|
I've been wanting to take on a project for a long time now, and we have a lot of very intelligent people here ... so maybe someone can give me some advice to refine my plan of attack. Here's what I've got so far:
Infect my old desktop machine with spyware. Run a network trace, and use the machine as normal. Filter out legitimate traffic, like me going to Google and doing a search. Reverse engineer the rest ... this is the part I'm not quite sure how to accomplish. I want to figure out the api, which is probably going to be different for every spyware applet. Then I want to write something that pretends to be an infection, sending gibberish to the mother-ship; to poison the well.
I'm planning to open source the results, once I figure out how to turn the trace into something usable. Any advice on how to do that part? I haven't even started capturing data, without a plan to use it. I have a couple ideas, but I need to sort out the 'calls' from the data that goes with them, and figure out how the data is encoded.
Why would anybody want to? Spyware is common because it's profitable to sell people's information - with or without their consent. Spyware data is more valuable than web form data, like a typical email list, because it's more broad and more accurate. If I open source a way to make the data less accurate overall, and people use it ... the economics change.
|
