The point of this video was to revert the metadata of the Cleaned Up file back to what it was before the operation, not only to remove the watermark. Taking a screenshot (removes all metadata) or just removing Credit and Digital Source Type (keeping residual changes) work to remove the watermark, but are not what I am trying to achieve.

i generated so much misleading content and distributed it. Thank to my best friend and accomplice Evan Zhou

If they use the super-nerd method by hiding the metadata, I think lots of people would be screenshotting their images if they wanted to get rid of the watermark.

I don’t think the watermark is there to prevent people from being misled. It’s more likely there to advertise the feature to others so they will be curious about it and upgrade.

Watermarking with steganography generally isn't robust against simple transformations like scaling and cropping or adding a very light layer of noise. A determined user will always be able to remove the watermarks because they have full access to the file, so the effort of a high tech watermark is wasted when they know the vast majority of people simply won't bother

Marking ai images will never EVER be an option. Instead cameras have to cryptographically hash and sign a photo at the time of taking the picture, so you can tell that the photo is not manipulated. Imagine telling people to mark fake currency.... You'd get admitted to a mental hospital

*@5:15 no, not really possible. You'd just add some soft noise to the image (a new, different command line tool), and it will be gone again.

I'm just happy the watermark wasnt a giant apple logo in the corner lol

Bro made a whole ass video about just blindly deleting some fields of an images metadata

IDK if it’s lazy… it’s likely more scalable given that all platforms can read EXIF metadata

bro got the mark rober playlist goin hard 🥵🔥‼️🔊

Is steganography really more robust? I mean what if I just re-encode it as JPEG with a high quality setting? Sure the image quality would technically decrease but it's less effort than figuring out what exif data fields to remove and a better result than when you remove all exif data.

The Mark Rober music has me rolling

The clean up watermark became cleaned up

i love seeing things in videos taken on my birthday

2:10 I think it'd be more reasonable to store it in exif, otherwise only apple devises would be able to decrypt it and for all non apple devices (and apple devices that arent aware of such watermark existing, maybe for someone with older iOS or whatewer apple's OSs are called) the photo would look like a normal photo without the watermark basically getting rid of the sole purpose this watermark exists in the first place

The reality is that it doesn't matter how they embed this information, it's a quick reverse-engineer away and completely removable. Someone could just reverse the photos app, figure out what apple is looking at, then build and app to fix it. You'd have an open source tool (probably written in python) available by the time iOS18 came out.

I genuinely don’t understand why there are so many negative comments, he simply wanted to show a proof of concept and explained that very clearly. Love your videos, keep it going ❤👋

"please do not use this method to generate any misleading content"

They're not going to implement steganography . Mostly because there is no sane way to mark an image as AI generated and hope it will persist beyond even mild tweaking of the file. There is just too much freedom of control over the information itself. Perhaps if the images were locked down in the iOS ecosystem or something it would be a little bit easier box in, but as it stands now, the exif data is the most practical.

Using anything beyond simply storing the watermark in the metadata would be unnecessary and excessive. In terms of security, it’s crucial to focus on the weakest link. If someone is determined to remove the watermark, they can easily take a screenshot of the image. Those who are more committed and care about preserving the original metadata would also find ways to remove more advanced techniques, such as steganographic watermarks. Therefore, embedding the watermark in the metadata is the simplest and most efficient solution.

you know shit is going to get real when the mark rober music plays

great job im sure your little disclaimer is going to work!

you would have to compare the metadata you edited to the original, cuz if someone is checking whether a pic was cleaned up, they’ll see the missing values. very possible that the unedited has those values set to different things but still there.

🤌 Well, note really: The AI generated patches still have a pixel noise finger print mask that are resilient against blur, compression artifacts, screenshots incl shifting perspective and morphing. Plenty of research papers how adobe, google incl apple do it. Removing the EXIF data is more like removing the sticker label. Not the watermark.

good video, i've been to that shoreline before.

Bro made a whole ahh video when you can just take a screenshot...

Just take a screenshot and crop it...

Robust watermarks for modified images are impossible. You can only have a watermark for an original unedited image which stops working if any modifications at all are made to the image. (such as your device using a user-inaccessible cryptographic key to sign the image (including its metadata) upon taking a photo) That way, while someone still can just take out their camera to take a photo of a photo to give it authentic status, if you modified metadata, that original status gets lost, so if your location metadata shows that you were at home photographing something in a different country, which happened at a different point in time, that would be information which could be used to prove your image is merely a photo of a different photo. Much more sensible than trying to do the reverse where this video has shown precisely why it doesn't work well.

If they use the image route, modifying the image with markup or other image apps could easily remove the message, Most likely they wont

what about copying and pasting the metadata from the unaltered photo?

I think this is just for the average person, if you're capable of changing metadata you're probably capable of just running a model outside of IOS anyway.

0:35 GIMP it no EXIF

>location: monterey LETS GOOOOO

The only solution to this issue is something like C2PA encryption and it being supported on social platforms as well

this is like the nft monkey image all over again

apple taking notes

Steganography for AI misled images must be implemented, even going as far as using MD5s or SHAsum to add "chaos" and complexity to removing those watermarks. Nevertheless Screenshots exist, either built in or external capture, so it will take more creativity to sollve the problem, let the community forums brainstorm ideas

you still didnt find the exact metadata to erase after diffing

wouldn't it have been much easier to just copy the original exif data and just replace the new exif data with that

I think digital sign is required to resolve this issue. Use private key stored at app server or T2 chip to sign the original photo. Any modification will breaks the signature.

how tf did you squeeze an almost 6 minute video from simple exif metadata removal?

> Import image to Adobe Photostop > Export as a new rendered project photo Tada!

Evan I don't think you have to disclose that this is some terrible vulnerability on apple's part, I strongly doubt they even remotely see it that way. I also doubt anyone who wanted to misinform with images would use apple intelligence as their primary tool

I would expect any half decent attempt at fingerprinting an image as AI generated by the AI itself to fully embed itself within the areas that are tampered with.

it would've been more interesting if you decompiled photos or at least removed the ones irrelevant to the badge showing up from the command

Good video for a small channel but you have to speed through some of these ideas and steps faster

The pixels of themselves contain watermark embedded by whatever diffusion model they are using for inpainting.

They probably have other means to identify the use of their AI tools, if even just an analysis of artifacts of the algorithm. Probably left for more forensic uses with law enforcement.

wouldn't it be easier to simply exchange the metadata of the new picture with the old pictures?

your idea of stenography would NOT WORK, Apple can't control what every other device manufacturer and software developer put on an image, so any stenographic solution would produce a random result on pictures not created by apple. and even if it was an extremely rare chance of false positive, you'd still be one bit away from removing the mark. Don't fell bad thou, the problem is unsolvable

What about the C2PA specification? Apple seems not to have implemented that. It might come.

you could also just use the old metadata on the edited photo

Guys this stuff is not new AT ALL! This has been in Photoshop since at least 2012.

You should try this when all Apple intelligence has been released for at least 3 months

Apple seeing this video : 👁👄👁

Short and easy way: screenshot the AI Clean Up image and then crop it

You can narrow down properties by removing one by one

how could you this song is owned by mark rober

why tho?...

i guess apple knows people will just screenshot it anyways. this is not their top priority.

Bro, it doesn't even matter. If you were actually trying to deep fake something, you would use something better and something that doesn't watermark the image at all.

Just do clean up, and then throw that image over the meta data image using an app or something. Now save it.

I could not relate more to 1:57 trying to build an app using python and then looking at the debug file only to see this or when you open a random file from your mac library

Hiding the watermark using stegonography inside the picture itself isn't very robust either, since any form of re-encoding the image (say by converting a jpg into a webp or vice versa) would mean you'd loose that watermark. Basically any form of lossy image compression would immediatly loose that watermark... Unless ofc they'd put a visible watermark inside the picture alá unpaid stock-photo. That would be the only, non-easily removable watermark. But ofc that would also annoy users a lot more...

iSheep detected "the biggest company on the world" 🤣🤣

See, Samsung is a bit more confusing but with AI you can remove the AI watermark which is pretty funny

Actually, if u download and upload ur file to lets say Google Drive and view it, you can then take a full resolution screenshot. I'm not gonna share how to here but look it up.

The vid could have been a 30 second tiktok 😂

Because harder imprint is unnecessary. This is not a top secret tool after all. If the uploader intended to avoid the label, he could just edit the phone using open source solutions instead.

That font you are using is FiraCode

yeah, this is what i kind of expected. the average person is just gonna screenshot anyways cuz they lazy

Nice video, but it’s not a proof of concept - it is a guide :)

sound owned by mark rober

just use the ai, to delete the ai. 🤯

Ok so some quick thoughts: 1. I mean u could just overwrite the edited image's metadata with the originals. That would give you exactly what you wanted. All the info, no "watermark." More straightforward than selective deletion 2. Have you tried finetuning the CLI command? Maybe only one of the fields created the watermark, so you don't need to remove them all. 3. If they hid the watermark in the image, it would be better, because it could be resistant to screenshotting. The original image is 5943 by 7924 (as shown in your video). Screenshotting would reduce that down to the iPhone 15's resolution, so 1179 by 1572, or roughly 25x smaller. If we assume Apple's steganographic CleanUp signature modifies 100 bits in the original image, they will only need 2421 bits of parity for it to survive the compression/data loss from the screenshot. The full image has 5943px*7924px*24bits/px = 1130215968 bits, so 2421 is 2 percent of a percent of a percent of the original file, so no noticeable change. Being Apple, they obviously will have some sort of algorithmic or mathematical trick to reduce that number. Or the photos app can simply remove that steganographic signature from the original, render the image at the iPhone's resolution, but add back the signature first, that way, no need for parity, as the screenshot will contain the original signature without the compression effect from what is essentially "super sampling"/"pixel binning" ruining it (assuming Apple is merging several image pixels into one display pixel, rather than stochastic sampling among the image pixels covered by each display pixel) thus only taking those 100 bits, essentially unharming the image quality.

0:40 mark rober music

dopepics AI fixes this. Remove Apple's AI watermark journey.

this video could’ve been only 1 minute

Let’s be clear ai photography is not photography.

Screenshot plus manually adding metadata will fool 90%

embedding the data in the image would only really work if you kept the info private and other services would not know how to read that

did bro just make a whole ass video instead of taking a screenshot ?

It'd work if you just take a screenshot of the image you modified...I tried, it shows nothing lol, that's a really easy way to get around that.

so... is there anything... new to this?

Mark Rober ahh video

At least I don’t have to use apps to remove stuff in thepic

Please don't do that.

Could something like this be done to images that came from image playground granted you’d need to get the images out of image playground and into photos I’d assume Apple added a special field in the metadata specifically for this although it could also be using the field handling which app something came from (ie saved from Safari being applied to anything downloaded from safari)

Sounds kinda easy just rewrite the image data with JS onto a canvas then put the old meta data back in I think it would work never tested

cool video but i can smell your breath from your voice and i don't even know how that works

Now just tell me its not pointless. There is an eraser button next to the watermark, it does the same job or whats its purpose?

why do you need to get rid of it?

Is there any way to create a Shortcut in iOS to make this change automatically?

hmm. mark + rober

Apple just copied Google Magic editor. Great job apple!

At that point, just use photoshop or a free photo editor to do whatever lol

Well done good sir, stuff like this is always fun to do :)

Why would you "expect something more robust" from yet another tech giant rushing to get into AI like everybody else?

Embedding the flag with steganography wouldn't be worth their time because people would reverse engineer it or just screenshot the image anyway. It would be a cat-and-mouse game that Apple isn't interested in taking on.