New research from the University of Waterloo's Cybersecurity and Privacy Institute demonstrates that any artificial intelligence (AI) image watermark can be removed, without the attacker needing to know the design of the watermark, or even whether an image is watermarked to begin with.
There is a solution, but y’all aren’t going to like it.
The solution is blockchain. Actually, it’s even worse, the solution is NFT’s.
Not the scammy, crypto bro, nonsense it has been used for; but the actual technology.
A cryptographically secure digital token that can track where something was made, where it’s being used, who has the rights to it, and ensures that it’s authentic and not some copy made with AI.
Unfortunately, thanks to crypto bros, the technology has become so tainted by scams that most people get upset just hearing the letters NFT, so adoption isn’t likely.
Sorry for blowing this on you, but fuck blockchain, fuck NFTs.
What we need is better understanding of cryptography.
PGP has solved this problems decades ago, and crypto has just borrowed some parts, but made it worse in every possible way and into incomprehensible depths.
Again, fuck crypto, fuck NFTs.
I should make a guide on how to use GPG.
I thought GPG was bad? I don’t have enough personal experience with it to quickly summarize or opine on the merits of either of these two articles, but:
The PGP Problem: https://www.latacora.com/blog/2019/07/16/the-pgp-problem
What To Use Instead of PGP: https://soatok.blog/2024/11/15/what-to-use-instead-of-pgp/
I do agree with “fuck NFTs” though, and mostly agree with “fuck cryptocurrency” (mostly because porn and drugs are in my view legitimate use cases for at least a hypothetical non-environmentally-destructive cryptocurrency).
It’s not good.
But it’s leagues better than crypto.
I hate typing ‘asymmetric key cryptography’, and GPG is just three letters.
Those blog posts explain a lot, but one use case is missing (at least I don’t see it apart from git commit signing), and that is verifying the source of a public message.
And I do wish we tried using the private keys more. Specially now when anyone can deepfake anything.
If I ever release my nudes, never trust them unless they are signed and you can check them with public key in my profile.
I don’t think this is that controversial. If you take out NFTs, it’s using the block chain as a hash. I think that works, but at that point you might as well use regular hashes to verify the integrity of your video
Just fucking sign it. With your private key.
And publish your public key.
Then everyone will be able to verify it’s your work, and no deepfake will ever pass that test.
Generated by what authority, though?