Want to read Slashdot from your mobile device? Point it at m.slashdot.org and keep reading!

 



Forgot your password?
typodupeerror
×
Youtube Data Storage Encryption IT

Using YouTube For File Storage 193

First time accepted submitter anonymous writes "Ever thought it might be a good idea to store encrypted data in a QRCode video? Using this technique one could easily store 10GB of data to be available anywhere in the world, and completely free."
This discussion has been archived. No new comments can be posted.

Using YouTube For File Storage

Comments Filter:
  • by Anonymous Coward on Tuesday May 07, 2013 @11:37AM (#43655319)

    Ever thought it might be a good idea to store encrypted data in a QRCode video?

    Not even a little bit. Now that you mention it though, it does sound like possibly one of the dumber ideas I've heard in quite some time.

    • Comment removed (Score:5, Insightful)

      by account_deleted ( 4530225 ) on Tuesday May 07, 2013 @12:40PM (#43656225)
      Comment removed based on user account deletion
      • by omnichad ( 1198475 ) on Tuesday May 07, 2013 @01:07PM (#43656565) Homepage

        Who would be responsible for this copyright infringement? YouTube for having encrypted video data? It could be argued that YouTube is only carrying gibberish video data. The forum?

        The student who posted it. If you want to get technical, the QR code video on Youtube is not gibberish video data. It's a copy of the movie. It's just a different carrier. Unless you think turning on SSL in bittorrent means you're transmitting gibberish data.

        • Comment removed based on user account deletion
          • I said that the student is responsible for the infringement. I never said it would be proven in court.

            • by nabsltd ( 1313397 ) on Tuesday May 07, 2013 @02:18PM (#43657311)

              I said that the student is responsible for the infringement. I never said it would be proven in court.

              Even if it could be proven in court, that would set the precendent that any file of exactly the right number of bytes could be called "infringing".

              This is because for any given set of bytes the same length as copyrighted content, there is some transform that will convert the bytes into the copyrighted content. Even if you really did start with the copyrighted content, until you perform the transform, there is no infringement.

              As an example, if I encrypted the image of a commercial Blu-Ray disk with a random key that I do not know and then posted it to someplace that anybody could download it, I have not infringed, since all I did was post some bytes. If somebody guesses the key and posts it, then they are also not guilty of infringement. The only people who might be guilty of infringement would be those who use the key and decrypt the bytes into the copyrighted work.

              • Hmm, even a single byte can be transformed into a copyrighted movie...
              • by Tom ( 822 )

                You are thinking like a geek, not like a lawyer or judge.

                Evidence and proof aside, a lawyer or judge will look at it more like this:

                Encrypting something is inconsequential in the legal sense. After a few beer, one might be inclined to discuss whether or not encrypting copyrighted material falls under the definition of a derived work, but most likely it would not because there's no creative act involved, and thus not a derivation, but a simply copy.
                If you make your copy available online, you are guilty. Encr

                • With the power of XOR, I can take a PDF of the Bible and some gibberish and turn it in to a movie.

                  Now the gibberish clearly isn't a valid movie, and while yes it becomes one when combining with the Bible you could combine it with the Qu'ran and get something in the public domain.

                  The movie industry clearly doesn't own the Bible or the Qu'ran so they are clear.
                  And the nature of mathematics is that doing arbitrary operations on some data can change it in to anything.
                  You clearly can't have a blanket copyright o

                  • by Tom ( 822 ) on Wednesday May 08, 2013 @05:31AM (#43663439) Homepage Journal

                    You still think on the wrong track. Really.

                    People thought they could do the same thing with basically any crime in the books - make some changes to the way it is done so that it isn't recognizable anymore and get away.

                    Surprise, the law doesn't care about the way you do it. If you kill someone, that's murder (or any of a related, bla) and it doesn't matter if you used a gun or a knife or an orbital laser array that you programmed through a Tor network and accessed over an encrypted botnet controller interface with a hundred other layers of indirection. It'll make proving that it was you who pushed the button more difficult, but if that can be done than it's still murder, plain and simple.

                    Same thing with copyright infringement. You take a copyrighted work, apply any number of whatever operations on it, make a copy and distribute it and you're in violation of copyright, plain and simple. The number and kind of operations in the intermediate step don't matter one iota. And as long as you don't get that into your head, you'll be laughed at when they slam you. Do you think the judge will be the smallest bit impressed by anything you said above? He'll have one question and one question only and that is: Did you copy a copyrighted work without authorisation, yes or no?

                    And no, that is not something that is unique of this new digital world. That's techie bla bla. You can say the same of paint or letters. No, the book sellers don't have a copyright on the letters A through Z, but they do have a copyright on a specific number of them in a specific order, otherwise known as a novel, or a poem, or a drama or whatever.

                    No, the movie industrie does not have a copyright on 0 and 1, yes it does hold the copyright to specific collections of 0s and 1s in specific orders. Or more specifically: To the content of what these numbers represent.

                    Copyright is not a mathematical concept. You can't "defeat" it with mathematics. For all the law cares, math is a tool to apply transformations on content, but that doesn't change the fact that the content is copyrighted, end of story.

                    • by Tom ( 822 )

                      You are still trying to win points with sophism after I've told you that the only thing you'll get for that is a reprimand for wasting the court's time if things ever get to that level?

                      I am not infringing copyright because I created those words myself, so I am the copyright holder.

                      Again, don't think that playing tricks with math is the first anyone has ever come up with. Sure, mathemetically you can find a transformation function that turns Bambi into Star Wars. And once more I'm telling you that is at best

          • by blueg3 ( 192743 )

            How would you prove without the key that the video on YouTube is not gibberish video data?

            Why not use the key that you said was posted as a separate YouTube video?

            ...and the encryption key as another video onto YouTube?

        • I'm pretty sure the forum and the decryption tool maker are liable too, for "aiding in copyright infringement". There is the "letter of the law" method of interpretation and the "spirit of the law"way of interpretation and judges generally prefer to interpret the law according to who is buying their next yacht.

        • The student who posted it. If you want to get technical, the QR code video on Youtube is not gibberish video data. It's a copy of the movie. It's just a different carrier. Unless you think turning on SSL in bittorrent means you're transmitting gibberish data.

          The more interesting question is: Get a movie and a random bitstream; post the random bitstream online (1); XOR the movie with the random bitstream and post the result online (2).

          Are (1) or (2) infringing copyright? If so, which one, and why? Remember, independently both (1) and (2) are indistinguishable from random data.

          Also, these bitstreams can themselves be used as random input for another XOR operation.

          • Even though they're indistinguishable from random data, they are "derivative works" of the copyrighted material and are in violation. Of course nobody can prosecute or even determine this, but under the law that's how it is.

      • In my opinion the mere act of uploading obvious gibberish would be enough of argument for YouTube to delete the video. Same thing if you uploaded a video containing only white noise as the picture: it's there just to waste Google's hard drive space.
      • Well, if he's not making a profit off of it and sharing it privately its really close to grounds for fair use ;) As there is nothing wrong with creating a "digital library" of copywrited works.

        The only issue in your senario is that the copy was obtained "illegally". Which is more of a civil matter then a legal one. Since it has more to do with taping something on private property. Or thats how it use to be, I'm sure the guy would be a 50 year federal conviction now.

        Youtube definitely says you can't do that

      • by Tom ( 822 )

        Who would be responsible for this copyright infringement?

        You think you are smarter than the people who write and interpret the laws. Newsflash: You aren't. Chances are, they yawn at your scheme. Because, you know, people trying to find loopholes in the law isn't exactly news, they've been around for at least 2000 years, and the law-people have been dealing with them that long. We techies are just the most recent breed.

        I've worked with lawyers and judges. Trust me, all these geeky schemes of distributing the responsibility until it disappears is at best mildely in

      • Go read "What Colour are your bits? [sooke.bc.ca]".

    • Re: (Score:2, Funny)

      by Anonymous Coward

      Someone finally finds a use for QR codes, pairs it with social media and cloud based storage...and all you can do is pooh pooh the idea.

      I'm writing an iphone app to do this as we speak. This is going to be huge! Where the venture capitalists at? Holla!

    • by tibit ( 1762298 )

      QRCode is stupid. What is not stupid, though, would be leveraging the fact that if you upload in a correct format that's not subject to reencoding, you can pretty much fill it with arbitrary data at 90%+ efficiency. You need to wrap it in the codec data structure format, and massage it a bit so that various bits of the codec consider it valid. It'll look like "noise", but it gives you what you want, at an efficiency orders of magnitude better than QRCode.

  • No wonder your snowy pixel vids are so boring.

  • Lolzers. (Score:5, Insightful)

    by RightSaidFred99 ( 874576 ) on Tuesday May 07, 2013 @11:37AM (#43655329)

    I'm sure Youtube will _never_ notice this and your foolproof plan will be good for all time.

    You might be OK with some steganography, but otherwise they will thwart you if more than a few people do this.

    • Re:Lolzers. (Score:5, Insightful)

      by Cenan ( 1892902 ) on Tuesday May 07, 2013 @11:46AM (#43655455)

      The fact that you can have the "super smart encrypted content" taken down with a moments notice by serving a bogus DMCA never entered the submitters mind.

      • Re:Lolzers. (Score:4, Informative)

        by tverbeek ( 457094 ) on Tuesday May 07, 2013 @12:31PM (#43656109) Homepage
        Yeah, this is a textbook example* of how relying on an outside "cloud" service – especially one that you have no contractual control over – to store your data is a really dumb idea.

        *OK, maybe it's just in the teacher's edition.
        • Re:Lolzers. (Score:5, Interesting)

          by TheCarp ( 96830 ) <sjc@carpa[ ].net ['net' in gap]> on Tuesday May 07, 2013 @01:00PM (#43656475) Homepage

          No its an example of how naively relying on an uncontracted outside "cloud" service is a really dumb idea.

          Now imagine you split your data up into a Set of messages, which can be recovered by any sufficiently large subset of more than N messages? This is what tahoe lafs does, typically using 10 messages, any 6 of which can recover the original.... of course its all encrypted too.

          Then all you need is some process which periodically checks the messages and ensures that you always have some threshold (which should really be larger than N, by at least a few).

          There is also no need for QR codes to be used, thats another example of naive use. It would actually be vastly more efficient to encode the data differently, but, encoding in such ways as to not be easily detected and removed by youtube could be tricky. However, if you could find a way to minimally disguise the data so it just looks like hours of terribly boring video (like, video of your pet fish)....

          Shit you could probably just keep re-uploading the same fish video with differently encoded data and new names....nobody is going to examine hours of fish swimming to determine where the loop is or whether the two videos are of the same loop.

          • Comment removed based on user account deletion
            • Re: (Score:3, Interesting)

              by Anonymous Coward

              Depending on the decoding speed, this may be a good way to include tablet and phone apps with movie purchases. Just tack it on where the movie previews are. Not everybody has reliable broadband, especially those that don't stream their video.

          • by eth1 ( 94901 )

            There is also no need for QR codes to be used, thats another example of naive use. It would actually be vastly more efficient to encode the data differently, but, encoding in such ways as to not be easily detected and removed by youtube could be tricky. However, if you could find a way to minimally disguise the data so it just looks like hours of terribly boring video (like, video of your pet fish)....

            Shit you could probably just keep re-uploading the same fish video with differently encoded data and new names....nobody is going to examine hours of fish swimming to determine where the loop is or whether the two videos are of the same loop.

            Or you could just train your fish to swim to the right, unless the tank is electrified, then swim left, conveniently encoding whatever you need.

    • by necro81 ( 917438 )
      Unfortunately, I don't think you could count on steganography. YouTube transcodes, resizes, and manipulates the raw video fifty ways till sunday - whatever information you've stored in the frames could easily be lost or corrupted. What is more, you have to worry about playback problems: dynamic bitrates, dropped frames, and the like. By the time you add in all the checksums, error correcting code, and other data to make the system robust, you'd probably end up with a 10-minute video just to transmit a fe
      • There are steganographic algorithms that are highly resistant to encoding and rencoding. They're mostly of interest for secretly watermarking photos and video. The movie studios probably use such an algorithm for watermarking preview discs now so they can trace leaks.

        Steganography on YouTube would be moderately interesting - it's low efficiency but hidden. QR code videos are just stupid. They're very low efficiency and right out in the open. And if the goal is just to steal space from Google, there are bett

    • Hopefully if people do this they will at least have the decency to flag the videos as private. If I find myself directed to a video that is clearly just a dummy video for conveying steganography I'll be among those hitting the "report" button.
  • a bit too blatant (Score:5, Interesting)

    by Trepidity ( 597 ) <delirium-slashdotNO@SPAMhackish.org> on Tuesday May 07, 2013 @11:39AM (#43655359)

    If you start uploading videos to YouTube with nothing but frames of QR codes, you're pretty likely to have your account closed and the videos deleted.

    It would be more robust if you made the video look like something that could plausibly be on YouTube as a "normal" video, even if it's something really boring. Probably especially if it's something really boring. Record one of your pets and use the low-order bits of the video and/or audio to steganographically include some data.

    • by brillow ( 917507 )

      I dunno if Google would care. People have been using gmail as online storage since the beginning and Google didn't seem to care. Your 10gb video is not going to appreciably change Google's total bandwidth usage.

  • right... (Score:2, Insightful)

    by Ian 0x57 ( 688051 )
    sure..until they compress it for you or change formats or ..... and screw it up.
    • Just make sure that those QR frames ARE your data. Who cares if someone else reads it, too? It's encrypted, after all.

    • sure..until they compress it for you or change formats or ..... and screw it up.

      This isn't steganography. As long as you create your video such that the artifacts of compression won't make your codes unreadable, it doesn't matter if Youtube does something like that.

    • by Tarlus ( 1000874 )

      QR's will look the same regardless of video format. If the resolution gets really scrunched down or if frame rates get jacked up in the conversion process, then it could be a wasted effort, but YouTube's internal conversion algorithms seem to be pretty effective these days. ...wait, am I defending the idea behind this article?

      • YouTube doesn't even re-compress if you upload a compliant video so you could easily do a verification at home before uploading. And yes. I too agree it's a stupid idea.
    • Re:right... (Score:4, Informative)

      by Psyborgue ( 699890 ) on Tuesday May 07, 2013 @12:32PM (#43656117) Journal
      QR codes error correction [wikipedia.org] is quite resilient. Even with heavy spatial/temporal compression, the data should still be recoverable. There are far better ways of hiding data than this, however.
    • We're not talking about steganography or some other form of hiding data in a delicate manner that can be broken when typical practices like those you've cited are applied. We're talking about having frames that consist entirely of a QR codes [wikipedia.org], which should be reasonably resistant to compression, format changes, lowered resolutions, and other issues of that sort. So long as the QR code can still be easily made out, you can still get your data out.

      Clearly, if they compressed it so heavily that it was just a gr

    • Re:right... (Score:5, Informative)

      by CrashandDie ( 1114135 ) on Tuesday May 07, 2013 @01:12PM (#43656617)

      Have you ever used a QRCode? Ever noticed that most algorithms don't recognise the QRCode when it's sharpest and level with your screen? Usually, you don't have the time to have the code be level, or in focus, before the algorithm picks it up.

      That's because QRCode are nigh indestructible. They could add a watermark [wikipedia.org] and the code would most probably still be readable (depending on the level of error correction you apply when encoding).

      For example, I took one of the Wikimedia QRCode examples [wikimedia.org], and drew on it [postimg.org]. It still worked. Then I skewed the image [postimg.org] using MS Paint. It still worked. Then I decided to go from 172 pixels to 86 pixels [postimg.org] (using MS Paint's resize function). It still worked (zoomed to either 100% or 200%). Then I decided to "reduce its resolution", so to speak, by resizing that reduced image to 200%, then back to 50%, then back to 200%, etc for 4 or 5 times, until I ended up with this [postimg.org]. It still worked.

      Now, I'm sure that I *wanted* this to work. There will be dozens of cases where even the most stupid tear of paper or poor lighting will prevent that QRCode from being decoded. But somehow, I don't think that YouTube's HD video encoding will be much of an issue for QRCodes.

      Tested with QR Droid on a Wiko Cink King, scanning off a 23" 1080p screen.

      • by mikael ( 484 )

        That looks like some kind of cellular automata spiral algorithm with maybe three or four different cell types.

  • by Anonymous Coward on Tuesday May 07, 2013 @11:42AM (#43655405)

    I store mine in the Linux source code comments. Nobody has ever noticed.

  • Just add encryption. Hide in plain site. A new way for spies and terrorist to communicate! Reminds me of the Conet Project [archive.org]. More at Wikipedia [wikipedia.org]. It's fascinating listening to the weird shortwave.
    • by Cenan ( 1892902 ) on Tuesday May 07, 2013 @11:55AM (#43655589)

      First of all, what the fuck is up with using the subject for half the reply? Seriously, cut it out. You people look like retards.

      Hiding stuff in plain sight has never been very hard, you don't need youtube for that. Anything connected to the 'net is pretty much hidden in plain sight, no need to involve a millions-of-users-per-month website, when a simple IP distributed would do the trick just as fine.
      Encryption is no secret, no matter what the feds tell you, the ban en exports of encryption algorithms has not made the rest of the world go sans encryption. The example in the article is about the dumbest security idea since, shit i don't know... ever?

  • You'll need a specialized client to trap this information with a barcode scanner, buffer and really good QR read times. And then what? What is gained using this method for file distribution vs. downloading from one of the bazzilion free web file hosting sites?

    • Well, you could just use one of the common plugins to download the video file and process it later. Although I do agree with you on the whole thing being a little bit elaborate for something that's basically available for free. Google drive gives you 5 GB for free. MS Skydrive gives you 7GB. that already easily surpasses the 10 GB proposed by this method. Get multiple accounts for each (it's not difficult) and get as much cloud storage as you want for free.
      • Ah, but this *could* be a good one to many broadcast of information. Have a botnet receive C&C directives this way?
        You could even post the QR code in a corner of the video, or embed it in the video data as an alpha channel.

  • I wonder if he will have to pay for the (already terrilbly) slashdotted vt.edu servers that have just melted between serving a wiki entry and video posted there.

  • Sounds like a lot of trouble for something that can be easily and more securely done with any several of free services like Dropbox, Box, Google Drive, Windows SkyDrive, Ubuntu One, etc.

  • by s1d3track3D ( 1504503 ) on Tuesday May 07, 2013 @11:51AM (#43655537)
    I don't have the time to list how many cloud storage providers offer (at least) 10GB free
  • by pla ( 258480 ) on Tuesday May 07, 2013 @11:53AM (#43655561) Journal
    Or you could just, y'know, upload it to Google Docs and make it public, without playing all the games.

    For small amounts of data (in the few-GB range), you can host crap in a bazillion places online for free. No need to send yourself 400 multi-part uuencoded emails these days to "sneak" it past the storage provider.
  • by AndyKron ( 937105 ) on Tuesday May 07, 2013 @12:23PM (#43655971)
    I found a QSR code burned into my toast. My cellphone read it, and it said "Jesus"
  • This is like (Score:4, Insightful)

    by meerling ( 1487879 ) on Tuesday May 07, 2013 @12:23PM (#43655977)
    Using Youtube to store your files is like using your neighbors car for storing you beer without asking. Odds are that one of these days it won't be there when you really want it.
  • Now Trending on Youtube, user account information from the Playstation Network. 1,000,000 views.
  • I had a similar idea a couple of years ago, but for data transfer between mobile devices, and hacked together a prototype for the Over the Air hackathon - albeit without the cloud storage angle, which is a nice twist. Head here to check it out: http://stephendnicholas.com/archives/310 [stephendnicholas.com] Thumbs up for shameless self promotion? Even more shameless now not anonymous :)
    • Your last comment on the site was in 2011 and you mention you've gone further with the code. Care to share how far you got? Source available?
  • Using this technique one could easily store 10GB of data to be available anywhere in the world, and completely free.

    Which orifice did that number get pulled out of?

    Also, "easily"? Compared to, say, setting up a couple of Gmail accounts and sending yourself some attachments?

  • Your data is compressed so you have to work around that, and it can be removed at any time if they believe you are violating the Terms of Service. Almost certainly, this does. It's not worth the hassle. It certainly isn't worth it for anything serious. Just go to one of the many existing free storage sites and encrypt the files before you put them there if it's something private. If you need more offsite storage, stick a crow bar in your wallet and pay for it, cheapskates.

  • ahhh! this made me remember my old ( ancient?) amiga 500 computer... circa 1988. It was the day of 30 mb hard drives, so the idea to use video to store info was attractive, so it came the "Video BAck Up System". http://www.hugolyppens.com/VBS.html [hugolyppens.com] You connected the video output of you amiga to a VHS tape recorder (beta also could be used). The software let you selected which parts of your hard drive wish to back up, so when you were ready, the computer would record bands of black and white video to
  • Using this technique one could easily store 10GB of data to be available anywhere in the world

    It's a fun little hacking project for sure, but I would not call this "easily" when you have things like dropbox or google docs to store, you know, actual files in.

  • Had a device from radio shack back in the 90's that did the same thing but on VHS tapes. It just created a video of the data to record or play from any VCR.

    Granted you can pack the data tighter now, but QR code is not the answer, not enough data density.

  • No one has.
  • Reminds me of Google file system, basically turns you gmail account into a remote share.
  • 10GB of online storage completely free? What, like services like Dropbox, Google Drive, Mega etc?

    Why go through all the hassle of encrypting your data as a QR code video, when you could just upload your encrypted files to one of these fine services?

  • When I was a kid I used a VCR as data storage for my Amiga. It didn't have 10 gigs or the "anywhere in the world" aspect unless I carried the tape with me...
  • by Tom ( 822 )

    ...until some bot working for the RIAA thinks it's a really funky music video and issues an automated takedown notice that YouTube automatically honours, taking your precious files offline.

He who has but four and spends five has no need for a wallet.

Working...