But just as Glaze’s userbase is spiking, a bigger priority for the Glaze Project has emerged: protecting users from attacks disabling Glaze’s protections—including attack methods exposed in June by online security researchers in Zurich, Switzerland. In a paper published on Arxiv.org without peer review, the Zurich researchers, including Google DeepMind research scientist Nicholas Carlini, claimed that Glaze’s protections could be “easily bypassed, leaving artists vulnerable to style mimicry.”

  • Pennomi
    link
    fedilink
    English
    345 months ago

    Glaze has always been fundamentally flawed and a short term bandage. There’s no way you can make something appear correctly to a human and incorrectly to a computer over the long term - the researchers will simply retrain on the new data.

    • just another devA
      link
      fedilink
      English
      175 months ago

      Agreed. It was fun as a thought exercise, but this failure was inevitable from the start. Ironically, the existence and usage of such tools will only hasten their obsolescence.

      The only thing that would really help is GDPR-like fines (based as a percentage of income, not profits), for any company that trains or willingly uses models that have been trained on data without explicit consent from its creator.

      • FaceDeer
        link
        fedilink
        135 months ago

        That would “help” by basically introducing the concept of copyright to styles and ideas, which I think would likely have more devastating consequences to art than any AI could possibly inflict.

        • just another devA
          link
          fedilink
          English
          55 months ago

          No, Just the concept of getting a say in who can train AIs on your creations.

          So yes, that would leave room for a loophole where a human could recreate your creation (without just making a copy), and they could then train their model on that. It isn’t water tight. But it doesn’t need to be, just better than what we have now.

          • FaceDeer
            link
            fedilink
            55 months ago

            That’s the same thing. Whatever you want to call it, “copyright” or some other word, the end result is that you’re wanting to give people the right to control other people’s ability to analyze the things that they see on public display. And control what general concepts other people put into future works.

            I really don’t see how going in that direction is going to lead to a better situation than we have now. Frankly it looks more like a path to a nightmarish corporate-controlled dystopia to me.

            • just another devA
              link
              fedilink
              English
              4
              edit-2
              5 months ago

              you’re wanting to give people the right to control other people’s ability to analyze the things that they see on public display.

              For the second time, that’s not what I want to do - I pretty much said so explicitly with my example.

              Human studying a piece of content - fine.
              Training a Machine Learning model on that content without the creator’s permission - not fine.

              But if you honestly think that a human learning something, and a ML model learning something are exactly the same, and should be treated as such, this conversation is pointless.

              • FaceDeer
                link
                fedilink
                35 months ago

                Again, it’s fundamentally the same thing. You’re just using different tools to perform the same action.

                I remember back in the day when software patents were the big boogeyman of the Internet that everyone hated, and the phrase “…with a computer” was treated with great derision. People were taking out huge numbers of patents that were basically the same as things people had been doing since time immemorial but by adding the magical “…with a computer” suffix on it they were treating it like some completely new innovation.

                Suddenly we’re on the other side of that?

                Anyway, even if you do throw that distinction in you still end up outlawing huge swathes of things that we’ve depended on for years. Search engines as the most obvious example.

                • just another devA
                  link
                  fedilink
                  English
                  45 months ago

                  And that’s the third time you’ve tried to put words into my mouth, rather than arguing my points directly.

                  Have fun battling your straw men, I’m out.

                • @[email protected]
                  link
                  fedilink
                  English
                  25 months ago

                  Not OP, but I also don’t think it’s the same thing. But even if it were, the consequences are nowhere near the same.

                  A person might be able to learn to replicate an artist’s style, given enough practice and patience, but it would take them a long time, and the most “damage” they could do with that, is create new content at roughly the same rate as the original creator.

                  It would take an AI infinitely less time to acquire that same skill, and infinitely less time to then create that content. So given those factors, I think there’s an enormous difference between 1 person learning to copy your skill, or a company that does it as a business model.

                  Btw, if you didn’t know it yet - search engines don’t need to create a large language model in order to find web content. They’ve been working fine (one night even say Better) without doing that.

  • @[email protected]
    link
    fedilink
    English
    29
    edit-2
    5 months ago

    Reminder that the author of Glaze, Ben Zhao, a University of Chicago professor stole open source code to make a closed source tool that only targets open source models. Glaze never even worked on Microsoft, Midjourney, or OpenAI’s models.

    • FaceDeer
      link
      fedilink
      155 months ago

      Setting aside the hypocrisy, there’s simply no “service” to DDoS here. There’s hardly even a tool. According to the article:

      Hönig told Ars that breaking Glaze was “simple.” His team found that “low-effort and ‘off-the-shelf’ techniques”—such as image upscaling, “using a different finetuning script” when training AI on new data, or “adding Gaussian noise to the images before training”—“are sufficient to create robust mimicry methods that significantly degrade existing protections.”

      So automatically running a couple of basic Photoshop tools on the image will do it.

      I had to check the date on this article because I’m not sure why it’s suddenly news, these techniques for neutralizing Glaze have been mentioned since Glaze itself was first introduced. Maybe Hönig just formalized it?