Using Gmail (with Tor) is a bad idea
Enrico Scholz
enrico.scholz at informatik.tu-chemnitz.de
Tue Sep 19 06:52:44 UTC 2006
freebsd-listen at fabiankeil.de (Fabian Keil) writes:
> FILTER: googlemail Hides sponsored links with css and shows why
> insecure mail transfer is a bad idea.
Using unencrypted transfer is always a bad idea; not only with Tor. It just
moves the attack-point for sniffing attacks from e.g. your cable-modem
network, your ISP and the hops till the the webserver to the exit-node and
the hops till the webserver. The way where password data are transferred
unencrypted might be even shorter (e.g. when exit-node is nearer to the
webserver) or more secure (e.g. when you are in a cable-modem network) with
Tor.
A much bigger problem with Gmail is, that it requires an existing account
to create a new one. Hence, there exist a chain between your anonymous
account and the account of a known person which can reveal your true
identity.
Enrico
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 480 bytes
Desc: not available
URL: <http://lists.torproject.org/pipermail/tor-talk/attachments/20060919/b5076c89/attachment.pgp>
More information about the tor-talk
mailing list