[prev in list] [next in list] [prev in thread] [next in thread]
List: tor-talk
Subject: Re: Undeletable cookies
From: katmagic <the.magical.kat () gmail ! com>
Date: 2011-02-18 16:57:56
Message-ID: 20110218115756.3f5a595f () katmagic ! invalid
[Download RAW message or body]
On Fri, 18 Feb 2011 04:39:39 -0800
Mike Perry <mikeperry@fscked.org> wrote:
> Thus spake Irratar (irratar77@gmail.com):
>
> > Hello.
> >
> > I have just found a site that can recognize me when I re-accessed it
> > after I deleted all private data, toggled Torbutton and restarted Tor.
> >
> > http://samy.pl/evercookie/
>
> This is news to me. Are you using the default Torbutton settings? When
> we tested this in the past, Torbutton was protecting against it. I
> also just tested it now, and it did not recover my cookie.
>
> Perhaps one of your other addons betrayed you? Did you enable plugins?
> Or perhaps you have a misconfigured polipo storing these cookies in
> its cache?
>
> The Tor Browser Bundles are a good way to ensure you have a properly
> configured, vanilla Tor setup.
>
> > Of course, it isn't a Tor problem, but I think it's better to know for
> > these who are interested in privacy. many sites may use the same
> > technology stealthy. I will try to discover more about how does it
> > keep my private information. So far this site seems to forgets me when
> > I disable JavaScript, but maybe it just can't display the proper
> > number.
>
> Actually, web application layer privacy attacks *are* a Tor issue. We
> try very hard to protect against them:
> https://www.torproject.org/torbutton/en/design/#adversary
>
I think this is the result of #1968.
https://trac.torproject.org/projects/tor/ticket/1968
["signature.asc" (application/pgp-signature)]
***********************************************************************
To unsubscribe, send an e-mail to majordomo@torproject.org with
unsubscribe or-talk in the body. http://archives.seul.org/or/talk/
[prev in list] [next in list] [prev in thread] [next in thread]
Configure |
About |
News |
Add a list |
Sponsored by KoreLogic