Ben Zhao, a professor at the University of Chicago, helped a team create an AI program called Nightshade. Zhao claims that he is only helping artists find a way to stop those who use their models without the permission of the creator. He says, “The hope is that it will help tip the power balance back from AI companies towards artists by creating a powerful deterrent against disrespecting artists’ copyright and intellectual property.” I guess the fact that Zhao uses a security vulnerability in generative AI, hardly matters. Zhao is also not worried that there is a risk that the data poisoning technique can be used for malicious uses. He says attackers would have to “collect thousands of poisoned samples to inflict real damage on powerful models.”
Reasonably well known is the fact that “Nightshade” is a poisonous red or black berry and a purple flower on a plant that is related to the potato — and highly poisonous. Hence, the clever name is “Nightshade,” from Zhao and the team.
A professor at Cornell University, Vitaly Shmatikov, says that we haven’t seen attacks on machine learning yet, but it will just be a “matter of time.” Many others call the work of Zhao and the team “fantastic.” As Gautam Kamath, assistant professor at the University of Waterloo, says, “The vulnerabilities of AI don’t magically go away for new models and will become more serious.” Still, others say this little (big) poison pill will finally make people “think twice” about touching artists’ work without consent. One artist confided that she will finally trust being able to put her work online again.
The tool is currently in the research stage, but the team will integrate it with all the other tools created to protect against stolen artist works.
The scraping tool will change the pixels of a digital image, which will “trick” the AI system into misinterpreting the rendering. As MIT Technology Review said, it will make an image of one animal appear as another — like a dog will be a cat, and a house may end up as a horse.
Featured Image Credit: Photo by Davide Baraldi; Pexels; Thank you!