undefined | Better HN

0 pointsdraugadrotten5y ago0 comments

You seem unaware of the difference between unicast IP and broadcast radio. Watching youtube is just as anonymous as a phone call, not very hard to map to a person. Youtube has a log of every IP accessing their servers and what they do, augmented by cookies and google accounts. A radio station does not know who is listening.

0 comments

doctor_eval5y ago

You don’t seem to understand my point. With good steganography you don’t know a message is being transmitted in the first place. It doesn’t matter which IP addresses accesses a video because you don’t know which video contains a message. Given the number of videos uploaded to YouTube, checking them all for embedded messages from a sophisticated state actor would seem to be quite a significant challenge. Even more difficult if you’re in Latvia, the agent is Russian, and the video is hosted in the USA...

This approach offers a way of transmitting much more data, on demand, with very little risk of detection of either the existence of the communication channel itself, or of the recipient.

The recipient could casually watch on wifi in a food court, using a modified app, while eating lunch. They would obviously need to exercise good secops, presumably as part of their trade... it seems quite a reasonable approach to me, but I’m no expert, it was just a thought.

macintux5y ago

Conversely, unlike a numbers station theoretically only the intended recipients know which videos should contain messages.

So the counterespionage personnel may be able to track who has watched one specific video, but only if they know which video to track.

j / k navigate · click thread line to collapse