[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]

Re: Using Gmail (with Tor) is a bad idea

To: or-talk@xxxxxxxxxxxxx
Subject: Re: Using Gmail (with Tor) is a bad idea
From: Enrico Scholz <enrico.scholz@xxxxxxxxxxxxxxxxxxxxxxxxx>
Date: Tue, 19 Sep 2006 08:52:44 +0200
Delivered-to: archiver@seul.org
Delivered-to: or-talk-outgoing@seul.org
Delivered-to: or-talk@seul.org
Delivery-date: Tue, 19 Sep 2006 02:53:24 -0400
In-reply-to: <20060919000911.70009ff8@localhost> (Fabian Keil's message of "Tue, 19 Sep 2006 00:09:11 +0200")
References: <20060919000911.70009ff8@localhost>
Reply-to: or-talk@xxxxxxxxxxxxx
Sender: owner-or-talk@xxxxxxxxxxxxx
User-agent: Gnus/5.1007 (Gnus v5.10.7) XEmacs/21.4.19 (linux)

freebsd-listen@xxxxxxxxxxxxx (Fabian Keil) writes:

> FILTER: googlemail Hides sponsored links with css and shows why
> insecure mail transfer is a bad idea.

Using unencrypted transfer is always a bad idea; not only with Tor. It just
moves the attack-point for sniffing attacks from e.g. your cable-modem
network, your ISP and the hops till the the webserver to the exit-node and
the hops till the webserver. The way where password data are transferred
unencrypted might be even shorter (e.g. when exit-node is nearer to the
webserver) or more secure (e.g. when you are in a cable-modem network) with
Tor.

A much bigger problem with Gmail is, that it requires an existing account
to create a new one. Hence, there exist a chain between your anonymous
account and the account of a known person which can reveal your true
identity.

Enrico

Attachment: pgpkLfILK7oVe.pgp
Description: PGP signature

References:
- Using Gmail (with Tor) is a bad idea
  - From: Fabian Keil

Prev by Author: Re: Protecting exit-nodes by GeoIP based policy
Next by Author: Re: Question about Tor
Previous by thread: Re: Using Gmail (with Tor) is a bad idea
Next by thread: Re: Using Gmail (with Tor) is a bad idea
Index(es):
- Author
- Thread