Data poisoning: how artists are sabotaging AI to take revenge on image generators::As AI developers indiscriminately suck up online content to train their models, artists are seeking ways to fight back.
This system runs on the assumption that A) massive generalized scraping is still required B) You maintain the metadata of the original image C) No transformation has occurred to the poisoned picture prior to training(Stable diffusion is 512x512). Nowhere in the linked paper did they say they had conditioned the poisoned data to conform to the data set. This appears to be a case of fighting the last war.
It is likely a typo, but “last AI war” sounds ominous 😅
Takes image, applies antialiasing and resize
Oh, look at that, defeated by the completely normal process of preparing the image for training
Unfortunately for them there’s a lot of jobs dedicated to cleaning data so I’m not sure if this would even be effective. Plus there’s an overwhelming amount of data that isn’t “poisoned” so it would just get drowned out if never caught
Imagine if writers did the same things by writing gibberish.
At some point, it becomes pretty easy to devalue that content and create other systems to filter it.
Artists and writers should be entitled to compensation for using their works to train these models, just like any other commercial use would. But, you know, strict, brutal free-market capitalism for us, not the mega corps who are using it because “AI”.
nightshade and glaze never worked. its scam lol
Shhhhh.
Let them keep doing the modern equivalent of “I do not consent for my MySpace profile to be used for anything” disclaimers.
It keeps them busy on meaningless crap that isn’t actually doing anything but makes them feel better.
Let’s see how long before someone figures out how to poison, so it returns NSFW Images
You can create NSFW ai images already though?
Or did you mean, when poisoned data is used a NSFW image is created instead of the expected image?
Definitely the last one!
companies would stumble all over themselves to figure out how to get it to stop doing that before going live. source: they already are. see bing image generator appending “ethnically ambiguous” to every prompt it receives
it would be a herculean if not impossible effort on the artists’ part only to watch the corpos scramble for max 2 weeks.
when will you people learn that you cannot fight AI by trying to poison it. there is nothing you can do that horny weebs haven’t already done.
It can only target open source, so it wouldn’t bother corpos at all. The people behind this object to not everything being owned and controlled. That’s the whole point.
The Nightshade poisoning attack claims that it can corrupt a Stable Diffusion in less than 100 samples. Probably not to NSFW level. How easy it is to manufacture those 100 samples is not mentioned in the abstract
yeah the operative word in that sentence is “claims”
I’d love nothing more than to be wrong, but after seeing how quickly Glaze got defeated (not only did it make the images nauseating for a human to look at despite claiming to be invisible, not even 48 hours after the official launch there was a neural network trained to reverse its effects automatically with like 95% accuracy), suffice to say my hopes aren’t high.
You seem to have more knowledge on this than me, I just read the article 🙂
The general term for this is adversarial input, and we’ve seen published reports about it since 2011 when ot was considered a threat if CSAM could be overlayed with secondary images so they weren’t recognized by Google image filters or CSAM image trackers. If Apple went through with their plan to scan private iCloud accounts for CSAM we may have seen this development.
So far (AFAIK) we’ve not seen adversarial overlays on CSAM though in China the technique is used to deter trackng by facial recognition. Images on social media are overlaid by human rights activists / mischief-makers so that social media pics fail to match secirity footage.
The thing is like an invisible watermark, these processes are easy to detect (and reverse) once users are aware they’re a thing. So if a generative AI project is aware that some images may be poisoned, it’s just a matter of adding a detection and removal process to the pathway from candidate image to training database.
Similarly, once enough people start poisoning their social media images, the data scrapers will start scaning and removing overlays even before the database sets are sold to law enforcement and commercial interests.
Fighting the uphill battle to irrelevance …
Man, whenever I start getting tired by the amount of Tankies on Lemmy, the linux users and decent AI takes in users rejuvenates me. The rest of the internet has jumped full throttle on the AI hate train
Feeding garbage to the garbage. How fitting.
Data poisoning isn’t limited to just AI stuff and you should be doing it at every opportunity.
if it would work lol
Just don’t out your art to public if you don’t want someone/thing learn from it. The clinging to relevance and this pompous self importance is so cringe. So replacing blue collar work is ok but some shitty drawings somehow have higher ethical value?
“Just don’t make a living with your art if you aren’t okay with AI venture capitalists using it to train their plagiarism machines without getting permission from you or compensating you in any way!”
If y’all hate artists so much then only interact with AI content and see how much you enjoy it. 🤷♂️
It has literally nothing to do with plagiarism.
Every artist has looked at other art for inspiration. It’s the most common thing in the world. Literally what you do in art school.
It’s not an artist any more than a xerox machine is. It hasn’t gone to art school. It doesn’t have thoughts, ideas, or the ability to create. It can only take and reuse what has already been created.
The ideas are what the prompts and fine tuning is for. If you think it’s literally copying an existing piece of art you just lack understanding because that’s not how it works at all.
It has nothing to do with AI venture capitalists. Also not every profession is entitled to income, some are fine to remain as primarily hobbies.
AI art is replacing corporate art which is not something we should be worried about. Less people working on that drivel is a net good for humanity. If can get billions of hours wasted on designing ads towards real meaningful contributions we should added billions extra hours to our actual productivity. That is good.
The ratio of using AI to replace ad art:fraud/plagiarism has to be somewhere around 1:1000.
“Actual productivity” is a nonsense term when it comes to art. Why is this
less “meaningful” than this? 
Without checking the source, can you even tell which one is art for an ad and which isn’t?
I would assume the first to be an ad, because most of depicted people look happy
The idea that you would actually object to replacing labor with automation, but think replacing art with automation is fine, is genuinely baffling.
Except the “art” ai is replacing is labor. This snobby ridiculous bullshit that some corporate drawings are somehow more important than other things is super cringe.
Right, if you post publicly, expect it to be used publicly
Yeah, no. There’s a difference between posting your work for someone to enjoy, and posting it to be used in a commercial enterprise with no recompense to you.
How are you going to stop that lol it’s ridiculous. Would you stop a corporate suit from viewing your painting because they might learn how to make a similar one? It’s makes absolutely zero sense and I can’t believe delulus online are failing to comprehend such simple concept of “computers being able to learn”.
Ah yes, just because lockpickers can enter a house suddenly everyone’s allowed to break and enter. 🙄
What a terrible analogy for learning 🙄
Computers can’t learn. I’m really tired of seeing this idea paraded around.
You’re clearly showing your ignorance here. Computers do not learn, they create statistical models based on input data.
A human seeing a piece of art and being inspired isn’t comparable to a machine reducing that to 1’s and 0’s and then adjusting weights in a table somewhere. It does not “understand” the concept, nor did it “learn” about a new piece of art.
Enforcement is simple. Any output from a model trained on material that they don’t have copyright for is a violation of copyright against every artist who’s art was used illegally to train the model. If the copyright holders of all the training data are compensated and have opt-in agreed to be used for training then, and only then would the output of the model be able to be used.
It’s literally in the name. Machine learning. Ignorance is not an excuse.
That’s just one of the dumbest things I’ve heard.
Naming has nothing to do with how the tech actually works. Ignorance isn’t an excuse. Neither is stupidity
Are you actually suggesting that if I post a drawing of a dog, Disney should be allowed to use it in a movie and not compensate me?
Everyone should be assumed to be able to look at it, learn from it, and add your style to their artistic toolbox. That’s an intrinsic property of all art. When you put it on display, don’t be surprised or outraged when people or AIs look at it.
