Home page logo
/

fulldisclosure logo Full Disclosure mailing list archives

Standing Up Against German Laws - Project HayNeedle
From: Paul Sebastian Ziegler <psz () observed de>
Date: Sun, 11 Nov 2007 02:28:54 +0900

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

Dear Infosec community,

as most of you may have heard the German government passed a law today
that will lead to all connections being logged for 6 months. This
includes phone calls as well as all internet connections.

This is madness for various apparent reasons. In times like these it is
necessary to stand up against it. Of course not by committing crimes but
by attacking the flawed logic behind those laws itself.

There are many approaches to this. And I am sure (and I really hope)
that there will be many more taken. This is just one approach that came
to my mind today.

Introducing Project HayNeedle.
A tiny spider-like program written in C# that will create connection
sessions on it's own thus trying to create plausible deniablility. It
runs within the .NET framework and was tested on Linux and Windows XP.
If it runs on your OS, drop me a line, if it doesn't send me a report.
It should run on almost any OS supporting Mono.

The mechanism is quite easy: It searches Google for random words and
picks random pages among the results, then spiders from there (well it
is spidering except that it only follows one URL at a time within a
session thus simulating a user).

A long description of the idea behind it and the technique as well as
downloads of the sourcecode and binary can be found here (English and
German version):
http://observed.de/?entnum=126

Project HayNeedle is released under the GPLv2. So any form of patches,
ideas and constructive criticism is welcome. However for the sake of
everyones nerves I will not reply to any sort of aggressive and/or
flaming mails.

Many Greetings
Paul Sebastian Ziegler
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.7 (GNU/Linux)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org

iD8DBQFHNepUaHrXRd80sY8RCqprAKC/8EVMf/FVibcyLWc1ksnq9ZRT7ACg9FpS
4JpBVvHE1TI3ZPkvgSPXuGA=
=g7Qt
-----END PGP SIGNATURE-----

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/


  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]