Comment by merelysounds

Comment by merelysounds 2 days ago

3 replies

View on Hacker News

> the article didn't seem to explain how the prompt injection was actually done...

There is a short explanation in the “Nyquist’s nightmares” paragraph and a link to a related paper.

“This aliasing effect is a consequence of the Nyquist–Shannon sampling theorem. Exploiting this ambiguity by manipulating specific pixels such that a target pattern emerges is exactly what image scaling attacks do. Refer to Quiring et al[1]. for a more detailed explanation.”

[1]: https://www.usenix.org/system/files/sec20fall_quiring_prepub...

privatelypublic 2 days ago

Except it has nothing to do with N-S sampling theorem. Mentioning it at all is an extremely obnoxious red-herring. Theres no sine-wave to digitize here.

Its taking a large image, and manipulating the bicubic downsampling algorithm so they get the artifacts they want. At very specific resolutions at that.

Reply View 2 replies
  • LeifCarrotson 2 days ago

    The whole point of N-S sampling is that everything is a sine wave - more precisely, a sum of sine waves, often digitized to discrete values, but still, when you're doing image processing on a matrix of pixels, you can understand the convolutions by thinking about the patterns as sums of sines.

    Reply View 1 reply
    • gmueckl a day ago

      Slightly more technical: every function that is continuous on a finite support can be expanded into an infinite Fourier series. The terms of that series form an orthonormal basis in the Hilbert space over the function's support, so this transformation is exact for the infinite series. The truncated Fourier series converges monotonically towards the original function with increasing number of terms. So truncation produces an approximation.

      The beauty of the Fourier series is that the individual basis functions can be interpreted as oscillations with ever increasing frequency. So the truncated Fourier transformation is a band linited approximation to any function it can be appolied to. And the Nyquist frequency happens to be the oscillating frequency of the highest order term in this truncation. The Nyquist-Shannon theorem relates it strictly to the sampling frequency of any periodicaly sampled function. So every sampled signal inherently has a band limited frequency space representation and is subject to frequency domain effects under transformation.

      Reply View 0 replies