University of Chicago researchers seek to “poison” AI art generators with Nightshade
Altered images could destroy AI model training efforts that scrape art without consent.
Conversation
Notices
-
Embed this notice
Ars Technica (arstechnica@mastodon.social)'s status on Thursday, 26-Oct-2023 06:39:43 JST 
Ars Technica
-
Embed this notice
Kit Rhett Aultman (roadriverrail@signs.codes)'s status on Thursday, 26-Oct-2023 06:41:05 JST 
Kit Rhett Aultman
@arstechnica If only a technique like this existed for written text. I'd throw salt in everything I still have editorial control over.
-
Embed this notice
Kit Rhett Aultman (roadriverrail@signs.codes)'s status on Thursday, 26-Oct-2023 10:24:30 JST
Kit Rhett Aultman
@aran @arstechnica I'm curious if that's actually enough to do meaningful damage to an LLM's training as described in the paper, though? Also, for the record, I was not thinking about blog posts but rather code repositories, and I'm not sure you'd end up with compilable code that way. But it's an idea, for sure.
-
Embed this notice
Alain Dellepiane :eit: :pm: (aran@localization.cafe)'s status on Thursday, 26-Oct-2023 10:24:31 JST 
Alain Dellepiane :eit: :pm:
Now that I think of it, any visual discomfort could then be ironed out by using a custom font that, say, just has k instead of Greek kappa.
Yes, this will mess up with text readers for the blind, and has a lower compatibility with older browsers, but conceptually it can work, especially if randomized.
-
Embed this notice
Alain Dellepiane :eit: :pm: (aran@localization.cafe)'s status on Thursday, 26-Oct-2023 10:24:33 JST
Alain Dellepiane :eit: :pm:
Conceptually, it shouldn't be too hard too hard to randomly mess up text with Unicode equivalents, invisible characters and the likes.
Something like Wordpress could trivially do it with a plug-in.Ⅼiκe thís
(Roman numeral l, Greek kappa, non-breaking space, zero width space, acute letter i)
https://gist.github.com/StevenACoffman/a5f6f682d94e38ed804182dc2693ed4b
https://github.com/codebox/homoglyph/blob/master/raw_data/chars.txt
-
Embed this notice
Kit Rhett Aultman (roadriverrail@signs.codes)'s status on Thursday, 26-Oct-2023 11:35:51 JST
Kit Rhett Aultman
@aran @arstechnica agree it's worth investigation for sure
-
Embed this notice
Alain Dellepiane :eit: :pm: (aran@localization.cafe)'s status on Thursday, 26-Oct-2023 11:35:52 JST
Alain Dellepiane :eit: :pm:
Code would definitely be messed up. 😄
As for the damage, text files are way more minimalist: there's much less data to play with and everything will be parsed directly by the users instead of being a luminance value we barely recognize.
Still, random invisible noise multiplied by all the streamlining and reworking happening in LLMs could lead to fun results. It would definitely be fun to investigate.
-
Embed this notice
Kit Rhett Aultman (roadriverrail@signs.codes)'s status on Thursday, 26-Oct-2023 22:51:34 JST
Kit Rhett Aultman
@wraptile @arstechnica Could you explain what you mean a little better?
-
Embed this notice
wraptile (wraptile@fosstodon.org)'s status on Thursday, 26-Oct-2023 22:51:35 JST 
wraptile
@roadriverrail @arstechnica the way people got captured by copyright propaganda so quickly is trully scary.
-
Embed this notice
Kit Rhett Aultman (roadriverrail@signs.codes)'s status on Friday, 27-Oct-2023 23:08:19 JST
Kit Rhett Aultman
@wraptile @arstechnica Ah, now I understand what you were saying. Thanks.
-
Embed this notice
wraptile (wraptile@fosstodon.org)'s status on Friday, 27-Oct-2023 23:08:20 JST
wraptile
@roadriverrail @arstechnica I'm not even putting a tinfoil hat but 99% of all copyright is owned by mega corporations that are literally in lawsuits with generative AI (like gettyimages) and suddenly there's a trend of "protecting the little guys" from copyright theft?
Generative AI is by far the biggest disruption to the copyright industry. Like nothing ever came as close to breaking it as AI is rn. The whole industry is shitty pants and astroturf is full force. You are are falling for it tbh
-
Embed this notice
All GNU social JP content and data are available under the