Zachary Pitcher


HackLodge Log 2

January 5, 2020

Stuff I gathered from watching investing videos on YouTube School: “It’s not rocket surgery” when investing for long term performance: “Control what you can: taxes and fees. Returns are speculative” when investing for income: Dividend Re-Investment Plan

Today, I woke up really early and cleaned up a little bit around the house, then started prepping the kitchen. It was the first morning of hacklodge, and I signed up to cook breakfast for 4 of the 7 mornings as my chores for the week. This morning, we made omelets, which was a bit of a hassle because each one had to be made individually. Flipping omelets always stresses me out, but it’s also a lot of fun when I get it right. We have two vegetarians and one person who’s lactose intolerant, so we had to make special ones for those people. I was working with Brian and DC, and we were a bit slow since omelets aren’t the most efficient thing to make for a group of 24 people, but we managed to get it all done.

I took the opportunity after breakfast to go back to Cornelius to pick up Catherine’s birthday present, my sneakers, and a few more clothes since I rushed out yesterday to get here on time. I used the T to travel back and forth, and it’s really nice because Catherine’s friend gave her an unlimited T pass that she and I have been sharing back and forth for the past couple months. So all three of my T rides yesterday and today have been completely free.

On the way, I had a couple ideas about how I wanted to do my project, so I recorded a video of myself dictating some of those thoughts: “I know how I want to do it now, I should make a plugin for OBS that tracks each of the video inputs and signs them with the timestamp, their location, their name, and possibly the hash of the binary that sourced the content. This would allow moderators to basically play back the way that the video was constructed and if the sources are all trusted then there’s probably no funny business going on” (paraphrased). Back at Cornelius, I saw Antares and rubber-ducky’d them for a while about my idea, which helped me expose some of the flaws like replay attacks, TAS replays, and having to hash the binaries beforehand, all of which make things extremely complicated. I was starting to second-guess the speedrun community as a beachhead for this idea.

When I got back to the house, I decided to really put my idea to the test by asking people on the speedrunning forum what they thought of the idea in general. Is it enough of a problem to pursue, and would my basic idea of making an OBS plugin that tracks timestamps to determine the validity of runs make any sense for their community? (paraphrased) The general consensus was no, unfortunately. It turns out that the speedrun community is just too diverse for something like this: they all use different gaming systems, from PCs, to mobile devices, to consoles; they all record in different ways, from livestreams, to offline recordings, to mixes of the two; and they all use different recording software, from Xsplit to OBS. Even if my solution was just a trial version to test out the validity of the solution, there’s a solid chance no one–even the people that want to legitimize their runs–would bother to use it. Furthermore, several people brought up the holes in my plan, like the replay attacks and the fact that a motivated hacker would always find ways to fool it.

So I decided to scrap that idea and move away from the speedrun scene as a target market. I thought that by narrowing my view to speedruns, I was making things simpler, but in fact I was bombarded by a bunch of problems that were barely worth solving from a value perspective, but that were all necessary to ensure any kind of success in this goal. I decided to take a step back and look at what my original goal was: to create a tool that determines whether or not a video actually depicts a real event. I spoke with Brian, DC, and a couple other people who were in the common room at the time, and I went through several phases during that time. I was still thinking that what I wanted to make was some sort of authenticator, but in the end I decided that I would make a discriminator.

Let me explain. An authenticator would basically track a video from its creation to its viewing, and would have knowledge of this paper trail to essentially guarantee that it hadn’t been tampered with. A discriminator would just look at a video at the time of viewing and try to determine if it had been tampered with. A discriminator is less secure, and would probably have more false positives and false negatives than an authenticator, which would hopefully have none. But the cryptography and the logic of making an authenticator for this application just don’t work out.

DC broke it down for me why an authenticator doesn’t really make sense here. Basically, if I used some sort of trusted timestamp to prove that a video existed at a certain time, I could know for sure that the video was not tampered with after that timestamp was created. However, there would never be any guarantee that the video had not been tampered with prior to that time, or that it was ever real to begin with. The hardware solution that is used to try to combat this is called SGX (by Intel) or TrustZone (by ARM), and they basically have the private keys of each device baked into the silicon at the time of manufacturing so they can sign information packets discreetly and as early to the creation of the packet as possible to prevent any tampering between creation and signing. This is obviously beyond the scope–and the nonexistent budget–of any hackathon project.

When we were talking, DC brought up an interesting idea: “Instead of trying to make a platform and convince people to use it, what if you coerced them to use it instead” (paraphrased). Basically he was saying that I could just create my own deepfakes and prove to people that they were as scary and existentially worrying as I find them to be. That would be fun, and I could probably cause a stir by doing something like that, but I’m not sure I want to get in trouble with the law if I do something really out-there. But this did get me to step back one more time and look at how people are interacting with deepfakes today. The reality is that deepfake technology exists, but as far as anyone knows, no one has really used any to do any real harm. As of now, no existential crisis has occurred as a result of deepfakes, so why would anyone be worried about them yet? This convinced me that no, a platform for filming and watching secured videos doesn’t really make sense yet.

DC said something really interesting: “There’s two possibilities. Either people are maliciously using deepfakes and no one knows about it, or no one is really using deepfakes yet. From what I’ve seen of deepfakes, we are still most likely in the latter universe because they still usually have some form of artifacts or “uncanny valley” feel to them. But the idea is that either we need to determine how much of the news is already deepfakes, or we’re not at the point yet where we need to worry about good discriminators improving incrementally the performance of the generators in GANs.

Let me explain. GANs are Generative Adversarial Networks, and they are a very effective paradigm for training a neural network to make outputs that behave a lot like the things in its input dataset. They achieve this by having two neural networks that act as adversaries: the first is a generator, which tries to make outputs that look like the inputs; the second is a discriminator, which tries to determine if a given input object is part of the original dataset or if it was generated by the generator, and giving it a score of how well it achieves this. This creates a feedback loop, wherein the scores that the discriminator gives tells the generator how well it’s doing and when to improve. This goes on through millions and millions of iterations until the generator has gotten pretty good at fooling the discriminator. At this point, the generator can create passable outputs that appear similar to the input dataset. If the input dataset was a bunch of photos, the generator would be able to create essentially photorealistic photos of humans that don’t actually exist.

Going back to what I said earlier, this does make me slightly concerned because I don’t know yet whether or not the discriminator will even be able to determine whether or not the images are deepfakes anymore. If the generator got so good that it always scored 100%, then obviously using a discriminator would be pointless unless I made my own that was better than any that exist on the internet right now (which is possible, but I would need a massive amount of compute to combat any of the researchers that have done this so far). That’s why my first order of business is just going to be to try to download a discriminator and run it on a couple sample videos and images to see if I can disriminate between the deepfakes and the real ones. If it doesn’t, then I’d be set back quite a ways, but at least I’d have figured that out before going any further with this.

The final goal, if that does work, would be to create a browser extension that would, at the click of a button, search the page for any deepfakes on the page. If anyone was skeptical about whether something they were viewing was real, the extension would allow them to do a cursory scan to see if any deepfake trickery was going on. It wouldn’t work all the time, but it could give a reliability score, and if it was a sufficiently low score, you could feel pretty safe believing the things you saw on that site. But if it was a higher score then you’d want to tread lightly before believing what you were seeing.

At the same time, I could collect analytics to create a database of all the uses of deepfakes across the internet, which might eventually justify creating a platform or something like that if I saw the numbers drastically increasing in the future. This data might also be useful for other sites, so I could create a website that shows the live analytics with graphs and stuff (this is a reach goal, so not worried about it yet, but it is a possibility).

Also, I slept a fuckton today and it felt really good and I feel a lot better than I did over the holidays, and especially in the first week that I got back. It really is amazing what good sleep and good food will do for your psyche. I should remember this for the future… signing off!