Artificial intelligence is now reaching a point where broadly accessible tools allow the synthetic creation of highly realistic materials—images, audio, and, increasingly, video sequences entirely generated by AI.
As the industry leaps forward and the human eye strains to tell real from artificial, some experts and entrepreneurs have scrambled to think up solutions.
The digital space is about to become increasingly treacherous, suggested several experts consulted by The Epoch Times.
High-quality fabrications are already quick and easy to produce. Verification services have emerged, using AI to spot AI. The logical progression, however, will be an arms race between AI generators and AI detectors, leading to increasingly sophisticated fakes.
The result will be a virtual reality in which users largely lose the ability to discern the genuine and the fake from looking at the content itself. Increasingly, they’d need to rely on third-party verification services or sources of information that have developed a solid record of authenticity.
Power of Video
Generative AI improved in leaps and bounds last year, going from surprisingly adept to eerily realistic.
“We saw from the beginning of 2023 to the end of 2023, images kind of pass the eye test,” said Anatoly Kvitnitsky, founder and chief executive of artificial intelligence detection service AI or Not.
“Our prediction is, video is going to have a similar moment in 2024.”
Realistic AI video is “definitely within our reach,” said Robert Marks, a computer science professor at Baylor University who has significantly contributed to the field of machine learning.
“In the future, you can do it from scratch, and it will be really realistic,” he told The Epoch Times.
Some of the experts pointed out that fake information, political or otherwise, isn’t a new phenomenon, and it has long been possible to fabricate imagery.
“Fake stuff has been around for a long, long time. ... It’s just now that we have an automatic way of generating it,” Mr. Marks said.
Yet producing fake video footage has always been tricky and resource-intense. Typically, video hoaxes involve the doctoring of real footage.
The possibility of realistic video made from scratch presents danger on a new level, according to John Maly, a computer engineer and intellectual property lawyer who has delved deeply into the issue of AI use and misuse.
“The danger of a video is it’s much more impactful,” he told The Epoch Times.
Just as in past elections, if a “dossier” emerges with allegations about a candidate, the “average person’s not going to read it,” Mr. Maly said. Most people are likely to learn the gist of the allegations through the filter of their preferred media outlet, provided that the outlet chooses to cover it in the first place.
But video is different, he said.
“If there’s a 30-second video of someone using racial slurs or something like that, that’s going to have an immediate impact on everybody,’ Mr. Maly said.
“And I think that immediacy is going to be what makes this really a more dangerous tool than the others.”
AI would open powerful disinformation tools to groups and individuals who are too fringe to obtain the resources previously needed to access such capabilities, he said.
“Activists can inexpensively put these things together and leak them and get them circulating,” Mr. Maly said.
AI could also boost the secrecy of disinformation operations, he said.
If one were to stage a fake event, for example, the risk of having it exposed increases with each participant. Creating the entire scene digitally dramatically reduces the number of people aware of the scheme.
“One person can script and create an entire deepfake video, and only that person will know they created it, and it makes it much harder to trace after the fact,” Mr. Maly said.
Time to Maturity
So far, AI has been successfully used to manipulate video, such as by adding or removing objects or manipulating the face of a person in the video. Some of the most recent tools allow the creation of completely synthetic video clips, although so far limited to just a few seconds in length and simple action, such as a person turning his head or walking down the street.The capabilities are expected to significantly expand over the coming months.
“It will be just in time to create misinformation around politics as we’re going to be heads-down into our election season,” Mr. Kvitnitsky told The Epoch Times.
Mr. Marks wouldn’t go as far as to predict fully realistic AI video by Election Day, but he doesn’t discount the possibility.
“What’s going to happen by October? I don’t know. But the acceleration of artificial intelligence has been astonishing,” he said.
Mr. Marks expects that if the technology is used to affect the election, it will be timed as an “October surprise” so as to cut short the window of opportunity to debunk it before the votes are in.
“Now, we have tools to do October surprises with much more sophistication than we had in the past,” he said, noting that “it’s going to be more difficult to counteract.”
Mr. Maly predicts that realistic AI video technology is still two to three years off.
“I don’t think it’s going to be this coming year, but then again, I think the way we’re going to discover that it’s possible is that the entities with the deepest pockets—so governmental actors from first-world countries—they’re probably going to be one of the first ones that manage to pawn off an undetectable deepfake that will get detected much later,” he said.
AI Detection
Despite technology advances, AI-generated content has been, up until quite recently, detectable with minimal effort. Synthesized voices speak with unnatural inflection, especially when trying to mimic emotion; figures in generated images sport unnatural anatomy, such as missing or extra digits.Yet over the past several months, these issues have been greatly mitigated. AI synthesizers can now speak in the voices of real people in a lively, even animated manner; AI images now feature persons with natural skin texture and accurate anatomy.
“However, if those ‘giveaways’ are not there, it becomes really difficult—especially in the higher-quality images, like in the newer models—to detect,” Mr. Kvitnitsky said.
“In many cases, it’s not detectable by the naked eye,” Mr. Marks said.
In recent years, several companies have developed tools that use AI to detect AI-generated content.
Mr. Kvitnitsky’s AI or Not is one of them.
“We’ve trained our model on millions of images, both real and AI-generated. ... We’ve done the same thing with audio,” he said.
Mr. Kvitnitsky said that “there are always artifacts that each respective AI model leaves behind”—a “combination of pixels” or sub-second wavelength patterns in an audio file, which would be unintelligible to the human eye or ear.
“It is that level of granularity that’s required,” he said.
The AI or Not website doesn’t store the images and audio files that it checks and so can’t produce overall statistics on the tool’s reliability, Mr. Kvitnitsky said. He does have information from some of his clients who report reliability upward of 97 percent.
The Epoch Times tested the tool on a mix of about 20 real photographs and AI-generated images. Most of the real photos were of people, in portrait or photojournalistic style, and edited for lighting, contrast, and color tone. The AI pictures were all of people in candid, selfie, or portrait style, produced by Midjourney V6, a freshly released version of a popular AI-image generator that has garnered rave reviews for realism. AI or Not correctly identified all AI images but mislabeled one of the real photographs as likely AI-generated.
The problem of false positives—mistaking human-made content for artificial—is one of the reasons why Mr. Marks doubts that AI detectors can be an “effective way” to deal with deepfakes. If the tools were to be used to identify fake content, and if such content were to be taken down and users penalized for posting it, many would be punished wrongfully, he said.
“None of the detection techniques is 100 percent effective,” Mr. Marks said.
The Alphabet-owned YouTube has already announced that it plans to roll out new rules requiring users to self-label videos containing “realistic altered or synthetic material,” such as “an AI-generated video that realistically depicts an event that never happened, or content showing someone saying or doing something they didn’t actually do.”
But when asked by The Epoch Times, the company’s spokespeople wouldn’t say what method will be used to determine what content is and isn’t AI-generated.
Mr. Maly voiced concern that such a process will end up being opaque and one-directional.
“If you’re dealing with anything like Facebook, there’s really not much of an appeals process. You get a button that makes you feel like you did an appeal, but there’s no human you can talk to. There’s no case you can really make,” he said.
Arms Race
There’s another downside to AI detectors: They can be fooled, Mr. Marks said.The Epoch Times tested the concept by repeatedly editing some of the particularly realistic Midjourney V6 AI-images. The AI or Not tool at first correctly labeled them as likely artificial, but after repeated edits, such as adding and reducing noise, resizing, sharpening, and repeatedly adjusting exposure and contrast, most of the images passed as “likely human,” although they also triggered the tool’s “low image quality” warning.
The warning pops up when the tool detects changes to lighting, file format, “and other tampering techniques,” Mr. Kvitnitsky said in an email response.
“The intent is to provide a marker if we think the image requires further investigation,” he said.
The problem is that all of the authentic photos The Epoch Times used to test the tool also triggered the low-quality warning.
Mr. Kvitnitsky said his clients with “premium” subscriptions are provided with not just the binary “likely AI”/"likely human” result, but also with a “confidence score” for each result.
He stressed that his team is continually improving the tool, which is now in the process of being trained to spot images created by the new Midjourney V6.
“We find edge cases, we identify them within our own team, and then we solve for them to make sure we are detecting them,” Mr. Kvitnitsky said.
The improvement process, however, works both ways, Mr. Marks pointed out.
“It’s kind of like the arms race. You come up with a way of faking video, somebody comes up with a way of detecting it. But then the other side looks at the way of detecting it, and they figure out how to get around that,” he said.
Ultimately, the fakes are “going to reach the point of being very difficult to detect,” Mr. Marks predicted.
Mr. Kvitnitsky acknowledged that the situation is akin to the catch-up game cybersecurity developers play with hackers.
“We’re trying to stay ahead of it, but yes, that’s exactly it. It’s a new phase of cybersecurity,” he said, noting that some of his largest clients are in the cybersecurity arena.
Furthermore, there are some notable obstacles to playing the catch-up game in the imperfect world of information, Mr. Maly said.
For one thing, generative AI models don’t necessarily develop incrementally, he said.
“Every two or three years, they shut them down entirely and they start from scratch. And you may not see that as the user because they still have the same front-end and they still have the same name for the product,” Mr. Maly said.
And a new model means that the detector tool needs to be retrained.
Moreover, longer-form artificial video can be quite complex and likely to be produced by various tools that each leave behind their signatures, which are then mashed up together in the final product.
“The more we synthesize multiple things into a higher-level product, the harder it is to detect the origins of the different components,” Mr. Maly said.
Fakes will also be easier to obfuscate when depicting chaotic events such as a war or a riot.
“They have maybe a strange camera angle, maybe they’re blurry, maybe there’s water or dirt on the camera,” he said.
Digital Signatures
Some companies and nongovernmental organizations have proposed rooting out deepfakes through “cryptographic signatures.”
The idea is that the software that produces a piece of content would store into it some coded information, such as when, where, and by whom it was created. An encrypted version of the code would then be stored at some trusted location. It would then be possible to check the “provenance” of the content.
“The advantage of these provenance-based approaches is they can contend with internet-scale content creation and consumption,” Mr. Farid said in his 2022 paper.
“The disadvantage is they will require broad adoption by creators, publishers, and social media giants.”
Broad adoption doesn’t appear to be forthcoming. One of the problems of the system boils down to privacy. A free society doesn’t necessarily want to make it easy for authorities to track down the origin of every piece of information, particularly when it comes to political speech.
Broader Impact
The introduction of realistic AI creations is likely to reshape online culture and erode trust in digital information that lacks offline authentication.“Differentiating the truth is going to be much more difficult now than it has ever been,” Mr. Marks said.
Even without any deepfake surprises, the mere existence of deepfake tools creates what Mr. Farid called the “liar’s dividend”—in which people can try to dismiss genuine information as fake.
He deems it “likely” that “some version of a provenance-based solution, alongside the detection schemes ... will be needed to help re-establish trust in online content.”
Mr. Kvitnitsky expressed confidence that his company will help to shore up such trust.
Yet relying on AI to counter AI necessarily steers users to cede control over discerning the truth, Mr. Maly said.
“This seems to be exactly the social ecosystem we’re on the verge of entering: [We] don’t trust that AIs aren’t deceiving us, but the only way to check is by using other AIs we didn’t create,” he said in an emailed response.
It could even lead to a situation in which a few giant tech companies offer both AI generation and AI detection, “controlling both sides of the equation,” Mr. Maly said.
It’s unlikely that the detection tools could even be vetted, he said.
“If the AI is open-source so it can be vetted, then it can be dissected and circumvented, so my guess is it will be an ecosystem of closed, proprietary solutions, as we already have with anti-virus software—there are trusted names, but we’re still making assumptions about the security practices, and motives of our provider,” Mr. Maly said.
It will be crucial for people to educate themselves on the AI functioning and capabilities, he said.
“Some degree of knowledge of AIs and following AI news will be compulsory for anyone who wants to have any hope of knowing the truth, otherwise trusting AI-generated data becomes almost like basing your life on a magic eight ball toy,“ Mr. Maly said. ”It might be said that complacency has always been the enemy of truth, but its cost to societal opinion is about to get much steeper.”
Mr. Marks suggested that people will need to “go to some old tools” to assess the veracity of digital content.
“You look at the source, the degree of interest that they have in promoting the article. ... There’s a number of tools that can be used to assess the truth. Are they 100 percent effective? No. But I think they’re incredibly, incredibly useful,” he said.
“This is not a problem with AI, this is a problem with the problem. You have disinformation all the time. And the problem of the problem is people put out fake stuff and you have to figure out whether it’s true or not.
“The fakery has become more realistic because of artificial intelligence, but the problem remains the same. And I don’t think there is any way to do that other than free press and political discourse.”
Friends Read Free
