Phorm, privacy, RIPA and interception

Ian Batten ukcrypto at chiark.greenend.org.uk
Fri, 29 Feb 2008 11:29:00 +0000 

--Apple-Mail-2-491558057
Content-Transfer-Encoding: 7bit
Content-Type: text/plain;
	charset=US-ASCII;
	delsp=yes;
	format=flowed


On 28 Feb 08, at 1122, Richard Clayton wrote:

> -----BEGIN PGP SIGNED MESSAGE-----
> Hash: SHA1
>
> In article <47C3FBFD.4090408@pmsommer.com>, Peter Sommer
> <peter@pmsommer.com> writes
>
>> It's also interesting to see how little Ernst & Young in their Repoty
>> actually commit themselves in their analysis of the privacy issues  
>> and
>> that their remit apparently did extend to RIPA and CMA issues.
>
> or other UK legislation...

By the way, if we fancy obfuscating matters...hide your queries in  
the noise.

Lash up a script (example attached) to generate random words  
delimited by + signs.  We use this to generate WPA2 keys, but it'll  
do for this purpose.  Then do something like:

while sleep 30; do
   words=$(randwords.pl)
   curl -A 'Mozilla/5.0 (Windows; U; Windows NT 5.1; en) AppleWebKit/ 
23 (KHTML, like Gecko) Version/23 Safari/23' -o /dev/null "http:// 
www.google.com/search?${words}"
done

Examples of the searches this will produce are below.  The more  
sophisticated obfuscator will change the search engine periodically,  
and might fetch the first K of a few of the pages that are  
referenced, too.

ian

countergabion+terceron
osteoarthrotomy+ballastage
endokaryogamy+cilioscleral
haptotropism+isoborneol
evaporability+acrindoline
attemperator+dermatoglyphics
sebesten+enheritance
grunion+unidentified


--Apple-Mail-2-491558057
Content-Transfer-Encoding: 7bit
Content-Type: text/x-perl-script;
	x-unix-mode=0755;
	name=randwords.pl
Content-Disposition: attachment;
	filename=randwords.pl

#!/usr/bin/perl -w

use strict;
use IO::File;
use File::stat;

my $random = new IO::File ("</dev/urandom") or die "$0: no urandom $!";
my $words = new IO::File ("</usr/share/dict/words") or die "$0: no dict $!";

my $stat = stat ($words) or die "$0: cannot stat dict $!";

my $res = [];

while (length (join (' ', @$res)) <= 16) {
    my $bytes;
    die "$0: read from random $!" unless $random->read ($bytes, 4) == 4;
    my ($offset) = unpack ("L", $bytes);
    $words->seek ($offset % $stat->size (), 0);
    $words->getline () || next;
    my $word = $words->getline () || next;
    chomp $word;
    next if length ($word) < 4;
    push (@$res, $word);
}

STDOUT->print (lc join ('+', @$res), "\n");

--Apple-Mail-2-491558057
Content-Transfer-Encoding: 7bit
Content-Type: text/plain;
	charset=US-ASCII;
	format=flowed




--Apple-Mail-2-491558057--