[tor-talk] IMAPS login errors
arnst at runbox.no
arnst at runbox.no
Mon Feb 10 16:23:42 UTC 2014
Gerardus Hendricks:
> On 2/9/14 12:11 AM, arnst at runbox.no wrote:
>> I'm using IMAPS over Tor for email purposes. Sporadically I get
>> 'password incorrect' errors which usually go away when I click 'Retry'.
>> Is this some kind of MitM attack?
>
> That's not enough information to judge.
>
> Assuming the attacker doesn't have a valid certificate, Thunderbird
> would give you a certificate warning upon connection, not after sending
> any password.
That's what I was hoping! But after Flame and the novel MD5 break... one
can't be too paranoid I guess?
> It could as well be the legitimate IMAP server, plainly failing to
> authenticate you.
The strange thing is this only happens over Tor with my mail provider,
and it's not a timeout. That's why I thought it was "funny"...
Arnst
More information about the tor-talk
mailing list