Comment by FranchuFranchu
2 months ago
You could store UTF-8 encoded data inside the hidden bytestring. If some of the UTF-8 encoded smuggled characters are variation selector characters, you can smuggle text inside the smuggled text. Smuggled data can be nested arbitrarily deep.
I'm imagining post-incident analysis finding out that, "the data was exfiltrated via some Unicode string..." then they put it up on the screen and it's just an enormous line of turtle emoji
https://emojipedia.org/turtle
> I'm imagining post-incident analysis finding out that, "the data was exfiltrated via some Unicode string..." then they put it up on the screen and it's just an enormous line of turtle emoji
Since it took me a minute to make the connection, I'll just say explicitly that I enjoyed the understated "it's turtles all the way down" joke.
> We and our 717 technology partners ask you to consent to the use of cookies to store and access personal data on your device.
To see a turtle emoji.