lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
Open Source and information security mailing list archives
| ||
|
Date: Sat, 10 Nov 2007 18:31:56 +0000 From: nate.mcfeters@...il.com To: "Paul Sebastian Ziegler" <psz@...erved.de>, full-disclosure-bounces@...ts.grok.org.uk, bugtraq@...urityfocus.com, "full-disclosure" <full-disclosure@...ts.grok.org.uk> Subject: Re: Standing Up Against German Laws - ProjectHayNeedle Paul, Sorry about your difficulties. This is complete madness on the part of the German government and I fear it sets a dangerous precedent for other governments. There is no more clear definition for the word ironic then when those we've elected to protect us and our civil liberties pass laws that take those liberties away. I'd tell you to come to America, but I fear we may be next. Nate Sent via BlackBerry from T-Mobile -----Original Message----- From: Paul Sebastian Ziegler <psz@...erved.de> Date: Sun, 11 Nov 2007 02:28:54 To:bugtraq@...urityfocus.com, full-disclosure<full-disclosure@...ts.grok.org.uk> Subject: [Full-disclosure] Standing Up Against German Laws - Project HayNeedle -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 Dear Infosec community, as most of you may have heard the German government passed a law today that will lead to all connections being logged for 6 months. This includes phone calls as well as all internet connections. This is madness for various apparent reasons. In times like these it is necessary to stand up against it. Of course not by committing crimes but by attacking the flawed logic behind those laws itself. There are many approaches to this. And I am sure (and I really hope) that there will be many more taken. This is just one approach that came to my mind today. Introducing Project HayNeedle. A tiny spider-like program written in C# that will create connection sessions on it's own thus trying to create plausible deniablility. It runs within the .NET framework and was tested on Linux and Windows XP. If it runs on your OS, drop me a line, if it doesn't send me a report. It should run on almost any OS supporting Mono. The mechanism is quite easy: It searches Google for random words and picks random pages among the results, then spiders from there (well it is spidering except that it only follows one URL at a time within a session thus simulating a user). A long description of the idea behind it and the technique as well as downloads of the sourcecode and binary can be found here (English and German version): http://observed.de/?entnum=126 Project HayNeedle is released under the GPLv2. So any form of patches, ideas and constructive criticism is welcome. However for the sake of everyones nerves I will not reply to any sort of aggressive and/or flaming mails. Many Greetings Paul Sebastian Ziegler -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.7 (GNU/Linux) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org iD8DBQFHNepUaHrXRd80sY8RCqprAKC/8EVMf/FVibcyLWc1ksnq9ZRT7ACg9FpS 4JpBVvHE1TI3ZPkvgSPXuGA= =g7Qt -----END PGP SIGNATURE----- _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/ _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Powered by blists - more mailing lists