On Sun, 2013-11-24 at 21:54 -0500, Yo Mamma wrote: > Hi Joe, > I'll clarify the auto-login: After sign up it logged me in with the > credentials I had just created. Why would it use cookies from a previous, > different account login, to log in to this new account? Wouldn't that be a > security hole?
Cookies are used to ID web browser, not to provide access to email accounts. Thus when you log into your webmail account with an ID'ed browser, they don't know who created, but they know where, when and get the machine used to create. Subsequent uses of this same machine increase the confidence of who is the user behind and what are her interests, even if you IP address changes through tor, vpn, physical movement.. -- 010 001 111 -- tor-talk mailing list - [email protected] To unsubscribe or change other settings go to https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk
