a thing i have found younger researchers of the late 90s internet don't really appreciate is the number of ephemeral websites made by literal children.

@rose_alibi so much this! The first two ISPs I had both provided ftp and an exposed /~ home directory to host in.

I had a personal page, “official” websites for small local
bands I liked (geocities ftw), and even a crappy underground newspaper covering teen drama at our highschool.

My first money-earning job was independently designing and implementing a web site for a small motorcycle apparel company in my hometown. They paid me $250 up front, and it was more money than I had seen in my entire life.

I was 14.

I miss that janky self-made Internet so much.

@bodhipaksa it’s terrible, but also getting visas revoked before they travel is better than what those sh*tburgs might be able to do if they actually arrived on US soil.

@reverseics That dude approaching the robot like he has first hand experience in what happens when you get too close to unpredictable robotics....

@inthehands And since I saw the question (which was immediately deleted - they probably googled the answer after asking): You use a tool like Nightshade (https://nightshade.cs.uchicago.edu/whatis.html), which modifies the image in a way that's imperceptible to humans, but very visible to AI, effectively making AI "see" the image differently than a human would. When used in AI training, the AI may "see" a toaster when the picture (what a human sees) is actually a photo of a person sitting in a car. When the AI is then asked to generate a picture of someone in a car, it outputs a toaster.

Obviously one image won't do this, but when used at scale it can have an impact.

@inthehands I know of at least one professional artist who has deliberately poisoned their images, in an attempt to deter AI scraping (mostly because the scrapers blast her small site and effectively DoS it). If they follow robots.txt, they're not affected... but they were already ignoring robots.txt

I just read an IARPA paper that said poisoning as little as .1% of training data can disrupt a model. If content creators choose to deliberately poison content that they ask not to be scraped, it might be a nice way to deter bad behavior.

The tools I know of work on imagery, but with effort people may come up with stuff that works on data as well. E.g., burying base64-encoded malicious prompts in your text, posting tables as poisoned images rather than text, etc.

Seems like we should start organizing and taking firm action now, before AI companies start buying politicians and making such defenses illegal.