Re: [Full-disclosure] Standing Up Against German Laws - Project HayNeedle




On Nov 10, 2007, at 9:28 AM, Paul Sebastian Ziegler wrote:

The mechanism is quite easy: It searches Google for random words and
picks random pages among the results, then spiders from there (well it
is spidering except that it only follows one URL at a time within a
session thus simulating a user).

There's a few things wrong with this approach. Most of them were
outlined by Bruce Schneier when he reviewed "TrackMeNot"[1] last year.

The same issues with TrackMeNot apply to Hayneedle, including
potential false positives, and list of word combinations that can be
filtered out easily, and well, the list goes on.



[1] http://www.schneier.com/blog/archives/2006/08/trackmenot_1.html

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/