[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]

Re: Warnings on the download page

At 16:33 -0600 on 2007-03-08, H D Moore wrote:
> 3) Web application hijacking. If a rogue Tor node watches for a specific
> pattern, such as the "welcome!" message from a web application or web
> mail portal, the Tor node could kick the user out and hijack their
> session. This is especially dangerous for sites that SSL-protect the
> authentication process, but leave the rest of the application unencrypted
> (Yahoo, GMail, others?).

Google mail will reportedly stick with https for the entire session if you
start via https://mail.google.com/

Use their other initial URLs, however, and your session will drop back to
http after the authentication is done.

Suggesting gmail users start with https://mail.google.com/ (until the
behavior changes, at least) may be good for a FAQ entry.