Opened 10 years ago

Closed 10 years ago

Last modified 10 years ago

#1950 closed defect (invalid)

Security problem?

Reported by: Drogist Owned by: erinn
Priority: High Milestone:
Component: Applications/Tor bundles/installation Version: Tor:
Severity: Keywords:
Cc: Actual Points:
Parent ID: Points:
Reviewer: Sponsor:


When I log out of gmail I often get the message that I automatically been logged out, because I've been logged in twice in 1 browser even though Im not. And when I scan for spyware (trojan or hijacker) I don't find anything, but might that be a "problem" that happens with tor or is it a real security problem. Because I know that there is spyware that sits within the security software so the security software can't find it.

Child Tickets

Change History (2)

comment:1 Changed 10 years ago by mwenge

Resolution: invalid
Status: newclosed

You need to use the TrackHostExits option I think:

 TrackHostExits host,.domain,...
  For each value in the comma separated list, Tor will  track  recent  connec‐
  tions to hosts that match this value and attempt to reuse the same exit node
  for each. If the value is prepended with a '.', it is treated as matching an
  entire  domain.  If  one  of the values is just a '.', it means match every‐
  thing. This option is useful if you frequently connect to  sites  that  will
  expire  all  your authentication cookies (ie log you out) if your IP address
  changes. Note that this option does have the disadvantage of making it  more
  clear  that  a given history is associated with a single user. However, most
  people who would wish to observe this will observe  it  through  cookies  or
  other protocol-specific means anyhow.

What is happening is your gmail session is using more than one exit node, and gmail is interpreting this as you logging in from separate browsers.

I'm going to close this because it seems obvious that this is your problem, so please reopen if it persists when you use the option above.

Note: See TracTickets for help on using tickets.