Using YouTube For File Storage 193
First time accepted submitter anonymous writes "Ever thought it might be a good idea to store encrypted data in a QRCode video? Using this technique one could easily store 10GB of data to be available anywhere in the world, and completely free."
Ever thought it might be a good idea? (Score:5, Insightful)
Not even a little bit. Now that you mention it though, it does sound like possibly one of the dumber ideas I've heard in quite some time.
Comment removed (Score:5, Insightful)
Re:Ever thought it might be a good idea? (Score:4, Informative)
Who would be responsible for this copyright infringement? YouTube for having encrypted video data? It could be argued that YouTube is only carrying gibberish video data. The forum?
The student who posted it. If you want to get technical, the QR code video on Youtube is not gibberish video data. It's a copy of the movie. It's just a different carrier. Unless you think turning on SSL in bittorrent means you're transmitting gibberish data.
Re: (Score:2)
Re: (Score:3)
I said that the student is responsible for the infringement. I never said it would be proven in court.
Re:Ever thought it might be a good idea? (Score:4, Insightful)
I said that the student is responsible for the infringement. I never said it would be proven in court.
Even if it could be proven in court, that would set the precendent that any file of exactly the right number of bytes could be called "infringing".
This is because for any given set of bytes the same length as copyrighted content, there is some transform that will convert the bytes into the copyrighted content. Even if you really did start with the copyrighted content, until you perform the transform, there is no infringement.
As an example, if I encrypted the image of a commercial Blu-Ray disk with a random key that I do not know and then posted it to someplace that anybody could download it, I have not infringed, since all I did was post some bytes. If somebody guesses the key and posts it, then they are also not guilty of infringement. The only people who might be guilty of infringement would be those who use the key and decrypt the bytes into the copyrighted work.
Re: (Score:2)
Re: (Score:2)
Hmm, even a single byte can be transformed into a copyrighted movie...
0x6f
Sue me!
Re: (Score:3)
You are thinking like a geek, not like a lawyer or judge.
Evidence and proof aside, a lawyer or judge will look at it more like this:
Encrypting something is inconsequential in the legal sense. After a few beer, one might be inclined to discuss whether or not encrypting copyrighted material falls under the definition of a derived work, but most likely it would not because there's no creative act involved, and thus not a derivation, but a simply copy.
If you make your copy available online, you are guilty. Encr
Re: (Score:2)
With the power of XOR, I can take a PDF of the Bible and some gibberish and turn it in to a movie.
Now the gibberish clearly isn't a valid movie, and while yes it becomes one when combining with the Bible you could combine it with the Qu'ran and get something in the public domain.
The movie industry clearly doesn't own the Bible or the Qu'ran so they are clear.
And the nature of mathematics is that doing arbitrary operations on some data can change it in to anything.
You clearly can't have a blanket copyright o
Re:Ever thought it might be a good idea? (Score:5, Insightful)
You still think on the wrong track. Really.
People thought they could do the same thing with basically any crime in the books - make some changes to the way it is done so that it isn't recognizable anymore and get away.
Surprise, the law doesn't care about the way you do it. If you kill someone, that's murder (or any of a related, bla) and it doesn't matter if you used a gun or a knife or an orbital laser array that you programmed through a Tor network and accessed over an encrypted botnet controller interface with a hundred other layers of indirection. It'll make proving that it was you who pushed the button more difficult, but if that can be done than it's still murder, plain and simple.
Same thing with copyright infringement. You take a copyrighted work, apply any number of whatever operations on it, make a copy and distribute it and you're in violation of copyright, plain and simple. The number and kind of operations in the intermediate step don't matter one iota. And as long as you don't get that into your head, you'll be laughed at when they slam you. Do you think the judge will be the smallest bit impressed by anything you said above? He'll have one question and one question only and that is: Did you copy a copyrighted work without authorisation, yes or no?
And no, that is not something that is unique of this new digital world. That's techie bla bla. You can say the same of paint or letters. No, the book sellers don't have a copyright on the letters A through Z, but they do have a copyright on a specific number of them in a specific order, otherwise known as a novel, or a poem, or a drama or whatever.
No, the movie industrie does not have a copyright on 0 and 1, yes it does hold the copyright to specific collections of 0s and 1s in specific orders. Or more specifically: To the content of what these numbers represent.
Copyright is not a mathematical concept. You can't "defeat" it with mathematics. For all the law cares, math is a tool to apply transformations on content, but that doesn't change the fact that the content is copyrighted, end of story.
Re: (Score:3)
You are still trying to win points with sophism after I've told you that the only thing you'll get for that is a reprimand for wasting the court's time if things ever get to that level?
I am not infringing copyright because I created those words myself, so I am the copyright holder.
Again, don't think that playing tricks with math is the first anyone has ever come up with. Sure, mathemetically you can find a transformation function that turns Bambi into Star Wars. And once more I'm telling you that is at best
Re: (Score:2)
But it's an entirely true line. Is it called stupidity to "fall" for truth?
Re: (Score:2)
How would you prove without the key that the video on YouTube is not gibberish video data?
Why not use the key that you said was posted as a separate YouTube video?
...and the encryption key as another video onto YouTube?
Re: (Score:2)
Re: (Score:2)
I'm pretty sure the forum and the decryption tool maker are liable too, for "aiding in copyright infringement". There is the "letter of the law" method of interpretation and the "spirit of the law"way of interpretation and judges generally prefer to interpret the law according to who is buying their next yacht.
Re: (Score:2)
The student who posted it. If you want to get technical, the QR code video on Youtube is not gibberish video data. It's a copy of the movie. It's just a different carrier. Unless you think turning on SSL in bittorrent means you're transmitting gibberish data.
The more interesting question is: Get a movie and a random bitstream; post the random bitstream online (1); XOR the movie with the random bitstream and post the result online (2).
Are (1) or (2) infringing copyright? If so, which one, and why? Remember, independently both (1) and (2) are indistinguishable from random data.
Also, these bitstreams can themselves be used as random input for another XOR operation.
Re: (Score:2)
Even though they're indistinguishable from random data, they are "derivative works" of the copyrighted material and are in violation. Of course nobody can prosecute or even determine this, but under the law that's how it is.
Re: (Score:2)
Re: (Score:2)
Re:Ever thought it might be a good idea? (Score:5, Funny)
Same thing if you uploaded a video containing only white noise as the picture: it's there just to waste Google's hard drive space.
http://www.youtube.com/watch?v=bf7NbRFyg3Y [youtube.com]
Good times.
Re: (Score:2)
Well, if he's not making a profit off of it and sharing it privately its really close to grounds for fair use ;) As there is nothing wrong with creating a "digital library" of copywrited works.
The only issue in your senario is that the copy was obtained "illegally". Which is more of a civil matter then a legal one. Since it has more to do with taping something on private property. Or thats how it use to be, I'm sure the guy would be a 50 year federal conviction now.
Youtube definitely says you can't do that
Re: (Score:3)
Who would be responsible for this copyright infringement?
You think you are smarter than the people who write and interpret the laws. Newsflash: You aren't. Chances are, they yawn at your scheme. Because, you know, people trying to find loopholes in the law isn't exactly news, they've been around for at least 2000 years, and the law-people have been dealing with them that long. We techies are just the most recent breed.
I've worked with lawyers and judges. Trust me, all these geeky schemes of distributing the responsibility until it disappears is at best mildely in
Re: (Score:2)
Go read "What Colour are your bits? [sooke.bc.ca]".
Re: (Score:2, Funny)
Someone finally finds a use for QR codes, pairs it with social media and cloud based storage...and all you can do is pooh pooh the idea.
I'm writing an iphone app to do this as we speak. This is going to be huge! Where the venture capitalists at? Holla!
Re: (Score:3)
QRCode is stupid. What is not stupid, though, would be leveraging the fact that if you upload in a correct format that's not subject to reencoding, you can pretty much fill it with arbitrary data at 90%+ efficiency. You need to wrap it in the codec data structure format, and massage it a bit so that various bits of the codec consider it valid. It'll look like "noise", but it gives you what you want, at an efficiency orders of magnitude better than QRCode.
Title: "LSD snow-storm" (Score:2)
No wonder your snowy pixel vids are so boring.
Re: (Score:3)
Lolzers. (Score:5, Insightful)
I'm sure Youtube will _never_ notice this and your foolproof plan will be good for all time.
You might be OK with some steganography, but otherwise they will thwart you if more than a few people do this.
Re:Lolzers. (Score:5, Insightful)
The fact that you can have the "super smart encrypted content" taken down with a moments notice by serving a bogus DMCA never entered the submitters mind.
Re:Lolzers. (Score:4, Informative)
*OK, maybe it's just in the teacher's edition.
Re:Lolzers. (Score:5, Interesting)
No its an example of how naively relying on an uncontracted outside "cloud" service is a really dumb idea.
Now imagine you split your data up into a Set of messages, which can be recovered by any sufficiently large subset of more than N messages? This is what tahoe lafs does, typically using 10 messages, any 6 of which can recover the original.... of course its all encrypted too.
Then all you need is some process which periodically checks the messages and ensures that you always have some threshold (which should really be larger than N, by at least a few).
There is also no need for QR codes to be used, thats another example of naive use. It would actually be vastly more efficient to encode the data differently, but, encoding in such ways as to not be easily detected and removed by youtube could be tricky. However, if you could find a way to minimally disguise the data so it just looks like hours of terribly boring video (like, video of your pet fish)....
Shit you could probably just keep re-uploading the same fish video with differently encoded data and new names....nobody is going to examine hours of fish swimming to determine where the loop is or whether the two videos are of the same loop.
Re: (Score:2)
Re: (Score:3, Interesting)
Depending on the decoding speed, this may be a good way to include tablet and phone apps with movie purchases. Just tack it on where the movie previews are. Not everybody has reliable broadband, especially those that don't stream their video.
Re: (Score:2)
There is also no need for QR codes to be used, thats another example of naive use. It would actually be vastly more efficient to encode the data differently, but, encoding in such ways as to not be easily detected and removed by youtube could be tricky. However, if you could find a way to minimally disguise the data so it just looks like hours of terribly boring video (like, video of your pet fish)....
Shit you could probably just keep re-uploading the same fish video with differently encoded data and new names....nobody is going to examine hours of fish swimming to determine where the loop is or whether the two videos are of the same loop.
Or you could just train your fish to swim to the right, unless the tank is electrified, then swim left, conveniently encoding whatever you need.
Re: (Score:2)
Re: Lolzers. (Score:3)
There are steganographic algorithms that are highly resistant to encoding and rencoding. They're mostly of interest for secretly watermarking photos and video. The movie studios probably use such an algorithm for watermarking preview discs now so they can trace leaks.
Steganography on YouTube would be moderately interesting - it's low efficiency but hidden. QR code videos are just stupid. They're very low efficiency and right out in the open. And if the goal is just to steal space from Google, there are bett
Re: (Score:2)
Re: (Score:2)
RTFC. He's replying to a suggestion of using some steganography :)
Re: (Score:2)
RTFA. He's using a bunch of images of QR codes, which have built in error correction.
Derp. The comment you replied to wasn't directly commenting the article but a reply to RightSaidFred99's comment about using steganography.
a bit too blatant (Score:5, Interesting)
If you start uploading videos to YouTube with nothing but frames of QR codes, you're pretty likely to have your account closed and the videos deleted.
It would be more robust if you made the video look like something that could plausibly be on YouTube as a "normal" video, even if it's something really boring. Probably especially if it's something really boring. Record one of your pets and use the low-order bits of the video and/or audio to steganographically include some data.
Re: (Score:2)
I dunno if Google would care. People have been using gmail as online storage since the beginning and Google didn't seem to care. Your 10gb video is not going to appreciably change Google's total bandwidth usage.
Re: (Score:2, Informative)
Which can be avoided if you follow their documentation. [google.com]
Encodings which match their specifications won't be re-encoded (only the down-scaled versions will).
Re: (Score:2)
Re: (Score:2)
The world's longest abstract art painting.
right... (Score:2, Insightful)
Re: (Score:2)
Just make sure that those QR frames ARE your data. Who cares if someone else reads it, too? It's encrypted, after all.
Re: (Score:3)
sure..until they compress it for you or change formats or ..... and screw it up.
This isn't steganography. As long as you create your video such that the artifacts of compression won't make your codes unreadable, it doesn't matter if Youtube does something like that.
Re: (Score:3)
QR's will look the same regardless of video format. If the resolution gets really scrunched down or if frame rates get jacked up in the conversion process, then it could be a wasted effort, but YouTube's internal conversion algorithms seem to be pretty effective these days. ...wait, am I defending the idea behind this article?
Re: (Score:2)
Re:right... (Score:4, Informative)
Re: (Score:3)
We're not talking about steganography or some other form of hiding data in a delicate manner that can be broken when typical practices like those you've cited are applied. We're talking about having frames that consist entirely of a QR codes [wikipedia.org], which should be reasonably resistant to compression, format changes, lowered resolutions, and other issues of that sort. So long as the QR code can still be easily made out, you can still get your data out.
Clearly, if they compressed it so heavily that it was just a gr
Re:right... (Score:5, Informative)
Have you ever used a QRCode? Ever noticed that most algorithms don't recognise the QRCode when it's sharpest and level with your screen? Usually, you don't have the time to have the code be level, or in focus, before the algorithm picks it up.
That's because QRCode are nigh indestructible. They could add a watermark [wikipedia.org] and the code would most probably still be readable (depending on the level of error correction you apply when encoding).
For example, I took one of the Wikimedia QRCode examples [wikimedia.org], and drew on it [postimg.org]. It still worked. Then I skewed the image [postimg.org] using MS Paint. It still worked. Then I decided to go from 172 pixels to 86 pixels [postimg.org] (using MS Paint's resize function). It still worked (zoomed to either 100% or 200%). Then I decided to "reduce its resolution", so to speak, by resizing that reduced image to 200%, then back to 50%, then back to 200%, etc for 4 or 5 times, until I ended up with this [postimg.org]. It still worked.
Now, I'm sure that I *wanted* this to work. There will be dozens of cases where even the most stupid tear of paper or poor lighting will prevent that QRCode from being decoded. But somehow, I don't think that YouTube's HD video encoding will be much of an issue for QRCodes.
Tested with QR Droid on a Wiko Cink King, scanning off a 23" 1080p screen.
Re: (Score:2)
That looks like some kind of cellular automata spiral algorithm with maybe three or four different cell types.
I already have a better solution. (Score:5, Funny)
I store mine in the Linux source code comments. Nobody has ever noticed.
Great! Now Al-Qaeda has YouTube technology. :-( (Score:3)
Re:Great! Now Al-Qaeda has YouTube technology. :-( (Score:4, Insightful)
First of all, what the fuck is up with using the subject for half the reply? Seriously, cut it out. You people look like retards.
Hiding stuff in plain sight has never been very hard, you don't need youtube for that. Anything connected to the 'net is pretty much hidden in plain sight, no need to involve a millions-of-users-per-month website, when a simple IP distributed would do the trick just as fine.
Encryption is no secret, no matter what the feds tell you, the ban en exports of encryption algorithms has not made the rest of the world go sans encryption. The example in the article is about the dumbest security idea since, shit i don't know... ever?
Re: (Score:2)
You're totally right about the title reply! (Score:3)
Mod parent up! :)
What's the benefit? (Score:2)
You'll need a specialized client to trap this information with a barcode scanner, buffer and really good QR read times. And then what? What is gained using this method for file distribution vs. downloading from one of the bazzilion free web file hosting sites?
Re: (Score:2)
Re: (Score:3)
Ah, but this *could* be a good one to many broadcast of information. Have a botnet receive C&C directives this way?
You could even post the QR code in a corner of the video, or embed it in the video data as an alpha channel.
reprimand? (Score:2)
I wonder if he will have to pay for the (already terrilbly) slashdotted vt.edu servers that have just melted between serving a wiki entry and video posted there.
Uhhh.... no. (Score:2)
Sounds like a lot of trouble for something that can be easily and more securely done with any several of free services like Dropbox, Box, Google Drive, Windows SkyDrive, Ubuntu One, etc.
Re: (Score:2)
I've seen youtube blocked much more than multiple free or not file drop services in corporate firewalls..
Re: (Score:2)
Re: (Score:2)
A simpler approach would be to use a free web hosting service, and drop your encrypted data in there. Easy access from anywhere without needing to sign in.
Re: (Score:2)
Re: (Score:2)
So do YouTube videos. But is that really a problem?
10GB Free, Wow! (Score:3)
Re: (Score:2)
Re:10GB Free, Wow! (Score:4, Informative)
Have you been hiding under a rock for the last few months? Mega [mega.co.nz] gives you 50GB for free.
Pssst - Google doesn't actually make this hard (Score:3)
For small amounts of data (in the few-GB range), you can host crap in a bazillion places online for free. No need to send yourself 400 multi-part uuencoded emails these days to "sneak" it past the storage provider.
I found a QSR code burned into my toast (Score:5, Funny)
This is like (Score:4, Insightful)
Now Trending (Score:2)
Been there done that (kind of)... (Score:2)
Re: (Score:2)
10Gb? (Score:2)
Using this technique one could easily store 10GB of data to be available anywhere in the world, and completely free.
Which orifice did that number get pulled out of?
Also, "easily"? Compared to, say, setting up a couple of Gmail accounts and sending yourself some attachments?
Unreliable ToS dependent data storage (Score:2)
Your data is compressed so you have to work around that, and it can be removed at any time if they believe you are violating the Terms of Service. Almost certainly, this does. It's not worth the hassle. It certainly isn't worth it for anything serious. Just go to one of the many existing free storage sites and encrypt the files before you put them there if it's something private. If you need more offsite storage, stick a crow bar in your wallet and pay for it, cheapskates.
amiga Video Back Up System... ? (Score:2)
"Easily"?? (Score:2)
Using this technique one could easily store 10GB of data to be available anywhere in the world
It's a fun little hacking project for sure, but I would not call this "easily" when you have things like dropbox or google docs to store, you know, actual files in.
Re: (Score:2)
The point to be made here is that YouTube is technically also the same service, doesn't matter if you are hosting a website for audio storage, you are a data storage cloud. This is a minor headache for YouTube, and a valuable opportunity for the advertising industry
It's not really the same on a technical level tho, because YouTube destructively modifies your data (re-encoding the video) while filelockers like dropbox allow you to retrieve your original data as-is. Sure they're both examples of "cloud storage", but one actively modifies your data while the other doesn't.
Plus I can't imagine how this would be a "minor headache" for Youtube or even less how it's a "valuable opportunity" for the advertising industry, nobody's going to store files on Youtube because, if no
Old Idea (Score:2)
Had a device from radio shack back in the 90's that did the same thing but on VHS tapes. It just created a video of the data to record or play from any VCR.
Granted you can pack the data tighter now, but QR code is not the answer, not enough data density.
No (Score:2)
GoogleFS (Score:2)
And? (Score:2)
10GB of online storage completely free? What, like services like Dropbox, Google Drive, Mega etc?
Why go through all the hassle of encrypting your data as a QR code video, when you could just upload your encrypted files to one of these fine services?
Well why not (Score:2)
yeah... (Score:2)
...until some bot working for the RIAA thinks it's a really funky music video and issues an automated takedown notice that YouTube automatically honours, taking your precious files offline.
Re:Wow... worse than old usenet binaries. (Score:5, Insightful)
what ever happened to the hacker mentality these days?
they would do it, BECAUSE THEY CAN. A reason so valid that it I shouldn't have to be here telling you about it.
Re: (Score:2, Funny)
Are you Captain Kirk? This reminds me of the only good reason to climb a mountain.
Re:Wow... worse than old usenet binaries. (Score:5, Funny)
Are you Captain Kirk? This reminds me of the only good reason to climb a mountain.
After your first sentence, I thought that was his remark on the subject of why bang genetically or even anatomically incompatible aliens.
Re: (Score:2)
Re: (Score:2)
I'm pretty sure if there is a hole, you can bang it.
...which is why they ejected the warp core into the black hole in the 2009 Star Trek movie.
Re: (Score:2)
Are you Captain Kirk? This reminds me of the only good reason to climb a mountain.
(Oh, and I forgot to add that the relevant quote from The Worst Star Trek Movie Ever actually isn't "because I can" but rather "because it's there".)
Re:Wow... worse than old usenet binaries. (Score:4, Insightful)
Re: (Score:2)
Storing a lot of data on Youtube can be done. It can be done in a hacky and good way - and it can be done in a shitty, QR-code, spacewasting way.
Re: (Score:2)
Just checked out the website.
The articles are quite similar to the ones here, but minimal discussion on articles from days ago.
Also I'm personally not a fan of the advertise placement on that site (which is also the reason I don't read techdirt much).
Re: (Score:2)
Bacterial DNA data storage actually makes more sense because each time the bacteria reproduces, it makes a copy of your data. It also actively corrects data corruption because mutated DNA is more likely to result in that particular organism dying, so to get your data back, you just need to read a bunch of samples and discard the ones that are not like the rest.
Re: (Score:2)