Tag: cybersecurity

DALL-E! AI-Generated Art- Who owns the AI art you are making?

Tony DePrato1 Comment

I attended an AI talk last week. The presenter was an AWS Engineer (Amazon Webservices). They sit on a few committees and advisory counsels for the current administration in Washington, D.C.

The talk was a high-level view of how the technology works. Towards the end, a person in the audience asked, “Who owns the copyright on images produced by AI art?”

The answer: Not You.

This ownership idea connects to other conversations I have had about the terms of service with ChatGPT and my initial chat with the AI about how it handles data.

This technology needs new laws and structures around it, and those will come with lawsuits and public debate. As of now, it is not ready for children to use in a K-12 environment. It is not ready for confidential information and data handling (unless a paid option includes the ability to label data).

In terms of the art, and I assume audio and other media it creates, it is not ready to be used in a business or academic environment where ownership is required.

Image using the DALL-E! system, and embedding the art on your organization’s website. You do this routinely for 2-3 years. Then, one day, you are notified that the copyright owner is seeking justification for using the content in a commercial setting and would like to license the art.

Maybe you are wondering, how can they do this? How can they tag the art and track it years later? There are numerous ways to do this, but if they have an AI that can create art, they have an AI that can track art using techniques that would be invisible to the end user. If I were working at OpenAI, I would develop a steganographic method to find content in the future. This technique would place content hidden within the content on the image. It could be achieved using ratios and distance, allowing even the smallest thumbnail to be discovered.

That’s just one idea from someone who thought about it for a day. Image a team of people who built an AI.

The general rule for operating a business: don’t break the law

If you work at a school or a bank, reading the terms of service concerning minors, confidential data, and copyright is not an option. If you are determined to push forward, have your organization’s legal team review what you are planning, even webinars about advocating use.

Here is my chat with the OpenAI Chatbot regarding how copyright is currently handled (or not handled):

Are familiar with an AI that can generate Art?
Yes, I am familiar with AI that can generate art. There are a number of different approaches to this, but some of the most popular ones include:

Generative Adversarial Networks (GANs): These are a type of AI that are trained by having two neural networks compete against each other. One network, called the generator, creates images, while the other network, called the discriminator, tries to distinguish between the real and fake images. Over time, the generator gets better and better at creating images that the discriminator can’t distinguish from real ones.

Variational Autoencoders (VAEs): These are a type of AI that are trained to learn the underlying structure of a dataset, such as images of faces. Once the VAE has learned this structure, it can generate new, similar images by sampling from the learned distribution.

Style transfer: This is a type of AI that takes two images — one as the “content” and one as the “style” — and blends them together to create a new image that has the content of one and the style of the other.

There are many other approaches to AI-generated art, but these are some of the most popular.

anthony.deprato@gosaints.org
Are you familiar with Dall-E
Yes, I am familiar with DALL·E! DALL·E is an AI-powered image synthesizer created by OpenAI. It was introduced in January 2021 and quickly gained attention for its ability to generate a wide variety of images from textual descriptions, including many that are fantastical or imaginative in nature. For example, DALL·E can generate images of objects that don’t exist in the real world, such as a hotdog-shaped bicycle or a horse with a flashlight on its head. The images generated by DALL·E are unique and often quite striking, which has led to a lot of interest and excitement in the field of AI art and creativity.

anthony.deprato@gosaints.org
What company, person, or entity holds the copyright for DALL-E! generated art?
The ownership of the copyright for DALL-E-generated art is governed by the terms and conditions set forth by OpenAI, the company that created DALL-E. OpenAI holds the copyright to the DALL-E software, and it is likely that the images generated by the software are also considered to be works created by OpenAI for copyright purposes.

However, it is worth noting that the exact ownership of the copyright for AI-generated art is a complex issue that is still being debated in legal circles. There is no clear consensus on whether AI-generated works are considered to be the product of human authorship and therefore eligible for copyright protection, or whether they are considered to be works created by a machine and therefore not eligible for copyright protection.

In the case of DALL-E, OpenAI may choose to license the use of the images generated by the software to third parties, or it may choose to allow free use of the images with certain conditions. The specific terms and conditions for the use of DALL-E-generated art will depend on the policies and decisions of OpenAI.

anthony.deprato@gosaints.org
Does OpenAI use steganography to track DALL-E! art?
I’m not aware of OpenAI using steganography to track DALL-E-generated art. Steganography is a technique for hiding data within other data, such as embedding a hidden message within an image file. To my knowledge, OpenAI does not use steganography for tracking DALL-E-generated art.

It is possible that OpenAI may use other methods for tracking the use of DALL-E-generated art, such as watermarking the images or tracking usage through digital means, but I don’t have any specific information on the methods used by OpenAI. Ultimately, the method used for tracking the use of DALL-E-generated art will depend on OpenAI’s policies and decisions.

anthony.deprato@gosaints.org
Thank you
You’re welcome! If you have any other questions, feel free to ask.

Episode 181 – Zoom

Patrick CauleyLeave a comment

Tony and Patrick are back talking about distance learning, recommendations about video conferencing (including Zoom) and a lot more. Please subscribe to our podcast from Apple our searching for us on your favorite podcasting app.

  1. Happy Easter/Spring Break
  2. Zoom
    1. Zoombombing
    2. Zoom and privacy
    3. Zoom alternative
      1. Microsoft Teams
      2. Google Meet
      3. Skype
    4. Recommendations
      1. Zoom Basic (non-compliance) vs. Zoom K-12 (FERPA, COPPA, HIPPA compliant)
  3. Cybersecurity Part 5 – Where Did Your Resources
    1. https://itbabble.com/2020/04/12/cybersecurity-part-5-where-did-you-put-your-resources/
  4. Graduation 2020?
    1. July in person graduation
    2. What does a virtual graduation look like?
      1. Not popular
      2. Not a good product
      3. Think about music, time, speeches

Download this episode HERE

CyberSecurity Part 2: OPSEC and Post-it Note Passwords

Tony DePratoLeave a comment

Password 123456 written on a paper

By Tony DePrato | Follow Me on LinkedIn

How many times have you seen it? You walk into an office or classroom, and a Post-it is proudly announcing a user’s password. Why? Because schools are trusting environments.  Maybe the password is not for the computer, maybe it is for the teacher/staff WiFi. A WiFi network that has no other security aside from the password: TeacherWifi1.

Before spending thousands of budgetary funds on security consultation, all schools (and organizations) should focus on their Operational Security or OPSEC. OPSEC is officially defined as:
Operational security (OPSEC), also known as procedural security, is a risk management process that encourages managers to view operations from the perspective of an adversary in order to protect sensitive information from falling into the wrong hands.

Developing a solid OPSEC plan is not that difficult. A bit of common sense and creative thinking goes a long way. Let’s walk through some simple practices that will help improve a school’s operational security, and the school’s ability to react to problems.

Follow Normal Child Safety Practices All the Time and in all Departments

The basic child safety concepts are: keep students away from unverified adults and make sure adults are not alone with children (and if they are alone they are visible).

The standards seem to be prevalent in all child safety courses and certifications. Following these two standards, and applying them to a technology plan would yield the following rules:

  • Students are never allowed on the same network as teachers/staff/guests
  • Students share information through the cloud or monitored middle process (such as a Synology share that requires user login)
  • Students should not be allowed to peer share with teachers (e.g. no more AirDrop)
  • The guest network is limited and separated from everyone else
  • No access to the network etc. unless all users provide an ID or their devices are identified as approved devices

You can find more detailed standards here for securing your network and developing a better level of OPSEC.

Office and Classroom Access Should Be Managed by Policy

The worst hacking scenarios I have personally experienced, and that resulted in child and family trauma, began with data being printed and left in unattended offices/classrooms.

Simple and reasonable practice can deter most people from crossing the privacy line. Here are some suggestions:

  • Laptops should be secured in a bag or other area when unattended; on the desk, lid open is bad practice
  • Documenting passwords should be discouraged
  • Desktops and other devices should be logged out when unattended; or secured with a password screensaver
  • Teams should split their lunches and breaks to ensure that the office/classroom always has someone present
  • Office/classroom hours should be posted so that everyone knows when the space is open for meetings or visitors
  • Desktop phones should have a security code to make calls off-campus
  • Students, parents, and others should have a demarcated area for meeting and working with staff and teachers; certain areas should remain off-limits
  • Printing from offices needs to terminate in a secure space; it should be difficult for an unauthorized person to make physical contact with an office printer

Walk Around and See What You Can Do

School administrators often conduct classroom walkthroughs and observations. This process is similar.

The leadership team needs to be scheduled to break-in to areas on-campus. They should test closets, offices, doors, etc. Printers should be checked for abandoned documents, and those documents should be sampled. Did someone print and leave any confidential information? Any tests or assessments? When guests are in the building, how freely can they move beyond common areas before they are politely challenged?

The team should document what they find, and question why the access was possible. A formal review of all vulnerabilities is going to inform the necessary actions that need to be taken.

If there is a plan to work with an external contractor, having all this research is essential. Focusing on unrealistic threats and problems will not strengthen security or cybersecurity. A misaligned plan will waste resources, provide a false sense of security, and overall weaken any future response to a real threat.