Delivery-Date: Fri, 08 Jan 2016 16:17:41 -0500
Return-Path: <tor-talk-bounces@lists.torproject.org>
X-Spam-Checker-Version: SpamAssassin 3.3.1 (2010-03-16) on moria.seul.org
X-Spam-Level: 
X-Spam-Status: No, score=-3.3 required=5.0 tests=BAYES_00,DKIM_ADSP_ALL,
	DKIM_SIGNED,RCVD_IN_DNSWL_MED,T_DKIM_INVALID,T_RP_MATCHES_RCVD autolearn=ham
	version=3.3.1
X-Original-To: archiver@seul.org
Delivered-To: archiver@seul.org
Received: from eugeni.torproject.org (eugeni.torproject.org [38.229.72.13])
	(using TLSv1.2 with cipher ADH-AES256-GCM-SHA384 (256/256 bits))
	(No client certificate requested)
	by khazad-dum.seul.org (Postfix) with ESMTPS id 7C8441E0504;
	Fri,  8 Jan 2016 16:17:39 -0500 (EST)
Received: from eugeni.torproject.org (localhost [127.0.0.1])
	by eugeni.torproject.org (Postfix) with ESMTP id A72A221515;
	Fri,  8 Jan 2016 21:17:34 +0000 (UTC)
Received: from localhost (localhost [127.0.0.1])
 by eugeni.torproject.org (Postfix) with ESMTP id DEA0E2138A
 for <tor-talk@lists.torproject.org>; Fri,  8 Jan 2016 21:17:30 +0000 (UTC)
X-Virus-Scanned: Debian amavisd-new at 
Received: from eugeni.torproject.org ([127.0.0.1])
 by localhost (eugeni.torproject.org [127.0.0.1]) (amavisd-new, port 10024)
 with ESMTP id DMcD5wLrND-u for <tor-talk@lists.torproject.org>;
 Fri,  8 Jan 2016 21:17:30 +0000 (UTC)
Received: from latitanza.investici.org (latitanza.investici.org
 [82.94.249.234])
 (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits))
 (Client CN "smtp.autistici.org",
 Issuer "Autistici/Inventati Certification Authority" (not verified))
 by eugeni.torproject.org (Postfix) with ESMTPS id B5F4620AFF
 for <tor-talk@lists.torproject.org>; Fri,  8 Jan 2016 21:17:27 +0000 (UTC)
Received: from [82.94.249.234] (latitanza [82.94.249.234]) (Authenticated
 sender: setthemfree@privacyrequired.com) by localhost (Postfix) with ESMTPSA
 id 83BFD120845
 for <tor-talk@lists.torproject.org>; Fri,  8 Jan 2016 21:17:24 +0000 (UTC)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=privacyrequired.com;
 s=stigmate; t=1452287844;
 bh=nbwkE21eRUCAKXiURiVEstDhu+ocU6QQja2BxIRO/UY=;
 h=From:To:Subject:Date;
 b=VMjsgGXjZX1SJJK/aEUwAD50mXS0aUSKosfhsJLTHsIKpWOnt0Y42FKECZTnAOm54
 Y7swXMgBR5/CqEIU2C6qzu0WRBb9r0jfI+S0Yu7iZuJb87Z0cxI4hfdw+366vm3yYS
 Vnmh2tDzKPZGhS9YE9ZZIARmwBOppsYj0N9negco=
From: Yury Bulka <setthemfree@privacyrequired.com>
To: Tor Talk List <tor-talk@lists.torproject.org>
User-Agent: Gnus/5.13 (Gnus v5.13) Emacs/24.5 (gnu/linux)
Date: Fri, 08 Jan 2016 23:17:22 +0200
Message-ID: <868u3zu5y5.fsf@kitt.localdomain>
MIME-Version: 1.0
Subject: [tor-talk] What is "cookie protections"?
X-BeenThere: tor-talk@lists.torproject.org
X-Mailman-Version: 2.1.15
Precedence: list
Reply-To: tor-talk@lists.torproject.org
List-Id: "all discussion about theory, design,
 and development of Onion Routing" <tor-talk.lists.torproject.org>
List-Unsubscribe: <https://lists.torproject.org/cgi-bin/mailman/options/tor-talk>, 
 <mailto:tor-talk-request@lists.torproject.org?subject=unsubscribe>
List-Archive: <http://lists.torproject.org/pipermail/tor-talk/>
List-Post: <mailto:tor-talk@lists.torproject.org>
List-Help: <mailto:tor-talk-request@lists.torproject.org?subject=help>
List-Subscribe: <https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk>, 
 <mailto:tor-talk-request@lists.torproject.org?subject=subscribe>
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: 7bit
Errors-To: tor-talk-bounces@lists.torproject.org
Sender: "tor-talk" <tor-talk-bounces@lists.torproject.org>

Dear list,

I'm experimenting with moving all my daily web browsing to the Tor
Browser Bundle on Linux. For this use case, I've disabled the "Don't
record browsing history or website data" check box in the Privacy and
Security Settings dialog. (The reason is that I wanted to have the
option to stay logged in on a few key websites.)

There's only one potential danger I see here - cookies. (Of course
there's also the danger of someone stealing my browsing history from my
hard drive, but this is not in my threat model for now.)

This is why I'd like to understand what is the "Cookie protections"
dialog about. It's not clear to me what these "protections" do and how
they are meant to be used. I suspect it may be something like a cookie
white list, allowing one to mark certain cookies as protected and purge
all the other cookies (exactly what I'd need for my use case), but I may
be wrong.

I couldn't find any info on it. Can someone clarify?

Thanks,
Yury.

P.S. I also have some other questions about tweaks to TBB for the "main
browser" use case, I'll ask them later to keep things clean.
-- 
tor-talk mailing list - tor-talk@lists.torproject.org
To unsubscribe or change other settings go to
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk

