Tor Leaking

Rachel Llorenna rachies at gmail.com
Sun Jun 25 14:07:48 UTC 2006 

I know that this is becoming a stale thread, but perhaps they were
referring to the unique cookies that Google and some other search
engines use to track searches. In this case, Tor has nothing to do
with the privacy issues as it's application data leaking- so you need
another program to scrub it before it is sent out.

These are two descriptions of options from the CustomizeGoogle
extension for Mozilla Firefox:
- Anonymize the Google cookie UID: "Avoid the possibility of Google
building up a cohesive profile about you. This does not block your
access to Google Account services, such as GMail. Some services may be
affected. For example, in Google Groups the list of 'Recently visited'
groups becomes empty."
- Don't send any cookies to Google Analytics: "Google Analytics (also
known as Urchin) is a service from Google that helps website owners
analyze how users use their sites. Informatio nabout your use of a
certain web site (including your IP address) can automatically be
transmitted to and stored by Google using cookies."

I'm sure other search engines do the same or similar things. It's best
to use an extension like this one to ensure that your activities
aren't recorded because once all the data is collected, they can be
correlated to a unique user.

CustomizeGoogle is available via http://customizegoogle.com or the
Mozilla Firefox extension archive and includes a bunch of other useful
features as well.

On 6/22/06, coderman <coderman at gmail.com> wrote:
> On 6/14/06, maillist <maillist at piirakka.com> wrote:
> > ...
> > This leaking can also be stopped by configuring a Linux router which
> > runs Tor, transparently route outgoing tcp-traffic to Tor and drop
> > _everything_ else.
>
> and transparently proxy DNS to plug leaks and make .onion & .exit work
> as expected.
>
>
> > I think there should be more documentation about setting up transparent
> > Tor router with Squid. When I did that I found out that those documents
> > are missing some very important points that brokes transparent routing etc.
>
> i'll have some technical detail as well as a mastering tools / scripts
> for this purpose in the next day or so (linux specific).   long
> overdue, but better late than never...
>
> i like this method of using Tor best myself since it either gets
> resolved and rerouted through Tor or it is dropped.  there is never
> any questions about weird ports / apps / DNS leaks, aside from the
> large and pressing concerns of application leakage above the transport
> level...
>
> best regards,
>


-- 
Regards,

Rachel Llorenna

More information about the tor-talk mailing list