CeeBee

CeeBee , 5 days ago

Ok, some context here from someone who built and worked with this kind tech for a while.

Twins are no issue. I'm not even joking, we tried for multiple months in a live test environment to get the system to trip over itself, but it just wouldn't. Each twin was detected perfectly every time. In fact, I myself could only tell them apart by their clothes. They had very different styles.

The reality with this tech is that, just like everything else, it can't be perfect (at least not yet). For all the false detections you hear about, there have been millions upon millions of correct ones.

CeeBee , 5 days ago

No they aren't. This is the narrative that keeps getting repeated over and over. And the citation for it is usually the ACLU's test on Amazon's Rekognition system, which was deliberately flawed to produce this exact outcome (people years later still saying the same thing).

The top FR systems have no issues with any skin tones or connections.

CeeBee , 5 days ago

For new stuff - "if it fails 1/100 times, then it's fine, so screw you".

The FMR (false match rate) for these systems is 1e-6. Which translates to about 0.000001% error rate or 99.999999% accuracy. And that number was from about 3 or 4 years ago. They are much better today.

How do I know? I worked in that industry building that kind of tech and read through the 500+ page NIST report on testing results for all the various Face Recognition vendors.

CeeBee , 5 days ago

This raises questions about how 'good' this technology is.

No it doesn't. For every 10 million good detections you only hear about the 1 or 2 false detections. The issue here are the policies around detections and how to verify them. Some places are still taking a blind faith approach to the detections.

CeeBee , 5 days ago (edited 5 days ago)

I promise I'm more aware of all the studies, technologies, and companies involved. I worked in the industry for many years.

The technical studies you're referring to show that the difference between a white man and a black woman (usually polar opposite in terms of results) is around 0.000001% error rate. But this usually gets blown out of proportion by media outlets.

If you have white men at 0.000001% error rate and black women at 0.000002% error rate, then what gets reported is "facial recognition for black women is 2 times worse than for white men".

It's technically true, but in practice it's a misleading and disingenuous statement.

Edit: here's the actual technical report if anyone is interested

https://pages.nist.gov/frvt/reports/1N/frvt_1N_report.pdf

CeeBee , 5 days ago

Or ever because there is no such thing as 100% in reality. You can only add more digits at the end of your accuracy, but it will never reach 100.

CeeBee , 5 days ago

Yes, because like I said, nothing is ever perfect. There can always be a billion little things affecting each and every detection.

A better statement would be "only one false detection out of 10 million"

CeeBee , 5 days ago

The truth is the numbers I cited are the 1:N stats. The 1:1 numbers are far higher, because you can immediately control for distance, lighting, angle, and gaze direction.

With my system I worked with had a 1:1 match rate that was statistically perfect (but nothing is ever 100%).

the technology simply shouldn't be used in those scenarios as it's entirely inappropriate, but that's a separate discussion.

Agreed. Its use as a payment system is just ridiculous.

CeeBee , 5 days ago

LMAO. You have no idea what I built the system for, and I have no skin in the game anymore as I moved on to a completely different industry that doesn't even use AI at all.

The implications of your argument is the same with flat earthers where they demand photographic proof of a spherical Earth, but when they are shown photos from space they simply say it's fake and NASA is in the lie.

Sometimes you just can't get past people's preconceived biases regardless of the facts.

CeeBee , 5 days ago

Considering the impact of these faults, it is obviously not good enough.

I was throwing a rough number out there, but the true error rate is lower than what I said. But when with those numbers this tech is statistically safer than driving a car.

The other half of the equation is policy management. Every single one of these systems should operate with human-in-the-loop. Meaning after a detection is made, it goes over to a person to make a "real" determination for accuracy.

CeeBee , 5 days ago

100%

I don't disagree with a word you said.

FR for a payment system is dumb.

CeeBee , 5 days ago (edited 5 days ago)

I have this problem with my face in the TSA pre and passport system

Interesting. Can you elaborate on this?

Edit: downvotes for asking an honest question. People are dumb

CeeBee , 5 days ago

What I'm saying is we had a deployment in a large facility. It was a partnership with the org that owned the facility to allow us to use their location as a real-world testing area. We're talking about multiple buildings, multiple locations, and thousands of people (all aware of the system being used).

Two of the employees were twins. It wasn't planned, but it did give us a chance to see if twins were a weak point.

That's all I'm saying. It's mostly anecdotal, as I can't share details or numbers.

CeeBee , 5 days ago (edited 5 days ago)

https://pages.nist.gov/frvt/reports/1N/frvt_1N_report.pdf

It's a 481 443 page report directly from the body that does the testing.

Edit: mistyped the number of pages

Edit 2: as I mentioned in another comment. I've read through this document many times. We even paid a 3rd party to verify our interpretations.

CeeBee , 5 days ago

https://pages.nist.gov/frvt/reports/1N/frvt_1N_report.pdf

CeeBee , 5 days ago

With that logic we would need to test the system on every living person to see where it fails.

The system had been tested ad nauseum in a variety of scenarios (including with twins and every other combination you can think of, and many you can't). In this particular situation, a real-world test in a large facility with many hundreds of cameras everywhere, there happened to be twins.

It's a strong data point regardless of your opinion. If it was the only one then you'd have a point. But like I said, it was an anecdotal example.

CeeBee , 5 days ago

That was a really garbage system then. Like disgracefully bad Fisher Price quality.

The reality is that there are more crap systems than really good ones out there. And there are as many algorithms and different ways of doing it as there are companies.

The system I developed was so good, even when we tried all kinds of shenanigans to trip it up, we just couldn't do it.

CeeBee , 5 days ago

Because using FR for a payment system is dumb.

Everyone here seems to be hyperfixated on the payment system aspect.

I'm talking purely in the context of FR tech being vastly better than what people think, since everyone has this Idea that FR tech doesn't work.

CeeBee , 5 days ago

My references are the NIST tests.

https://pages.nist.gov/frvt/reports/1N/frvt_1N_report.pdf

That might be the one you're looking at.

Another thing to remember about the NIST tests is that they try to use a standardized threshold across all vendors. The point is to compare the results in a fair manner across systems.

The system I worked on was tested by NIST with an FMR of 1e-5. But we never used that threshold and always used a threshold that equated to 1e-7, which is orders of magnitude more accurate.

And my opinion: Entities using facial recognition are going to choose the lowest bidder for their system unless there's a higher security need than, say, a grocery store. So, we have to look at the weakest performing algorithms.

This definitely is a massive problem and likely does contribute to poor public perception.

CeeBee , 5 days ago

Ya, most upvotes and downvotes are entirely emotionally driven. I knew I would get downvoted for posting all this. It happens on every forum, Reddit post, and Lemmy post. But downvotes don't make the info I share wrong.

CeeBee , 5 days ago

You know what overfitting is, right?

As you reply to someone who spent a decade in the AI industry.

This has nothing to do with overfitting. Particularly because our matching algorithm isn't trained on data.

The face detection portion is, but that's simply finding the face in an image.

The system I worked with used a threshold value that equates to an FMR of 1e-07. And it wasn't used in places like subways or city streets. The point I'm making is that in the few years of real world operation (before I left for another job) we didn't see a single false detection. In fact, one of the facility owners asked us to lower the threshold temporarily to verify the system was actually working properly.

CeeBee , 5 days ago (edited 5 days ago)

Ok, sure

Edit: the truth is that saying x% accuracy isn't entirely correct, because the Numbers just don't work that way. It's just a way we convey the data to the average person. I can't count the amount of times I've had asked "ok, but what doesn't mean in terms of accuracy? What's the accuracy percentage?"

And I understand what you're saying now. Yes I did have the number written down incorrectly as a percentage. I'm on mobile this whole time doing a hundred other things. I added two extra digits.

CeeBee , 5 days ago

Np.

As someone else pointed out in another comment. I've been saying the x% accuracy number incorrectly. It's just a colloquial way of conveying the accuracy. The truth is that no one in the industry uses "percent accuracy" and instead use FMR (false match rate) and FNMR (false non-match rate) as well as some other metrics.

CeeBee , 5 days ago

So you are saying yourself that your argument has nothing to do with what's in the article?..

OP said "reliability standards with a lot of nines have to be met". All I'm saying is that we're already there.

CeeBee , 5 days ago

Based on your comments I feel that you're projecting the confidence in that system onto the broader topic of facial recognition in general; you're looking at a good example and people here are (perhaps cynically) pointing at the worst ones. Can you offer any perspective from your career experience that might bridge the gap? Why shouldn't we treat all facial recognition implementations as unacceptable if only the best -- and presumably most expensive -- ones are?

It's a good question, and I don't have the answer to it. But a good example I like to point at is the ACLU's announcement of their test on Amazon's Rekognition system.

They tested the system using the default value of 80% confidence, and their test resulted in 20% false identification. They then boldly claimed that FR systems are all flawed and no one should ever use them.

Amazon even responded saying that the ACLU's test with the default values was irresponsible, and Amazon's right. This was before such public backlash against FR, and the reasoning for a default of 80% confidence was the expectation that most people using it would do silly stuff like celebrity lookalikes. That being said, it was stupid to set the default to 80%, but that's just hindsight speaking.

My point here is that, while FR tech isn't perfect, the public perception is highly skewed. If there was a daily news report detailing the number of correct matches across all systems, these few showing a false match would seem ridiculous. The overwhelming vast majority of news reports on FR are about failure cases. No wonder most people think the tech is fundamentally broken.

A rhetorical question aside from that: is determining one's identity an application where anything below the unachievable success rate of 100% is acceptable?

I think most systems in use today are fine in terms of accuracy. The consideration becomes "how is it being used?" That isn't to say that improvements aren't welcome, but in some cases it's like trying to use the hook on the back of a hammer as a screw driver. I'm sure it can be made to work, but fundamentally it's the wrong tool for the job.

FR in a payment system is just all wrong. It's literally forcing the use of a tech where it shouldn't be used. FR can be used for validation if increased security is needed, like accessing a bank account. But never as the sole means of authentication. You should still require a bank card + pin, then the system can do FR as a kind of 2FA. The trick here would be to first, use a good system, and then second, lower the threshold that borders on "fairly lenient". That way you eliminate any false rejections while still maintaining an incredibly high level of security. In that case the chances of your bank card AND pin being stolen by someone who looks so much like you that it tricks FR is effectively impossible (but it can never be truly zero). And if that person is being targeted by a threat actor who can coordinate such things then they'd have the resources to just get around the cyber security of the bank from the comfort of anywhere in the world.

Security in every single circumstance is a trade-off with convenience. Always, and in every scenario.

FR works well with existing access control systems. Swipe your badge card, then it scans you to verify you're the person identified by the badge.

FR also works well in surveillance, with the incredibly important addition of human-in-the-loop. For example, the system I worked on simply reported detections to a SoC (with all the general info about the detection including the live photo and the reference photo). Then the operator would have to look at the details and manually confirm or reject the detection. The system made no decisions, it simply presented the info to an authorized person.

This is the key portion that seems to be missing in all news reports about false arrests and whatnot. I've looked into all the FR related false arrests and from what I could determine none of those cases were handled properly. The detection results were simply taken as gospel truth and no critical thinking was applied. In some of those cases the detection photo and reference (database) photo looked nothing alike. It's just the people operating those systems are either idiots or just don't care. Both of those are policy issues entirely unrelated to the accuracy of the tech.

CeeBee , 5 days ago

Fair enough

CeeBee , 5 days ago

We were cheaper on both hardware and software costs than just about anyone else, and we placed easily in the top 5 for performance and accuracy.

The main issue was the covid came around, and since we're not a US company and the vast majority of interest was in the US we were dead in the water.

What I've learned through the years is that the best rarely costs the most. Most corporate/vendor software out there are chosen by just about every consideration aside from quality.

CeeBee , 5 days ago (edited 5 days ago)

But for everyone else who is just trying to live their life, this can be extremely invasive technology.

Now here's where I drop what seems like a whataboutism.

You already have an incredibly invasive system tracking you. It's the phone in your pocket.

There's almost nothing a widespread FR system could do to a person's privacy that isn't already covered by phone tracking.

Edit: and including already existing CCTV systems that have existed for decades now. /edit

Even assuming a FR system is on every street corner, at best it knows where you are, when you're there, and maybe who you interact with. That's basically it. And that will be limited to just the company/org that operates that system.

Your cellphone tracks where are you, when you're there, who's with you, the sites you visit, your chats, when you're at home/friends place, how long you're there, can potentially listen to your conversations, activate your camera. On and on.

On the flip side a FR system can notify stores and places when a previous shoplifter or violent person arrives at the store (not trying to fear monger, just an example) and a cellphone wouldn't be able to do that.

The boogyman that everyone sees with FR and privacy doesn't exist.

Edit 2: as an example, there was an ad SDK from a number of years ago that when you had an app open that used that SDK it would listen to your microphone and pickup high pitched tones from TV ads to identify which ads were playing nearby or on your TV.

https://arstechnica.com/tech-policy/2015/11/beware-of-ads-that-use-inaudible-sound-to-link-your-phone-tv-tablet-and-pc/

https://www.forbes.com/sites/thomasbrewster/2015/11/16/silverpush-ultrasonic-tracking/

CeeBee , 5 days ago

I think from a purely technical point of view, you’re not going to get FaceID kind of accuracy on theft prevention systems. Primarily because FaceID uses IR array scanning within arm’s reach from the user, whereas theft prevention is usually scanned from much further away. The distance makes it much harder to get the fidelity of data required for an accurate reading.

This is true. The distance definitely makes a difference, but there are systems out there that get incredibly high accuracy even with surveillance footage.

CeeBee , 5 days ago

people with totally different facial structures get identified as the same person all the time with the "AI" facial recognition

All the time, eh? Gonna need a citation on that. And I'm not talking about just one news article that pops up every six months. And nothing that links back to the UCLA's 2018 misleading "report".

I'm assuming Apple's software is a purpose built algorithm that detects facial features and compares them, rather than the black box AI where you feed in data and it returns a result.

You assume a lot here. People have this conception that all FR systems are trained blackbox models. This is true for some systems, but not all.

The system I worked with, which ranked near the top of the NIST FRVT reports, did not use a trained AI algorithm for matching.

CeeBee , 4 days ago

I've been hearing about them being wrong fairly frequently, especially on darker skinned people, for a long time now.

I can guarantee you haven't. I've worked in the FR industry for a decade and I'm up to speed on all the news. There's a story about a false arrest from FR at most once every 5 or 6 months.

You don't see any reports from the millions upon millions of correct detections that happen every single day. You just see the one off failure cases that the cops completely mishandled.

I'm assuming that of apple because it's been around for a few years longer than the current AI craze has been going on.

No it hasn't. FR systems have been around a lot longer than Apple devices doing FR. The current AI craze is mostly centered around LLMs, object detection and FR systems have been evolving for more than 2 decades.

We've been doing facial recognition for decades now, with purpose built algorithms. It's not mucb of leap to assume that's what they're using.

Then why would you assume companies doing FR longer than the recent "AI craze" would be doing it with "black boxes"?

I'm not doing a bunch of research to prove the point.

At least you proved my point.

CeeBee , 4 days ago

GrapheneOS isn't a complete solution, especially if you still use things like Facebook and Whatsapp. Although it is a massive plus to privacy.

Quick question. I've been hesitating with jumping to Graphene for a little while now. The two things that have held me back is losing access to Google Camera and Android Pay (or Google Pay, or Google Wallet, or Android Wallet. Whatever Google's calling it these days).

The Google Wallet feature I think has taken care of itself. They pushed an update that requires you to re-authenticate after the initial tap for "security". Which means half the time the transaction fails and the cashier has to redo the payment process. So I just gave up and have gone back to tapping with my cards directly for the past month.

So that just leaves the Google Camera. How's the quality with Graphene?

CeeBee , 4 days ago

I'm using a Pixel 7 right now, and I love the camera. I'm not sure I'll be happy if I lose all the camera features.

Thanks for replying

CeeBee , 4 days ago

Ok, now that's awesome! I'm installing it now. Thanks!

CeeBee , 4 days ago

I posted my sides across many comments. But the same argument applies to everyone saying the opposite.

CeeBee , 7 days ago

That just sounds like the Internet in a nutshell for various topics.

CeeBee , 16 days ago

It's theoretically possible, but the issue that anyone trying to do that would run into is consistency.

How do you restore the snapshots of a database to recover deleted comments but also preserve other comments newer than the snapshot date?

The answer is that it's nearly impossible. Not impossible, but not worth the massive monumental effort when you can just focus on existing comments which greatly outweigh any deleted ones.

CeeBee , 16 days ago

It can be done quite easily, trust me.

The words of every junior dev right before I have to spend a weekend undoing their crap.

I've been there too many times.

There are always edge cases you need to account for, and you can't account for them until you run tests and then verify the results.

And you'd be parsing billions upon billions of records. Not a trivial thing to do when running multiple tests to verify. And ultimately for what is a trivial payoff.

You don't screw around with infinitely invaluable prod data of your business without exhausting every single possibility of data modification.

It's a piece of cake.

It hurts how often I've heard this and how often it's followed by a massive screw up.

CeeBee , 16 days ago (edited 16 days ago)

There are so many ways this can be done that I think you are not thinking of.

No, I can think of countless ways to do this. I do this kind of thing every single day.

What I'm saying is that you need to account for every possibility. You need to isolate all the deleted comments that fit the criteria of the "Reddit Exodus".

How do you do that? Do you narrow it down to a timeframe?

The easiest way to do this is identify all deleted accounts, find the backup with the most recent version of their profile with non-deleted comments, and insert that user back into the main database (not the prod db).

Now you need to parse billions upon billions upon billions of records. And yes, it's billions because you need the system to search through all the records to know which record fits the parameters. And you need to do that across multiple backups for each deleted profile/comment.

It's a lot of work. And what's the payoff? A few good comments and a ton of "yes this ^" comments.

I sincerely doubt it's worth the effort.

Edit: formatting

CeeBee , 15 days ago

This makes me thing you don't understand my meaning. I think you're talking about one day reddit decides to search for an restore obfuscated and deleted comments.

Yes, that is what we're talking about. There were a large amount of users that updated their comments to something basic and then deleted those comments. I'm fairly confident that before they happened they had zero need to implement a spam prevention system like you're suggesting. The fact that all those users' (including myself) comments are still <deleted> is evidence of that.

They may have implemented someone like that recently, but not before.

CeeBee , 24 days ago

I've tried a lot of scenarios and languages with various LLMs. The biggest takeaway I have is that AI can get you started on something or help you solve some issues. I've generally found that anything beyond a block or two of code becomes useless. The more it generates the more weirdness starts popping up, or it outright hallucinates.

For example, today I used an LLM to help me tighten up an incredibly verbose bit of code. Today was just not my day and I knew there was a cleaner way of doing it, but it just wasn't coming to me. A quick "make this cleaner: <code>" and I was back to the rest of the code.

This is what LLMs are currently good for. They are just another tool like tab completion or code linting

CeeBee , 1 month ago

CUDA and AI stuff is very much Linux focused. They run better and faster on Linux, and the industry puts their efforts into Linux. CNC and 3D printing software is mostly equal between Linux and Windows.

The one thing Linux lacks in this area is CAD support from the big players. FreeCAD and OpenCAD exist, and they work very well, but they do miss a lot of the polish the proprietary software has. There are proprietary CAD solutions for Linux, but they're more industry specific and not general purpose like AutoCAD.

CeeBee , 1 month ago

Linux is sadly very messy for a sysadmin.

wut?

CeeBee , 1 month ago

I can’t quite put my finger on what exactly makes me feel so strongly, but it’s something to do with how sentences and paragraphs are constructed.

It has the classic 3 section style. Intro, response, conclusion.

It starts by acknowledging the situation. Then it moves on to the suggestion/response. Then finally it gives a short conclusion.

CeeBee , 1 month ago

Maybe waiting to see which side comes out on top. Kinda like Volkswagen. (Yes I know I didn't exactly happen like that)

CeeBee , 1 month ago

That's not AI tho.

What do you mean?

CeeBee , 1 month ago

I worked in the object recognition and computer vision industry for almost a decade. That stuff works. Really well, actually.

But this checkout thing from Amazon always struck me as odd. It's the same issue as these "take a photo of your fridge and the system will tell you what you can cook". It doesn't work well because items can be hidden in the back.

The biggest challenge in computer vision is occlusion, followed by resolution (in the context of surveillance cameras, you're lucky to get 200x200 for smaller objects). They would have had a really hard, if not impossible, time getting clear shots of everything.

My gut instinct tells me that they had intended to build a huge training set over time using this real-world setup and hope that the sheer amount of training data could help overcome at least some of the issues with occlusion.

CeeBee , 1 month ago

I'll bring the snacks!