[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]
Re: Defeat Exit Node Sniffing?
> sorry, but that's not entirely true. if you watch your tor circuits,
> gmail will jump to one insecure connection on port 80 to do "something"
> during the login phase, and then go back https, even if you use
> https://mail.google.com/. this has been discussed to death, please search
> the archives.
I just ran a test with a clean instance of Firefox (Tools -> Clear Private
Data) and a fresh instance of WebScarab in which I browsed to
https://mail.google.com/, logged in, and viewed my inbox. WebScarab shows
exclusively HTTPS connections (to several Google hostnames), no HTTP
connections at all.