[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]
Re: Firefox through Tor
The problem (as I understand the question originally asked) was that
regardless of TOR (or as you say, FoxyProxy, etc.) that sites can still
'connect' you based on analysis of traffic from multiple time periods.
Eg: doubleclick .. sites A and B have a doubleclick ad. You get the
doubleclick cookie (or likely already had it). They then realize that
'bob@yahoo' is also the user that sent mail from 'anonymous@hotmail'
since the same cookie was associated with your session from Yahoo (via
doubleclick) and Hotmail (via doubleclick) -- even though you used TOR
to access hotmail.
This is an application problem .. not a tor problem.
This problem is fixed if you close everything and dump cookies/cache
before switching to/from TOR and direct-connection .. but there is one
other case that I can think of..
Weatherbug. We used this once (former employer) to nail somebody that
hacked a dialup account .. they had weatherbug running and didn't
realize that once Weatherbug saw the Internet (and it uses the
system-wide proxy values) it "called home", complete with the UID of the
installation (which is unique to each installation, and in the URL the
client requests). A quick examination of their PC matched the UID and
bingo .. busted.
Eric H. Jung wrote:
Now that I understand I2P, perhaps you can respond to the rest of my email?
The problem you identify does not seem to be any more or less exacerbated by FoxyProxy; the
problem, if I understand correctly, exists regardless of whether not one uses FoxyProxy.
So when you say "If you can't solve this problem automatically, you should be sure to
warn users of these side-effects", I'm not sure why I should warn them. Can you explain further?
--- Michael Holstein <michael.holstein@xxxxxxxxxxx> wrote:
Forgive my ignorance. What is I2P?