Thus spake Irratar (irratar77@xxxxxxxxx): > Hello. > > I have just found a site that can recognize me when I re-accessed it > after I deleted all private data, toggled Torbutton and restarted Tor. > > http://samy.pl/evercookie/ This is news to me. Are you using the default Torbutton settings? When we tested this in the past, Torbutton was protecting against it. I also just tested it now, and it did not recover my cookie. Perhaps one of your other addons betrayed you? Did you enable plugins? Or perhaps you have a misconfigured polipo storing these cookies in its cache? The Tor Browser Bundles are a good way to ensure you have a properly configured, vanilla Tor setup. > Of course, it isn't a Tor problem, but I think it's better to know for > these who are interested in privacy. many sites may use the same > technology stealthy. I will try to discover more about how does it > keep my private information. So far this site seems to forgets me when > I disable JavaScript, but maybe it just can't display the proper > number. Actually, web application layer privacy attacks *are* a Tor issue. We try very hard to protect against them: https://www.torproject.org/torbutton/en/design/#adversary -- Mike Perry Mad Computer Scientist fscked.org evil labs
Attachment:
pgpFHOGzBsWML.pgp
Description: PGP signature