topbanner_forum
  *

avatar image

Welcome, Guest. Please login or register.
Did you miss your activation email?

Login with username, password and session length
  • Thursday March 28, 2024, 6:34 am
  • Proudly celebrating 15+ years online.
  • Donate now to become a lifetime supporting member of the site and get a non-expiring license key for all of our programs.
  • donate

Last post Author Topic: DONE: perform random URL queries (Random Submitter)  (Read 70188 times)

Scott

  • Resident Googler
  • Charter Member
  • Joined in 2005
  • ***
  • Posts: 378
    • View Profile
    • Read more about this member.
    • Donate to Member
Re: DONE: perform random URL queries (Random Submitter)
« Reply #50 on: August 31, 2006, 11:22 AM »
His objections begin: One, it doesn't hide your searches.  Well, that's a "No shit, Sherlock" statement, if I've ever seen one.  If you're searching for "al Qaeda recruitment centers," as Schneier uses as an example, I hope you are targeted.  I think of things like TrackMeNot and Random Submitter as being for those of us who don't have a legitimate reason for DHS to knock on our doors.

Who the hell ever said this idea was designed to hide genuinely nefarious activity?  The whole premise of that angle is idiotic.

Then he says Two, it's too easy to spot. There are only 1,673 search terms in the program's dictionary.  Well, my Random Submitter word list is many times that size.

Then, he says In any case, every twelve seconds -- exactly -- the program picks a random pair of words and sends it to either AOL, Yahoo, MSN, or Google.  I run Random Submitter from a command script.  Everything is randomized...  How many instances launch, what search engines are used, and even the submission interval within each instance.

Then, he says Three, some of the program's searches are worse than yours.  This is true--as I pointed out above, the default TrackMeNot word list contains really idiotic words to search on.  You have to sift through whatever list you'll be using, and remove crap like that.

Then, he says And four, it wastes a whole lot of bandwidth.  This may be true; I admittedly never worried too much about it.

Then, he says I suppose this kind of thing would stop someone who has a paper printout of your searches and is looking through them manually, but it's not going to hamper computer analysis very much. Or anyone who isn't lazy. But it wouldn't be hard for a computer profiling program to ignore these searches.  If you work a bit harder to randomize the submission intervals, I think this argument is quite mitigated.

He quotes another self-appointed security god, who says:

Imagine a cop pulls you over for speeding. As he approaches, you realize you left your wallet at home. Without your driver's license, you could be in a lot of trouble. When he approaches, you roll down your window and shout. "Hello Officer! I don't have insurance on this vehicle! This car is stolen! I have weed in my glovebox! I don't have my driver's license! I just hit an old lady minutes ago! I've been running stop lights all morning! I have a dead body in my trunk! This car doesn't pass the emissions tests! I'm not allowed to drive because I am under house arrest! My gas tank runs on the blood of children!" You stop to catch a breath, confident you have supplied so much information to the cop that you can't possibly be caught for not having your license now.

This argument relies on the search queries containing incriminating terms--but as I mentioned, you need to remove words like "mailbombs", "assassinate", and "rape" from your word list.

His suggested improvements are good, though:

If I were going to improve on this idea, I would make the plugin watch the user's search patterns. I would make it send queries only to the search engines the user does, only when he is actually online doing things. I would randomize the timing.  And I would make it monitor the web pages the user looks at, and send queries based on keywords it finds on those pages. And I would make it send queries in the form the user tends to use, whether it be single words, pairs of words, or whatever.

Random Submitter already allows you to do some of these things.

He suggests using something like BlackBoxSearch.com instead.  But ... who runs that web site?  Why should I trust them?  Is it actually run by the DHS?  Do they log queries (regardless of whether they admit it or not)?  Could they not have a massive data leak?  Could their logs be subpoenaed or lost?

The bottom line, for me, is that if you take a bit of time to make it work, you can bury your real searches.
« Next Edit: Tomorrow at 12:13:47 AM by Scott »

app103

  • That scary taskbar girl
  • Global Moderator
  • Joined in 2006
  • *****
  • Posts: 5,884
    • View Profile
    • Donate to Member
Re: DONE: perform random URL queries (Random Submitter)
« Reply #51 on: July 12, 2007, 12:37 AM »
I was helping someone dig up some stuff for a school assignment, where he has to give a presentation about Google and privacy issues, and came across this thread.

If we all are tainting the database with bogus searches using all the red flagged bad keywords, then they wouldn't know who is really doing searches for this stuff and who isn't.

I think the purpose of it isn't really to hide your searches in the mess of bogus ones as to make the data unreliable to find people that really search for this stuff.

If Google ever complied with an order to turn over the IP's of everyone searching for anything bomb related and if half of everyone that uses Google was running something that submitted a search that matched, then half of all Google users would have their IP in that list...and it would be obvious that the data couldn't be trusted, and therefore tossed out as being useless.

I think that is the point of using bad keywords. The likelihood of the government wanting any result data would be more for those keywords first...and if they succeed with that, then they move on to other keywords...which has a higher privacy concern for ordinary people.

Screw up the data for the bad words and you send the message that the data can't be trusted ever...for any keywords.

Scott

  • Resident Googler
  • Charter Member
  • Joined in 2005
  • ***
  • Posts: 378
    • View Profile
    • Read more about this member.
    • Donate to Member
Re: DONE: perform random URL queries (Random Submitter)
« Reply #52 on: July 12, 2007, 12:48 AM »
I think the purpose of it isn't really to hide your searches in the mess of bogus ones as to make the data unreliable to find people that really search for this stuff.

They aren't mutually-exclusive ends.

If Google ever complied with an order to turn over the IP's of everyone searching for anything bomb related and if half of everyone that uses Google was running something that submitted a search that matched, then half of all Google users would have their IP in that list...and it would be obvious that the data couldn't be trusted, and therefore tossed out as being useless.
-app103

Or, the number of people searching for bomb-making materials and such would still be low enough that the government could make your life a living hell if they decided to.  Because surely, nowhere near half of Google users are searching for that kind of thing.
« Next Edit: Tomorrow at 12:13:47 AM by Scott »

app103

  • That scary taskbar girl
  • Global Moderator
  • Joined in 2006
  • *****
  • Posts: 5,884
    • View Profile
    • Donate to Member
Re: DONE: perform random URL queries (Random Submitter)
« Reply #53 on: July 12, 2007, 12:58 AM »
But if these tools became a lot more widely used, it would cause what I would call a 'Halloween Effect"

If you were going on a 'witch hunt' for 'real witches' and assumed that all 'real witches' wore 'tall black hats and capes'...what would be the one day of the year that you wouldn't want to go hunting? Halloween.

You would end up rounding up so many innocent people in costume, that you'd be wasting your time.

The goal of these bogus searches for 'bomb making' stuff  is to make every day Halloween by dressing up everyone as a 'terrorist'. If it is done right and the government knows so many people do this then how reliable are they going to think any of the data is?

Scott

  • Resident Googler
  • Charter Member
  • Joined in 2005
  • ***
  • Posts: 378
    • View Profile
    • Read more about this member.
    • Donate to Member
Re: DONE: perform random URL queries (Random Submitter)
« Reply #54 on: July 12, 2007, 01:04 AM »
But if these tools became a lot more widely used, it would cause what I would call a 'Halloween Effect"

I completely understand that, and what I am saying is that I'm not about to be a "pioneer" who goes out in a witch costume!  I'm not big on being burned at the stake while waiting for everyone else to catch on.  :)

You make a good point, though.
« Next Edit: Tomorrow at 12:13:47 AM by Scott »

Muadib

  • Supporting Member
  • Joined in 2006
  • **
  • Posts: 29
    • View Profile
    • Donate to Member
Re: DONE: perform random URL queries (Random Submitter)
« Reply #55 on: July 12, 2007, 07:31 AM »
Ok. I'm completely convinced by Scott about the importance of using RandomSubmitter (thanks mouser for another useful software :Thmbsup:), but I have some questions related to its use, that I would like to show to you, mouser. Let's see:

1. Can you include, please, any additional information about the parameters in RandomSubmitter. Per example, in the existent README.txt you says "use $RANDFILE$ in url (or post,referrer) to replace with a random line from the Rand File.", but when I put $RANDFILE$ in the "Optional Post" I receive a message of "Error submitting to internet." in the log window. Am I doing something wrong, or it's necessary to include anything more?

2. Can you provide additional examples for using it with Yahoo and other search engines, please?

3. Is it possible to randomise the submittion, rather than having every exact X minutes? I read that Scott is running it through a script to have that, but I was wondering if it's too much hassle to do it in the program, instead?

Thank you both for the idea (knowledge is power!  :)) and for the solution to the problem.

All the best.

mouser

  • First Author
  • Administrator
  • Joined in 2005
  • *****
  • Posts: 40,896
    • View Profile
    • Mouser's Software Zone on DonationCoder.com
    • Read more about this member.
    • Donate to Member
Re: DONE: perform random URL queries (Random Submitter)
« Reply #56 on: May 16, 2008, 12:11 AM »
More evidence that Scott, who requested "Random Submitter" back in early 2005, was a visionary ahead of his time:

A new program featured on BoingBoing today:
AntiPhormLite confounds BT's spyware by simulating random browsing

kartal

  • Supporting Member
  • Joined in 2008
  • **
  • Posts: 1,529
    • View Profile
    • Donate to Member
Re: DONE: perform random URL queries (Random Submitter)
« Reply #57 on: May 16, 2008, 12:27 AM »
this is also good way to keep your connection alive I guess

kartal

  • Supporting Member
  • Joined in 2008
  • **
  • Posts: 1,529
    • View Profile
    • Donate to Member
Re: DONE: perform random URL queries (Random Submitter)
« Reply #58 on: May 16, 2008, 12:29 AM »
My only worry about this AntiPhormLite software is that I hope that they are not making money out of this random visits (sounds unethical). Because this may make it look like people are visiting this web sites thus generates profit for
this company?