this post was submitted on 27 Oct 2023
83 points (86.7% liked)

Technology

59339 readers
5271 users here now

This is a most excellent place for technology news and articles.


Our Rules


  1. Follow the lemmy.world rules.
  2. Only tech related content.
  3. Be excellent to each another!
  4. Mod approved content bots can post up to 10 articles per day.
  5. Threads asking for personal tech support may be deleted.
  6. Politics threads may be removed.
  7. No memes allowed as posts, OK to post as comments.
  8. Only approved bots from the list below, to ask if your bot can be added please contact us.
  9. Check for duplicates before posting, duplicates may be removed

Approved Bots


founded 1 year ago
MODERATORS
you are viewing a single comment's thread
view the rest of the comments
[–] [email protected] 26 points 1 year ago (1 children)

For those wondering why some artists were actually pro-NFT? Because of this concept. Tie the art to the artist with an online database to look it up.

But also: This is worthless. Because the credentials are tied to the image themselves. So either remove the metadata (which I would expect for privacy reasons) or run it through a very simple filter/quality downgrade to garble up the hidden pixels.

The ACTUAL solution to this is indeed the online database. But the artist registers the image to themselves and then google images or whatever does image recognition (similar to how you can get DMCA striked for singing a few words of a song) to match it to the database. Lower the quality and it still matches. And if they find your rendition of Kim Possible's feet in an AI image, it can potentially give you some of the revenue from that.

But that wouldn't require new proprietary hardware.

[–] [email protected] 9 points 1 year ago (3 children)

Why not go with some kind of certificate chain instead?

Here’s the image… signed… here’s who signed it.

Is it for edit/changes?

Here’s an image that was edited based on an earlier image. Here’s who signed that.. and it’s base images hash which can then be looked up if they decided to see what those images were?

[–] [email protected] 25 points 1 year ago (1 children)

That only works if everyone plays by the rules. Literally everyone.

Here's the image, signed. Here's an unauthorized copy of the image or copy of a portion of the image, with the pixels extracted and saved as a .jpeg with none of the identifying signature or certificate data. Here's that same image posted to 4chan and reddit.

A certificate chain would only work if every image displaying piece of software in the world not only played by its rules, but were also incapable of displaying or modifying an unsigned image. I don't think I have to spell out for you what kind of nightmare that would be.

[–] [email protected] 2 points 1 year ago (1 children)

Basically, screenshots bypass any security built into the Metadata?

Double checking as I assume that is the case but don't know for certain.

[–] [email protected] 6 points 1 year ago

Yes, if it's truly metadata that's not in the image itself. For instance, it could theoretically be digitally watermarked (this technology already exists, actually) in a manner that humans can't see or is tough to notice, but an algorithm looking for it can spot. That can be defeated, too, although depending on the robustness of the watermark technology it may take more effort.

The output loophole always exists: Any time you produce any output capable of being understood by a human (eyes, ears, both...) somebody can record and reproduce it. Probably not bit-for-bit, pixel-for-pixel, but you can always point a camera at the screen. (Or put your screen face down on a flatbed scanner that's had its lightbar defeated, or put a microphone in front of the speakers, or...)

[–] [email protected] 4 points 1 year ago* (last edited 1 year ago) (1 children)

That is the metadata solution tied to the image itself. It doesn't work because all I have to do is strip the metadata. This is why there is almost a ritualistic worship of certs in software development and internet traffic.

The key is that you need the validation to be decoupled from the image. Computer Vision is pretty much perfect f or this and is why I specifically referenced how DMCA violations are detected now. Google and Amazon do the scan, not the end user.

[–] [email protected] 5 points 1 year ago (1 children)

I think that's not the problem that this technology is intended to solve.

It's not a "Is this picture copied from someone else?" technology. It's a "Did a human take this picture, and did anyone modify it?" technology.

Eg: Photographer Bob takes a picture of Famous Fiona driving her camaro and posts it online with this metadata. Attacker Andy uses photo editing tools to make it look like Fiona just ran over a child. Maybe his skills are so good that the edits are undetectable.

Andy has two choices: Strip the metadata, or keep it.

If Andy keeps the metadata, anyone looking at his image can see that it was originally taken by Bob, and that Fiona never ran over a child.

If Andy strips the metadata (and if this technology is widely accessible and accepted by social media, news sites, and everyday people) then anyone looking at the image can say "You can't prove this image was actually taken. Without further evidence I must assume that it's faked".

I think spinning this as a tool to fight AI is just clickbait because AI is hot in the news. It's about provenance and limiting misinformation.

[–] [email protected] 1 points 1 year ago (1 children)

Which does not solve that at all

Because the vast majority of "paparazzi" and controversy pictures aren't taken by Jake Gyllenhal. They are taken by randos on the street with phones who when sell their picture to TMZ or whatever.

And they aren't going to be paying for an expensive leica camera. And samsung and apple aren't going to be licensing that tech.

[–] [email protected] 3 points 1 year ago (1 children)

There's no accounting for adoption, true. Seems like the use cases still have value though: https://c2pa.org/specifications/specifications/1.3/explainer/Explainer.html#_use_case_examples

As for licensing, the specs are released under Creative Commons, so anyone should be able to implement it.

[–] [email protected] 1 points 1 year ago (1 children)

People can write whatever they want

5.1, 5.2, 5.3, 5.5, and 5.6 all require basically universal adoption for this to at all be useful. And 5.4 and 5.7 (as well as many of the rest) already fall apart once you realize this is metadata that people have to opt in to keeping. 5.4 in particular feels like it is prone to breaking if there are edits in a video for flow or to remove sensitive information.

Much like "The Blockchain" and NFTs, this sort of touches on an issue but is a horrendously bad and pointless implementation.

[–] [email protected] 4 points 1 year ago* (last edited 1 year ago) (1 children)

I don't quite get why some of those cases require universal adoption. News photos: You just need one big news company to say "we're giving all our photographers a camera with this tech" and then it serves its purpose.

You see a headline "SHOCKING photo published by MegaNewsCorp will send you into a coma!" then you can validate that it came from a MegaNewsCorp photographer. If you trust MegaNewsCorp, then the tech has done its job. If you didn't trust MegaNewsCorp already, then this tech changes nothing. I think there is moderate value in that, overall.

The story of this tech is getting picked up and thrown around by bad tech journalism, being game-of-telephone'd into some kind of game changer.

Plenty of open standard live and die by whether or not one big player decides to adopt them.

[–] [email protected] -1 points 1 year ago (1 children)

... I literally just explained that a lot of those photos are crowd sourced. Which gets back to needing more or less universal adoption. And even then: Maybe I'll give CNN a picture of a republican beating a child if I can strip the metadata. I am not giving that if it is going to trace back to me.

[–] [email protected] 4 points 1 year ago (1 children)

So then news orgs who care about provenance have to stop copying social media posts and treating them like well-researched journalism. Seems like a win to me.

[–] [email protected] -1 points 1 year ago (1 children)

Sure. That is what is happening...

[–] [email protected] 4 points 1 year ago

You gave an example of TMZ sourcing photos from randos, but they're likely not the target customer for this tech. If they cared about integrity they wouldn't be reporting celebrity gossip.

For news companies posting syndicated images, then those come from a cadre of photographers who are most likely to own the newest most expensive cameras. Surely it's not inconceivable that as this tech rolls out more, Agence-France-Presse, Getty, or AP could require all photos submitted to them to have this metadata, thus passing the benefits along to any news agency using their images.

If you're talking about photo sources taken from everyday people, then yes: They won't have this technology in the short term, maybe not ever. Then again, I don't get my news from TMZ.

I think blockchain is dumb because it fails to achieve its stated goals while also harming society. I think this is a system with marginal use case and minimal licensing overhead to integrate into future cameras, so overall my take is "not dumb" and "probably useful".

[–] [email protected] -4 points 1 year ago (1 children)

Well, that's exactly what a Blockchain is. Just in public and not part of the image itself.

[–] [email protected] 4 points 1 year ago

This is nothing like a block chain. Blockchains are distributed and assume 0 trust in any actor. This is just a database that you have to have full trust in. Literally the opposite.