Using Gmail (with Tor) is a bad idea

Fabian Keil freebsd-listen at fabiankeil.de
Tue Sep 19 16:31:27 UTC 2006


Claude LaFrenière <climenole at gmail.com> wrote:

> Hi  *Fabian Keil*   :
> 
> > Just in case you wondered whether Tor and Gmail are a good
> > combination: They are not.
> 
> Just one remark Sir.
> 
> This site is accessible by anybody in clear :
> http://serifos.eecs.harvard.edu/cgi-bin/exit.pl?textonly=1
> 
> which reveal these informations:
> 
> DE *zwiebelkuchen
> tor.fabiankeil.de DE *zwiebelsuppe        tor.fabiankeil.de  
> 
> So it's easy to find fabiankeil.de
> 
> and finally:
> 
> You leave your email address in clear (in text) in your web site.
> This reveal your ID and this is the best way to be spamed... No?

I don't intend to post anonymously on this list and
I'm well aware that my website contains information
about where I live and how anyone interested can
reach me. That's intentionally as well.

I use Tor to surf the web anonymously, but if I say
something in public I usually use my real name. For
the topics I'm interested in, that's currently not
a problem in Germany.

I still use encryption for privacy-sensitive information
and if you run a Tor exit node, you will not be able to
alter my mails without getting noticed.

> Did using Gmail + Tor + Thunderbird + Pgp/GnuPG 
> and access  Gmail with SSL/TLS connexion is not a better solution ?

Personally I think using Gmail is never a solution.
You are right though: if you are using a real mail client
with real encryption, you shouldn't have a problem with
man in the middle issues.

Fabian
-- 
http://www.fabiankeil.de/
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 187 bytes
Desc: not available
URL: <http://lists.torproject.org/pipermail/tor-talk/attachments/20060919/712ebef5/attachment.pgp>


More information about the tor-talk mailing list