided to focus his analysis on accuracy and precision, arguably the most important features you’d look for while purchasing such an instrument. We won’t get into the statistical nitty-gritty here, but suffice it to say that [Phil] did his homework. To evaluate the instrument’s precision, he took ten measurements against each of ten different targets of various ranges between 2.9 m and 800 m. He found that it was incredibly precise (almost perfectly repeatable) at low distances, and still pretty darn good way out at 800 m (±1 m repeatability).

To test the accuracy, he took a series of measurements and compared them against their known values (pretty straightforward, right?). He found that the instrument was accurate to within a maximum of 3% (but was usually even better than that).

While this may not be groundbreaking science, it’s really nice to be reminded that sometimes a cheap instrument will do the job, and we love that there are dedicated folks like [Phil] out there who are willing to put the time in to prove it.

At this point, 3D printers are nearly everywhere. Schools, hackerspaces, home workshops, you name it. Most of these machines are of the extruded-filament variety, better known as FDM or Fused Deposition Modelling. Over the last few years, cheap LCD printers have brought resin printing to many shops as well. LCD printers, like their DLP and SLA counterparts, use ultraviolet light to cure liquid resin. These machines are often praised for the super-high detail they can achieve, but are realllly slow. And messy —  liquid resin gets everywhere and sticks to everything.

We’re not exactly sure what [Jón Schone] of Proper Printing was thinking when he set out to convert a classic printer to use resin instead of filament, but it had to be something along the lines of “Can you make FDM printing just as messy as LCD printing?”

It turns out you can. His extremely well-documented research is shown in the video below, and logs his design process, from initial idea to almost-kinda-working prototype. As you may expect, extruding a high-viscosity liquid at a controlled rate and laser-curing it is not an easy task, but [Jón] made a fantastic attempt. From designing and building his own peristaltic pump, to sending a UV laser through fiber-optic cables, he explored a ton of different approaches to making the printer work. While he may not have been 100% successful, the video is a great reminder that not all projects have to go the way we hope they will.

Even so, he’s optimistic, and said that he has a few ideas to refine the design, and welcomes any input from the community. This isn’t even the only new and interesting approach to resin printing we’ve seen in the last few weeks, so we share [Jón]’s optimism that the FDM Resin Printer will work (someday, at least).

Thanks to [Baldpower] and [electronoob] for the tip!

The International Space Station was built not only in the name of science and exploration, but as a symbol of unity. Five space agencies, some representing countries who had been bitter Cold War rivals hardly a decade before the ISS was launched, came together to build something out of a sci-fi novel: a home among the stars (well, in Low Earth Orbit) for humans from around the globe to work with one another for the sake of scientific advancement, high above the terrestrial politics that governed rock below. That was the idea, at least.

So far, while there has been considerable sound and fury in social media channels, international cooperation in space seems to continue unhindered. What are we to make of all this bluster, and what effects could it have on the actual ISS?

Politics and Tweets

A lot has changed in the 2.5 decades since the station’s first modules were launched into space. Political relationships that had had begun to slowly heal after the Cold War have been unraveling for years now, with Russia’s invasion of Ukraine being the latest catalyst for global discord. As a result, the ISS’s idealogical high ground is more in jeopardy today than it ever has been before.

The most recent challenge has come directly from Roscosmos, the Russian space agency. In a recent statement (in Russian, which I admittedly do not speak), Roscosmos head Dmitry Rogozin threatened to abandon American astronaut Mark Vande Hei on the station and detach the Russian modules to punish the US for newly-imposed sanctions.

Vande Hei is currently scheduled to depart the station in a few weeks via a Russian Soyuz capsule to end his record-breaking 355-day stay in space. After reentry, the capsule is slated to land in Kazakhstan before the passengers, Vande Hei and two cosmonauts, are ferried back to Baikonur Cosmodrome. Thankfully, Roscosmos recanted their threat before the cosmonauts tour out the third seat in their capsule, and promised to return Vande Hei back to Earth — but the threat of splitting up the station still lingers.

What is Possible?

The ISS is a modular beast. It was launched in pieces over the course of years, each piece different module of what would one day be a complete station. The final assembly consists of a US section (eight modules) and a Russian section (six modules), plus two Japanese modules and an European module. What Rogozin has threatened is to basically pack up and leave — to detach the Russian section and essentially back out of the international partnership. Roscosmos even made a rather unhinged video which shows the modules detaching and floating away. It’s not immediately clear whether the Russian section would be decommissioned and deorbited, or whether Roscosmos would somehow be able to turn the Russian section into its own independent station.

NASA has expressed disbelief of Russia’s ability to simply float off into the sunset and maintain an operational station. Last week, the head of NASA’s ISS program, Joel Montalbano, said that “the international Space Sation was designed to be interdependent, and together we work, it’s not a process where one group can separate and function.” The US section cannot function without Russia’s thrusters and fuel, and the Russian section cannot function without the US’s power and communications. It is, as Rogozin himself stated recently, “a family, where a divorce within a station is not possible”.

While it may seem like this takes the legs out from underneath the Russian threats, the interdependence makes them even scarier. If Roscosmos did make good on its word, the remainder of the ISS could have a difficult time maintaining its orbit — though Elon Musk has suggested (via Twitter, of course) that SpaceX could provide a solution (perhaps using Dragon 2 capsules?) to keep the ISS in orbit.

Twitter has played a unique role in many facets of the Russia-Ukraine war so far, and the space industry is no exception. Former astronaut Scott Kelly has been engaged in a Tweet-slinging battle with Dmitry Rogozin, in which Rogozin dropped yet another thinly-veiled threat implying that the ISS’s days may be numbered. He quickly deleted the Tweet, but not before Kelly screenshotted it for all to see, and questioned how Rogozin was even able to access Twitter, a site that the Russian government blocked earlier in the month.

Kelly also tweeted that he would be returning a medal he received from Russia “For Merit in Space Exploration,” writing “Please give it to a Russian mother whose son died in this unjust war. I will mail the medal to the Russian embassy in Washington. Good luck.”

For all of the saber-rattling coming from Roskosmos, NASA is taking it in stride. Administrator Jim Nelson said “That’s just Dmitry Rogozin. He spouts off every now and then. But at the end of the day, he’s worked with us.”

Tomorrow

All this talk about the station splitting up may have you wondering — how many years does it have left anyway?

Not as many as you might hope. The current plan is for the ISS to meet its fiery end at a watery grave in January of 2031, less than nine years from now. NASA and most other space agencies involved in the project have already agreed that they would work to keep the station alive until at least 2028, but even before tensions with Russia escalated recently, Roscosmos wouldn’t commit to supporting the station past 2024. With this context, the Russian threat to leave the ISS program early has really just been part of the Cyrillic writing on the station’s aging walls.

Losing Roscosmos as a partner in the international space community would be a setback to say the least, and would certainly end the ISS. For decades, space exploration and scientific advancement were some of the few things that brought Russia together with the US and Europe — the ISS’s crew complement was regularly made up of explorers from around the globe, all working and living together while hurdling around the Earth at 7.7 km/s.

In the near-decade between NASA’s Shuttle and Commercial Crew programs, US astronauts relied on Soyuz rockets for their ride into space, and Russian cosmonauts still routinely train at the Johnson Space Center in Texas. Russian and US/EU competencies complement each other, adding up to a bigger sum. The ISS has served as an aspirational beacon of global cooperation for over twenty years, and it would be a terrible shame and a colossal step backwards to the development of humankind to see the next generation of space stations built separately, rather than jointly.