_tk_Reverse engineering Gemini's SynthID detection
kinda ironic you can clearly see signs of Claude, as it shows misaligning table walls in the readme doc
> kinda ironic you can clearly see signs of Claude, as it shows misaligning table walls in the readme doc
This one is such a gigantic clusterfuck... They're mimicking ASCII tables using Unicode chars of varying length and, at times, there's also an off-by-one error. But the model (not Claude, but the model underneath it) is capable of generating ASCII tables.
P.S: I saw the future... The year is 2037 and we've got Unicode tables still not properly aligned.
[dead]
Ok i get that eventually someone was gonna do this but why would we want to purposely remove one of the only ways of detecting if an image is ai generated or not...?
It was always going to be available to some people, but not everyone would know or believe that. Now they will.
More likely than not it would be used to deanonymise the author.
So it's a "no" by default.
Much like every other thing in the tech world. He'll, it's why AI will kill us off eventually.
If a system depends on every person on the planet not doing one particular thing or the system breaks, expect the system to break quickly.
This is an especially common trope in software. If someone can make software that does something you consider bad, it will happen. Also it's software. There is no difference between it being available to one person or a million. The moment the software exists and can be copied an unbound number of times.
Uh... you can do this pretty easily since day 1. Just use Stable Diffusion with a low denoising strength. This repo presents an even less destructive way[0], but it has always been very easy to hide that an image is generated by Nano Banana.
[0]: if it does what it claims to do. I didn't verify. Given how much AI writing in the README my hunch is that this doesn't work better than simple denoising.
Fundamentally it's a fuzzy signal and people shouldn't rely on it. The general public does not understand Boolean logic (oh, so the SynthID is not there, therefore this image is real). The sooner AI watermarking faces its deserved farcical demise the better.
Also something about how AI is not special and we haven't added or needed invisible watermarks for other ways media can be manipulated deceptively since time immemorial, but that's less of a practical argument and more of a philosophical one.
I’m not very well read on the topic and you seen to take a strong “con” stance. Curious to hear why you think it deserves such a demise
Seems like a very low-quality AI-assisted research repo, and it doesn't even properly test against Google's own SynthID detector. It's not hard at all (with some LLM assistance, for example) to reverse-engineer network requests to be able to do SynthID detection without a browser instance or Gemini access, and then you'd have a ground truth.
I read a lot of comments on HN that say something is not hard, yet don't provide a POC of their own or link to research they have knowledge of.
I also read a lot of comments on HN that start by attacking the source of the information, such as saying it was AI assisted, instead of the actual merits of the work.
The HN community is becoming curmudgeonly and using AI tooling as the justification.
Inserting an undetectable 1-bit watermark into a multi megapixel image is not particularly difficult.
If you assume competence from Google, they probably have two different watermarks. A sloppy one they offer an online oracle for and one they keep in reserve for themselves (and law enforcement requests).
Also given that it's Google we are dealing with here, they probably save every single image generated (or at least its neural hash) and tie it to your account in their database.
It's not really hard as it looks https://deepwalker.xyz/blog/bypassing-synthid-in-gemini-phot...
