On 4/3/2011 1:06 AM, Mike Perry wrote:
Thus spake Joe Btfsplk ([email protected]):
On 4/2/2011 2:33 PM, katmagic wrote:
Google requires you to be able to receive a text message or phone call to
use a GMail account over Tor. This is unrelated to Torbutton's cookie
handling
(which was broken but has since been fixed). Personally, I got a friend on
IRC
to let me use his phone for it.
Since I don't retrieve email by phone (certainly not from Google), I'm
not going to give them my cell / home #. I'm not aware that I have
another option for the phone contact, available to me, personally.
Actually, you can also fill out a form online, giving info about the
acct that only the acct holder would likely know (though this "form" is
several layers deep, to get to). In my experiment, after entering
required info, their official statement is, it may take "up to 24 hrs
for them to investigate & reply." Must also have previously set up an
alternate email address, where they'll send an authorization link. In my
1st attempt at this, took about 10 min to get an email, which would then
allow resetting PW.
This whole process is WAY too cumbersome for frequent use - just a
learning exercise for me. It might be easier to find another mail
provider that works better w/ Tor.
This is possible. The "unusual activity" message is unrelated to
cookie issues, and appears to have something to do with the exit node
chosen to connect to gmail.
Yes, & thus my question about where the "StrictExitNodes" commands would
be input / stored (maybe for specific country) ?
From diff options presented (aside from giving google a phone #), if
one wanted to use Tor w/ Gmail, maybe specifying specific country exit
nodes would be fastest way to get into a Gmail acct. Though won't know
if that prevents the "unusual activity" msg from Gmail till try it.
I'll try Tor w/ other email providers to see if works better. Others
can do same & post results.
Otherwise, Torbutton's default cookie policy is to allow cookies to
persist in memory until either the Torbutton is toggled, or the
browser exits. We plan to eventually extend this functionality to
provide a "New Identity" button in the browser, to synchronize the
clearing of all Firefox identifiers with the "New Identity"
functionality of Vidalia/Tor...
I am assuming (please correct) that if Firefox's "accept cookies from
sites" option is UN checked (cookies denied globally), then for
Torbutton to allow a site to set cookies during Tor mode, there MUST
already be an exception to allow that site to set cookies, stored in
permissions.sqlite?
Re: Matthew's comment:
Why not let TorButton handle your cookies or allow cookies then
securely delete cookies.sqlite afterwards?
It appears I didn't have an exception to allow google.com to set
cookies. I seldom login to Gmail. Then, only allow temp / session
cookies. However (for others' info), about cookies.sqlite - appears
only persistent cookies are stored in it. Session cookies are not. I
believe session / temp cookies are stored in memory, unless that's
changed in FX 4.
IMHO, if users are worried about privacy in email, they probably should
another provider than Gmail.
_______________________________________________
tor-talk mailing list
[email protected]
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk
