Gmail/SSL

coderman coderman at gmail.com
Tue Mar 11 01:37:43 UTC 2008


On Mon, Mar 10, 2008 at 2:40 AM, Mike Cardwell <tor at lists.grepular.com> wrote:
> ... Just because a website is secure at the moment,
>  doesn't mean they wont make changes in future which leak your sessions.

managing this on your end transparently makes it impossible to
exploit.  you enforce policy of ssl/tls only, always, regardless of
how they may have implemented sessions and authentication on their
end.  (at worst, they break their service rendering it unusable
securely [DoS], rather than leaking your private information
[leakage/pwned]...)


>  It is considerably safer to use gmails secure imap/smtp services rather
>  than their webmail with Tor imo. More bandwidth friendly too.

agreed, though exit polices for these ports are not as plentiful...

best regards,



More information about the tor-talk mailing list