A couple weeks ago, I found myself in Kansas for another of Kim’s ultramarathon races. This time, my son John was also running his first ultra, so I was crewing two people.

(I know, I know, it appears ultramarathon running is contagious, doesn’t it? Don’t worry – I’ve been very careful and have so far avoided catching it, despite repeated exposure to infected people.)

This particular race was on the rocky Elk River Hiking Trail in southeastern Kansas. It’s a site we’ve visited often enough that I’ve developed some favorite spots for photography. You might be surprised by what those favorite spots look like. There’s not a lot of grassland available along the trail, and much of it is pretty heavily infested with invasive plants. I’m sure there are pretty prairies in the vicinity. However, I’m trying to fit photography into prescribed windows of time, so I have to stay close to the aid stations where I meet my runner(s) to hand them food, water, dry socks, and whatever else they need. I

As a result, those small, invaded sites are what I have to work with. And I’ve found some pretty great photographic opportunities in them over the years, actually. On this trip, I was fighting some wind and working in small windows of time, but still managed to enjoy myself.

One of those favorite sites is an abandoned road that leads down to a shallow bit of Elk City Lake. The road is lined with eastern red cedar trees and has both sericea lespedeza and Caucasian bluestem growing up through the cracks in the asphalt. What more could a nature photographer want?

Eastern red cedar is a native tree in North America, but is acts as an invaider because of fire suppression after European colonization. Sericea lespedeza and Caucasian bluestem are non-native and invasive plants that can form big monoculture patches (and are extraordinarily difficult to control/contain). BOOOOO!

On the other hand, there was a lot of insect action on those invasive plants, and as a photographer with limited time, I was happy to use what was before me. My first observation was that the cedar trees were loaded with what I think were western leaf-footed bugs. There were hundreds of them, both adults and nymphs. I’m pretty sure they were feeding on the fruits of the cedars (see the photo below) but most of them seemed to be mainly lounging around.

After returning home, I did some research, but didn’t find mention of eastern red cedar as a food plant for the western leaf-footed bug. That doesn’t necessarily mean much, since my investigation consisted solely of a brief Google search. It does appear the bugs feed on other trees, at least. Plus, I could have my insect identification wrong in the first place, which would make my Google search meaningless. I’d be curious to hear from anyone who has seen this species before, especially if you’ve seen big congregations on cedar trees.

The race was back in late September, and even in southern Kansas, a lot of wildflowers had finished blooming for the year. Sericea lespedeza, though, was still going strong. Whether because of the limited options or because it’s really nutritious, a lot of nectar-feeding insects were hanging out on the invasive lespedeza. Most of those were butterflies. I’ve given up on guessing the identity of skippers, but I recognized some of the other butterfly species.

One of the butterflies I recognized was the American snout butterfly – the first I’ve ever seen in real life. They’re not common in the prairies I most often hang out in, so it was pretty cool to see one, and nice of it to hang around long enough for several photographs. I also photographed a gray hairstreak, which is also pretty, but very familiar to me, so it wasn’t quite as exciting.

The surrounding area did have a few other flowers blooming here and there, including a little patch of broom snakeweed and a native thistle (maybe tall thistle?). Those flowers also had a lot of pollinator activity. The snakeweed was attracting mainly flies and small bees, and the thistle attracted several butterflies during the few minutes I watched it.

I followed the road all the way to the upper reaches of Elk City Lake and found the water all gone. I wandered around on the mostly dry lake floor, which had been free of standing water long enough for lots of little annual grasses and sedges to sprout. I found some cricket frogs and chased them around a little with my camera. There were also lots of carcasses of European carp and some kind of gar. I’m sorry I’m not proficient enough in my dead fish identification to tell you what kind of gar it was.

One of the last photos I took that day is a mystery. It was a cocklebur hanging from a grass leaf in the middle of the abandoned road. The bur was half coated with dried mud, which also appeared to be what was sticking it to the grass leaf.

How did it get there? Was it placed intentionally or did it get rubbed off as a person or other animal brushed past the grass? Because insects are often on my mind, I wondered if there was something living inside the mud or bur, but didn’t open it up because I needed to get to the aid station before Kim did.

Mysteries are always fun, but they’re especially fun when you can figure out the solution. Help?

So, there’s my adventure in the great wilds of southeastern Kansas. I think there are a couple important lessons from the day. One is that even invasive species can provide some value. The species themselves aren’t inherently bad, after all. They’re trying to survive where they are and it’s not their fault they’ve been placed where they are problematic to others (or that there was a change in the people managing their landscape and that most of the new people don’t much like fire). The insects I photographed on the cedar and lespedeza were benefitting from those species, and good for them.

That doesn’t mean, by the way, that sericea lespedeza and eastern redcedar aren’t problematic. Of course they are. But it’s nice to be reminded that there’s some complexity to the way they interact with their surroundings.

The other big lesson is one I’ve learned many times. You can find amazing nature stories and species just about anywhere. I spent a couple hours happily exploring an abandoned road lined with invasive plants. There was plenty to observe and photograph. My square meter photography project, of course, is another example of how much can be found within a small area.

This is a lesson we need to share with everyone around us. Nature isn’t just for people willing to venture into remote areas high in the mountains, out into expansive grasslands, or deep into forests. Nature is all around us and worthy of our attention and admiration.

This weekend a story from ABC News on issues with audio transcription machine learning models did the rounds.

“Researchers say an AI-powered transcription tool used in hospitals invents things no one ever said”

But Whisper has a major flaw: It is prone to making up chunks of text or even entire sentences, according to interviews with more than a dozen software engineers, developers and academic researchers. Those experts said some of the invented text — known in the industry as hallucinations — can include racial commentary, violent rhetoric and even imagined medical treatments.

It took me a couple of days to find the time to properly dig into it and it’s a mixed bag. The report highlights a number of very serious and real issues, but in the process glosses over a few details that might be important.

It mixes anecdotal evidence with studies, that use varying versions of OpenAI’s Whisper, wrapped in a range of different software, using a variety of audio types.

Audio quality, length, number of voices, speech patterns matter a lot, and the longer the recording the more likely it is to have errors

But, there are two core conclusions to take away from it.

The Nabla service itself seems flawed

First, the Nabla service, an audio transcription and summarisation service that targets medical professionals, is specifically using Whisper in a context that OpenAI itself recommends against.

Nabla seems to have what at first glance look like several major design flaws, the biggest one being the automatic deletion of the original audio making verification impossible.

Others have dug into issues with the Nabla service itself and discovered a number of issues.

To summarise:

• It transcribes using a service specifically not intended for a medical context
• Then summarises using an LLM to create a statement that’s supposed to go into the patient’s Electronic Medical Record.
• Then deletes original recordings,
• The storage of the transcripts and summaries seem iffy in terms of both privacy and regulatory compliance
• The privacy safeguards as documented seem a bit contradictory.

There’s plenty of reason to be sceptical of the service, even without getting into the issues with OpenAI’s Whisper.

But…

OpenAI’s Whisper model also seems flawed

The second core observation to come out of the report is one from the one study it cites that isn’t just anecdata (PDF), which seems to show a 1-2% hallucination rate depending on speech types.

In the study each audio segment represents, roughly, a sentence. This would mean, according to the study’s results, that about 1 or 2 of every 100 sentences would seem to contain a fabrication.

This explains why individual users will not notice the errors in normal use. 1% is very easy to miss, especially because these models tend towards plausible fabrications, but it could be catastrophic at scale depending on the industry in question.

What’s worrying is the analysis seems to show that a good chunk of the fabrications, or 40%, are outright harmful. The categorisation the study uses are:

• “Perpetuations of Violence”. Portrayals or implications of violence.
• “Inaccurate Associations”. Made-up names, relationships, locations, or health statuses.
• “False Authority”. Hallucinations that misrepresent the speaker source.

That basically means that 1 out of roughly every 200 sentences transcribed contains a harmful fabrication of some sort.

Together, this would mean that if this tech is rolled out widely in sensitive industries such as healthcare, even with some safeguard, it would be very likely to result in the serious harm or even death for a non-trivial number of people.

But the news is not entirely dire for using machine learning for transcription as the researchers ran the study’s tests on competing audio transcription models and those results were very different:

Notably, we found no evidence of hallucinations in competing speech recognition systems such as Google Speech-to-Text (tested in April 2023) or the latest Google Chirp model (tested in December 2023): we identified exactly 0 comparable hallucination concerns (as defined above) from Google’s products out of the 187 identified audio segments. We similarly identified exactly 0 comparable hallucination concerns among the same 187 audio segments from Amazon, Microsoft, AssemblyAI, and RevAI speech-to-text services (tested in January 2024). This could indicate that advancements in generative language models such as PaLM2 (underlying Google Bard) were not being used in a similar manner in competing speech-to-text systems. As such, we believe hallucinations to currently be an OpenAI-specific concern

The phrase “as such, we believe hallucinations to currently be an OpenAI-specific concern” deserves a call-out as I think that might end up being a recurring pattern in the future. Whatever the “AI” industry does, OpenAI seems to be doing with less care, less safety, and more haphazard governance.

I took a picture looking down a lane at sunset and liked the way it came out, so I prettied it up a bit in Lightroom to post on Mastodon. When I exported the JPG, I was suddenly in the world of C2PA, so here’s a report on progress and problems. This article is a bit on the geeky side but I think the most interesting bits concern policy issues. So if you’re interested in online truth and disinformation you might want to read on.

If you don’t know what “C2PA” is, I immodestly think my introduction is a decent place to start. Tl;dr: Verifiable provenance for online media files. If for some reason you think “That can’t possibly work”, please go read my intro.

Here’s the Lightroom photo-export dialog that got my attention:

There’s interesting stuff in that dialog. First, it’s “Early Access”, and I hope that means not fixed in stone, because there are issues (not just the obvious typo); I’ll get to them.

Where’s the data?

There’s a choice of where to put the C2PA data (if you want any): Right there in the image, in “Content Credentials Cloud” (let’s say CCC), or both. That CCC stuff is (weakly) explained here — scroll down to “How are Content Credentials stored and recovered?” I think storing the C2PA data in an online service rather than in the photo is an OK idea — doesn’t weaken the verifiability story I think, although as a blogger I might be happier if it were stored here on the blog? This whole area is work in progress.

What surprised me on that Adobe CCC page was the suggestion that you might be able to recover the C2PA data about a picture from which it had been stripped. Obviously this could be a very bad thing if you’d stripped that data for a good reason.

I’m wondering what other fields you could search on in CCC… could you find pictures if you knew what camera they were shot with, on some particular date? Lots of complicated policy issues here.

Also there’s the matter of size: The raw JPG of the picture is 346K, which balloons to 582K with the C2PA. Which doesn’t bother me in the slightest, but if I were serving millions of pictures per day it would.

Who provided the picture?

I maintain that the single most important thing about C2PA isn’t recording what camera or software was used, it’s identifying who the source of the picture is. Because, living online, your decisions on what to believe are going to rely heavily on who to believe. So what does Lightroom’s C2PA feature offer?

First, it asserts that the picture is by “Timothy Bray”; notice that that value is hardwired and I can’t change it. Second, that there’s a connected account at Instagram. In the C2PA, these assertions are signed with an Adobe-issued certificate, which is to say Adobe thinks you should believe them.

Let’s look at both. Adobe is willing to sign off on the author being “Timothy Bray”, but they know a lot more about me; my email, and that I’ve been a paying customer for years. Acknowledging my name is nice but it’d be really unsurprising if they have another Tim Bray among their millions of customers. And suppose my name was Jane Smith or some such.

It’d be well within Adobe’s powers to become an identity provider and give me a permanent ID like “https://id.adobe.com/timbray0351”, and include that in the C2PA. Which would be way more useful to establish provenance, but then Adobe Legal would want to take a very close look at what they’d be getting themselves into.

But maybe that’s OK, because it’s offering to include my “Connected” Instagram account, https://www.instagram.com/twbray. By “connected” they mean that Lightroom went through an OAuth dance with Meta and I had to authorize either giving Insta access to Adobe or Adobe to Insta, I forget which. Anyhow, that OAuth stuff works. Adobe really truly knows that I control that Insta ID and they can cheerfully sign off on that fact.

They also offered me the choice of Behance, Xitter, and LinkedIn.

I’ll be honest: This excites me. If I really want to establish confidence that this picture is from me, I can’t think of a better way than a verifiable link to a bunch of my online presences, saying “this is from that guy you also know as…” Obviously, I want them to add my blog and Mastodon and Bluesky and Google and Apple and my employer and my alma mater and my bank, and then let me choose, per picture, which (if any) of those I want to include in the C2PA. This is very powerful stuff on the provenance front.

Note that the C2PA doesn’t include anything about what kind of device I took the picture on (a Pixel), nor when I took it, but that’d be reasonably straightforward for Google’s camera app to include. I don’t think that information is as important as provenance but I can imagine applications where it’d be interesting.

What did they do to the picture?

The final choice in that export dialog is whether I want to disclose what I did in Lightroom: “Edits and Activity”. Once again, that’s not as interesting as the provenance, but it might be if we wanted to flag AI intervention. And there are already problems in how that data is used; more below.

Anyhow, here’s the picture; I don’t know if it pleases your eye but it does mine.

Now, that image just above has been through the ongoing publishing system, which doesn’t know about C2PA, but if you click and enlarge it, the version you get is straight outta Lightroom and retains the C2PA data.

If you want to be sure, install c2patool, and apply it to lane.jpg. Too lazy? No problem, because here’s the JSON output (with the --detailed option). If you’re geeky at all and care about this stuff, you might want to poke around in there.

Another thing you might want to do is download lane.jpg and feed it to the Adobe Content Authenticity Inspect page. Here’s what you get:

This is obviously a service that’s early in its life and undoubtedly will get more polish. But still, interesting and useful.

Not perfect

In case it’s not obvious, I’m pretty bullish on C2PA and think it provides us useful weapons against online disinformation and to support trust frameworks. So, yay Adobe, congrats on an excellent start! But, things bother me:

1. I couldn’t figure out how to use the open-source “c2patool” to actually verify the signatures, even though I can on c2patool’s sample image. I suspect that this is at least partly c2patool’s fault, and if that I understood certificate lists better, I could have figured out an incantation to make the software work.

   But still, if you’re shipping a standards-based product, you should really ensure that it works out of the box with the leading (only?) open-source tool, or at least provide instructions.

2. Adobe’s Inspector is also available as a Chrome extension. I’m assuming they’ll support more browsers going forward. Assuming a browser extension is actually useful, which isn’t obvious.

3. The Inspector’s description of what I did in Lightroom doesn’t correspond very well to what the C2PA data says. What I actually did, per the C2PA, was (look for “actions” in the JSON):

   1. Opened an existing file named “PXL_20241013_020608588.jpg”.

   2. Reduced the exposure by -15.

   3. Generated a (non-AI) mask, a linear gradient from the top of the picture down.

   4. In the mask, moved the “Shadows” slider to -16.

   5. Cropped and straightened the picture (the C2PA doesn’t say how much).

   6. Changed the masking again; not sure why this is here because I didn’t do any more editing.

   The Inspector output tries to express all this in vague nontechnical English, which loses a lot of information and in one case is just wrong: “Drawing edits: Used tools like pencils, brushes, erasers, or shape, path, or pen tools”. I think that in 2024, anyone who cares enough to look at this stuff knows about cropping and exposure adjustments and so on, they’re ubiquitous everywhere photos are shared.

4. If I generate C2PA data in an Adobe product, and if I’ve used any of their AI-based tools that either create or remove content, that absolutely should be recorded in the C2PA. Not as an optional extra.

5. I really, really want Adobe to build a flexible identity framework so you can link to identities via DNS records or .well-known files or OpenID Connect flows, so that I get to pick which identities are included with the C2PA. This, I think, would be huge.

6. This is not an Adobe problem, but it bothers me that I can’t upload this photo to any of my social-media accounts without losing the C2PA data. It would be a massive win if all the social-media platforms, when you uploaded a photo with C2PA data, preserved it and added more, saying who initially uploaded it. If you know anyone who writes social-media software, please tell them.

Once again, this is progress! Life online with media provenance will be better than the before times.

Click here to go see the bonus panel!

Hovertext:
Somehow it came the week of jokes about dissociating from reality with VR.