Jacques Mattheij

Technology, Coding and Business

Make a bigger Haystack

The NSA apparently has the capabilities to eavesdrop on just about anything you do on the web or on the internet in general. If you haven’t read that article yet please do, it’s quite a bit of insight into the capabilities of the spying agencies. Of course, as a dirty foreigner I’m a bit more pissed of at this than a US citizen would be (they are technically exempt from such monitoring which makes it a-ok).

But other governments than the USA are publicly crying foul but privately apparently collaborate eagerly in these programs, which are of course all designed to keep us safe from terror and other significant causes of sudden and violent death. The ‘nothing to hide’ crowd is in overdrive and there seems to be no limit to the amount of data that is being hovered up. Other than maybe the technical limits to storing the data long enough.

One paragraph in the above Guardian article stood out for me:

"The XKeyscore system is continuously collecting so much internet data
that it can be stored only for short periods of time. Content remains 
on the system for only three to five days, while metadata is stored for
30 days. One document explains: "At some sites, the amount of data we 
receive per day (20+ terabytes) can only be stored for as little as 24 

So apparently even the mighty 3 letter agencies are limited by technology and funding in what they can do.

A simple solution might then be to run software on our PC’s that use all the available bandwidth to flood the channels with bogus requests. A drive-by DDOS on any and all websites that indirectly hits the NSA infrastructure hardest because they have to deal with the cumulative effect rather than with just the effect on a single website. Of course all of us website operators would pay a part of the price for this. But that may be a price worth paying in the longer term. This surveilance thing has gone on for far too long, it’s grown larger than it ever should have been and I believe strongly that it should be stopped.

Increasing the size of the haystack to the point where the signal-to-noise ratio makes it impractical to vacuum up all the data rather than to purposefully target suspects (you know, like we used to before all this madness) might be just the ticket. Ordinary people going about their ordinary every day ways should have a reasonable expectation of privacy, both online and offline.

I can see several ways in which you could do this, for instance a browser plug-in that detects that your computer is not in use that then uses your history to create plausible activity including the time you normally take to read a page, click through or back, occasionally click an ad and so on. Just replaying your behavioral patterns over a series of websites that you normally already visit, but on pages that you haven’t visited yet. For extra points make it so that it does not mess up your history when you sit back down behind your computer.