lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Message-ID: <20071110182047.GA3957@ngolde.de>
Date: Sat, 10 Nov 2007 19:20:47 +0100
From: Nico Golde <fd@...lde.de>
To: full-disclosure@...ts.grok.org.uk
Subject: Re: Standing Up Against German Laws - Project
	HayNeedle

Hi Paul,
* Paul Sebastian Ziegler <psz@...erved.de> [2007-11-10 18:33]:
> as most of you may have heard the German government passed a law today
> that will lead to all connections being logged for 6 months. This
> includes phone calls as well as all internet connections.
[...] 
> The mechanism is quite easy: It searches Google for random words and
> picks random pages among the results, then spiders from there (well it
> is spidering except that it only follows one URL at a time within a
> session thus simulating a user).

How would this help with stored phone calls? How would this 
help with the general problem?

While I think it is nice that you think about doing 
something against this I don't really like your idea since 
you totally miss that traffic does not only mean HTTP so I 
don't really see any point of not just using gpg,tor, etc.

You write "This way it is very hard to tell which 
connections are actually made by the user thus generating 
plausible deniability." on your website and I also don't 
think this is valid because noone cares if it was you or an 
application creating this traffic, it also does not 
prevent people to store your traffic and I would aspect them  
to have pretty good methods to devide important and 
unimportant traffic ;)

Cheers
Nico
-- 
Nico Golde - JAB: nion@...ber.ccc.de | GPG: 0x73647CFF
Forget about that mouse with 3/4/5 buttons -
gimme a keyboard with 103/104/105 keys!

Content of type "application/pgp-signature" skipped

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ