Tor Browser accesses LSOs
This may have been an isolated incidence, and I have not experienced it since July 3, but Colin C. at Tor help has suggested that I submit a ticket for this security breach.
I have the latest full release Tor Browser Bundle installed for my Mac (2.3.25-10). After 'verifying' on July 3 that Tor was in use via https://check.torproject.org, I linked to the following, which raised alarm bells for me: http://www.organicconsumers.org/ocaactions.cfm?actionnum=11436
Within Tor, the link opened a page with my e-mail address already in place for an action alert message that I was intending to send (but never did).
My immediate response was to right-click the page and go to View Page info > Security > View Cookies > Remove All Cookies within Tor Browser/Firefox ESR 17.0.7. The problem of the embedded email address persisted on my next attempt to access the link within Tor despite having removed cookies this way and initiating a new identity via Vidalia.
Later the same day, I discovered that LSOs had appeared out of nowhere on my computer sometime relatively recently, indeed just before the Tor use attempt I have described, above. (I check for LSOs daily.) Record of these LSOs was accessible via my Safari browser, showing up as such things as "Apple local storage" and "Local storage on your computer" (as well as a few others, including, I believe, salsalabs.com, which would have been generated within Safari via my linking to http://salsa3.salsalabs.com/dia/track.jsp + identifying code). And it was via my Safari browser that I was able to delete all the LSOs.
After I deleted all the LSOs and repeated the link via Tor (with new identity and after deleting Firefox cookies, of course), the embedded email info. was blessedly absent.
My burning question is, why would Tor be accessing LSOs?