Andrew Lewman commited on 2011-01-26 20:29:49
Zeige 1 geänderte Dateien mit 22 Einfügungen und 21 Löschungen.
... | ... |
@@ -992,31 +992,32 @@ may have been compromised.</a></h3> |
992 | 992 |
|
993 | 993 |
<p> |
994 | 994 |
Sometimes, after you've used Gmail over Tor, Google presents a |
995 |
-pop-up notification that your account may have been compromised. The |
|
996 |
-notification window lists a series of IP addresses and locations throughout |
|
997 |
-the world recently used to access your account. |
|
995 |
+pop-up notification that your account may have been compromised. |
|
996 |
+The notification window lists a series of IP addresses and locations |
|
997 |
+throughout the world recently used to access your account. |
|
998 | 998 |
</p> |
999 | 999 |
|
1000 | 1000 |
<p> |
1001 | 1001 |
In general this is a false alarm: Google saw a bunch of logins from |
1002 |
-different places and wanted to let |
|
1003 |
-you know. If you use Tor to access a Google service, then it will appear |
|
1004 |
-like you're coming from lots of different places. Nothing to worry about |
|
1005 |
-in particular. |
|
1006 |
-</p> |
|
1007 |
- |
|
1008 |
-<p> |
|
1009 |
-But that doesn't mean you can entirely ignore the warning. It's |
|
1010 |
-<i>probably</i> a false positive, but it might not be. It is possible |
|
1011 |
-that somebody could at some point steal your Google cookie, which would |
|
1012 |
-allow them to log in to the Google service as you. They might steal it |
|
1013 |
-by breaking into your computer, or by watching your network traffic at |
|
1014 |
-Starbucks or sniffing your wireless at home (when you're not using Tor), |
|
1015 |
-or by watching traffic going over the Tor network. In theory none of |
|
1016 |
-this should be possible because Gmail and similar services should only |
|
1017 |
-send the cookie over an SSL link. In practice, alas, it's <a |
|
1018 |
-href="http://fscked.org/blog/fully-automated-active-https-cookie-hijacking">way |
|
1019 |
-more complex than that</a>. |
|
1002 |
+different places, as a result of running the service via Tor, and decided |
|
1003 |
+it was a good idea to confirm the account was being accessed by it's |
|
1004 |
+rightful owner. |
|
1005 |
+</p> |
|
1006 |
+ |
|
1007 |
+<p> |
|
1008 |
+Even though this may be a biproduct of using the service via tor, |
|
1009 |
+that doesn't mean you can entirely ignore the warning. It is |
|
1010 |
+<i>probably</i> a false positive, but it might not be since it is |
|
1011 |
+possible for someone to hijack your Google cookie. |
|
1012 |
+</p> |
|
1013 |
+ |
|
1014 |
+<p> |
|
1015 |
+Cookie hijacking is possible by either physical access to your computer |
|
1016 |
+or by watching your network traffic. In theory only physical access |
|
1017 |
+should compromise your system because Gmail and similar services |
|
1018 |
+should only send the cookie over an SSL link. In practice, alas, it's <a |
|
1019 |
+href="http://fscked.org/blog/fully-automated-active-https-cookie-hijacking"> |
|
1020 |
+way more complex than that</a>. |
|
1020 | 1021 |
</p> |
1021 | 1022 |
|
1022 | 1023 |
<p> |
1023 | 1024 |