[tor-commits] r25120: {website} break off some questions into a new tbb faq section (website/trunk/docs/en)

Roger Dingledine arma at torproject.org
Tue Sep 27 07:24:45 UTC 2011 

Author: arma
Date: 2011-09-27 07:24:45 +0000 (Tue, 27 Sep 2011)
New Revision: 25120

Modified:
   website/trunk/docs/en/faq.wml
Log:
break off some questions into a new tbb faq section


Modified: website/trunk/docs/en/faq.wml
===================================================================
--- website/trunk/docs/en/faq.wml	2011-09-27 04:54:21 UTC (rev 25119)
+++ website/trunk/docs/en/faq.wml	2011-09-27 07:24:45 UTC (rev 25120)
@@ -48,26 +48,26 @@
     <li><a href="#LiveCD">Is there a LiveCD or other bundle that includes Tor?</a></li>
     </ul>
 
-    <p>Running Tor:</p>
+    <p>Tor Browser Bundle:</p>
     <ul>
+    <li><a href="#GoogleCaptcha">Google makes me solve a Captcha or tells
+    me I have spyware installed.</a></li>
+    <li><a href="#GmailWarning">Gmail warns me that my account may have
+    been compromised.</a></li>
+    </ul>
+
+    <p>Advanced Tor usage:</p>
+    <ul>
     <li><a href="#torrc">I'm supposed to "edit my torrc". What does
     that mean?</a></li>
     <li><a href="#Logs">How do I set up logging, or see Tor's
     logs?</a></li>
-    </ul>
-
-    <p>Running a Tor client:</p>
-    <ul>
     <li><a href="#DoesntWork">I installed Tor and Polipo but it's not
     working.</a></li>
     <li><a href="#VidaliaPassword">Tor/Vidalia prompts for a password at
     start.</a></li>
     <li><a href="#ChooseEntryExit">Can I control which nodes (or country)
     are used for entry/exit?</a></li>
-    <li><a href="#GoogleCaptcha">Google makes me solve a Captcha or tells
-    me I have spyware installed.</a></li>
-    <li><a href="#GmailWarning">Gmail warns me that my account may have
-    been compromised.</a></li>
     <li><a href="#FirewallPorts">My firewall only allows a few outgoing
     ports.</a></li>
     </ul>
@@ -727,6 +727,90 @@
 
 <hr>
 
+<a id="GoogleCaptcha"></a>
+<h3><a class="anchor" href="#GoogleCaptcha">Google makes me solve a Captcha or tells me I have spyware installed.</a></h3>
+
+<p>
+This is a known and intermittent problem; it does not mean that Google
+considers Tor to be spyware.
+</p>
+
+<p>
+When you use Tor, you are sending queries through exit relays that are also
+shared by thousands of other users. Tor users typically see this message
+when many Tor users are querying Google in a short period of time. Google
+interprets the high volume of traffic from a single IP address (the exit
+relay you happened to pick) as somebody trying to "crawl" their website,
+so it slows down traffic from that IP address for a short time.
+</p>
+<p>
+An alternate explanation is that Google tries to detect certain
+kinds of spyware or viruses that send distinctive queries to Google
+Search. It notes the IP addresses from which those queries are received
+(not realizing that they are Tor exit relays), and tries to warn any
+connections coming from those IP addresses that recent queries indicate
+an infection.
+</p>
+
+<p>
+To our knowledge, Google is not doing anything intentionally specifically
+to deter or block Tor use. The error message about an infected machine
+should clear up again after a short time.
+</p>
+
+<p>
+Torbutton 1.2.5 (released in mid 2010) detects Google captchas and can
+automatically redirect you to a more Tor-friendly search engine such as
+Ixquick or Bing.
+</p>
+
+<hr />
+
+<a id="GmailWarning"></a>
+<h3><a class="anchor" href="#GmailWarning">Gmail warns me that my account may have been compromised.</a></h3>
+
+<p>
+Sometimes, after you've used Gmail over Tor, Google presents a
+pop-up notification that your account may have been compromised.
+The notification window lists a series of IP addresses and locations
+throughout the world recently used to access your account.
+</p>
+
+<p>
+In general this is a false alarm: Google saw a bunch of logins from
+different places, as a result of running the service via Tor, and decided
+it was a good idea to confirm the account was being accessed by it's
+rightful owner.
+</p>
+
+<p>
+Even though this may be a biproduct of using the service via tor,
+that doesn't mean you can entirely ignore the warning. It is
+<i>probably</i> a false positive, but it might not be since it is
+possible for someone to hijack your Google cookie.
+</p>
+
+<p>
+Cookie hijacking is possible by either physical access to your computer
+or by watching your network traffic.  In theory only physical access
+should compromise your system because Gmail and similar services
+should only send the cookie over an SSL link. In practice, alas, it's <a
+href="http://fscked.org/blog/fully-automated-active-https-cookie-hijacking">
+way more complex than that</a>.
+</p>
+
+<p>
+And if somebody <i>did</i> steal your google cookie, they might end
+up logging in from unusual places (though of course they also might
+not). So the summary is that since you're using Tor, this security
+measure that Google uses isn't so useful for you, because it's full of
+false positives. You'll have to use other approaches, like seeing if
+anything looks weird on the account, or looking at the timestamps for
+recent logins and wondering if you actually logged in at those times.
+</p>
+
+<hr>
+
 <a id="torrc"></a>
 <h3><a class="anchor" href="#torrc">I'm supposed to "edit my torrc". What does that mean?</a></h3>
 
@@ -1045,90 +1129,6 @@
 
     <hr>
 
-<a id="GoogleCaptcha"></a>
-<h3><a class="anchor" href="#GoogleCaptcha">Google makes me solve a Captcha or tells me I have spyware installed.</a></h3>
-
-<p>
-This is a known and intermittent problem; it does not mean that Google
-considers Tor to be spyware.
-</p>
-
-<p>
-When you use Tor, you are sending queries through exit relays that are also
-shared by thousands of other users. Tor users typically see this message
-when many Tor users are querying Google in a short period of time. Google
-interprets the high volume of traffic from a single IP address (the exit
-relay you happened to pick) as somebody trying to "crawl" their website,
-so it slows down traffic from that IP address for a short time.
-</p>
-<p>
-An alternate explanation is that Google tries to detect certain
-kinds of spyware or viruses that send distinctive queries to Google
-Search. It notes the IP addresses from which those queries are received
-(not realizing that they are Tor exit relays), and tries to warn any
-connections coming from those IP addresses that recent queries indicate
-an infection.
-</p>
-
-<p>
-To our knowledge, Google is not doing anything intentionally specifically
-to deter or block Tor use. The error message about an infected machine
-should clear up again after a short time.
-</p>
-
-<p>
-Torbutton 1.2.5 (released in mid 2010) detects Google captchas and can
-automatically redirect you to a more Tor-friendly search engine such as
-Ixquick or Bing.
-</p>
-
-<hr />
-
-<a id="GmailWarning"></a>
-<h3><a class="anchor" href="#GmailWarning">Gmail warns me that my account may have been compromised.</a></h3>
-
-<p>
-Sometimes, after you've used Gmail over Tor, Google presents a
-pop-up notification that your account may have been compromised.
-The notification window lists a series of IP addresses and locations
-throughout the world recently used to access your account.
-</p>
-
-<p>
-In general this is a false alarm: Google saw a bunch of logins from
-different places, as a result of running the service via Tor, and decided
-it was a good idea to confirm the account was being accessed by it's
-rightful owner.
-</p>
-
-<p>
-Even though this may be a biproduct of using the service via tor,
-that doesn't mean you can entirely ignore the warning. It is
-<i>probably</i> a false positive, but it might not be since it is
-possible for someone to hijack your Google cookie.
-</p>
-
-<p>
-Cookie hijacking is possible by either physical access to your computer
-or by watching your network traffic.  In theory only physical access
-should compromise your system because Gmail and similar services
-should only send the cookie over an SSL link. In practice, alas, it's <a
-href="http://fscked.org/blog/fully-automated-active-https-cookie-hijacking">
-way more complex than that</a>.
-</p>
-
-<p>
-And if somebody <i>did</i> steal your google cookie, they might end
-up logging in from unusual places (though of course they also might
-not). So the summary is that since you're using Tor, this security
-measure that Google uses isn't so useful for you, because it's full of
-false positives. You'll have to use other approaches, like seeing if
-anything looks weird on the account, or looking at the timestamps for
-recent logins and wondering if you actually logged in at those times.
-</p>
-
-<hr>
-
 <a id="FirewallPorts"></a>
 <h3><a class="anchor" href="#FirewallPorts">My firewall only allows a few outgoing ports.</a></h3>

More information about the tor-commits mailing list