Slashdot Mirror

← Back to Stories (view on slashdot.org)

Using YouTube For File Storage

Posted by timothy on from the subtitles-are-a-bitch dept.

First time accepted submitter ememisya writes "Ever thought it might be a good idea to store encrypted data in a QRCode video? Using this technique one could easily store 10GB of data to be available anywhere in the world, and completely free."

49 of 193 comments (clear)

  1. Ever thought it might be a good idea? by Anonymous Coward · · Score: 5, Insightful

    Ever thought it might be a good idea to store encrypted data in a QRCode video?

    Not even a little bit. Now that you mention it though, it does sound like possibly one of the dumber ideas I've heard in quite some time.

    1. Re:Ever thought it might be a good idea? by ememisya · · Score: 5, Insightful

      Ever thought it might be a good idea to store encrypted data in a QRCode video?

      Not even a little bit. Now that you mention it though, it does sound like possibly one of the dumber ideas I've heard in quite some time.

      So considering a scenario like a student posting Iron Man 3, camera rip and the encryption key as another video onto YouTube, and the links in another forum. Who would be responsible for this copyright infringement? YouTube for having encrypted video data? It could be argued that YouTube is only carrying gibberish video data. The forum? The forum is only containing links to YouTube which is perfectly free to do. Could it be the software for putting the key and the data together? I wouldn't think so, because then any encryption library is responsible for its resulting data. It could be argued that it wouldn't be illegal until the user started writing the actual video onto his/her harddrive, at which point there will be no internet connection to detect anything unusual. Now, I'm a person who believes copying something and taking that copy is different than taking that thing itself, but I know how copyright laws are touchy about these scenarios :) My guess is they would put the pressure on YouTube to detect videos with too many QRCodes in their frames and remove them and it will soon be in their Terms of Service. If enough people abused this method anyways, writing a browser plugin to detect YouTube and offer file uploading options will fire this away to the spiral of doom, sort of like FireSheep and facebook https.

    2. Re:Ever thought it might be a good idea? by Anonymous Coward · · Score: 2, Funny

      Someone finally finds a use for QR codes, pairs it with social media and cloud based storage...and all you can do is pooh pooh the idea.

      I'm writing an iphone app to do this as we speak. This is going to be huge! Where the venture capitalists at? Holla!

    3. Re:Ever thought it might be a good idea? by omnichad · · Score: 3, Informative

      Who would be responsible for this copyright infringement? YouTube for having encrypted video data? It could be argued that YouTube is only carrying gibberish video data. The forum?

      The student who posted it. If you want to get technical, the QR code video on Youtube is not gibberish video data. It's a copy of the movie. It's just a different carrier. Unless you think turning on SSL in bittorrent means you're transmitting gibberish data.

    4. Re:Ever thought it might be a good idea? by ememisya · · Score: 2

      LOL absolutely, it's just not something YouTube willingly considered as of yet. Unless you want to push "Dance of the Pixels" artistic value of the video content, then it's perfectly fine to post it.

    5. Re:Ever thought it might be a good idea? by ememisya · · Score: 2

      If you want to get technical, the QR code video on Youtube is not gibberish video data. It's a copy of the movie. It's just a different carrier. Unless you think turning on SSL in bittorrent means you're transmitting gibberish data.

      How would you prove without the key that the video on YouTube is not gibberish video data?

    6. Re:Ever thought it might be a good idea? by omnichad · · Score: 2

      I said that the student is responsible for the infringement. I never said it would be proven in court.

    7. Re:Ever thought it might be a good idea? by ememisya · · Score: 2

      Right, but that's like saying you have a bomb in your house because you have pool cleaning materials in your tool shed. Separately both are gibberish videos, when put together, using an algorithm, the resulting combination (a new file) will be illegal. Another example would be taking a naked female statue, which due to its artistic value is not R-Rated, and taking the picture of a girl in a bikini, which again in and of itself is not R-Rated. Now, if you photoshop the statue's naughty parts onto the picture of the girl in the bikini, you have an R-Rated picture.

    8. Re:Ever thought it might be a good idea? by vux984 · · Score: 4, Funny

      Same thing if you uploaded a video containing only white noise as the picture: it's there just to waste Google's hard drive space.

      http://www.youtube.com/watch?v=bf7NbRFyg3Y

      Good times.

    9. Re:Ever thought it might be a good idea? by nabsltd · · Score: 3, Insightful

      I said that the student is responsible for the infringement. I never said it would be proven in court.

      Even if it could be proven in court, that would set the precendent that any file of exactly the right number of bytes could be called "infringing".

      This is because for any given set of bytes the same length as copyrighted content, there is some transform that will convert the bytes into the copyrighted content. Even if you really did start with the copyrighted content, until you perform the transform, there is no infringement.

      As an example, if I encrypted the image of a commercial Blu-Ray disk with a random key that I do not know and then posted it to someplace that anybody could download it, I have not infringed, since all I did was post some bytes. If somebody guesses the key and posts it, then they are also not guilty of infringement. The only people who might be guilty of infringement would be those who use the key and decrypt the bytes into the copyrighted work.

    10. Re:Ever thought it might be a good idea? by tibit · · Score: 2

      QRCode is stupid. What is not stupid, though, would be leveraging the fact that if you upload in a correct format that's not subject to reencoding, you can pretty much fill it with arbitrary data at 90%+ efficiency. You need to wrap it in the codec data structure format, and massage it a bit so that various bits of the codec consider it valid. It'll look like "noise", but it gives you what you want, at an efficiency orders of magnitude better than QRCode.

      --
      A successful API design takes a mixture of software design and pedagogy.
    11. Re:Ever thought it might be a good idea? by Tom · · Score: 2

      Who would be responsible for this copyright infringement?

      You think you are smarter than the people who write and interpret the laws. Newsflash: You aren't. Chances are, they yawn at your scheme. Because, you know, people trying to find loopholes in the law isn't exactly news, they've been around for at least 2000 years, and the law-people have been dealing with them that long. We techies are just the most recent breed.

      I've worked with lawyers and judges. Trust me, all these geeky schemes of distributing the responsibility until it disappears is at best mildely interesting to them. The law doesn't go by technical details, it goes by intent and action. So, basically, if it's a copy of Iron Man 3, and you uploaded it, then you are guilty of copyright infringement, period. All the encryption and key and bla bla bla doesn't change the basic facts, it only makes it more difficult to prove your act.

      Really, stop being so arrogant and thinking that you can outsmart a profession 50 times older than your own on their home turf.

      --
      Assorted stuff I do sometimes: Lemuria.org
    12. Re:Ever thought it might be a good idea? by Tom · · Score: 2

      You are thinking like a geek, not like a lawyer or judge.

      Evidence and proof aside, a lawyer or judge will look at it more like this:

      Encrypting something is inconsequential in the legal sense. After a few beer, one might be inclined to discuss whether or not encrypting copyrighted material falls under the definition of a derived work, but most likely it would not because there's no creative act involved, and thus not a derivation, but a simply copy.
      If you make your copy available online, you are guilty. Encryption doesn't matter. It's just a reversible transformation. That the downloader can't use it without the key doesn't matter. The illegal act is the act of copying, not of watching.

      Do you really think a centuries-old profession of people who all went to university just like we IT guys did are so easily defeated? That's the equivalent of saying if you take the keyboard away from a geek, he'll be baffled and incapable of doing any computer stuff ever again. Of course not, how stupid. He'll just find a new keyboard and all you've done is keep him busy for a few hours. Same with all those geeky hiding schemes. Legally, they'll amuse the judge for a few minutes and that's all.

      The advantages of encryption and steganography have never been on the legal side, but on making it more difficult to prove that you did what you did, or capture you doing it in the first place.

      --
      Assorted stuff I do sometimes: Lemuria.org
    13. Re:Ever thought it might be a good idea? by TheChewanater · · Score: 2

      Hmm, even a single byte can be transformed into a copyrighted movie...

      0x6f

      Sue me!

    14. Re:Ever thought it might be a good idea? by Tom · · Score: 4, Insightful

      You still think on the wrong track. Really.

      People thought they could do the same thing with basically any crime in the books - make some changes to the way it is done so that it isn't recognizable anymore and get away.

      Surprise, the law doesn't care about the way you do it. If you kill someone, that's murder (or any of a related, bla) and it doesn't matter if you used a gun or a knife or an orbital laser array that you programmed through a Tor network and accessed over an encrypted botnet controller interface with a hundred other layers of indirection. It'll make proving that it was you who pushed the button more difficult, but if that can be done than it's still murder, plain and simple.

      Same thing with copyright infringement. You take a copyrighted work, apply any number of whatever operations on it, make a copy and distribute it and you're in violation of copyright, plain and simple. The number and kind of operations in the intermediate step don't matter one iota. And as long as you don't get that into your head, you'll be laughed at when they slam you. Do you think the judge will be the smallest bit impressed by anything you said above? He'll have one question and one question only and that is: Did you copy a copyrighted work without authorisation, yes or no?

      And no, that is not something that is unique of this new digital world. That's techie bla bla. You can say the same of paint or letters. No, the book sellers don't have a copyright on the letters A through Z, but they do have a copyright on a specific number of them in a specific order, otherwise known as a novel, or a poem, or a drama or whatever.

      No, the movie industrie does not have a copyright on 0 and 1, yes it does hold the copyright to specific collections of 0s and 1s in specific orders. Or more specifically: To the content of what these numbers represent.

      Copyright is not a mathematical concept. You can't "defeat" it with mathematics. For all the law cares, math is a tool to apply transformations on content, but that doesn't change the fact that the content is copyrighted, end of story.

      --
      Assorted stuff I do sometimes: Lemuria.org
    15. Re:Ever thought it might be a good idea? by Tom · · Score: 2

      You are still trying to win points with sophism after I've told you that the only thing you'll get for that is a reprimand for wasting the court's time if things ever get to that level?

      I am not infringing copyright because I created those words myself, so I am the copyright holder.

      Again, don't think that playing tricks with math is the first anyone has ever come up with. Sure, mathemetically you can find a transformation function that turns Bambi into Star Wars. And once more I'm telling you that is at best mildly amusing to a judge.

      Really, get your head out of your math dream world. You can go round and round elaborating how your Tor network send packets around, in the end the only question that matters is still going to be whether you did or did not press that button, knowing it would cause a man to die.

      Or, in the case of copyright violation, the question will be whether or not you intended to make a copy of a copyrighted work available to others without authorisation. No matter what tricks and hoops and math you put inbetween. You really, really need to get that into your head: It doesn't matter. Not one bit. In fact, a good prosecutor will use every additional step you add to convince the court that you were trying hard to cover up your steps proving that you knew what you did was illegal.

      You aren't the first to try playing tricks with math, language or whatever other tool on the law. Unfortunately for you, the law has two millenia more experience in this game.

      --
      Assorted stuff I do sometimes: Lemuria.org
  2. Title: "LSD snow-storm" by Tablizer · · Score: 2

    No wonder your snowy pixel vids are so boring.

    --
    Table-ized A.I.
    1. Re:Title: "LSD snow-storm" by The_Wilschon · · Score: 2

      The video reminds me of Snow Crash. Be careful. It could eat your brain!

      --
      SIGSEGV caught, terminating

      wait... not that kind of sig.
  3. Lolzers. by RightSaidFred99 · · Score: 5, Insightful

    I'm sure Youtube will _never_ notice this and your foolproof plan will be good for all time.

    You might be OK with some steganography, but otherwise they will thwart you if more than a few people do this.

    1. Re:Lolzers. by Cenan · · Score: 4, Insightful

      The fact that you can have the "super smart encrypted content" taken down with a moments notice by serving a bogus DMCA never entered the submitters mind.

      --
      ... whatever ...
    2. Re:Lolzers. by tverbeek · · Score: 3, Informative

      Yeah, this is a textbook example* of how relying on an outside "cloud" service – especially one that you have no contractual control over – to store your data is a really dumb idea.

      *OK, maybe it's just in the teacher's edition.

      --
      http://alternatives.rzero.com/
    3. Re:Lolzers. by TheCarp · · Score: 4, Interesting

      No its an example of how naively relying on an uncontracted outside "cloud" service is a really dumb idea.

      Now imagine you split your data up into a Set of messages, which can be recovered by any sufficiently large subset of more than N messages? This is what tahoe lafs does, typically using 10 messages, any 6 of which can recover the original.... of course its all encrypted too.

      Then all you need is some process which periodically checks the messages and ensures that you always have some threshold (which should really be larger than N, by at least a few).

      There is also no need for QR codes to be used, thats another example of naive use. It would actually be vastly more efficient to encode the data differently, but, encoding in such ways as to not be easily detected and removed by youtube could be tricky. However, if you could find a way to minimally disguise the data so it just looks like hours of terribly boring video (like, video of your pet fish)....

      Shit you could probably just keep re-uploading the same fish video with differently encoded data and new names....nobody is going to examine hours of fish swimming to determine where the loop is or whether the two videos are of the same loop.

      --
      "I opened my eyes, and everything went dark again"
    4. Re:Lolzers. by ememisya · · Score: 2

      Actually QR codes are pretty efficient in quickly being read and written, they also pass through most of YouTube's re-encoding procedures. Might be something they want to filter for. The thoughts this should spark would be downloading data using a camera (no service provider necessary), and how data is data no matter how you dress it up in the end.

    5. Re:Lolzers. by Anonymous Coward · · Score: 3, Interesting

      Depending on the decoding speed, this may be a good way to include tablet and phone apps with movie purchases. Just tack it on where the movie previews are. Not everybody has reliable broadband, especially those that don't stream their video.

    6. Re: Lolzers. by ceoyoyo · · Score: 2

      There are steganographic algorithms that are highly resistant to encoding and rencoding. They're mostly of interest for secretly watermarking photos and video. The movie studios probably use such an algorithm for watermarking preview discs now so they can trace leaks.

      Steganography on YouTube would be moderately interesting - it's low efficiency but hidden. QR code videos are just stupid. They're very low efficiency and right out in the open. And if the goal is just to steal space from Google, there are better ways to do it.

  4. a bit too blatant by Trepidity · · Score: 5, Interesting

    If you start uploading videos to YouTube with nothing but frames of QR codes, you're pretty likely to have your account closed and the videos deleted.

    It would be more robust if you made the video look like something that could plausibly be on YouTube as a "normal" video, even if it's something really boring. Probably especially if it's something really boring. Record one of your pets and use the low-order bits of the video and/or audio to steganographically include some data.

    --
    10 PRINT CHR$(205.5+RND(1)); : GOTO 10
    1. Re:a bit too blatant by Anonymous Coward · · Score: 2, Informative

      Which can be avoided if you follow their documentation.

      Encodings which match their specifications won't be re-encoded (only the down-scaled versions will).

  5. right... by Ian+0x57 · · Score: 2, Insightful

    sure..until they compress it for you or change formats or ..... and screw it up.

    1. Re:right... by aardvarkjoe · · Score: 2

      sure..until they compress it for you or change formats or ..... and screw it up.

      This isn't steganography. As long as you create your video such that the artifacts of compression won't make your codes unreadable, it doesn't matter if Youtube does something like that.

      --

      How can we continue to believe in a just universe and freedom to eat crackers if we have no ale?
    2. Re:right... by Tarlus · · Score: 2

      QR's will look the same regardless of video format. If the resolution gets really scrunched down or if frame rates get jacked up in the conversion process, then it could be a wasted effort, but YouTube's internal conversion algorithms seem to be pretty effective these days. ...wait, am I defending the idea behind this article?

      --
      /* No Comment */
    3. Re:right... by Psyborgue · · Score: 3, Informative

      QR codes error correction is quite resilient. Even with heavy spatial/temporal compression, the data should still be recoverable. There are far better ways of hiding data than this, however.

    4. Re:right... by Anubis+IV · · Score: 2

      We're not talking about steganography or some other form of hiding data in a delicate manner that can be broken when typical practices like those you've cited are applied. We're talking about having frames that consist entirely of a QR codes, which should be reasonably resistant to compression, format changes, lowered resolutions, and other issues of that sort. So long as the QR code can still be easily made out, you can still get your data out.

      Clearly, if they compressed it so heavily that it was just a gray mess, it'd be a problem, but I don't think that's likely to be an issue.

    5. Re:right... by CrashandDie · · Score: 5, Informative

      Have you ever used a QRCode? Ever noticed that most algorithms don't recognise the QRCode when it's sharpest and level with your screen? Usually, you don't have the time to have the code be level, or in focus, before the algorithm picks it up.

      That's because QRCode are nigh indestructible. They could add a watermark and the code would most probably still be readable (depending on the level of error correction you apply when encoding).

      For example, I took one of the Wikimedia QRCode examples, and drew on it. It still worked. Then I skewed the image using MS Paint. It still worked. Then I decided to go from 172 pixels to 86 pixels (using MS Paint's resize function). It still worked (zoomed to either 100% or 200%). Then I decided to "reduce its resolution", so to speak, by resizing that reduced image to 200%, then back to 50%, then back to 200%, etc for 4 or 5 times, until I ended up with this. It still worked.

      Now, I'm sure that I *wanted* this to work. There will be dozens of cases where even the most stupid tear of paper or poor lighting will prevent that QRCode from being decoded. But somehow, I don't think that YouTube's HD video encoding will be much of an issue for QRCodes.

      Tested with QR Droid on a Wiko Cink King, scanning off a 23" 1080p screen.

  6. I already have a better solution. by Anonymous Coward · · Score: 5, Funny

    I store mine in the Linux source code comments. Nobody has ever noticed.

  7. Great! Now Al-Qaeda has YouTube technology. :-( by i_want_you_to_throw_ · · Score: 2

    Just add encryption. Hide in plain site. A new way for spies and terrorist to communicate! Reminds me of the Conet Project. More at Wikipedia. It's fascinating listening to the weird shortwave.

  8. 10GB Free, Wow! by s1d3track3D · · Score: 2

    I don't have the time to list how many cloud storage providers offer (at least) 10GB free

    1. Re:10GB Free, Wow! by ag0ny · · Score: 3, Informative

      Have you been hiding under a rock for the last few months? Mega gives you 50GB for free.

      --
      My site
  9. Re:Wow... worse than old usenet binaries. by i_ate_god · · Score: 5, Insightful

    what ever happened to the hacker mentality these days?

    they would do it, BECAUSE THEY CAN. A reason so valid that it I shouldn't have to be here telling you about it.

    --
    I'm god, but it's a bit of a drag really...
  10. Pssst - Google doesn't actually make this hard by pla · · Score: 2

    Or you could just, y'know, upload it to Google Docs and make it public, without playing all the games.

    For small amounts of data (in the few-GB range), you can host crap in a bazillion places online for free. No need to send yourself 400 multi-part uuencoded emails these days to "sneak" it past the storage provider.

  11. Re:Great! Now Al-Qaeda has YouTube technology. :-( by Cenan · · Score: 3, Insightful

    First of all, what the fuck is up with using the subject for half the reply? Seriously, cut it out. You people look like retards.

    Hiding stuff in plain sight has never been very hard, you don't need youtube for that. Anything connected to the 'net is pretty much hidden in plain sight, no need to involve a millions-of-users-per-month website, when a simple IP distributed would do the trick just as fine.
    Encryption is no secret, no matter what the feds tell you, the ban en exports of encryption algorithms has not made the rest of the world go sans encryption. The example in the article is about the dumbest security idea since, shit i don't know... ever?

    --
    ... whatever ...
  12. Re:Wow... worse than old usenet binaries. by Anonymous Coward · · Score: 2, Funny

    Are you Captain Kirk? This reminds me of the only good reason to climb a mountain.

  13. Re:What's the benefit? by networkBoy · · Score: 2

    Ah, but this *could* be a good one to many broadcast of information. Have a botnet receive C&C directives this way?
    You could even post the QR code in a corner of the video, or embed it in the video data as an alpha channel.

    --
    whois gawk date unzip strip find touch finger mount join nice man top fsck grep eject more yes exit umount sleep dump
  14. I found a QSR code burned into my toast by AndyKron · · Score: 5, Funny

    I found a QSR code burned into my toast. My cellphone read it, and it said "Jesus"

  15. This is like by meerling · · Score: 3, Insightful

    Using Youtube to store your files is like using your neighbors car for storing you beer without asking. Odds are that one of these days it won't be there when you really want it.

  16. Re:Wow... worse than old usenet binaries. by K.+S.+Kyosuke · · Score: 4, Funny

    Are you Captain Kirk? This reminds me of the only good reason to climb a mountain.

    After your first sentence, I thought that was his remark on the subject of why bang genetically or even anatomically incompatible aliens.

    --
    Ezekiel 23:20
  17. Re:Wow... worse than old usenet binaries. by Psyborgue · · Score: 3, Insightful

    Because it's not a particularly clever or interesting "because we can".

  18. Been there done that (kind of)... by stephendnicholas · · Score: 2

    I had a similar idea a couple of years ago, but for data transfer between mobile devices, and hacked together a prototype for the Over the Air hackathon - albeit without the cloud storage angle, which is a nice twist. Head here to check it out: http://stephendnicholas.com/archives/310 Thumbs up for shameless self promotion? Even more shameless now not anonymous :)

  19. You're totally right about the title reply! by BlackPignouf · · Score: 2

    Mod parent up! :)

  20. amiga Video Back Up System... ? by nanahuatzin · · Score: 2

    ahhh! this made me remember my old ( ancient?) amiga 500 computer... circa 1988. It was the day of 30 mb hard drives, so the idea to use video to store info was attractive, so it came the "Video BAck Up System". http://www.hugolyppens.com/VBS.html You connected the video output of you amiga to a VHS tape recorder (beta also could be used). The software let you selected which parts of your hard drive wish to back up, so when you were ready, the computer would record bands of black and white video to tape. The vhs tape could hold... errr 85MB per hour, and that was a lot!!! The interesting part was restoring the backup, it was connected to the serial port... so probably this was the main limitation of the system. It was a very interesting hack :) I still have some VHS tape with data...