Researchers Say Current AI Watermarks Are Trivial To Remove 9
Researchers from the University of Maryland (UMD) were able to easily evade the current methods of AI watermarking during testing and found it even easier to add fake emblems to images that weren't generated by AI. "But beyond testing how easy it is to evade watermarks, one UMD team notably developed a watermark that is near impossible to remove from content without completely compromising the intellectual property," reports Engadget. "This application makes it possible to detect when products are stolen." From the report: In a similar collaborative research effort (PDF) between the University of California, Santa Barbara and Carnegie Mellon University, researchers found that through simulated attacks, watermarks were easily removable. The paper discerns that there are two distinct methods for eliminating watermarks through these attacks: destructive and constructive approaches. When it comes to destructive attacks, the bad actors can treat watermarks like it's a part of the image. Tweaking things like the brightness, contrast or using JPEG compression, or even simply rotating an image can remove a watermark. However, the catch here is that while these methods do get rid of the watermark, they also mess with the image quality, making it noticeably worse. In a constructive attack, watermark removal is a bit more sensitive and uses techniques like the good old Gaussian blur.
Although watermarking AI-generated content needs to improve before it can successfully navigate simulated tests similar to those featured in these research studies, it's easy to envision a scenario where digital watermarking becomes a competitive race against hackers. Until a new standard is developed, we can only hope for the best when it comes to new tools like Google's SynthID, an identification tool for generative art, which will continue to get workshopped by developers until it hits the mainstream. Further reading: Researchers Tested AI Watermarks -- and Broke All of Them
Although watermarking AI-generated content needs to improve before it can successfully navigate simulated tests similar to those featured in these research studies, it's easy to envision a scenario where digital watermarking becomes a competitive race against hackers. Until a new standard is developed, we can only hope for the best when it comes to new tools like Google's SynthID, an identification tool for generative art, which will continue to get workshopped by developers until it hits the mainstream. Further reading: Researchers Tested AI Watermarks -- and Broke All of Them
Watermarks: Now Easier to Remov than Coffee Stains (Score:2)
well, yeah, duh (Score:2)
Easily removable (Score:2)
https://github.com/arpitbansal297/Certified_Watermarks/tree/master
They did a miserable job of providing code. They should have provided automated tests in their code. Instead, they force people reviewing their work to spend their time guessing.
My first attack which worked quite well was to perform 5 levels of DWT, then delete blocks in a checkerboard pattern from all but the lowest frequency, run a simple in-paint common to video error conce
Hmmm (Score:2)
Can it be removed automatically? (Score:2)
commentsubject (Score:1)
forgive me if I don't play a violin, the less people are tracked the better
...is a rather absolute stance that should probably acknowledge some nuance, yet the world (our Betters, rather) have insisted on pushing a status quo that resulted in such a stance being mentally drilled in so firmly
forgive me if everything is such a shitshow that jumping straight to "the less people are tracked the better" is all I can see anymore
Researchers misunderstand watermarks... (Score:2)
Artist here. While I can't say every artist understands watermarks, I would say the overwhelming majority of artists understand that removing watermarks is a fairly trivial process with modern software. Artists usually use one of two methods to suppress copyright infringement: