Hacker News new | ask | show | jobs
by posting_mess 887 days ago
>We are also experimenting with a provenance classifier, a new tool for detecting images generated by DALL·E

"We could hash the sh*t we output but we cant be bothered, so we wrote an AI that can vaguely detect our own output - aren't we the best AI company?"

Honestly, I wish they'd stop "trying to be good" and just "get on with it". "Investors" wont buy this "we're so good" line for long.
4 comments
selalipop 887 days ago
A hash doesn't work without solving all of the same problems their provenance classifier solves: you need a way to be able to detect the steganogram even after the image has been modified.
link
posting_mess 887 days ago
> you need a way to be able to detect the steganogram even after the image has been modified.

True, but not really. If you look at any suggested method to prevent the spread of CSAM "at scale" its based on large "hash databases" and not fancy classifiers (yet, if you can't develop one, and yes they have "problems" because they dont only contain hashes for "bad" files - "bad" being "locale" dependent).

Also you need to consider at FAANG scale (where election interference matters), "just send TB's of data a day to our API" doesn't actually "scale" - nobody's ever paying those API/bandwidth fee's (as much as we'd like them to).

It would be much cheaper for OpenAI to run this AI on all the images they produced and publish hashes for ones the model thought was "bad". But they never would because then they'd become "censors" - its a complicated world where nobody wants any blame.

link
selalipop 887 days ago
The hashing algorithms in question require solving all the same problems as the classifiers: they're perceptual hashes not cryptographic.

Look at how NeuralHash is implemented.

link
_w1tm 887 days ago
> "We could hash the sh*t we output but we cant be bothered, so we wrote an AI that can vaguely detect our own output - aren't we the best AI company?"

Can you elaborate? Wouldn’t it be trivial to modify the image so it no longer has the same hash?

link
Tommstein 887 days ago
Since they didn't specify, perhaps they meant using perceptual hashing (because yes, modifying an image to have a different cryptographic hash is indeed trivial).
link
_w1tm 886 days ago
TIL. Thank you!
link
willsmith72 887 days ago
A hash is the opposite, impossible to guess the 1 input required to get the output
link
renewiltord 887 days ago
Guy invents provenance method that is beaten by "Save as JPEG". Legend.
link