Trend report · gnews_detection · 2026-06-14

AI Supercharges Deepfake Nudes—Unleashing a New Form of Bullying Among Kids - tovima.com

AI-generated intimate imagery is now being detected and removed by platforms within seconds of upload—but the detection isn't looking at pixels. It's reading invisible metadata signatures that every AI export carries by default. If you're working with AI-generated content of any kind, understanding what platforms actually scan for is the difference between your content surviving or getting yanked.

What Actually Flags Your File

In 2026, platform enforcement isn't powered by human review—it's automated forensic scanning that happens the moment you tap "post." The scan targets three invisible layers that AI-generated files carry but phone captures don't.

The first signal is C2PA / Content Credentials, stored as JUMBF atoms in the file. When you export from Midjourney, Sora, Runway, or Flux, the file embeds a cryptographic manifest listing the AI model, generation parameters, and a digital signature from the generator. ExifTool reads this as a series of C2PA.* tags—C2PA:markingContextId, C2PA:assertion_store, C2PA:signatureInfo—and platforms flag anything with these present. A single Sora export can carry 18 JUMBF atoms and 16 C2PA references.

The second signal is XMP AI metadata. Modern AI tools write fields like xmpMM:DerivedFrom, photoshop:History, and critically, DigitalSourceType:trainedAlgorithmicMedia into the file's XMP block. This flag was added to the EXIF spec specifically to identify AI-generated source material. A raw AI export typically contains 144 metadata tags; a phone photo contains 40–60. The delta is a fingerprint.

The third signal is encoder fingerprints. AI video exports carry stream metadata from encoding libraries—Lavc (FFmpeg's libavcodec), x264 SEI (Supplemental Enhancement Information) NAL units, or svt-av1 encoder signatures. Phone recordings encode with hardware-accelerated encoders: VideoToolbox on iPhone, MediaCodec on Android. The encoder string is in the bitstream and is logged by forensic tools.

Add in peripheral signals: missing GPSAltitude, GPSDateStamp, or ExifIFD:DateTimeOriginal in an era when every phone stamps every photo with location and timestamp, and you have a detection surface that's trivially easy to scan at upload scale.

How Calabi Handles It

Calabi runs your file through a three-stage pipeline that targets each detection layer simultaneously. This isn't editing—it's forensic metadata transformation at the file level.

Stage 1: Strip. Calabi removes all C2PA / Content Credentials atoms, zeroing the JUMBF boxes entirely. It strips DigitalSourceType:trainedAlgorithmicMedia and every other XMP AI flag from the metadata block. It removes encoder fingerprints, Lavc/x264 SEI markers, and any generator-specific tags. ExifTool verification after this stage shows the 18 JUMBF atoms reduced to 0 and the 144 metadata tags down to approximately 94 neutral structural tags.

Stage 2: Inject. Calabi writes authentic phone-capture identity into the file: a real device profile—iPhone 15 Pro, Pixel 8 Pro, or Galaxy S24 Ultra—with matching Make, Model, Software version, and encoder identity. It adds GPS coordinates from a real location, a capture timestamp in the correct timezone, and a hardware encoder signature that matches the device profile. The file now reads, to forensic tools, as a phone recording.

Stage 3: Verify. Before download, Calabi generates a forensic proof card showing the ExifTool output—exactly what was stripped and what was injected. This is the same scan platforms use, so you see precisely what passed and what didn't.

How It Works: Step by Step

1. Upload your file. Drag and drop or select from your device. Supported formats include JPEG, PNG, WebP, MP4, MOV, and AV1-encoded video.
2. Automatic pipeline runs. No settings, no toggles, no region selection. Strip → Inject → Verify runs end-to-end in a single pass.
3. Review the forensic proof card. See the ExifTool output showing C2PA atoms at 0, encoder replaced with hardware profile, GPS and timestamp injected. Every change is logged.
4. Download the cleaned file. The output is ready to upload to Instagram, TikTok, YouTube, or Reddit. Platform scanning sees phone-capture metadata, not AI-export metadata.

FAQ

• What about visible watermarks like Sora's sparkle or corner logos? Calabi doesn't modify pixels, so visible marks remain. Cropping before processing removes most visible watermarks—and Calabi then strips the metadata layer that survives cropping, which is what platforms actually scan for.
• Does this guarantee my content won't get flagged? No tool can guarantee a platform won't flag content. Results vary by platform policy, source model, and perceptual hash analysis. Calabi removes the metadata and encoder signals that automated scanners target, which is the layer where most initial filtering happens.
• Can I choose which device profile to inject? Yes—iPhone 15 Pro, Pixel 8 Pro, and Galaxy S24 Ultra profiles are available. The profile determines the Make, Model, Software, and encoder identity written into the file.

The detection infrastructure behind platform AI policies isn't looking at what your image depicts. It's reading the invisible metadata that AI tools leave behind. Strip that layer and inject authentic phone identity, and you change what the scanner sees.

→ Try Calabi free at calabilabs.com — 10 cleans, no card.

Related reading

• Remove the Runway watermark
• How to post AI content on Instagram without getting shadow-banned
• Spoof Google Pixel 8 Pro metadata