[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]
Re: Firefox through Tor
And what's more ...
If you've ever signed into your Yahoo account *even once* from a Non-TOR
IP address (including to sign up for it), it shouldn't be trusted. They
could just see what IP's you've ever touched a Yahoo site from while
authenticated, and 'fgrep -v toriplist'.
Likewise for anywhere else that gathers cookies.
Michael Holstein wrote:
So the problem is that a motivated adversary can subpoena or simply
ask DoubleClick to hand over their IP/cookie logs. If you are using
Tor for /everything/, then what they get from DoubleClick for that
email address is just a Tor IP, no harm no foul. However, if the user
had set up a filter that only sends *yahoo.com through Tor, then
DoubleClick will have their /real IP/ on file in association with
whatever unique ID yahoo passed for that email address, even though
yahoo's records show only the Tor IP.
Swichproxy (as well as CTRL+SHIFT+DEL) in Firefox will clear all cookies.
Anytime you switch between TOR/Direct you should close down to all but
one blank window, clear cookies/cache one way or another, and *then*