[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]
Re: About WLAN and monitoring..
- To: or-talk@xxxxxxxxxxxxx
- Subject: Re: About WLAN and monitoring..
- From: "F. Fox" <kitsune.or@xxxxxxxxx>
- Date: Thu, 31 Jan 2008 17:45:59 -0800
- Delivered-to: archiver@xxxxxxxx
- Delivered-to: or-talk-outgoing@xxxxxxxx
- Delivered-to: or-talk@xxxxxxxx
- Delivery-date: Thu, 31 Jan 2008 20:46:14 -0500
- Dkim-signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=gamma; h=domainkey-signature:received:received:message-id:date:from:user-agent:mime-version:to:subject:references:in-reply-to:x-enigmail-version:content-type:content-transfer-encoding; bh=R8wbsL6EgrS8MFpkEDxRYu6yGw/8NtHQ8vHuX2TLOp4=; b=NKoBM7dQGF1Q5SNGf37t399YwHT9Lm8WwcVmgNOn/l/5wA3/j++DzRIl81HpvNK0We3wGox6YzKUTzm1gd3N3GhxjbOsCWzvE3XMWDzErzaide4qHpXVUNUCYugYwXQmi+tdslqcA0PZyRtEnQuVBK8IkojkG9rql3Ta2CWT8tw=
- Domainkey-signature: a=rsa-sha1; c=nofws; d=gmail.com; s=gamma; h=message-id:date:from:user-agent:mime-version:to:subject:references:in-reply-to:x-enigmail-version:content-type:content-transfer-encoding; b=t0v/UMqcstW9DCDRrfs7wjWll7Ak0unJe4BdZrN+PXRHysi7repX1QZ/F55EOz+CiVUFQvZsEh3vgmBhu5l3DylO2ihjulL5RF1mDrP+F+SBkKNwZney25E9IlzHE4hRu302/fmG6lJzhOPuAy+zFhZLBy7nFuz74gE4dV7o3gQ=
- In-reply-to: <47A22936.9030201@xxxxxxxxxxx>
- References: <798149.34154.qm@xxxxxxxxxxxxxxxxxxxxxxxxxxx> <47A22936.9030201@xxxxxxxxxxx>
- Reply-to: or-talk@xxxxxxxxxxxxx
- Sender: owner-or-talk@xxxxxxxxxxxxx
- User-agent: Thunderbird 18.104.22.168 (Windows/20071031)
-----BEGIN PGP SIGNED MESSAGE-----
Michael Holstein wrote:
| So could your web-based email if you've EVER used it from an
| identifiable location.
I think he's looking at an observer from the local network as a threat
model. If so, such an adversary wouldn't have the benefit of knowing
what accounts are being accessed via the Web, if they go over Tor (only
an agent of the company who runs the mail service, or law enforcement
would have that benefit).
Of course, this opens up a whole new can of worms; AFAIK, Gmail is the
only major Webmail provider that can be used via SSL on the Web
interface (by starting the session with an HTTPS URL, i.e.,
https://mail.google.com ; if you don't, it'll switch to SSL only for the
~ login, but actually transmit the subsequent pages [and the email they
contain] in cleartext).
(If you've used the account outside of Tor before, Gmail would - of
course - know your identity; however, an observer on the local WLAN
Also, since actions over the lifetime of a circuit [~10min] can be
potentially linked [from what I've read], you'd want to get a new nym
after you're done with Gmail. On *nix, this can be done with a SIGHUP;
on Windows, one way is to stop and start Tor via Vidalia.)
So unless you're using that one - or using something else to protect
your content - my hypothesis in the first paragraph is not a good one to
use in practice.
F. Fox: A+, Network+, Security+
Owner of Tor node "kitsune"
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.7 (MingW32)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org
-----END PGP SIGNATURE-----