[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]

Re: [tor-talk] TBB as main browser: persistent logins to trusted sites?



Hi Theresa,

theresa@xxxxxxxxxxx:
> Dear Tor community,
> 
> I'm exploring using TBB as my main browser.

Thanks! Let us know what you learn and where you think are (additional)
road blocks for that goal.

> However, there's one thing that I'd like to find a solution to - namely
> being able to use "New Identity" while having a white list of domains
> where "New Identity" would not erase cookies.
> 
> In other words, I'd like to be able to look like a new user to 99,99% of
> the Internet, while still retain session cookies of 3-5 trusted domains.
> 
> I've noticed that there's a Cookie Protections dialog if the "private"
> browsing mode is disabled (yeah, I know it's risky to change that - but
> I'm just researching options), and within it one can clear all cookies
> except "protected" ones - that seemed to be quite close to what I'd need.

Yes. The problem is that the cookie protection dialog is not working in
private browsing mode due to an underlying bug in Firefox.[1] So, we
disabled that feature in that mode in Tor Browser as users got confused
by it.[2]

> However, I have noticed that if "private" browsing mode is disabled,
> "New Identity" doesn't actually clear any cookies anymore. It seems to
> depend on "private" browsing mode being enabled in TBB to clear cookies.

If that's the case then this is a bug. Providing a New Identity should
not be bound to the user being in Tor Browser's default mode or allowing
disk records for whatever reason.

Could you open a ticket on our bug tracker at
https://trac.torproject.org with steps to reproduce what you have
encountered?

> So, do you use TBB as your main browser, and if so, what approach(es) do
> you take regarding "trusted" sites? Do you relogin each time you do a
> New Identity?

Yes, I do use it as my main browser.Aand I do the relogin dance if I
feel I need to request a new identity.

Georg

[1] https://trac.torproject.org/projects/tor/ticket/10353
[2] https://trac.torproject.org/projects/tor/ticket/14632


Attachment: signature.asc
Description: OpenPGP digital signature

-- 
tor-talk mailing list - tor-talk@xxxxxxxxxxxxxxxxxxxx
To unsubscribe or change other settings go to
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk