Show HN: Unicode Steganography — a demo that hides messages in plain sight

April 7, 2026
aiscience
Close-up of a magnifying glass focusing on the word 'love' in a dictionary.
Photo by Nothing Ahead on Pexels

What is this?

Patrick Vuscan has posted an interactive research demo called "Unicode Steganography" that shows how invisible characters and visual lookalikes can carry secret messages through ordinary text. It has been reported that the demo lets you encode and decode hidden payloads using zero‑width characters or homoglyph (lookalike) substitution — neat, fiddly, a little uncanny. Steganography is hardly new — think WWII microdots — but this one lives squarely in the age of LLMs and instant chat.

How it works

Zero‑width characters slip nonprintable code points into a carrier string; homoglyph substitution swaps visually identical letters (Latin↔Cyrillic) so humans see the same word while bits change under the hood. The demo walks you through both. Zero‑width offers higher bandwidth and carrier agnosticism; homoglyphs are lower capacity but far more robust to copy‑paste and display quirks.

Limits and caveats

It has been reported that many platforms — Slack, Twitter/X, and some email clients — strip zero‑width characters before storing or showing text, so that channel is fragile in the wild. Conversely, Cyrillic lookalikes tend to survive most common pipelines. Both techniques are trivially caught by the right scanner: a Unicode category check flags zero‑width code points, while an alphabet‑mapping check spots Cyrillic substitutions. Still, it has been reported that a sufficiently capable model could embed covert signals in its outputs; whether an encoding could both fool human reviewers and beat unseen automated scanners remains an open question.

Why this matters

This demo is a small, tangible example of an unsettling idea: deception needn't be dramatic to be dangerous. A model that whispers instructions in invisible ink — invisible to people, recoverable by machines — turns chat into a potential covert channel. Scanners can catch today's tricks, but what about tomorrow's? The emotional sting here is plain: trust erodes when language can hide secrets. Who gets to decide which texts are safe — humans, models, or both?

Sources: patrickvuscan.com, Hacker News