This is the AI era, who are you?
Editor’s note: This article is from WeChat public account “Semi-Folet Immortal” (ID: banfoSB), the author is half-Feng Xianren.
1
This weekend, the most popular product in the entire Internet industry, is undoubtedly ZAO, a tool for the main AI face change.
The short circle of videos, expression packs, and discussions about ZAO itself are all used in the circle of friends.
The first time ZAO got on the line, I started playing. I sent a message about ZAO on Saturday. I can also see my short comments on ZAO in many media.
The reason why the official article came out today is because I have been experimenting with ZAO for some time in the past two days. From the offensive point of view, I have been playing until Sunday night.
It can be said that my entire weekend is in ZAO.
This article I want to talk about, some problems with ZAO itself, legal and security issues, and technical issues.
More to talk about, behind the emergence of ZAO, the challenges that we are currently welcoming with many ideas and rules in the AI era.
This is related to the lives of each of us.
As for whether this is good or bad, I will not make a conclusion.
2
It’s not new to say that ZAO’s core technology is first.
This face-changing gameplay is based on DeepFakes, which is open source, and the underlying principle is based on the deep learning model (GAN, Generative Adversarial Networks ).
This technology is one of the hottest directions in unsupervised learning in recent years. Everything can be done. It seems that everything can be GAN.
You should not read the mistakes, let alone associate them.
Of course, the reader does not need to know the technical principle in a particularly clear way. It can be simply understood as a relatively mature machine learning theory, similar to the law of universal gravitation.
This theory has caused public sensation because of DeepNude and DeepFakes.
In a nutshell, it is similar to people’s creation of a gravity-free warehouse based on the law of gravity. This thing is especially fun, so people began to pay attention to the law of universal gravitation.
DReal authorization?
Is there any violation of portrait rights? What if it is violated? Who is the responsibility?
Looking at ZAO’s privacy agreement is quite interesting.
It is recommended that everyone play ZAO before, during the registration phase, take it easy The red word is read 10 times and then considered.
ZAO didn’t hide anything, and they wrote clearly and plainly.
When you use ZAO to edit faces, [you] not only delegates your portrait to [ZAO] and its [affiliated companies], but also if you edit [not you] Face, then [you] need to ensure that this is authorized, otherwise all the consequences will be [you] to bear.
This is the most important thing, but most people ignore this at first.
4
I use a simple example to explain this passage and talk about the risks faced by ZAO.
If I put my own face on ZAO, then it is equivalent to authorizing this photo to ZAO by default. This photo and the video generated with this photo can be given to ZAO. use.
Not only for ZAO, but also for ZAO’s affiliates. The definition of this affiliate is vague, that is, you don’t know who ZAO is used for. This requires the company to be associated with ZAO. Then the company can use it, you may not know the existence of this company.
As for what to do, there is no clear written on the agreement, which leaves a big imagination.
In any case, you can’t control even if you take the money, because the agreement allows ZAO to reauthorize.
In short, as long as you pass the photo, then it is ZAO. 
Just use ZAO, your this Face, I lent it to ZAO.
Of course askDirectly, the small probability of the laboratory environment can be bypassed, and the real environment takes into account the factors of people flow, which is difficult to bypass.
Fortunately, my relationship with the nearby supermarket owner is good, so several of his face payment devices (multiple companies) have been playing for a day, if you find a fat man in a supermarket in Hangzhou with a bunch on Sunday The magical device has a few face-finishing machines in constipation. It has been operating all day, please don’t misunderstand that he is repairing the machine.
After a full day of tossing, I also probably know how to implement the machine to brush the face and defend against this kind of attack. Before the black production begins to study, let me introduce how to defend it.
1. One of the basis for the brushing machine to judge whether a living person is based on the degree of screen reflection and clarity, but if the external screen of the test machine is removed, the threshold can be effectively reduced, so this part of the strategy needs to be iteratively updated. Reflective is a must, and not reflecting does not mean normal.
Of course, the definition of reflection needs to be updated. Don’t kill some people’s oily skin and bald reflection.
2. Increasing the number and location of cameras can effectively increase the cost of black production and increase the failure rate.
At this stage, the common solution for brushing faces is often 2 to 5 cameras in a small range side by side. If black production uses professional fixed tools and custom 4K retina screen Android tablet (to modify the system, especially the video needs to be sharpened), Combined with a specific fixed tool control angle, it is enough to completely cover the range of these cameras, coupled with no reflection and high definition, which makes the auxiliary camera unable to identify the device in time and not the real person.
So you need to add more camera positions and even install some cameras that are invisible to the naked eye to prevent the camera range from being covered with large devices.
3. There are a few templates in the ZAO video that meet the requirements of the face recognition action. These templates themselves contain several specific shaking eyes of the character, which is no different from the real person after the replacement.
So each organization needs to update the fixed action of face recognition. The current strategy adopted by many organizations is 5, 3, 5, 2, and 5, and it is recommended to expand this library.
4. For the face payment outside the resident place, the first time you must use the mobile phone verification code or mobile APP to brush your face.
Although the black circle has always had a variety of methods and theoretical outflows, everyone is also attacking and defending in real time, but in the past it was often the face recognition of fraudulent online loans, with the further development of the payment of the face As well as the open source of DeepFakes, the risk of all kinds of piracy is that everyone needs to be vigilant.
7
Finally, what I want to talk about is that ZAO products represent the full civilian use of DeepFakes technology, which brings a very interesting experience for most users, but at the same time, it brings Black produceAbuse of this type of technology.
DeepFakes open source, opened Pandora’s magic box.
The one thing I have to admit is that in applying new technologies, black goods are far more hard and harder to learn than most people, because once they succeed, they have money.
This technique of seamlessly replacing faces can play countless tricks in black hands.
For example, scams, black products use this technology to seamlessly integrate the faces of older children into the video. Whether it is sick to ask for money, kidnap, or transfer, it is easy to lie.
For example, posing as a public security law, Black produces this technology to put some of his face into some public videos, and then says that he is a certain one, and the other party can really believe it when he sees it.
For example, blackmail, black production uses this technology to add the victim’s face to some yellow videos, and then threatens to distribute the money without distributing it. In fact, many loan sharks like to play like this, but the past P picture Not shocking enough.
Not to mention blackouts, but the seamless face-changing technology has flowed into the hands of civilians, bringing a lot of new ways to play.
After an operation, put the girlfriend’s face in the porn video, is it derailed, if you use this method to sue for divorce, is there any way to crack this video is true and false?
A and B collide, and then A blends B’s face into various wretched places to spread or directly fall into the trap. How can I crack this video to be true or false?
Using AI to merge the face of a star, the harm is actually limited, because everyone knows it is fake.
But if you use AI to integrate the faces of people around you, how do you tell them?
In particular, many people see that the video is pre-emptive (in fact, most people do not instinctively suspect that the video has a problem), and who will bear the consequences?
Maybe we have to bring a puzzle to every video in the future, are you, or are you not you?
In the AI era, the biggest problem for each of us may be.
Who are you?