[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]

Re: [tor-talk] Gmail and Tor

To: tor-talk <tor-talk@xxxxxxxxxxxxxxxxxxxx>
Subject: Re: [tor-talk] Gmail and Tor
From: Mike Hearn <hearn@xxxxxxxxxx>
Date: Mon, 24 Dec 2012 14:38:41 +0000
Delivered-to: archiver@xxxxxxxx
Delivery-date: Mon, 24 Dec 2012 09:39:13 -0500
Dkim-signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=20120113; h=mime-version:in-reply-to:references:from:date:message-id:subject:to :content-type; bh=IcpJSR7WIz/cEuTxP+kQyjQjkHIM0V81Bxr25ZKCFiQ=; b=HXicZvuwgB64oWJqwiXeBQsDbBtuThGX9KqIDYbBRgqEvGn4vADEMbh5tpZbriqBkj sLhRfO5mFZdS8ELtiCJtqGy1AHvdPEX+1ukLKr9jZcvGV7a+U+xyh4Lg0vRmvlFOBE0X gSWsHP709lFk0TRbf3E+7sp2Uy9oQqtNt1rcNNAFZ6HXwyogYJPow/Mn/wDJ5HRhTa1e oIGDC9syfVSbE2tFplRapOZY2JfkWoERnuztRY+9VdrMpwKfKt6fVSz6q8RsURLSJwIr TvimjX5igD1x+IVe5lN40qOIqf+bOct/DLPHoJOjurie90CaAjFDVtii0LkiElfrtlAp ptpA==
In-reply-to: <CAD2Ti28saF3fM8qfDCZNpQm-hzWbpT1z+1KTNi5=2SF8fCo+cw@xxxxxxxxxxxxxx>
List-archive: <http://lists.torproject.org/pipermail/tor-talk>
List-help: <mailto:tor-talk-request@lists.torproject.org?subject=help>
List-id: "all discussion about theory, design, and development of Onion Routing" <tor-talk.lists.torproject.org>
List-post: <mailto:tor-talk@lists.torproject.org>
List-subscribe: <https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk>, <mailto:tor-talk-request@lists.torproject.org?subject=subscribe>
List-unsubscribe: <https://lists.torproject.org/cgi-bin/mailman/options/tor-talk>, <mailto:tor-talk-request@lists.torproject.org?subject=unsubscribe>
References: <CAD2Ti28saF3fM8qfDCZNpQm-hzWbpT1z+1KTNi5=2SF8fCo+cw@xxxxxxxxxxxxxx>
Reply-to: tor-talk@xxxxxxxxxxxxxxxxxxxx
Sender: tor-talk-bounces@xxxxxxxxxxxxxxxxxxxx

To re-iterate previous threads on this topic, if you have at least one
successful login from a Tor exit node or other anonymizing proxy
service then the security system won't hassle you when you log in from
these networks. That's how you disable it - pass verification from a
Tor login.

I don't know what the reset process or weeks timeout refers to. If
they abandoned the login process after being asked to provide some
more information then the system assumes the hijack was real and
forces a password change. Perhaps that's what they mean.

With regards to why we do this, you can review the following
presentation I gave at the RIPE 64 conference:

  https://ripe64.ripe.net/presentations/48-AbuseAtScale.pdf
  https://ripe64.ripe.net/archives/video/25/

or (faster) this post from Urs:

  https://plus.sandbox.google.com/u/0/+UrsH%C3%B6lzle/posts/Fvr2rCPiPUu
_______________________________________________
tor-talk mailing list
tor-talk@xxxxxxxxxxxxxxxxxxxx
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk

Follow-Ups:
- Re: [tor-talk] Gmail and Tor
  - From: grarpamp
- Re: [tor-talk] Gmail and Tor
  - From: Moritz Bartl

References:
- [tor-talk] Gmail and Tor
  - From: grarpamp

Prev by Author: Re: [tor-talk] William was raided for running a Tor exit node. Please help if you can.
Next by Author: Re: [tor-talk] Botnets through Tor
Previous by thread: Re: [tor-talk] Gmail and Tor
Next by thread: Re: [tor-talk] Gmail and Tor
Index(es):
- Author
- Thread