I’m not well versed in this at all, but would this also work if the “attacker” were to take a screenshot of the image they wanted to alter, and plug that into an AI tool? It sounds more like metadata tweaking from the article, which would be bypassed by a screenshot.
There’s another tool called Glaze that does this for artwork, and what that one does is selectively edits individual pixels in a way that makes the artwork look normal to a human, but is rendered as a distorted mess by AIs. Because it’s pixels within the image being edited, not the metadata, a screenshot preserves the edits. I think it’s also resistant to blending and smoothing tools, because what the AI reads is different to what the human eye sees, and blending and smoothing tools are designed with a human eye in mind.
I’m not well versed in this at all, but would this also work if the “attacker” were to take a screenshot of the image they wanted to alter, and plug that into an AI tool? It sounds more like metadata tweaking from the article, which would be bypassed by a screenshot.
There’s another tool called Glaze that does this for artwork, and what that one does is selectively edits individual pixels in a way that makes the artwork look normal to a human, but is rendered as a distorted mess by AIs. Because it’s pixels within the image being edited, not the metadata, a screenshot preserves the edits. I think it’s also resistant to blending and smoothing tools, because what the AI reads is different to what the human eye sees, and blending and smoothing tools are designed with a human eye in mind.
Interesting, thanks for the insight!