Gmail/SSL
coderman
coderman at gmail.com
Tue Mar 11 01:37:43 UTC 2008
On Mon, Mar 10, 2008 at 2:40 AM, Mike Cardwell <tor at lists.grepular.com> wrote:
> ... Just because a website is secure at the moment,
> doesn't mean they wont make changes in future which leak your sessions.
managing this on your end transparently makes it impossible to
exploit. you enforce policy of ssl/tls only, always, regardless of
how they may have implemented sessions and authentication on their
end. (at worst, they break their service rendering it unusable
securely [DoS], rather than leaking your private information
[leakage/pwned]...)
> It is considerably safer to use gmails secure imap/smtp services rather
> than their webmail with Tor imo. More bandwidth friendly too.
agreed, though exit polices for these ports are not as plentiful...
best regards,
More information about the tor-talk
mailing list