[tor-talk] "If you have access to certain tools, you can completely ignore Tor."

Matthew R magickrot at gmail.com
Sun Dec 18 23:33:13 UTC 2011


Wired: How much can one do with IP addresses that have been run through Tor?

SR: If you have access to certain tools, you can completely ignore Tor. You
can trap your subject’s IP address without wasting your time busting
through Tor. Without revealing too many tricks, for example, it’s easy
enough to send someone an e-mail that broadcasts location info back to a
server. Someone operating a trap website can grab Evan’s cookies and see
his entire browser history and his current IP address. With only a minimal
amount of work, you can determine where Evan is viewing a website from.

Does this make any sense?  I assume that what the PI means is that if you
send an e-mail to a non-webmail client (like Thunderbird) which does not go
via Tor, then the IP can be determined when it loads the 1x1 HTML pixel
from the website.  However, if the victim uses webmail then surely all
responses would go via Tor?

Or does he mean something else?

More information about the tor-talk mailing list