How do we defeat exit node sniffing?
tor-operator at sky-haven.net
tor-operator at sky-haven.net
Tue Jun 10 22:45:18 UTC 2008
Jack Straw wrote:
>
> I have a question about that, which has puzzled me for quite some time.
> Perhaps I'm being too rigid in regards to this.
>
> I have a Gmail account that was created through Tor.
> I should say, that this anonymous account is a test account. I use it
> for no sensitive communications, however I treat the account as if I do.
>
> I have only accessed that GMail account through Tor, and my Xerobank
> account. Mixing it up. I have been very cautious in adhering to that.
> Well sort of... My bad.
>
> A few months back, in haste, I accidentally accessed the account naked
> from my standard IP address. Maybe 2-4 times. That's all. But it happened.
>
> I felt that the account had to be abandoned as it was now "tainted."
>
> But then I thought, "How so?"
[mitigation details removed]
> But is that account really tainted?
One day, you may find out the hard way. Like any plan of defense, you
only know about potential vulnerabilities in advance.
As for whether or not your account is safe to use anymore... Well, risk
vs. reward, like anything else, informs the decision. By your own
admission, the risk is a little higher than it used to be.
More information about the tor-talk
mailing list