OpenAI Adopts Google's SynthID Watermark for AI Images with Verification Tool
smooke
246 points
129 comments
May 19, 2026
Related Discussions
Found 5 related stories in 96.5ms across 8,303 title embeddings via pgvector HNSW
- Group Pushing Age Verification for AI Turns Out to Be Backed by OpenAI SilverElfin · 41 pts · April 02, 2026 · 55% similar
- OpenAI Privacy Filter meetpateltech · 11 pts · April 22, 2026 · 54% similar
- When AI writes the software, who verifies it? todsacerdoti · 192 pts · March 03, 2026 · 53% similar
- Remove–AI–Watermarks – CLI and library for removing AI watermarks from images janalsncm · 214 pts · May 19, 2026 · 51% similar
- Elon Musk confirms xAI used OpenAI's models to train Grok fraXis · 12 pts · April 30, 2026 · 51% similar
Discussion Highlights (20 comments)
PunchyHamster
so ? people wanting to make AI propaganda will just make tool to remove it. Possibly using AI to do it too
CSMastermind
Aren't these kinds of watermarks easy to remove or distort? Seems like they're only helpful as long as people are relying on them sparingly so it's not worth the effort to circumvent. If social media platforms started banning images with these watermarks seems like they'd be stripped out overnight.
amazingamazing
Good. Despite people saying it will be removed, I have seen no reproducible repo demonstrating it.
kube-system
Is there no way to do this without uploading it?
minimaxir
I'm annoyed that Google is keeping it closed-sourced and limited to partners. Is there a negative externality about open-sourcing image watermark technology so anyone can use it and audit the watermarks independently? If not, then I may have a repository for an open-source invisible and tamper-resistant image watermarking approach that's feature complete...
big_toast
What information is included in the metadata or SynthID? How many bits can be encoded in a SynthID? Can it be used to create something like nutritional labels for synthetic content? 10% synthetic text, 30 synthetic images. Your reality was 15% synthetic today (75% mega corp, 25% open-weight neocloud).
julianozen
While these are great, isn’t the problem that malicious actors will create systems that do not use synthID
WhatIsDukkha
This is just performative nonsense. As someone that creates things with tools with different media I would just hard avoid this tool that adds... arbitrary metadata not of my choosing. Should I seriously make a texture for a videogame with this weird DRM glorp in it? How old is photoshop and why is it exempt?
rickcarlino
What if they use advanced evasion techniques like printing it out and scanning it or taking a photo with their phone?
saberience
What happens if you generate an image with only a single pixel color or say two colors?
4ashz
First they verify whether a picture came from OpenAI, then they'll include subscriber data and geolocation. Well, they'll finally find out that no one wants to look at AI generated pictures or text. Once they do that, the tool will fail for the public and only work for the government.
himata4113
if you tell it to generate the AI image with a black background you can visually see the synthid with a good enough monitor, it's just a repeating fuzzy pattern, nothing special. I have found great success of getting rid of it by masking every 2nd pixel, regenerating missing pixels and then once again masking every 2nd pixel offset by 1. Used an off the shelf model to fill in the pixels, but I also exported a depthmap first (before any alternations) and denoised it so generated masked pixels comform to the original content. The result was obviously not 100% perfect, but with more time and a model fine tuned for this specific use-case would be able to remove any kind of ai watermarking without too many issues.
userbinator
Currently, this article is conveniently right next to it: https://news.ycombinator.com/item?id=48200569
cosmobiosis
Well that's not very useful. I think that can easily be hacked and many people were doing that frankly
mpetrovich
Seems inferior to C2PA, which is actually an open standard: https://contentauthenticity.org/
sigbeta
I think this is a move by openai/google to prevent their own models from training on ai slop rather than some morally righteous public initiative.
potsandpans
While this is definitely one of the topics of the moment. I find these threads really just ragebait magnets. A bunch of people effectively talking past one another: privacy vs preserving the status quo. It's certain now that most of the Western world has slid into fascism. Privacy and common decency advocates are all but lost. I will say this, for everyone celebrating this as something that is "extremely beneficial to the cultural moment", If I were an adversarial nation-state actor, I might be extremely interested in reverse engineering this and poisoning the well by applying it to real images. Let's make the world impossible to understand.
keyle
Is it like metadata in mp3? If I take a screenshot of an AI image, will that then be seen as an AI image? Is that 'hidden in the image' or as metadata?
827a
Interesting that it seems to be the case that SynthID has been totally busted open, but OpenAI's new watermark has not yet [1] [1] https://github.com/wiltodelta/remove-ai-watermarks
atleastoptimal
Eventually this won't matter as open source models will be good enough to fool 99% of people.