New research from the University of Waterloo's Cybersecurity and Privacy Institute demonstrates that any artificial intelligence (AI) image watermark can be removed, without the attacker needing to know the design of the watermark, or even whether an image is watermarked to begin with.
There is a solution, but y’all aren’t going to like it.
The solution is blockchain. Actually, it’s even worse, the solution is NFT’s.
Not the scammy, crypto bro, nonsense it has been used for; but the actual technology.
A cryptographically secure digital token that can track where something was made, where it’s being used, who has the rights to it, and ensures that it’s authentic and not some copy made with AI.
Unfortunately, thanks to crypto bros, the technology has become so tainted by scams that most people get upset just hearing the letters NFT, so adoption isn’t likely.
You can have whatever token you want with all the metadata, licensing and ownership information you want…
…unless you plan on only seeing images in your own platform, nobody gives a shit, people will take screenshots and image files and share and use them however they want. There’s no world in which you load a full DRM plugin or do 4 different types of handshake with a full blockchain just to load a jpeg into a comment.
There are other privacy issues with having an indelible marker as to the origin and chain of custody of every digital artifact. And other non-privacy issues.
So the idea here is that my phone camera attaches a crypro token to the metadata of every photo it takes? (Or worse, embeds it into the image steganographically like printer dots.) Then if I send that photo to a friend in signal, that app attaches a token indicating the transfer? And so on?
If that’s a video of say, police murdering someone, maybe I don’t want a perfect trail pointing back to me just to prove I didnt deep fake it. And if that’s where we are, then every video of power being abused is going to “be fake” because no sane person would sacrifice their privacy, possibly their life, to “prove” a video isnt AI generated.
And those in power, the mainstream media say, aren’t going to demonstrate the crypto chain of custody on every video they show on the news. They’re going to show whatever they want, then say “its legit, trust us!” and most people will.
These are the fundamental issues with crypto that people actually don’t understand: too much of it is actually opt-in, it’s unclear to most people what’s actually proved or protected, and it doesn’t actually address or understsnd where trust, authority, and power actually come from.
The tech would have been great for bestowing ownership over the digital goods bought with microtransactions, but never would have gotten there since corpos have the rule of law under their thumb.
I don’t think this is that controversial. If you take out NFTs, it’s using the block chain as a hash. I think that works, but at that point you might as well use regular hashes to verify the integrity of your video
Just fucking sign it. With your private key.
And publish your public key.
Then everyone will be able to verify it’s your work, and no deepfake will ever pass that test.
Yeah, I don’t know why this is so difficult. Can even have players that autoread the signature to tell you the source/etc.
Generated by what authority, though?
math?
Who does the math?
Sorry for blowing this on you, but fuck blockchain, fuck NFTs.
What we need is better understanding of cryptography.
PGP has solved this problems decades ago, and crypto has just borrowed some parts, but made it worse in every possible way and into incomprehensible depths.
Again, fuck crypto, fuck NFTs.
I should make a guide on how to use GPG.
I thought GPG was bad? I don’t have enough personal experience with it to quickly summarize or opine on the merits of either of these two articles, but:
The PGP Problem: https://www.latacora.com/blog/2019/07/16/the-pgp-problem
What To Use Instead of PGP: https://soatok.blog/2024/11/15/what-to-use-instead-of-pgp/
I do agree with “fuck NFTs” though, and mostly agree with “fuck cryptocurrency” (mostly because porn and drugs are in my view legitimate use cases for at least a hypothetical non-environmentally-destructive cryptocurrency).
It’s not good.
But it’s leagues better than crypto.
I hate typing ‘asymmetric key cryptography’, and GPG is just three letters.
Those blog posts explain a lot, but one use case is missing (at least I don’t see it apart from git commit signing), and that is verifying the source of a public message.
And I do wish we tried using the private keys more. Specially now when anyone can deepfake anything.
If I ever release my nudes, never trust them unless they are signed and you can check them with public key in my profile.