The original internet worm, the Morris Worm (circa 1988) - decompiled source code is attached - could conceivably serve as a base for writing an updated version. Fix it with a online password database/directory based upon a keylogger and isp (I'd lay money on there being no more than 100-odd passwords used by the bulk of people on any isp - which would alter regionally)  and use pretty much any of the windows vulnerabilities that keep getting found (on that note has anyone utilized the various explorer hacks?). Obviously alter the code enough to get it past the major anti-virus programs and obfuscate the hell out of it.

A good use would be to delete data held under various legislation worldwide by isp's to enable their internet browsing to be monitored and the data used as evidence. In that respect, a website "could" be envisaged where users would log in to target their own data. Obviously there would be serious concerns about security in that respect, but it would be useful. Another idea would be to search out and identify the specific products/machines being used in this effort by LE and target them.

You might find this board interesting if you haven't already found it: HackBB
http://clsvtzwzdgzkjda7.onion

Im getting an invalid archive when I attempt to open it with winzip

Wouldn't most end user's AV heuristics pick up on that?

What I was looking at is that the ISP databases will be inhaling the source code of the pages whole - that means that they will be ingesting huge chunks of 'invisible' conditional comments for things like ie6. AV programs ignore them as do antispyware programs (even noscript).

Thus it is technically feasible to get the source into the machines targeted, there is a hole, it is identified, etc.

How to execute the package once it is in memory? There are different levels of conditional comments for starters and some allow for specific browsers to be targeted. JS can be used to make alterations in the runtime css, and so on. Some deeper knowledge of the machines LE would be using would be kind of helpful if they are to be targeted directly - specifically operating systems and browser(s)/bots used to scan page-source for keywords. Somewhere in there will be a trigger that can be used to identify who is calling the pagesource leading to execution.

Is a time-based id procedure feasible? We know pages will be kept for x-days and potentially called after that, which is manifestly odd behaviour - especially for 'offline' webpage shots. We can be pretty sure that the pages will be captured as static pages (regardless of how served) and archived, once again, pretty strange behaviour differentiating this from the vast majority of human users (is there any way to differentiate between various archiving projects and is there any need?), that's just for starters.

Technically, legally it should be feasible to have something that scrambles only your own personal information if it is called upon at some later date (if it were to 'accidentally' overload/harm machines that triggered it who would know, simply ensure that that is not the stated aim), which would be very similar to using a voice scrambler from a legal point of view, ie. only destroying personal information about yourself collected by another without your consent and without a warrant (that it would make shit hard even if they had a warrant is immaterial). I'd be very surprised if it were illegal to act to limit availability of personal information collected without your consent, while there is no enforceable right to privacy, it would be awfully strange if there was an enforceable right to breach it - especially without judicial authorisation.

I still can't open the file whats the deal? Im running the newest version of Winzip i believe. Has anyone successfully opened it and what did you use?

I still can't open the file whats the deal? Im running the newest version of Winzip i believe. Has anyone successfully opened it and what did you use?

I've zipped it for you.

Thanks Wizard~Sedit