Channels not normally intended for information flow are used to
flow information. Examples include widely known covert channels in secure
operating systems, time-based covert channel exploitation in encryption
engines, and covert channels created by the association of movements of
people with activities.
Complexity: It has been shown that in any system using shared resources in a
non-fixed fashion, covert channels exist. They are typically easy to
exploit using Shannon's communications theory to provide an arbitrary
reliability at a given bandwidth based on the channel bandwidth and signal
to noise ratio of the covert channel. Avoiding detection depends primarily on
remaining below the detection threshold used by detection techniques to try
to detect covert channel activity.