[tor-talk] Google disable web-access to gmail for Tor-users?

Sat Apr 2 19:17:48 UTC 2011

On 4/2/2011 12:16 PM, Matthew wrote:
>
>>>
>>
>> This problem has been discussed before, but I don't know the real 
>> solution, if there is one. Because the Tor exit node (in my case) 
>> appears to be in a diff country than one given to Gmail when opened 
>> the acct (or the assumed country from my orig IP address), Google 
>> thinks it may be someone trying to hack the acct. There may be 
>> settings users can change in their acct to have Google (or other 
>> providers) to contact in a case like this, other than sending your 
>> phone #, to verify your identity. Don't think I'll be sending them my 
>> phone #. I've never seen this or heard of them (or any site) asking 
>> users to send their phone #. Yes, I'm sure I was on the real Gmail 
>> login page - https://www.google.com/accounts/ServiceLoginAuth
>>
>> When I set up my acct, I chose "security questions" for verification 
>> (or at least if forget my password), but in this case, seems Google 
>> isn't using that to verify I'm the real acct owner.
>>
>> It might be possible to limit relays Tor uses to your country, but 
>> never dealt w/ that. Others will know more than me.
>> _______________________________________________
>>
>
> Using StrictExitNodes 1 limits the nodes to whatever you have set for 
> ExitNodes. For example:
>
> StrictExitNodes 1
>
> #ExitNodes blutmagie
> #ExitNodes blutmagie2
> #ExitNodes cassiope
> ExitNodes DynoTor
>
> Would set the exitnode to DynoTor (in the UK). You can have multiple 
> uncommented ExitNodes. You can also select by country, for example:
>
> ExitNodes {au} # Australia
>
> Question: when you got this error were you playing around with 
> temporary cookies? Why not let TorButton handle your cookies or allow 
> cookies then securely delete cookies.sqlite afterwards? Then see if 
> you have the same problem.
> _______________________________________________
> tor-talk mailing list
> tor-talk at lists.torproject.org
> https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk
>
After the OP's question about Gmail & cookies, I tried logging w/ Tor.  
At 1st, I got "cookies disabled" msg.  Then, I used the addon "Cookie 
Monster" to allow a temporary cookie.
NOTE:  Whether using a cookie mgr addon or Firefox's cookie mgr, I 
disallow all cookies globally, then allow sites as needed.  Don't know 
how, if this affects Torbutton's function (assume it shouldn't - but 
Torbutton obviously wasn't letting Google set a cookie).  Maybe a cookie 
exception for a site already has to be in firefox permissions file for 
Torbutton to allow site to set cookies?

I am using Torbutton 1.3.2a.  AFAIK, when active, Torbutton is handling 
my cookies  (obviously not, or not to Google's liking).  I'm using 
default settings in Torbutton >Cookies tab.  Is there a specific non 
default option that needs to be checked?

My about:config entry for extensions.torbutton.xfer_google_cookies is 
set to true.

I'll show my ignorance - where would the entries for Strict Exit Nodes 
be entered / stored?

Google has really changed it's login / security login / PW recovery 
policies & acct settings.  Good, I guess.  But the last issue I 
encountered appeared specifically related to Tor using a non US exit 
node (I'm guessing).  May be (new) settings in a Gmail acct that would 
allow verifying acct (if get the kind of error I did w/ Tor), other than 
giving them your phone # or resetting PW.