Comment on Leica camera has built-in defense against misleading AI, costs $9,125
SzethFriendOfNimi@lemmy.world 1 year agoWhy not go with some kind of certificate chain instead?
Here’s the image… signed… here’s who signed it.
Is it for edit/changes?
Here’s an image that was edited based on an earlier image. Here’s who signed that… and it’s base images hash which can then be looked up if they decided to see what those images were?
That is the metadata solution tied to the image itself. It doesn’t work because all I have to do is strip the metadata. This is why there is almost a ritualistic worship of certs.
The key is that you need the validation to be decoupled from the image. Computer Vision is pretty much perfect f or this and is why I specifically referenced how DMCA violations are detected now. Google and Amazon do the scan, not the end user.
I think that’s not the problem that this technology is intended to solve.
It’s not a “Is this picture copied from someone else?” technology. It’s a “Did a human take this picture, and did anyone modify it?” technology.
Eg: Photographer Bob takes a picture of Famous Fiona driving her camaro and posts it online with this metadata. Attacker Andy uses photo editing tools to make it look like Fiona just ran over a child. Maybe his skills are so good that the edits are undetectable.
Andy has two choices: Strip the metadata, or keep it.
If Andy keeps the metadata, anyone looking at his image can see that it was originally taken by Bob, and that Fiona never ran over a child.
If Andy strips the metadata (and if this technology is widely accessible and accepted by social media, news sites, and everyday people) then anyone looking at the image can say “You can’t prove this image was actually taken. Without further evidence I must assume that it’s faked”.
I think spinning this as a tool to fight AI is just clickbait because AI is hot in the news. It’s about provenance and limiting misinformation.
Which does not solve that at all
Because the vast majority of “paparazzi” and controversy pictures aren’t taken by Jake Gyllenhal. They are taken by randos on the street with phones who when sell their picture to TMZ or whatever.
And they aren’t going to be paying for an expensive leica camera. And samsung and apple aren’t going to be licensing that tech.
There’s no accounting for adoption, true. Seems like the use cases still have value though: c2pa.org/specifications/…/Explainer.html#_use_cas…
As for licensing, the specs are released under Creative Commons, so anyone should be able to implement it.
Well, that’s exactly what a Blockchain is. Just in public and not part of the image itself.
dual_sport_dork@lemmy.world 1 year ago
That only works if everyone plays by the rules. Literally everyone.
Here’s the image, signed. Here’s an unauthorized copy of the image or copy of a portion of the image, with the pixels extracted and saved as a .jpeg with none of the identifying signature or certificate data. Here’s that same image posted to 4chan and reddit.
A certificate chain would only work if every image displaying piece of software in the world not only played by its rules, but were also incapable of displaying or modifying an unsigned image. I don’t think I have to spell out for you what kind of nightmare that would be.
snooggums@kbin.social 1 year ago
Basically, screenshots bypass any security built into the Metadata?
Double checking as I assume that is the case but don't know for certain.
dual_sport_dork@lemmy.world 1 year ago
Yes, if it’s truly metadata that’s not in the image itself. For instance, it could theoretically be digitally watermarked (this technology already exists, actually) in a manner that humans can’t see or is tough to notice, but an algorithm looking for it can spot. That can be defeated, too, although depending on the robustness of the watermark technology it may take more effort.
The output loophole always exists: Any time you produce any output capable of being understood by a human (eyes, ears, both…) somebody can record and reproduce it. Probably not bit-for-bit, pixel-for-pixel, but you can always point a camera at the screen. (Or put your screen face down on a flatbed scanner that’s had its lightbar defeated, or put a microphone in front of the speakers, or…)