[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]

Re: Firefox through Tor

To: or-talk@xxxxxxxxxxxxx
Subject: Re: Firefox through Tor
From: Mike Perry <mikepery@xxxxxxxxxx>
Date: Thu, 27 Apr 2006 15:00:21 -0500
Delivered-to: archiver@seul.org
Delivered-to: or-talk-outgoing@seul.org
Delivered-to: or-talk@seul.org
Delivery-date: Thu, 27 Apr 2006 14:56:17 -0400
In-reply-to: <44510AF0.9060501@csuohio.edu>
References: <20060427070201.GC20502@fscked.org> <20060427131420.41772.qmail@web30810.mail.mud.yahoo.com> <20060427192018.GA25830@fscked.org> <44510AF0.9060501@csuohio.edu>
Reply-to: or-talk@xxxxxxxxxxxxx
Sender: owner-or-talk@xxxxxxxxxxxxx
User-agent: Mutt/1.4.1i

Thus spake Michael Holstein (michael.holstein@xxxxxxxxxxx):

> >So the problem is that a motivated adversary can subpoena or simply
> >ask DoubleClick to hand over their IP/cookie logs. If you are using
> >Tor for /everything/, then what they get from DoubleClick for that
> >email address is just a Tor IP, no harm no foul. However, if the user
> >had set up a filter that only sends *yahoo.com through Tor, then
> >DoubleClick will have their /real IP/ on file in association with
> >whatever unique ID yahoo passed for that email address, even though
> >yahoo's records show only the Tor IP.
> 
> Swichproxy (as well as CTRL+SHIFT+DEL) in Firefox will clear all cookies.
> 
> Anytime you switch between TOR/Direct you should close down to all but 
> one blank window, clear cookies/cache one way or another, and *then* 
> proceed.

Just clearing cookies every time there is a switch is not enough if
there is an automatic Tor filter in place.

The problem is that yahoo can custom-generate its links to DoubleClick
so they encode your email address (dunno if they do do this, but I'm
sure some sites and ad parters do). Therefore identifiying information
is sent independent of the cookie.

-- 
Mike Perry
Mad Computer Scientist
fscked.org evil labs

Follow-Ups:
- Re: Firefox through Tor
  - From: Michael Holstein

References:
- Re: Firefox through Tor
  - From: Mike Perry
- Re: Firefox through Tor
  - From: eric.jung
- Re: Firefox through Tor
  - From: Mike Perry
- Re: Firefox through Tor
  - From: Michael Holstein

Prev by Author: Re: Firefox through Tor
Next by Author: Re: Firefox through Tor
Previous by thread: Re: Firefox through Tor
Next by thread: Re: Firefox through Tor
Index(es):
- Author
- Thread