His objections begin:
One, it doesn't hide your searches. Well, that's a "No shit, Sherlock" statement, if I've ever seen one. If you're searching for "al Qaeda recruitment centers," as Schneier uses as an example, I hope you
are targeted. I think of things like TrackMeNot and Random Submitter as being for those of us who
don't have a legitimate reason for DHS to knock on our doors.
Who the hell ever said this idea was designed to hide genuinely nefarious activity? The whole premise of that angle is idiotic.
Then he says
Two, it's too easy to spot. There are only 1,673 search terms in the program's dictionary. Well, my Random Submitter word list is many times that size.
Then, he says
In any case, every twelve seconds -- exactly -- the program picks a random pair of words and sends it to either AOL, Yahoo, MSN, or Google. I run Random Submitter from a command script. Everything is randomized... How many instances launch, what search engines are used, and even the submission interval within each instance.
Then, he says
Three, some of the program's searches are worse than yours. This is true--as I pointed out above, the default TrackMeNot word list contains really idiotic words to search on. You have to sift through whatever list you'll be using, and remove crap like that.
Then, he says
And four, it wastes a whole lot of bandwidth. This may be true; I admittedly never worried too much about it.
Then, he says
I suppose this kind of thing would stop someone who has a paper printout of your searches and is looking through them manually, but it's not going to hamper computer analysis very much. Or anyone who isn't lazy. But it wouldn't be hard for a computer profiling program to ignore these searches. If you work a bit harder to randomize the submission intervals, I think this argument is quite mitigated.
He quotes another self-appointed security god, who says:
Imagine a cop pulls you over for speeding. As he approaches, you realize you left your wallet at home. Without your driver's license, you could be in a lot of trouble. When he approaches, you roll down your window and shout. "Hello Officer! I don't have insurance on this vehicle! This car is stolen! I have weed in my glovebox! I don't have my driver's license! I just hit an old lady minutes ago! I've been running stop lights all morning! I have a dead body in my trunk! This car doesn't pass the emissions tests! I'm not allowed to drive because I am under house arrest! My gas tank runs on the blood of children!" You stop to catch a breath, confident you have supplied so much information to the cop that you can't possibly be caught for not having your license now.
This argument relies on the search queries containing incriminating terms--but as I mentioned, you need to remove words like "mailbombs", "assassinate", and "rape" from your word list.
His suggested improvements are good, though:
If I were going to improve on this idea, I would make the plugin watch the user's search patterns. I would make it send queries only to the search engines the user does, only when he is actually online doing things. I would randomize the timing. And I would make it monitor the web pages the user looks at, and send queries based on keywords it finds on those pages. And I would make it send queries in the form the user tends to use, whether it be single words, pairs of words, or whatever.
Random Submitter already allows you to do some of these things.
He suggests using something like
BlackBoxSearch.com instead. But ... who runs that web site? Why should I trust
them? Is it actually run by the DHS? Do they log queries (regardless of whether they admit it or not)? Could they not have a massive data leak? Could their logs be subpoenaed or lost?
The bottom line, for me, is that if you take a bit of time to make it work, you
can bury your real searches.