[tor-talk] Tor and Google error / CAPTCHAs.

Alec Muffett alec.muffett at gmail.com
Tue Sep 27 15:50:06 UTC 2016


On 27 September 2016 at 15:57, <blobby at openmailbox.org> wrote:

> On 2016-09-27 09:45, Alec Muffett wrote:
> Two questions:
>
> Is there a way that using an exit node for Gmail, FB, etc will not be
> considered suspicious? Is that even possible?
>

I feel that there's probably no silver bullet.

In some ways this is exactly what Mirimir posted about above - I think
there is much (much!) more to Tor than "Anonymity", but the architecture of
TorBrowser in particular revolts against long-lived session session cookies
and the other technologies which afford strong, trustable, long-term
concepts of authenticated communication between a browser and a site.

For more about this, the latter half of a video I did at a conference a
couple of years ago may be interesting:

  https://video.adm.ntnu.no/pres/54b660049af94

Summary: authentication is not just binary "I Have A Session Cookie!" any
more.


Is it possible to use a different proxy way to access Gmail, FB, etc
> without being seen as suspicious? For example, one could use proxychains
> with Tor followed by a SOCKS proxy to login.
>

If I understand you right (?) I think that was exactly the reason
we/Facebook set up the Onion site.  A Tor-sympathetic access mechanism,
more likely to be selected by human beings than folk pursuing the
scraperfriendly adequate location-anonymity which exit nodes provide.



> In both cases above (exit node and exit node plus SOCKS) we assume that
> the IP address more or less matches the "normal" non-proxy login. I am in
> Paris and use a Paris exit node and a Paris SOCKS proxy for example.
>

Check the video - it's not just "location".  Remember, when working in a
London office, employees of non-UK companies often ip-geolocate to being in
(eg:) USA, FR, NL, or JP; this _really_ confuses organisations (eg: The
BBC) who fee (or are) obligated to take geolocation overly seriously.



> Finally, thanks for participating in this discussion. It is rare to have
> people who work or used to work at the major webmail and social media
> companies from a) getting involved and b) providing a nuanced (not
> anti-Tor) perspective.


You're welcome! It's nice to share!

     -a

-- 
http://dropsafe.crypticide.com/aboutalecm


More information about the tor-talk mailing list