Re: Firefox through Tor

[Michael Holstein <michael.holstein@xxxxxxxxxxx>]

And what's more ...

If you've ever signed into your Yahoo account *even once* from a Non-TOR 
IP address (including to sign up for it), it shouldn't be trusted. They 
could just see what IP's you've ever touched a Yahoo site from while 
authenticated, and 'fgrep -v toriplist'.

Likewise for anywhere else that gathers cookies.

~Mike.

Michael Holstein wrote:
> > So the problem is that a motivated adversary can subpoena or simply
> > ask DoubleClick to hand over their IP/cookie logs. If you are using
> > Tor for /everything/, then what they get from DoubleClick for that
> > email address is just a Tor IP, no harm no foul. However, if the user
> > had set up a filter that only sends *yahoo.com through Tor, then
> > DoubleClick will have their /real IP/ on file in association with
> > whatever unique ID yahoo passed for that email address, even though
> > yahoo's records show only the Tor IP.
>
>
> Swichproxy (as well as CTRL+SHIFT+DEL) in Firefox will clear all cookies.
>
> Anytime you switch between TOR/Direct you should close down to all but 
> one blank window, clear cookies/cache one way or another, and *then* 
> proceed.
>
> /mike.