[<prev] [next>] [thread-next>] [day] [month] [year] [list]
Message-ID: <4735EA56.3010900@observed.de>
Date: Sun, 11 Nov 2007 02:28:54 +0900
From: Paul Sebastian Ziegler <psz@...erved.de>
To: bugtraq@...urityfocus.com,
full-disclosure <full-disclosure@...ts.grok.org.uk>
Subject: Standing Up Against German Laws - Project HayNeedle
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512
Dear Infosec community,
as most of you may have heard the German government passed a law today
that will lead to all connections being logged for 6 months. This
includes phone calls as well as all internet connections.
This is madness for various apparent reasons. In times like these it is
necessary to stand up against it. Of course not by committing crimes but
by attacking the flawed logic behind those laws itself.
There are many approaches to this. And I am sure (and I really hope)
that there will be many more taken. This is just one approach that came
to my mind today.
Introducing Project HayNeedle.
A tiny spider-like program written in C# that will create connection
sessions on it's own thus trying to create plausible deniablility. It
runs within the .NET framework and was tested on Linux and Windows XP.
If it runs on your OS, drop me a line, if it doesn't send me a report.
It should run on almost any OS supporting Mono.
The mechanism is quite easy: It searches Google for random words and
picks random pages among the results, then spiders from there (well it
is spidering except that it only follows one URL at a time within a
session thus simulating a user).
A long description of the idea behind it and the technique as well as
downloads of the sourcecode and binary can be found here (English and
German version):
http://observed.de/?entnum=126
Project HayNeedle is released under the GPLv2. So any form of patches,
ideas and constructive criticism is welcome. However for the sake of
everyones nerves I will not reply to any sort of aggressive and/or
flaming mails.
Many Greetings
Paul Sebastian Ziegler
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.7 (GNU/Linux)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org
iD8DBQFHNepUaHrXRd80sY8RCqprAKC/8EVMf/FVibcyLWc1ksnq9ZRT7ACg9FpS
4JpBVvHE1TI3ZPkvgSPXuGA=
=g7Qt
-----END PGP SIGNATURE-----
Powered by blists - more mailing lists