Hacker Newsnew | past | comments | ask | show | jobs | submitlogin

Well, in that case I'm just going to invent a TCP-over-cat-pictures VPN. Encode all the TCP packets in the subtle details of the fur and package everything up as innocent-looking HTTP GET requests.

This realistically shouldn't be too hard to do with obfsproxy's already-built framework.



You're going to run out of cat pictures pretty quickly.


I've been thinking about this lately, and it seems that you could use something like a book code. Client and server use existing internet accessible images as the book and then your communication simply references bytes in those images: client requests a URL that encodes the bytes it wants to send, server returns HTML containing the urls of images containing the bytes it wants to send in response (and any extra content that helps make the page seem normal, ignored by the client). Pictures could be anything anywhere (lolcats, wikipedia, etc.), client should only ever need to download the picture once. Bandwidth wouldn't be great, but if the server is accessible via a wide (and evolving) variety of domains it seems like it would be quite hard to distinguish this from normal browsing.


Just pass a DVD with white noise when you meet in person. That should keep you in one time pads as long as you want to communicate with someone. All you need is XOR and a bookmark. Of course you need to meet once, if that's not feasible you're going to get more technical.


In Vernor Vinge's A Fire Upon the Deep I recall a plot element along these lines. Traders traffic in cubes of material that acts as a super dense source of pad data. Your communication partner on another ship would have the twin cube, and the two would be synced up and then provide the carrier data stream for video and other content. When your cubestuff is exhausted your secure authenticated comms cease.


If the censorship is based on the government being able to make some sense of what you're communicating, XORing with a PSK will not work, because they will see meaningless garbage and block it. The reason I suggested cat pictures is because the censors will see actual cat pictures and (hopefully) consider the protocol not worthy of blocking.

s/cat pictures/whatever you want/


got a repo i can contribute to?


Just drop fresh meme text on 'em and Bob's your uncle!


I think you may be on to something here.


Pretty easy really. Without knowing the key for the steganographic algorithm, it's really hard to get the data out unless you can compare it to the original. So if you're sourcing the pictures from somewhere, you'll need to manipulate false bits that aren't called for from the data itself to keep it from being breakable in such a manner.




Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: