Adobe is trying for the opposite. Content authenticity with digital signatures to show something is not AI (been having conversations with them on this).
Oh I’m sure Adobe has the greatest of intentions on this. Such a reputable company that has a stellar past.
I’m sure they won’t gatekeep this digital human signature in some atrocious proprietary standard along with an expensive subscription to have the honor of using it.
Don’t listen to Adobe on AI or even better don’t accept any “idea” or solution from Adobe.
How would that work then, I presume most would just ignore it because if it only verifies you used Adobe to make something it’s pretty worthless as a “this isn’t AI” mark.
It uses cryptographic signatures in the cameras and tools. Say you take a photo with a compatible camera, it gets a signature. Then you retouch in Photoshop, it gets a another signature. And this continues through however many layers. The signature is in the file’s EXIF data, so it can be read on the web. Meaning a photo on a news site could be labeled as authentic, retouched, etc.
Edit: Doesn’t require Adobe tools. Adobe runs the services, but the method is open. There are cameras on the market today that do this when you take a picture. I beleive someone could add it to GIMP if they desired.
And being adobe, they will put a nice little backdoor in it for them to change the credentials so that they can take artists’ work and use it, train their AI with it, and sell it like they have been doing for years.
You can’t change the credentials if the user owns the private key. But nothing stops AI training, that’s part of the terms of service of some of their products, which operate outside the realm of this more open initiative.
It’s called a backdoor for a reason. Also since adobe software nowadays has almost full access to your machine, what is to stop adobe from simply uploading and storing your private key on their servers and using it when they like? They run their DRM client with a ton of rights to your computer on boot.
WhatsApp can do exactly the same thing and read every message you write and still claim it is “end to end encrypted” for example because key creation is through a process in their proprietary software.
Not sure why you’d say that, its just a factual statement. Also, I don’t even use Adobe products, and transitioned to GIMP and Shotcut many, many years ago. I work in privacy and data security, so I just happen to be involved with this initiative from the sidelines.
As for your conmetary, you could say the same thing about Signal. But you wouldn’t, because you like them. Just because you don’t like a company doesn’t mean they are being nefarious.
Would I rather a privacy-focused company be doing this? Yes.
Am I pleased with what I see from Adobe (a weekly working group full of identity and open source community members)? Yes.
Does Adobe have a good chance of making this mainstream because of their ecosystem? Also yes.
When you see something better, let me know and I’ll participate there too, vs complaining about those trying.
Please tell me where I can find the source code of Adobe’s creative cloud DRM that has full access to the computer it is installed on and their audits to verify that they aren’t sending my private keys back.
You are comparing an audited, open source program with closed down proprietary system that says “trust me bro, we work with ‘security partners’, no we won’t release the audits”.
Interesting comparison. It’s like comparing a local farming co-op to the agro-industrial complex of Monsanto/beyer and saying “you could say the same about either! Monsanto is at least innovating in the seed space, no no no, ignore how they use it!!”
You’re taking that out of context. Signal is open source, but you don’t get to see what happens between GitHub and the Play Store. Adobe’s system that I am aluding to is also open, but we don’t get to see what happens in the software itself. The problem is, that’s not even what I’m talking about. I’m talking about a standard they are developing, not their software or DRM.
This isn’t just for Adobe, they’re just starting the process. Other systems can run it. Hardware can run it. Do you not use linux because Canonical or Red Hat contributed? Do you steer developers away from flutter because Google started it? Where is the line? Who do you think kicks off all the standards you use today? OAuth, OIDC, etc. If you want to avoid everything these companies contribe to, you’re going to have to stop using the internet.
Very nice idea in theory, but proving there is no AI involved in the creation of art is not something I think is remotely possible. It’s an arms race more than anything, but I’m very interested in how Adobe will tackle it. I think people will be appreciating physical art more again, but even then we could argue about the usage of AI tools.
Anyhow, people will have to come to terms with the fact that AI is here to stay, and will only get better too.
My other reply talks about how this works with cryptographic signatures, but sure, people can lie. The key to this method is if there is a signature from a reputable artist, news org, or photographer, then that origin can’t be forged. So it’s about proving the authenticity (origin) vs the negative use of AI.
Adobe is trying for the opposite. Content authenticity with digital signatures to show something is not AI (been having conversations with them on this).
Oh I’m sure Adobe has the greatest of intentions on this. Such a reputable company that has a stellar past.
I’m sure they won’t gatekeep this digital human signature in some atrocious proprietary standard along with an expensive subscription to have the honor of using it.
Don’t listen to Adobe on AI or even better don’t accept any “idea” or solution from Adobe.
Yeah pretty much.
I recall flash, and how they absolutely controlled it. I loved flash as a young programmer too.
But in retrospect, forcing users to go through adobe to use something, with no alternatives? What a nightmare for a Open Internet.
How would that work then, I presume most would just ignore it because if it only verifies you used Adobe to make something it’s pretty worthless as a “this isn’t AI” mark.
As valid and informative as TwitteX’ blue mark.
It uses cryptographic signatures in the cameras and tools. Say you take a photo with a compatible camera, it gets a signature. Then you retouch in Photoshop, it gets a another signature. And this continues through however many layers. The signature is in the file’s EXIF data, so it can be read on the web. Meaning a photo on a news site could be labeled as authentic, retouched, etc.
Edit: Doesn’t require Adobe tools. Adobe runs the services, but the method is open. There are cameras on the market today that do this when you take a picture. I beleive someone could add it to GIMP if they desired.
GIMP is open source, could someone then just tell it to sign anything?
Only with their private key.
And being adobe, they will put a nice little backdoor in it for them to change the credentials so that they can take artists’ work and use it, train their AI with it, and sell it like they have been doing for years.
You can’t change the credentials if the user owns the private key. But nothing stops AI training, that’s part of the terms of service of some of their products, which operate outside the realm of this more open initiative.
Spoken like a real Adobe rep lol.
It’s called a backdoor for a reason. Also since adobe software nowadays has almost full access to your machine, what is to stop adobe from simply uploading and storing your private key on their servers and using it when they like? They run their DRM client with a ton of rights to your computer on boot.
WhatsApp can do exactly the same thing and read every message you write and still claim it is “end to end encrypted” for example because key creation is through a process in their proprietary software.
Not sure why you’d say that, its just a factual statement. Also, I don’t even use Adobe products, and transitioned to GIMP and Shotcut many, many years ago. I work in privacy and data security, so I just happen to be involved with this initiative from the sidelines.
As for your conmetary, you could say the same thing about Signal. But you wouldn’t, because you like them. Just because you don’t like a company doesn’t mean they are being nefarious.
Would I rather a privacy-focused company be doing this? Yes.
Am I pleased with what I see from Adobe (a weekly working group full of identity and open source community members)? Yes.
Does Adobe have a good chance of making this mainstream because of their ecosystem? Also yes.
When you see something better, let me know and I’ll participate there too, vs complaining about those trying.
https://community.signalusers.org/t/overview-of-third-party-security-audits/13243
Here is an entire list of years and years of independent audits
https://github.com/signalapp
Here, go look yourself to verify that the frontend isn’t sending your encryption key back to the server.
https://www.adobe.com/trust/security.html
Please tell me where I can find the source code of Adobe’s creative cloud DRM that has full access to the computer it is installed on and their audits to verify that they aren’t sending my private keys back.
You are comparing an audited, open source program with closed down proprietary system that says “trust me bro, we work with ‘security partners’, no we won’t release the audits”.
Interesting comparison. It’s like comparing a local farming co-op to the agro-industrial complex of Monsanto/beyer and saying “you could say the same about either! Monsanto is at least innovating in the seed space, no no no, ignore how they use it!!”
You’re taking that out of context. Signal is open source, but you don’t get to see what happens between GitHub and the Play Store. Adobe’s system that I am aluding to is also open, but we don’t get to see what happens in the software itself. The problem is, that’s not even what I’m talking about. I’m talking about a standard they are developing, not their software or DRM.
This isn’t just for Adobe, they’re just starting the process. Other systems can run it. Hardware can run it. Do you not use linux because Canonical or Red Hat contributed? Do you steer developers away from flutter because Google started it? Where is the line? Who do you think kicks off all the standards you use today? OAuth, OIDC, etc. If you want to avoid everything these companies contribe to, you’re going to have to stop using the internet.
Very nice idea in theory, but proving there is no AI involved in the creation of art is not something I think is remotely possible. It’s an arms race more than anything, but I’m very interested in how Adobe will tackle it. I think people will be appreciating physical art more again, but even then we could argue about the usage of AI tools.
Anyhow, people will have to come to terms with the fact that AI is here to stay, and will only get better too.
My other reply talks about how this works with cryptographic signatures, but sure, people can lie. The key to this method is if there is a signature from a reputable artist, news org, or photographer, then that origin can’t be forged. So it’s about proving the authenticity (origin) vs the negative use of AI.
Pretty cool indeed, thank you. I like the idea of a cryptographic certificate of authenticity, would definitely add value to the digital art world.