Is this a big deal? I'm a layman here so this seems like a needed product but I ...

Jach · 2024-11-13T19:08:25 1731524905

Various previous attempts at invisible/imperceptible/mostly imperceptible watermarking have been trivially defeated, this attempt claims to be more robust to various kinds of edits. (From the paper: various geometric edits like rotations or crops, various valuemetric edits like blurs or brightness changes, and various splicing edits like cutting parts of the image into a new one or inpainting.) Invisible watermarking is useful for tracing origins of content. That might be copyright information, or AI service information, or photoshop information, or unique ID information to trace leakers of video game demos / films, or (until the local hardware key is extracted) a form of proof that an image came from a particular camera...

mananaysiempre · 2024-11-13T19:32:14 1731526334

... Ideal for a repressive government or just a mildly corrupt government agency / corporate body to use to identify defectors, leakers, whistleblowers, or other dissidents. (Digital image sensors effectively already mark their output due to randomness of semiconductor manufacturing, and that has already been used by abovementioned actors for the abovementioned purposes. But that at least is difficult.) Tell me with a straight face that a culture that produced Chat Control or attempted to track forwarding chains of chat messages[1] won’t mandate device-unique watermarks kept on file by the communications regulator. And those are the more liberal governments by today’s standards.

I’m surprised how eager people are to build this kind of tech. It was quite a scandal (if ultimately a fruitless one) when it came out colour printers marked their output with unique identifiers; and now that generative AI is a thing stuff like TFA is seen as virtuous somehow. Can we maybe not forget about humans?..

[1] I don’t remember where I read about the latter or which country it was about—maybe India?

baltimore · 2024-11-13T20:38:40 1731530320

> ... for a repressive government ...

Why shouldn't a virtuous and transparent government (should one materialize somehow, somewhere) be interested in identifying leakers?

mananaysiempre · 2024-11-13T21:46:26 1731534386

That’s like asking why a fair and just executive shouldn’t be interested in eliminating the overhead of an independent judiciary. Synchronically, it should. Diachronically, that’s one of the things that ensures that it remains fair and just. Similarly for transparency and leakers, though we usually call those leakers “sources speaking on condition of anonymity” or some such. (It does mean that the continued transparency of a modern democratic government depends on people’s continual perpetration of—for the most part—mildly illegal acts. Make of that what you will.)

Jerrrrrrry · 2024-11-13T21:33:45 1731533625

Both can be true! This is essentially making it easier to do [x] argument, which itself is essentially security through obscurity.

It was always possible to do watermark everything: any nearly-imperceptible bit can be used to encode data that can be used overtly.

Now enabling everyone everywhere to do it and integrate it may have second-order effects that were opposite of one's intention.

It is very convenient thing, for no one to trust what they can see. Unless it was Validated (D) by the Gubmint (R), it is inscrutable and unfalsifiable.

willcipriano · 2024-11-13T22:18:19 1731536299

If they are transparent, what is leaking?

baltimore · 2024-11-15T21:04:19 1731704659

There is always a need for _some_ secrets to be kept. At the very least from external adversaries.

driverdan · 2024-11-14T00:09:22 1731542962

> Why shouldn't a virtuous and transparent government

That doesn't exist.

palata · 2024-11-13T21:42:38 1731534158

The parent comment says that it has dangerous use-cases, not that it does not have desirable ones.

Jach · 2024-11-13T22:22:02 1731536522

I stopped myself from making the printer analogy, but of course it's relevant, as is the fact that few seem to care. I personally hope some group strikes back to sanitize images watermarked this way, with no more difficulty than removing exif data.

est · 2024-11-14T06:32:19 1731565939

In my previous experience the "resizing & rotate" always defeats all kinds of watermarks. For example, crop a 1000x1000 image to 999x999, and rotate it by 1°

also there's "double watermark" attack, just run the result image through the watermark process again, usually the original watermark would be lost

Jach · 2024-11-14T12:59:59 1731589199

Yeah, so it's impressive if this repo does what it claims and is robust to such manipulations.

I tried to run it but of course it failed with

    NVIDIA GeForce RTX 4090 with CUDA capability sm_89 is not compatible with the current PyTorch installation.
    The current PyTorch install supports CUDA capabilities sm_37 sm_50 sm_60 sm_70.
    If you want to use the NVIDIA GeForce RTX 4090 GPU with PyTorch, please check the instructions at https://pytorch.org/get-started/locally/

I was curious, but not curious enough to deal with this crap even if it's rather simple. God I hate everything about the modern ML ecosystem with python, pip, conda, cuda, pytorch, tensorflow (more rare now), notebooks, just-run-it-in-the-cloud...

pierrefdz · 2024-11-17T10:23:25 1731839005

Use the google colab link https://colab.research.google.com/github/facebookresearch/wa...

everything is installed directly in the colab

mintplant · 2024-11-13T19:02:36 1731524556

My assumption is that this will be used to watermark images coming out of cloud-based generative AI.

jsheard · 2024-11-13T19:49:14 1731527354

And they'll say it's to combat disinformation, but it'll actually be to help themselves filter AI generated content out of new AI training datasets so their models don't get Habsburg'd.

Y_Y · 2024-11-13T21:13:39 1731532419

> their models don't get Habsburg'd.

You mean develop a magnificent jawline, or continue to influence Austrian politics?

selimthegrim · 2024-11-14T00:27:54 1731544074

I was reading an article lately about how a lot of that was really just immensely dumb luck on their inbreeding part - that is, they ended up picking just exactly the worst sort

glenneroo · 2024-11-14T15:37:38 1731598658

How do they still influence Austrian politics? Do you have any links or sources? I'm genuinely curious!

muppetman · 2024-11-13T19:52:50 1731527570

I wondered why they'd be doing this NOW and this makes perfect sense!!

leemailll · 2024-11-14T02:33:18 1731551598

>so their models don't get Habsburg'd.

Nice metaphor

Animats · 2024-11-13T20:28:49 1731529729

Why? Those are not copyrightable.

xd1936 · 2024-11-13T20:32:05 1731529925

Because downstream consumers of the media might want to know if an image has been created or manipulated by AI tools.

Jerrrrrrry · 2024-11-13T21:27:33 1731533253

hardware self-evident modules to essentially sign/color all digital files

now we need more noise

poincaredisk · 2024-11-13T23:25:06 1731540306

This still leaves out non cooperating image generators, and the real bad guys (organised disinformation grups) will use them.

Moru · 2024-11-13T22:46:06 1731537966

They would not want to train their next model on the output of the previous one...

pbhjpbhj · 2024-11-14T18:00:39 1731607239

Who says?

clueless · 2024-11-13T18:57:08 1731524228

this is one of the primary communication methods of oversea agents in CIA, interesting to have it be used more broadly </joke>

bagels · 2024-11-13T19:20:52 1731525652

Do you have a source? I'd be interested in reading more about this.

cozmorado · 2024-11-13T19:30:23 1731526223

It's a form of Steganography https://en.wikipedia.org/wiki/Steganography

bagels · 2024-11-14T02:19:50 1731550790

Was referring specifically to the claim about the CIA, I'm aware of steganography.

edm0nd · 2024-11-13T19:21:44 1731525704

of course not, check their username.