[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]

Re: Defeat Exit Node Sniffing?



-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

Chris Palmer @ 2008/03/05 17:05:
| scar writes:
|
|> i also learned, that by using a cookie editor, you cannot force a cookie
|> to be sent over an encrypted connection.
|
| Which cookie editor(s) did you try? I use Add 'n' Edit Cookies, a Firefox
| plugin. It offers a radio button to turn the Secure attribute on or
off, but
| I have not tested it to see if turning Secure on really works as it
should.
| If you tested it and it didn't work, that would seem like a bug in Add 'n'
| Edit Cookies that the maintainer would want to know about.
|

Yes it was that add-on.  if you check that thread i linked to in my
previous message, i posted there some experimentation and results of one
website.  basically, i was not convinced that using add 'n' edit cookies
was a solution.  if one website won't acknowledge my alteration of the
security attribute, i have no reason to continue.  It must work all the
time.

there was no bug in the add-on; i saw the change to the cookie take
place.  it is a problem with the website/webmaster.

if you want to add to this research, that would be great.
-----BEGIN PGP SIGNATURE-----

iD8DBQFHzzwxXhfCJNu98qARCCHPAJ90Zrttzxq3AbgFUaeBU7SaK1QzKwCfZdLS
nrQbL+uqyTX7i+ws7jNxG2k=
=MTSb
-----END PGP SIGNATURE-----