Am I missing something? The article seems to suggest it works via hidden text characters. Has OpenAI never heard of pasting text into a utf8 notepad before?

  • just another dev
    link
    fedilink
    English
    63 months ago

    Yeah, no chance they’d rely on something that would be so easy to defeat. Watermarking by using word patterns is far more likely.

    Still easy to defeat by just using another LLM to rephrase it though.

      • just another dev
        link
        fedilink
        English
        23 months ago

        They could, but adding random zero width characters into words would also destroy ever spell checker, giving it away immediately and making sure that even unaware people would filter it. Doing it outside the words would leave them with too few spots to use for proper watermarking.

        I think it’s far more likely they’ll use some kind of pattern in the tokens - that way the watermark will remain even when you don’t copypaste it.

        But yeah, as said, they will never tell how it’s implemented, but it can still be simply subverted.