Is it fairly easy? Seems useful for a public site like Lemmy and the fediverse
https://nightshade.cs.uchicago.edu/whatis.html
https://decrypt.co/203153/ai-prompt-data-poisoning-nightshared
I’ve said it many times, but the channels I speak through are small, so from the top!
If you put your artwork online in any public location, make sure your signature or even a QR code is obnoxiously large and centered on the image. Humans can still see and enjoy what you’ve made, AI won’t be able to discern anything, and if it happens to get ripped by one of those Chinese T-shirt bots, at least anyone who buys will know who the original artist is.
TIL that there exist people who aren’t bothered by obnoxious watermarks superimposed on an image. I find them aggravating, and I’m not the only one – That’s shutterstock’s entire business model.
AI is already making people’s lives worse. Let’s not make human art harder to enjoy in a fruitless effort to resist it. Instead, let’s solve the root of the problem.
It’s not that I prefer having images occluded by anything, signatures, text boxes, or whatever… But when it comes to online protections for someone’s work, hell yeah put that shit on there.
The best part is that I’ve been saying this well before generative AI was mainstream. Artists who put their work on public domains who don’t want it getting into the hands of others shouldn’t have an issue with signing the hell out of the image. They can of course add it before uploading and not to the original.
Would it be amazing if people properly lisenced others work and/or requested permission to use it? Absolutely. That’s just not the world we live in.
This still seems like a crazy take to me. Yeah, putting a giant watermark on a piece of art protects it from theft, but it also destroys the artwork.
Unregistered HyperCam 2
The root of the problem needs to be solved within the next negative six months, and the millionaires pushing/operating it sure don’t seem interested.
Hey chatgpt or whatever ai model, recreate this image without the silly QR code.
This is the big thing. All doing silly things like obscene QR codes does is add training data for future ai to remove them.
A really fun side effect of stuff like this is when you generate something that looks like a pencil sketch or something, you’ll often get partial pencils in the middle or upper corner of the image because they are quite often photod with pencils on them to indicate the medium.
So even something that simple is sort of poisoning the models. And if they all have that obnoxious signature or QR code, the generators are going to start including those and that’s just gold.
I don’t really think that’s poisoning much. It’s not hard to crop out the pencil after.
It is definitely difficult to get rid of when it’s generated in the middle of intricate detail, which it often is.
I’m not saying it’s the same thing as actually poisoning, but it does negatively impact the resulting generations.
If it’s in the middle of intricate detail it will make it harder to appreciate that detail as a human.
Anyway, it’s easy to make an AI to remove such things. Just take a million images, add watermarks, and train the AI to produce the original images.
I’m very skeptical that this “model poisoning” approach will work in practice. To pull it off would require a very high level of coordination among disparate people generating the training data (the images/text). I just can’t imagine it happening. Add to that: big tech has A LOT of resources to play this cat & mouse game.
I hope I’m wrong, but I predict big tech wins here.
This attack doesn’t target Big Tech, at all. The model has to be open to pull off an attack like that.
No, because a method that works on one implementation almost certainly doesn’t work on another.
Understandable, quite the bummer
This doesn’t have anything to do with tracking. This is supposed to sabotage free and open image generators (ie stable diffusion). It’s unlikely to do anything, though.
Hard to say what the makers want to achieve with this. Even if it did work, it would help artists just as much, as better DRM would help programmers. On its face, this is just about enforcing some ultra-capitalist ideology that wants information to be owned.
I see it as trying to combat the dystopia where not only is our data scraped but now every single thing we write, draw or film is fed into an AI that will ultimately be used to create huge amounts of wealth for very few, essentially monetizing our very existence online in a way thats entierly unavoidable and without consent.
In addition its entierly one way, google and others can grab as much of our data as they want while most of us would have an extremely hard time even getting granted a freedom of information request about ourselves, let alone grabbing a similar amount of data about those same corporations.
that will ultimately be used to create huge amounts of wealth for very few,
But… That is what these poisoning attacks are fighting for. They are attacking open image generators that can be used by anyone. You can use them for fun or for business, without having to pay rent to some owner who is not lifting a finger. What do you think will happen if you knock that out?
For image tracking it’s enough to use Imgur for sharing, for any image, even own ones, no AI image needed. I miss the bot in Lemmy which redirects Videos to Piped, when Imgur is worst. Better alternatives, like File Coffee or Vgy.me, made in the EU are desirable.
Stop worrying and learn to love The Bomb
O-P-E
Huh?
Thanks
It just takes a while!
Hmmm good to know. Thanks!
Yes, we need more artists defending capitalism with futile, annoying, and inaffective attempts at DRM. I guess we didn’t learn anything from the music DRM wars in the 00s.
AI tracking? Is this a new thing?