Gmail And TOR

Discussion in 'privacy general' started by PooseyII, Sep 3, 2010.

Thread Status:
Not open for further replies.
  1. chronomatic

    chronomatic Registered Member

    Joined:
    Apr 9, 2009
    Posts:
    1,343
    Not sure I follow. Are you saying Tor exit nodes have sniffed your passwords? I don't see how this is possible since Gmail uses SSL for logins.
     
  2. tobacco

    tobacco Frequent Poster

    Joined:
    Nov 7, 2005
    Posts:
    1,497
    Location:
    British Columbia
    Really enjoying this thread PooseyII

    Please keep us updated.
     
  3. Eice

    Eice Registered Member

    Joined:
    Jan 22, 2009
    Posts:
    1,413
    You do know that just because a piece of rhetoric is repeated over and over, it doesn't automatically become true... right?
     
  4. AriSilverstein

    AriSilverstein Registered Member

    Joined:
    Sep 5, 2010
    Posts:
    3
    Were the random corporate emails you sent from different corporations?

    Ari
     
  5. AriSilverstein

    AriSilverstein Registered Member

    Joined:
    Sep 5, 2010
    Posts:
    3
    Your data PooseyII is not quite conclusive but it is suggestive.

    I use Gmail and this is worrying. I've asked informed usenet posters to join this discussion. (From sci.crypt, alt.comp.freeware, alt.privacy, alt.computer.security, alt.privacy.anon-server.) http://groups.google.com/group/alt.comp.freeware/browse_thread/thread/4b6b8bef9947cf88
     
  6. LockBox

    LockBox Registered Member

    Joined:
    Nov 20, 2004
    Posts:
    2,275
    Location:
    Here, There and Everywhere
    Well, Poosey, you bragged enough of the Usenet groups that you brought some of the culture with you. Usenet is the sewer of discussion.
     
  7. AriSilverstein

    AriSilverstein Registered Member

    Joined:
    Sep 5, 2010
    Posts:
    3
    I am Ari Silverstein and I am as real as anyone else also called Ari Silverstein.

    Did your Gmail tests use different corporate accounts?
     
  8. LockBox

    LockBox Registered Member

    Joined:
    Nov 20, 2004
    Posts:
    2,275
    Location:
    Here, There and Everywhere
    Interesting experiment. But is it 10 accounts (as the first post said) or 100 accounts as the later posts seem to indicate?
     
  9. funkydude

    funkydude Registered Member

    Joined:
    Apr 5, 2004
    Posts:
    6,851
  10. funkydude

    funkydude Registered Member

    Joined:
    Apr 5, 2004
    Posts:
    6,851
    Right, and the volunteer home PCs and servers of Tor are more capable than the super computers that national intelligence agencies have for these things, right?

    Please...
     
  11. funkydude

    funkydude Registered Member

    Joined:
    Apr 5, 2004
    Posts:
    6,851
    So now you're saying the government is running supercomputer Tor exit nodes to try gather details from services such as GMail which they can't manage to do yet even without Tor.

    I think I see where this thread is heading.
     
  12. LockBox

    LockBox Registered Member

    Joined:
    Nov 20, 2004
    Posts:
    2,275
    Location:
    Here, There and Everywhere
    I'm still wondering why the experiment went from 10 accounts to 100 accounts. I asked - no answer.

    And, if someone is going to put up videos to discuss this, why would anybody use the video sharing site owned by Google? There are many others.
     
  13. ccoates

    ccoates Registered Member

    Joined:
    Aug 31, 2010
    Posts:
    16
    Well TOR is different right? Because you don't have to break into random accounts, they come to you. So it's a much smaller haystack, and a lot fewer needles.

    The experiment in the o.p. was 10 users, 10 accounts each. So 100 accounts total.

    Overall, it seems like an interesting experiment because it implies that there is some level of monitoring going on, since the accounts were used to trade phony, but seemingly illicit, documents. And even if it isn't governments, since the passwords were purposefully easily breakable, it could also imply there are folks running malicious exit nodes and trying to break into accounts/data that comes through.
     
  14. chronomatic

    chronomatic Registered Member

    Joined:
    Apr 9, 2009
    Posts:
    1,343
    The Tor developers keep a very close watch on the exit nodes. Just a few weeks ago there were hundreds of exit nodes opened up on the same day from the same server. The Tor devs blacklisted them all from the network.

    This is not to say that NSA couldn't set up a few nodes and get away with it, but they would have to set up a LOT of nodes to gather anything useful or to compromise one's identity. The chances of this happening are pretty low.

    Most likely what is happening here is Google is simply locking accounts that are being accessed via Tor since Google is not about privacy.
     
  15. LockBox

    LockBox Registered Member

    Joined:
    Nov 20, 2004
    Posts:
    2,275
    Location:
    Here, There and Everywhere
    The NSA is monitoring all manner of communication for terrorist planning. But TOR? Tor makes no sense as it doesn't hide the information, only the original sender. From my understanding, many radical groups use steganography (encrypted text within pictures, etc.) and post them darn near anywhere. Very hard to track down, plus the DIA/NSA doesn't end up with the info as they would if they used Tor. I, frankly, see little reason to invest in large amounts of money to monitor Tor usage. At least for the purposes I have described and that's where the bulk of dollars for cyber-intelligence is going - so they say. Not that I necessarily believe that, but with so many other ways to communicate that doesn't compromise the information itself, I still see Tor as a low priority for any kind of intelligence.
     
  16. Sadeghi85

    Sadeghi85 Registered Member

    Joined:
    Dec 20, 2009
    Posts:
    747
    That is scary.
     
  17. CloneRanger

    CloneRanger Registered Member

    Joined:
    Jan 4, 2006
    Posts:
    4,833
    @ PooseyII

    Thanks for your Gmail/Google expose :thumb: Now nobody can ever doubt their true intentions, and who they are in bed with = :thumbd:

    Several years ago someone sent me a Gmail invitation to sign up with. Even though it's HTTPS = :thumb: due to my knowing Google was a vast data miner i ran a mile, and i'm Very glad i did.

    I'm constantly amazed at how MANY people don't know about what Google actually do, and when i inform them, they either find it hard to believe, or don't seem to care :eek: Thankfully not everyone, but quite a lot !

    Well one day they might live to regret it, but they can't ever say they wern't aware :D
     
  18. Searching_ _ _

    Searching_ _ _ Registered Member

    Joined:
    Jan 2, 2008
    Posts:
    1,988
    Location:
    iAnywhere
    Yes, I dislike Google for the abuses against users.
    I'm not using Tor and I have 3 or 4 Gmail accounts, :D, and opened another for a forum.
    After registering at the forum, I tried to sign in to my Gmail account tied to the forum for forum verification and was blocked.
    I must've entered 10+ Google type captcha's for verification before being able to access the account.
    Then I tried to set up another Gmail account, to get ahead of the issue and was asked to provide a number to receive an SMS message at.
    I lost an account I was using to post resume's for job searching because of this crap. Now my resume is in Google doc Limbo. :(

    I don't see the correlation to weed and Gmail privacy concerns, but is an interesting way to tie two subjects together. :D
    High - a pretty cool documentary that explores the subject from history to the current state of affairs.
     
    Last edited: Sep 19, 2010
  19. Searching_ _ _

    Searching_ _ _ Registered Member

    Joined:
    Jan 2, 2008
    Posts:
    1,988
    Location:
    iAnywhere
    So what alternatives are you currently using to avoid Mammon?
    Does it involve encryption of the contents or in its delivery?
     
  20. LockBox

    LockBox Registered Member

    Joined:
    Nov 20, 2004
    Posts:
    2,275
    Location:
    Here, There and Everywhere
    I love the Zoho feature set. They rival Google with their cloud apps without the goal being data collection. They even have a better Notebook app than the one Google had and killed.

    The whole scenario that Poosey outlined is troublesome. Oh, and add Google TV to everything else. And, we've learned in the last month that they will be offering Pay-Per-View movies. People will go for this because it's the mighty Google. Then, Google will know everything about them. Search, email, who they call &who calls them, texts, what they watch, and on and on and on it goes.
     
  21. caspian

    caspian Registered Member

    Joined:
    Jun 17, 2007
    Posts:
    2,301
    Location:
    Oz
    I have used Tor with gmail on numerous occasions without any problems.
     
  22. funkydude

    funkydude Registered Member

    Joined:
    Apr 5, 2004
    Posts:
    6,851
    You wouldn't be the only one!
     
  23. Eice

    Eice Registered Member

    Joined:
    Jan 22, 2009
    Posts:
    1,413
    You seem to be under the assumption that people haven't already done exactly that.
     
  24. FellowTraveler

    FellowTraveler Registered Member

    Joined:
    Sep 9, 2010
    Posts:
    5
    I'm willing to bet that this is much more related to Google trying to stay one step ahead of black-hat internet marketers than it is their secret collusion with NSA to spy on all of us.

    (Not that I wouldn't put it past them, and not that it's not a real concern -- just saying realistically, marketing is probably what is driving this. I know lots of marketers who are constantly playing these sorts of cat-and-mouse games with Google, trying to get new AdWords accounts using pre-paid credit cards, etc.)
     
  25. ccoates

    ccoates Registered Member

    Joined:
    Aug 31, 2010
    Posts:
    16
    I have a spare Gmail account I use for throwaway stuff like signing up for trial software. I tried logging into it via TOR and I got stuck in the mentioned CAPTCHA loop, but I just figured I had something setup wrong (I feel like I'm trying some new technique or piece of software every couple of days now, and I've still barely scratched the surface.) It never occurred to me until I read this thread Google might be blocking TOR access entirely.

    Of course, I didn't have to verify via text message or have an email sent to a secondary account later, I just tried logging in when TOR was off and everything was back to normal.

    Still, it doesn't seem beyond reason that Google, with data collection being a primary goal, would block TOR exit nodes so that an account created via TOR, and only accessed via TOR, that never connects to a "legitimate" IP, would be prevented from working correctly.
     
Loading...
Thread Status:
Not open for further replies.