Just in case you wondered whether Tor and Gmail are a good
combination: They are not.
I did some testing with Privoxy's cvs version and this filter:
FILTER: googlemail Hides sponsored links with css and shows why insecure mail transfer is a bad idea.
s@</head>@<style type="text/css">\#fbc, \#fbl, \#ra, .rhh{visibility: hidden !important;}</style>$0@i
s@easy( to switch to Google Mail)@stupid $1 and transfer mail unencrypted to make sure everbody is reading it@gi
s@Foo bar@Mail integrity compromised! Yay for GMail.@
s@different@insecure@
together with these action sections:
{-block \
-crunch-incoming-cookies \
-crunch-outgoing-cookies \
-filter{content-cookies} \
-filter{img-reorder} \
-filter{webbugs} \
-filter{frameset-borders} \
+filter{googlemail} \
-filter-client-headers \
-filter-server-headers \
}
mail.google.com/
{+redirect{http://www.fabiankeil.de/bilder/icons/fingerzeig.png} \
}
mail.google.com/favicon.ico
{+limit-connect{443} \
}
.google.com/
Results:
http://www.fabiankeil.de/blog-surrogat/2006/09/18/screenshot-gmail-inbox-1024x768.png
http://www.fabiankeil.de/blog-surrogat/2006/09/18/screenshot-modifizierte-mail-1024x768.png
(My original mail's content is "Foo bar" of course.)
More information (in German):
http://www.fabiankeil.de/blog-surrogat/2006/09/18/google-mail-fingerzeig.html
About 0.3% of my Tor exit nodes' users seem to consider using
Gmail with Tor a good idea. I suggest they reconsider.
Fabian
--
http://www.fabiankeil.de/
Attachment:
signature.asc
Description: PGP signature