Have they been downgraded from Boffin status, or is this a regional thing?
Oh, and how long will it be before the artificial stupidity folk find a way of defeating this?
Computer scientists claim they've come up with a way to thwart machine learning systems' attempts to digitally manipulate images and create deepfakes. These days you can not only create images from scratch using AI models – just give them a written description, and they'll churn out corresponding pics – you can also manipulate …
I feel with a another swing you could do better. But yeah, there are plenty of images floating around these days, and once something is already published that ship has sailed.
This plan won't work though, the adversary can just recompress the source file and reprocess it. Unless your "protection" scheme degrades the image so much it's usless, and unless that degraded version is the only one ever released, someone will just pre-process a clean enough copy and make their edits.
Image signing can tackle this, but will take some software updates to start red flagging altered images, and warning on unsigned content.
Using a GAN to poison files to trick other GANs is never going to be a stable solution in the real world, where any adversary will adapt to your adversarial attack on their system.
The most likely scenario is that the Internet will get flooded with deep fakes soon. It will not be scalable to check and verity all of them.
It is not the images themselves, but the authority of the disseminating accounts/sites that really matter. Who said what, who reposted the information, who linked it etc.
PageRank for Search was meant to mimic scientific paper references for authority. But it failed miserably, because manipulated links distort the truth. The manipulation started with SEO, then turned to social media marketing, and ended up with troll farms. In social networks the authority is being proactively falsified with fake accounts, fake likes, reviews, bot traffic etc.
One could say that the Truth is a network of statements and authoritative references. It is probably futile to approach disinformation through analysis of every piece of information without knowing its origin.
I'd amend that to Trust, but just because that is a useful and slightly lower bar. Trust and reputation, as a signing authority will need to be right and honest an overwhelming majority of the time, and the longer a signer has been honest, the more they have to lose from being wrong.
The signature just validates who signed it, a separate stack needs to track (and penalize) the reputation of the signers for it to work. Otherwise Fox News will flag as a vaild signing authority, or the weekly world news.