Spike that facial recognition

I’ve just came across this little gem here:
https://sandlab.cs.uchicago.edu/fawkes/

Looks like something i’m going to use if i ever upload some pictures of myself or family members. (But the chance of doing that is practically zero).

Anybody got some experience with this?

This reads like snakeoil and if I used it i’d definitely keep it in a VM.

Assuming it does what they claim i’m sure it’s a technical masterpiece but the pictures of today will be fed to the algorithms of tomorrow which are unlikely to have the same technical limitations or quirks this team is exploiting.

Given how machine learning interprets data, I wouldn’t be very surprised if it actually worked. There are dozens of examples online, how to easily confuse AI.

However problem you mentioned still prevails. New networks could simply use Fawkes edited images as learning data, to overcome it. We also don’t know what’s happens if edited picture get’s compressed. It could destroy whatever trick it’s using.