However some of these issues can be mitigated without too much trouble.
For example, one could have a dynamically growing dictionary of words
to search for based on random words in random results pages that it
grabs. At the very least, this would kill any attempts to filter it out
of the data mining system.
If the point of the system is primarily to create plausible deniability
for the end-user, that is, to allow them to say "hayneedle hit the site,
not me, so I am innocent", then I'd say it could be effective in that
regard barring some proviso in the law that allow them to persecute
someone who did not actually even visit a site of their own volition.
Beyond that, it's also effective in terms of turning up the noise to
signal ratio and making this law that much less effective, while placing
a greater burden of ISPs who are then more likely to lobby against it
ever more vigorously.... all while remaining entirely 'white area' in
terms of functionality.
I understand your post, but I don't think Mr. Ziegler was over-selling
his product's effectiveness beyond what it is really capable of.
Take care, Matt
johan beisser wrote:
>
> On Nov 10, 2007, at 9:28 AM, Paul Sebastian Ziegler wrote:
>
>> The mechanism is quite easy: It searches Google for random words and
>> picks random pages among the results, then spiders from there (well it
>> is spidering except that it only follows one URL at a time within a
>> session thus simulating a user).
>
> There's a few things wrong with this approach. Most of them were
> outlined by Bruce Schneier when he reviewed "TrackMeNot"[1] last year.
>
> The same issues with TrackMeNot apply to Hayneedle, including potential
> false positives, and list of word combinations that can be filtered out
> easily, and well, the list goes on.
>
>
>
> [1] http://www.schneier.com/blog/archives/2006/08/trackmenot_1.html
>
>
--
/*
* mdh - Solitox Networks (Lead Project Engineer)
* Facts often matter little, in the face of fervently held perceptions
*/
For example, one could have a dynamically growing dictionary of words
to search for based on random words in random results pages that it
grabs. At the very least, this would kill any attempts to filter it out
of the data mining system.
If the point of the system is primarily to create plausible deniability
for the end-user, that is, to allow them to say "hayneedle hit the site,
not me, so I am innocent", then I'd say it could be effective in that
regard barring some proviso in the law that allow them to persecute
someone who did not actually even visit a site of their own volition.
Beyond that, it's also effective in terms of turning up the noise to
signal ratio and making this law that much less effective, while placing
a greater burden of ISPs who are then more likely to lobby against it
ever more vigorously.... all while remaining entirely 'white area' in
terms of functionality.
I understand your post, but I don't think Mr. Ziegler was over-selling
his product's effectiveness beyond what it is really capable of.
Take care, Matt
johan beisser wrote:
>
> On Nov 10, 2007, at 9:28 AM, Paul Sebastian Ziegler wrote:
>
>> The mechanism is quite easy: It searches Google for random words and
>> picks random pages among the results, then spiders from there (well it
>> is spidering except that it only follows one URL at a time within a
>> session thus simulating a user).
>
> There's a few things wrong with this approach. Most of them were
> outlined by Bruce Schneier when he reviewed "TrackMeNot"[1] last year.
>
> The same issues with TrackMeNot apply to Hayneedle, including potential
> false positives, and list of word combinations that can be filtered out
> easily, and well, the list goes on.
>
>
>
> [1] http://www.schneier.com/blog/archives/2006/08/trackmenot_1.html
>
>
--
/*
* mdh - Solitox Networks (Lead Project Engineer)
* Facts often matter little, in the face of fervently held perceptions
*/
[ reply ]