“While these uses of GenAI are often neither overtly malicious nor explicitly violate these tools’ content policies or terms of services, their potential for harm is significant.”
generative AI makes it very easy for anyone to flood the internet with generated text, audio, images, and videos.
And? There’s already way too much data online to read or watch all of it. We could just move to a “watermark” system where everyone takes credit for their contributions. Things without watermarks could just be dismissed, since they have as much authority as an anonymous comment.
AIs learn from existing images, they could just as well learn to reproduce a tattoo and link the pattern to a person’s name. Recreating it from different angles, would require more training data, but ultimately would get there.
For public ones, depending on what people started getting, it’d really strain the AIs. You could go in like 1 or two ways, probably different people getting both.
Something very uniform but still unique, like a QR code kind of deal, AIs would hallucinate the crap out of that. Or abstractions, like people do to change the way the shape of their face to combat facial recognition.
For private ones, just don’t ever get it photographed, any image showing that area without it would be probably fake.
Mid journey and the like have already been caught creating shutterstock watermarks in images. Future models might be able to fake specific watermarks well.
Not like that. A server name that can be authenticated. Like when you receive an email from your bank (in the metadata), you know it’s legitimate. Each organization can set up their own server to host things they vouch for. With ActivityPub it can be viewed elsewhere with the guarantee that it’s from a trusted source.
Sure, but so do a lot of other things that aren’t as costly. If NFTs were the first secure way to authenticate things online we wouldn’t have had online banking until very recently
True but trust is hard to establish in decentralized platforms like the fediverse. As far as I’m aware the only decentralized banking is unfortunately cryptocurrency.
What NFTs (and crypto in general) do is very different from a web of trust style approach
Crypto creates one source of absolute truth, the Blockchain, costly computed via consensus.
Web of trust, on the other hand, requires you to declare which accounts you trust. Via public-private key signing, you can always verify that a post is actually made by a specific person, and if you trust that person (e.g. because you’ve met them before and exchanged keys), you know it’s legit. You can then extend that system by also trusting accounts your trusted accounts verified, etc
We could just move to a “watermark” system where everyone takes credit for their contributions.
North Korea actually has this embedded in their government Linux distro and it works well as long as everyone who opens the file runs a supported OS. Not for AI, but to track who wrote what unpleasant documents, but still, it proves the idea can work.
On the other hand, how do you determine trust? I can generate a million plausible names and digital addresses on my computer. Half the images I see online are screenshots or screen recordings already (because “save as” isn’t available on “modern” websites).
In theory, we can solve this by simply having digital stuff be signed, but setting up a web of trust will be difficult. Especially since most of the internet is semi-anonymous.
Funnily enough, the Fediverse already signs most data, so this scheme is already active unintentionally here on Lemmy! But for all I know, you’re not really “Kevon Looney” and just a fake from another server.
(because “save as” isn’t available on “modern” websites)
I think this is also more of a mobile issue with apps more than just websites. Like, hence why those screenshots are so often from phones. Generally one’s that are more obviously from a computer are social media posts, presumedly to facilitate sharing on other platforms easier.
Because on desktop, even if a website doesn’t allow it, using the dev inspector usually allows you too. I wonder if it would be possible to create an extension/userscript that automates that on hostile websites.
Why would anyone pay for the service? Having a “name” is free, and that dumb worldcoin only works for people. It can’t work for governments or businesses.
ActivityPub is actually a good way to authenticate things. If an organization vouches for something they can post it on their server and it can be viewed elsewhere.
ActivityPub is actually a good way to authenticate things. If an organization vouches for something they can post it on their server and it can be viewed elsewhere.
AP has some pretty big issues when it comes to moving servers, expiring and re-purchased domain names, and other such edge cases. Servers either blindly accept new keys after a certain time, or are vulnerable to enabling key ransoming after hacks (the reason HKPK went nowhere).
I think the idea of WorldCoin is to have a “wallet” linked to a single physical person, then you can sign any work with your key, that you got by proving you are a real person.
IMHO, the coin part is just a hype element to get people to sign up for the password part.
As for ActivityPub, I don’t see how it helps with anything. An organization vouching for something, can already post it on their web, or if they want a distributed system, post it on IPFS.
And? There’s already way too much data online to read or watch all of it. We could just move to a “watermark” system where everyone takes credit for their contributions. Things without watermarks could just be dismissed, since they have as much authority as an anonymous comment.
This just makes me think of eBaum’s world.
but if we all join hands and sing this song, then our call will reach the sky…
I am waiting for people to start getting both public and hidden authentication tattoos, so they can prove generative images aren’t actually them.
How would that work?
AIs learn from existing images, they could just as well learn to reproduce a tattoo and link the pattern to a person’s name. Recreating it from different angles, would require more training data, but ultimately would get there.
For public ones, depending on what people started getting, it’d really strain the AIs. You could go in like 1 or two ways, probably different people getting both.
Something very uniform but still unique, like a QR code kind of deal, AIs would hallucinate the crap out of that. Or abstractions, like people do to change the way the shape of their face to combat facial recognition.
For private ones, just don’t ever get it photographed, any image showing that area without it would be probably fake.
I slightly hate myself for suggesting it, but are you essentially describing NFTs?
It’s called a “name”.
Mid journey and the like have already been caught creating shutterstock watermarks in images. Future models might be able to fake specific watermarks well.
Not like that. A server name that can be authenticated. Like when you receive an email from your bank (in the metadata), you know it’s legitimate. Each organization can set up their own server to host things they vouch for. With ActivityPub it can be viewed elsewhere with the guarantee that it’s from a trusted source.
Isn’t that what NFTs do?
Sure, but so do a lot of other things that aren’t as costly. If NFTs were the first secure way to authenticate things online we wouldn’t have had online banking until very recently
True but trust is hard to establish in decentralized platforms like the fediverse. As far as I’m aware the only decentralized banking is unfortunately cryptocurrency.
What NFTs (and crypto in general) do is very different from a web of trust style approach
Crypto creates one source of absolute truth, the Blockchain, costly computed via consensus.
Web of trust, on the other hand, requires you to declare which accounts you trust. Via public-private key signing, you can always verify that a post is actually made by a specific person, and if you trust that person (e.g. because you’ve met them before and exchanged keys), you know it’s legit. You can then extend that system by also trusting accounts your trusted accounts verified, etc
North Korea actually has this embedded in their government Linux distro and it works well as long as everyone who opens the file runs a supported OS. Not for AI, but to track who wrote what unpleasant documents, but still, it proves the idea can work.
On the other hand, how do you determine trust? I can generate a million plausible names and digital addresses on my computer. Half the images I see online are screenshots or screen recordings already (because “save as” isn’t available on “modern” websites).
In theory, we can solve this by simply having digital stuff be signed, but setting up a web of trust will be difficult. Especially since most of the internet is semi-anonymous.
Funnily enough, the Fediverse already signs most data, so this scheme is already active unintentionally here on Lemmy! But for all I know, you’re not really “Kevon Looney” and just a fake from another server.
I think this is also more of a mobile issue with apps more than just websites. Like, hence why those screenshots are so often from phones. Generally one’s that are more obviously from a computer are social media posts, presumedly to facilitate sharing on other platforms easier.
Because on desktop, even if a website doesn’t allow it, using the dev inspector usually allows you too. I wonder if it would be possible to create an extension/userscript that automates that on hostile websites.
That’s the idea behind OpenAI’s Worldcoin.
Why would anyone pay for the service? Having a “name” is free, and that dumb worldcoin only works for people. It can’t work for governments or businesses.
ActivityPub is actually a good way to authenticate things. If an organization vouches for something they can post it on their server and it can be viewed elsewhere.
AP has some pretty big issues when it comes to moving servers, expiring and re-purchased domain names, and other such edge cases. Servers either blindly accept new keys after a certain time, or are vulnerable to enabling key ransoming after hacks (the reason HKPK went nowhere).
I think the idea of WorldCoin is to have a “wallet” linked to a single physical person, then you can sign any work with your key, that you got by proving you are a real person.
IMHO, the coin part is just a hype element to get people to sign up for the password part.
As for ActivityPub, I don’t see how it helps with anything. An organization vouching for something, can already post it on their web, or if they want a distributed system, post it on IPFS.