I keep seeing posts about this kind of thing getting people's hopes up, so let's address this myth.
What's an "AI detector"?
We're talking about these tools that advertise the ability to accurately detect things like deep-fake videos or text generated by LLMs (like ChatGPT), etc. We are NOT talking about voluntary watermarking that companies like OpenAI might choose to add in the future.
What does "effective" mean?
I mean something with high levels of accuracy, both highly sensitive (low false negatives) and highly specific (low false positives). High would probably be at least 95%, though this is ultimately subjective.
Why should the accuracy bar be so high? Isn't anything better than a coin flip good enough?
If you're going to definitively label something as "fake" or "real", you better be damn sure about it, because the consequences for being wrong with that label are even worse than having no label at all. You're either telling people that they should trust a fake that they might have been skeptical about otherwise, or you're slandering something real. In both cases you're spreading misinformation which is worse than if you had just said "I'm not sure".
Why can't a good AI detector be built?
To understand this part you need to understand a little bit about how these neural networks are created in the first place. Generative Adversarial Networks (GANs) are a strategy often employed to train models that generate content. These work by having two different neural networks, one that generates content similar to existing content, and one that detects the difference between generated content and the existing content. These networks learn in tandem, each time one network gets better the other one also gets better.
That this means is that building a content generator and a fake content detector are effectively two different sides of the same coin. Improvements to one can always be translated directly and in an automated way into improvements into the other one. This means that the generator will always improve until the detector is fooled about 50% of the time.
Note that not all of these models are always trained in exactly this way, but the point is that anything CAN be trained this way, so even if a GAN wasn't originally used, any kind of improved detection can always be directly translated into improved generation to beat that detection. This isn't just any ordinary "arms race", because the turn around time here is so fast there won't be any chance of being ahead of the curve... the generators will always win.
Why do these "AI detectors" keep getting advertised if they don't work?
- People are afraid of being saturated by fake content, and the media is taking advantage of that fear to sell snake oil
- Every generator network comes with its own free detector network that doesn't really work all that well (~50% accuracy) because it was used to create the generator originally, so these detectors are ubiquitous among AI labs. That means the people that own the detectors are the SAME PEOPLE that created the problem in the first place, and they want to make sure you come back to them for the solution as well.
Good summary of the issues. I've been fairly disappointed with what a lot of people think the AI text generators are good for - replacement for search engines, magic oracle that can tell you any fact, something to write legal briefs. And the people who generate documents and then don't even proof read or fact checking them before using them for something important... Some uses are good, like basic code generation for programming tasks, but many are just silly.
The instances where some professor with zero clue about how AI text generation works or the issues you outline here has told a student "My AI detector said this was generated!" have been absurd, like one professor with obvious serious misunderstandings told a student "I asked ChatGPT if it wrote this and it said yes."
Not to mention that this "AI" is in no way actually AI. It's just ML taken to a new level.
It's not an AGI, but it's still AI
There’s no real distinction between the two. We don’t have a definition of AI or intelligence — never have. Inside the field, ML has some recognized connotations, but outside of specialist literature, they’re just marketing fluff.
It's interesting that it started a conversation about "if this thing can make output exactly like a human, does it matter?" but I agree... it's not conscious or 'thinking' about what it says. The output sure can be convincing, though.
I think a huge way that it matters is that it doesn't ask questions.
That's a very good point. Even Eliza asked questions (and the last thing we need now is a ChatGPT therapist mode). It's also a matter of what it's programmed to do, but I don't believe that the system has awareness or curiosity.
There is a fundamental difference between recombinant regurgitation and creation.
The biggest issue with publicly available ML based text tools is that they're American centric. Detection of ChatGPT in the UK is simple - it creates texts using American spelling. And if you live outside of English speaking world, like most humans do, it's completely useless.
ChatGPT speaks other languages. It's actually a really good translator.
I just asked it to describe an organization using UK English and it indeed used 'organisation' instead (didn't check for other words).
Can it understand and create new compound words (in a language like German)? That's an issue I have with most spell checks and translators as well, it's forcing the language to be more like English
I’d say it works.
Looks like it does: https://chat.openai.com/share/1b487711-c1be-468a-877b-98091449b55e
I asked it to translate 'meeting agreements' to Dutch and it came up with the word 'bijeenkomstafspraken', which is a valid but very uncommon Dutch word (I'm native Dutch and don't think I've seen it before). If I throw it into google with quotes around it, the first page is results with 'bijeenkomst afspraken', where 'afspraken' is used as the past tense of 'afspreken' (to agree) instead of as its noun (agreements).
It btw also suggested 'vergaderafspraken' as a translation, which is a way more common word.
That's nice, thanks for checking. I thought ChatGPT only worked at the level of whole words but it seems it chops them up internally.
Correct, it's not just regurgitating words, it's predicting which token comes next. A token is sometimes a whole word, but for longer ones it's part of a word (and some other rules that define how tokenization works).
How it knows which token comes next is why the current generation of LLMs is so impressive. It seems to have learned the rules the underpin our languages, to the point that it seems to even understand the content. It doesn't just know the grammer rules (without anyone telling it, it just learned the patterns), it also knows which words belong to each other in which context.
It's your prompt + some preset other context (e.g. that it is an OpenAI LLM) that creates that context. So being able to predict a token correctly is one part, the other is having a good context. This is why prompt engineering quickly became a thing. This is also why supporting bigger contexts is another thing (but a larger context requires way more processing power, so there's a trade-off there).
It's btw not just the trained model + context that gives you the output of ChatGPT. I'm pretty sure there are layers before and after, possibly using other ML models, that filter content or make it more fit for processing. This is why you can't ask it how to make bombs, even though those recipes are in its training set and it very likely can create a recipe based on that.
I just ran a quick experiment, asking it to create compound German words. Easy. But maybe it just memorized them? So I asked it to create double-compound words (consisting of 2*2 = 4 words), and it delivered:
They all seem legit. Most are rare. I think this was the first time I read "Wassermelonensaftglas" as a native German reader. Sadly, the next iteration (compound words made from compound words made from compound words) failed, it just added one more word.
@ChatGPT@lemmings.world Was bedeuten diese Wörter?
Sicher! Hier sind die Bedeutungen:
Neat, that's a pretty reasonable definition for all of them, even for #11 (which I'm pretty sure isn't in its dataset, unlike the others which all have some matches on Google)
@chatgpt translate above message to English
-- Mark Twain, A Tramp Abroad
Okay, interesting. Of course it would be nice if languages were easy to understand and easy to learn. German seems to be on the hard end of this spectrum, but no language is free from unecessary complications like these. They all grew historically and organically, and were not constructed with accessibility in mind.
It is nearly impossible to get an objective view on languages, since each of us is inherently biased, and most of us don't speak another language so well that we could truly judge it. It's easy to spot silly things in other languages while we may be unaware of how difficult our mother language is to learn for foreigners.
The interpretation of the given examples feels wrong for me. While the technical part is correct, I think the conclusion is incorrect. For example, "Unabhaengigkeitserklärung" emphasizes the independence, while "Erklärung von Unabhängigkeit" emphasizes the demonstration. The two are not equivalent. Twain seemed to be ignorant about that and simply assumed a foreign language would follow the same rules as his own.
While I can understand Twains frustration in learning another language, his critique is based on a lack of understanding.
For some compound words, there is no straightforward equivalent. "Apfelbaum" (apple tree) could be "Baum, an dem Äpfel wachsen" (tree on which apples grow). But that leaves the question wether it's still an Apfelbaum when it does not grow apples in this moment, like in winter. "Baum des Apfels" (tree of the apple) can refer to a miniature tree on an apple. "Baum der Äpfel" (tree of the apples) might be okay.
Further, what he believes to be superior can sometimes be inferior. Consider cases like "The presentation on renewable energy technology investors." In this sentence, it's not clear whether "renewable energy technology" is a single entity modifying "investors," or if "renewable energy" and "technology investors" are separate entities, both modifying "presentation." The sentence could refer to a presentation for investors interested in renewable energy technology or to a presentation about investors who focus on renewable energy projects. Compound words prevent ambiguities like these.
Hyphens can help in these cases. They can also be used in German to make it easy to identify compound components, like it's required in https://en.wikipedia.org/wiki/Leichte_Sprache.
That's another interesting point to discuss. Which is easier for foreigners? Sure, a single, short word in itself is easy to learn. But it is a new word, which has to be learned. In this case, you have to learn which part of "memory" or "memorize" can be used, and which part must be replaced.
I also don't think "memorable" has the same meaning as "never-to-be-forgotten". Isn't "memorable" more fitting for positive things, while n-t-b-f is well suited for negative things? Was the Holocaust 'memorable'?
Honestly, I posted it more because I thought it was funny than anything. I didn't expect such a deconstruction, but it's interesting!
Well, I haven't used it for a while and according to comments below it changed a lot. So I stand corrected.
So far, yes, only because they’ve been developed in the US and therefore trained on US English text. Eventually someone can make models for other languages and regions, but it is a lot of work and very expensive.
I think Bing did a pretty good job at coming up with name suggestions for some Sims characters. Playing with a virtual doll house is in the more harmless end of the spectrum, but obviously people want to try LLMs with all sorts of tasks, where the stakes are much higher and consequences could be severe.
The more you use it, the more you’ll begin to understand how much you can or cannot trust an LLM. A sensible person would become more suspicious of the results, but people don’t always make sensible decisions.