There is nothing that can prevent doctored screenshots of UIs from being disseminated. The only defense is not considering screenshots from random sources even evidence of anything.
>There is nothing that can prevent doctored screenshots of UIs from being disseminated.
Thanks for thinking it through. To combat this, the interface could show the attestation id prominently so that it's obviously wrong or missing something if it doesn't contain it. Something like this mockup[1] and be easily linked so 1) it would be super suspicious for someone to quote someone without linking to the attestation - and 2) people could type the attestation ID from a screenshot into the server themselves.
This would require the attesting server to keep a copy of sent email but that doesn't seem too bad. If it's been deleted, you're not willing to be quoted on it anymore. It would be voluntary.
What do you think of this idea overall? I realize that the mockup seems fake - the whole point is that it's obviously fake, because it's being hosted elsewhere and not where it says it is.
