• Dr. Moose
    link
    English
    35 months ago

    They can’t release anything as watermarks can be reverse engineered and people would just wise up and tumble the outputs.

    Weirdly, not releasing this tool publicly might be the smartest bet here as all of these bot farms and idiots just blindly use chatgpt outputs without any tumbling or safety.

    • hendrik
      link
      fedilink
      English
      1
      edit-2
      5 months ago

      The issue with that is: Releasing nothing is even worse than releasing something that could be circumvented. I don’t see this as a valid argument.

      I’m not an expert on text watermarking and how that degrades output. But if they want some stealthy solution that isn’t known to the public… Maybe they could attach two watermarks. A simple one that is known to everyone, and an additional, secret one only they know about. It’d be similar to what we do with bank notes. There are some characteristics everyone knows and can use to judge if it’s fake money. And they have some additional secret markings in banknotes that only the central bank knows about.

      I’m pretty sure a similar thing could be done here. Maybe not for a 280 character tweet. But certainly for other use-cases with longer texts. And in case it has a 0% false positive rate, every match helps someone. Even if it’s circumventable. I think even a non-perfect solution that helps several thousands of people is better than helping no-one.

      • Pika
        link
        fedilink
        English
        25 months ago

        I agree with not releasing it, but I do find that it defeats the purpose talking about it because if you have it but aren’t sharing if what’s the point of having it

        • hendrik
          link
          fedilink
          15 months ago

          I think we’re missing half the story. Because I also fail so see a point in doing it like they do.