
Noisy: Random DNS, HTTP/S traffic noise generator - GordonS
https://github.com/1tayH/noisy
======
crunchlibrarian
When I took my first networking class a billion years ago (the 1990s) the
kindly professor who had written most of the networking textbooks in use at
the time started the first week off by teaching us how to use the ping
command.

But first he warned us: make sure you always use the -c flag if you're pinging
something on the internet. This is to specify the count of pings sent out. If
you didn't it would ping forever and generate too much traffic, and this
useless noise would make you a "bad netizen". He explained this and everything
to us so kindly and with such sincerity it was like watching Fred Rodgers
speak.

Now we have to randomly barf noise onto the network to maybe have a better
chance at some privacy. And that's on top of the half dozen browser extensions
and the vpn and whatever other tools you need to have a moderately good
experience on the network.

How did we let the internet become this awful?

~~~
jstarfish
> How did we let the internet become this awful?

The innocence of anything is always lost when the MBAs show up.

~~~
y-c-o-m-b
This ... is beautiful.

------
redwards510
While I appreciate the intent of this and other "chaff" tools, I can't help
but think ten years from now I'll be seated under a single 200W light bulb
hanging from a string while some federal official with 100,000 printed out
pages of logs sneers at me saying "and then on December 10th of 2023 you
visited www.elderlydogswhosquirt.com. You disgust me." And then I try to
explain how it was the bots in my computer, not me. The bots I tell ya!

~~~
polaritron
I mean, they'll just toss a $500 bribe to a Geek Squad employee, and have them
spray your hard drive with "illegal data."

[https://fortune.com/2018/03/07/best-buy-geek-squad-fbi-
infor...](https://fortune.com/2018/03/07/best-buy-geek-squad-fbi-informants/)

[https://www.newsweek.com/best-buy-geek-squad-fbi-
informants-...](https://www.newsweek.com/best-buy-geek-squad-fbi-
informants-834846)

[https://slate.com/technology/2018/03/fbi-geek-squad-best-
buy...](https://slate.com/technology/2018/03/fbi-geek-squad-best-buy-
relationship-closer.html)

[https://www.huffingtonpost.com/entry/fbi-geek-squad-
customer...](https://www.huffingtonpost.com/entry/fbi-geek-squad-customer-
data-seach_us_5aa004b3e4b002df2c5fc9bc)

[https://www.npr.org/sections/thetwo-
way/2018/03/07/591698708...](https://www.npr.org/sections/thetwo-
way/2018/03/07/591698708/fbi-used-paid-informants-on-best-buys-geek-squad-to-
flag-child-pornography)

[https://www.eff.org/deeplinks/2018/03/geek-squads-
relationsh...](https://www.eff.org/deeplinks/2018/03/geek-squads-relationship-
fbi-cozier-we-thought)

[https://www.washingtonpost.com/news/true-
crime/wp/2017/04/03...](https://www.washingtonpost.com/news/true-
crime/wp/2017/04/03/records-show-deep-ties-between-fbi-and-best-buy-computer-
technicians-looking-for-child-porn/?noredirect=on&utm_term=.7d7a874f4fce)

------
AndyMcConachie
If you're worried about getting in trouble for some HTTPS or DNS traffic then
why would you trust this? Someone snooping on your traffic could see you
generating traffic that looks incriminating.

If you're _not_ worried about getting in trouble for some HTTPS or DNS traffic
then why would you use this?

In short I don't understand the use case for this script. Anyone analyzing
your traffic looking for specific DNS requests or specific SNIs will still see
them.

~~~
redwards510
As the author mentions in the readme, one use case is to obfuscate your online
advertising profile by flooding it with random data.

~~~
endymi0n
Without using a real headless browser running JavaScript AND accessing a
browser cookie store to distribute the fake traffic on the event tracking of
all gazillion tracking cookies you‘re already identified with, this approach
is utterly useless for the purpose intended. Even for trackers using
IP+Fingerprint (which nobody I know is seriously using these days anymore),
you‘d have to spoof the user agent of the regular browser.

Sorry to say, but you‘ll be much better off with an adblocker.

~~~
ryan-c
I think this is intended to screw with tracking being done by your ISP.

~~~
jlg23
Your ISP has _more_ options to identify you than a random 3rd party
advertisement/tracking partner...

------
alpb
Keep in mind that the data is still there, and motivated people will figure
out the noise from the signal.

Use dnscrypt: [https://dnscrypt.info/](https://dnscrypt.info/) which has an
easy macOS integration too.

------
DyslexicAtheist
this kills my caching, but I'd love to integrate this in dnsmasq. right now
I'm running a patched dnsmasq¹ that can handle blocking urls based on regex
(e.g. kill anything with unicode in addition to whatever I have in my
SteveBlack's /etc/hosts blocklist²). So having noise generation in dnsmasq
which is ignored by caching would be an ideal solution for me.

__

¹[https://github.com/lixingcong/dnsmasq-
regex](https://github.com/lixingcong/dnsmasq-regex)

²[https://github.com/StevenBlack/hosts](https://github.com/StevenBlack/hosts)

~~~
craftyguy
> right now I'm running a patched dnsmasq¹

Are you the author of this? I've been wanting something like this for a long
time! Hopefully the patch has been submitted upstream for inclusion in
dnsmasq..

~~~
jedisct1
dnscrypt-proxy supports regex-based rules, can block responses including
specific IP addresses, can provide nice logs, does caching, supports time-
based rules, and more: [https://github.com/jedisct1/dnscrypt-
proxy/wiki/Filters](https://github.com/jedisct1/dnscrypt-proxy/wiki/Filters)

~~~
craftyguy
Wow, thanks. I use dnscrypt-proxy too and had no idea it supported this!

------
bitskits
Is this intended to be a solution for people who are unable to do DNS-over-TLS
(which seems like a much better solution to this problem).

~~~
kodablah
Maybe a better solution to DNS lookups, but doesn't change the fact that your
ISP may be profiling you based on the IPs you connect to for web traffic. VPN
could be argued as a solution there, but even volume sans target is a
profiling tool.

------
w8rbt
Really ought to just use coreDNS as a local stub resolver and point it at
cloudfare's TLS enabled DNS resolvers. That's what I do.

------
jedisct1
A good way to be blacklisted.

~~~
kodablah
From what? I think a better noise generator would do better than random, e.g.
headless chrome, human-esque mouse movements, reasonable link traversal, etc.
I also wonder how many of the big sites will blacklist by IP knowing many ISPs
reassign and many botnets run on their customers' computers.

------
nine_k
Security^W Privacy through obscurity. Not bulletproof but better than nothing.

Can't fail to remember the same trick used by megacorps outside Internet. Once
Coca-Cola wanted to be certified as kosher. It of course did not want to
uncover its secret recipe. They knew though that a mix of plant-based
components is normally considered kosher is each component is also kosher. So
they presented a huge list of such components and claimed that all components
of Coca-Cola are listed there, among other, unrelated components. The list was
considered kosher, and thus Coca-Cola the drink, too.

The difference is that they only had to do it once to keep their secret. This
software needs to do it many times per real request.

