[tor-talk] Google disable web-access to gmail for Tor-users?

Sun Apr 3 15:28:33 UTC 2011

On 4/3/2011 1:06 AM, Mike Perry wrote:
> Thus spake Joe Btfsplk (joebtfsplk at gmx.com):
>> On 4/2/2011 2:33 PM, katmagic wrote:
>>> Google requires you to be able to receive a text message or phone call to
>>> use a GMail account over Tor. This is unrelated to Torbutton's cookie
>>> handling
>>> (which was broken but has since been fixed). Personally, I got a friend on
>>> IRC
>>> to let me use his phone for it.
Since I don't retrieve email by phone (certainly not from Google), I'm 
not going to give them my cell / home #.  I'm not aware that I have 
another option for the phone contact, available to me, personally.

Actually, you can also fill out a form online, giving info about the 
acct that only the acct holder would likely know (though this "form" is 
several layers deep, to get to). In my experiment, after entering 
required info, their official statement is, it may take "up to 24 hrs 
for them to investigate & reply." Must also have previously set up an 
alternate email address, where they'll send an authorization link. In my 
1st attempt at this, took about 10 min to get an email, which would then 
allow resetting PW.

This whole process is WAY too cumbersome for frequent use - just a 
learning exercise for me.  It might be easier to find another mail 
provider that works better w/ Tor.
> This is possible. The "unusual activity" message is unrelated to
> cookie issues, and appears to have something to do with the exit node
> chosen to connect to gmail.
Yes, & thus my question about where the "StrictExitNodes" commands would 
be input / stored (maybe for specific country) ?

 From diff options presented (aside from giving google a phone #), if 
one wanted to use Tor w/ Gmail, maybe specifying specific country exit 
nodes would be fastest way to get into a Gmail acct.  Though won't know 
if that prevents the "unusual activity" msg from Gmail till try it.  
I'll try Tor w/ other email providers to see if works better.  Others 
can do same & post results.
> Otherwise, Torbutton's default cookie policy is to allow cookies to
> persist in memory until either the Torbutton is toggled, or the
> browser exits. We plan to eventually extend this functionality to
> provide a "New Identity" button in the browser, to synchronize the
> clearing of all Firefox identifiers with the "New Identity"
> functionality of Vidalia/Tor...
I am assuming (please correct) that if Firefox's "accept cookies from 
sites" option is UN checked (cookies denied globally), then for 
Torbutton to allow a site to set cookies during Tor mode, there MUST 
already be an exception to allow that site to set cookies, stored in 
permissions.sqlite?

Re: Matthew's comment:
> Why not let TorButton handle your cookies or allow cookies then 
> securely delete cookies.sqlite afterwards?
It appears I didn't have an exception to allow google.com to set 
cookies.  I seldom login to Gmail.  Then, only allow temp / session 
cookies.   However (for others' info), about cookies.sqlite - appears 
only persistent cookies are stored in it.  Session cookies are not.  I 
believe session / temp cookies are stored in memory, unless that's 
changed in FX 4.

IMHO, if users are worried about privacy in email, they probably should 
another provider than Gmail.