Another idea which has been sitting around on my stack for a while waiting for some time to be devoted to it.

Lately lots of people seem to be worrying about the amount of data Google has stored on them, especially in light of the US government sniffing around to see if they can get at the data. There are, of course, things you can do to cover yourself a bit, such as blowing away your google cookies regularly, but nothing is 100% effective as if it’s worth the effort, tracking down who was using a given IP address at a given time is usually quite possible.

So, perhaps someone should build some sort of script which just sends random queries to Google without any user intervention. The goal, of course, is plausible deniability. Any given query associated with your profile in Google’s system could be argued to be the result of this script rather than your direct actions. Requests from the script would have to be indistinguishable from the real thing, sending your cookies and whatever your normal user agent is, and maybe occasionally following result links or loading extra result pages. Obviously you would need to run it on your own machine to give the right IP address, and the queries will need to look as random as possible.

(Having thought about it for a while, the script would also need to load up page dependencies like images and .js files, so perhaps somehow scripting a real web browser is the answer for that side. Webkit could probably conveniently handle most of those details.)

I think the main challenge here is finding a good random source of queries. Any predetermined set of queries is going to be obvious reasonably quickly, so perhaps somehow generating queries from some sort of web crawling is the answer. I’ve not thought through the details of implementing such a crawling system, but it would be an interesting challenge to try to make it appear sufficiently random.

Technorati Tags: , , ,