Yes, that is strange. I don't think that it means tor is caching cookies in exit points, but it is likely that there is a way to bind that preference to your IP as opposed to the cookie like in the article. I tried this 1. started tor 2. checked the IP of my exit point 3. did a google search, saw no side bar 4. activated the cookie using the arstechnica method 5. did a google search, saw the side bar 6. deleted the cookie from the browser 7. did a google search, saw no side bar 8. verified that I was still coming out of the same exit point I personally would like to see some of the results you came up with. Also, I have never seen that interface when browsing with tor normally, what would you estimate as the ratio is of exit points with that behavior? - DEAN Naxxtor Security wrote: > Whilst using the Tor network to search google, once in a while the > google search results interface changes to the "new look", as described > here: > http://arstechnica.com/news.ars/post/20060326-6460.html > > But the method used there uses cookies. This means one of two things: > > o The decision to serve the "new" interface can be made using > cookies or a your source IP. > > o Tor exit nodes cache cookies. > > With the later being a huge hole in security. > > On investigation, none of the exit nodes used when the new interface was > shown had valid reverse DNS. If people are interested I'll post the > results to the list. > > _______________________________________________ > Full-Disclosure - We believe in it. > Charter: http://lists.grok.org.uk/full-disclosure-charter.html > Hosted and sponsored by Secunia - http://secunia.com/ >
Attachment:
signature.asc
Description: OpenPGP digital signature
_______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/