Re: [Full-disclosure] Standing Up Against German Laws - Project HayNeedle
- From: johan beisser <jb@xxxxxxxxxxx>
- Date: Mon, 12 Nov 2007 09:55:29 -0800
On Nov 10, 2007, at 9:28 AM, Paul Sebastian Ziegler wrote:
The mechanism is quite easy: It searches Google for random words and
picks random pages among the results, then spiders from there (well it
is spidering except that it only follows one URL at a time within a
session thus simulating a user).
There's a few things wrong with this approach. Most of them were
outlined by Bruce Schneier when he reviewed "TrackMeNot"[1] last year.
The same issues with TrackMeNot apply to Hayneedle, including
potential false positives, and list of word combinations that can be
filtered out easily, and well, the list goes on.
[1] http://www.schneier.com/blog/archives/2006/08/trackmenot_1.html
_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/
- References:
- [Full-disclosure] Standing Up Against German Laws - Project HayNeedle
- From: Paul Sebastian Ziegler
- [Full-disclosure] Standing Up Against German Laws - Project HayNeedle
- Prev by Date: [Full-disclosure] [ GLSA 200711-16 ] CUPS: Memory corruption
- Next by Date: [Full-disclosure] 0day0day0day0day AURACMS XSS!! LATEST VERSION!!! 0day0day0day0day
- Previous by thread: Re: [Full-disclosure] Standing Up Against German Laws - Project HayNeedle
- Next by thread: Re: [Full-disclosure] Standing Up Against German Laws - Project HayNeedle
- Index(es):
