Hello Mike, Regarding the cookies, in that perspective, I do not know. If cookies can be generated by unique hardware, and be reliably regenerated by the same algorithm, and cookies actually having access to anything that could make such data, I really do not know. But assuming all the prior was possible, then yes, cookies could probably distinguish your hardware as a unique identifier.
Torpark 1.5.0.2b available in a few hours. Blows away all previous versions. ST Monday, April 17, 2006, 9:35:16 AM, you wrote: > Thanks for your answer, and I always do a complete "Clear Private Data" > in Firefox or Torpark before closing and switch to the other. Then no > cookies left over to the next. BTW, the question was more of a possible > collecting of identical data by both cookie-sessions. > Torpark is inside a own folder on my drive, the regular Firefox is in > it´s standard default installation folder. > On Thu, 6 Apr 2006 01:09:03 -0500, "Mike Perry" <[EMAIL PROTECTED]> > said: >> Thus spake Total Privacy ([EMAIL PROTECTED]): >> >> > Two hypothetical examples: >> > >> > 1. >> > I?m using the normal Firefox (without Tor) with cookies enabled >> > to log in on Yahoo email to make some stuff as my real identity. >> > Then I close the normal Firefox and start Torpark Firefox with >> > cookies enabled to log in on another Yahoo email to make some >> > stuff as an fake identity. Now the question is, are the cookies >> > capable to retrieve some unique information about my computer, >> > that later is comparable at Yahoo head quarter, to figure out >> > this two different Yahoo webmail accounts was actually runned >> > from one same computer? >> >> That depends on your profile directory.. If torpark and firefox are >> sharing the same profile, cookies will be shared. If they are sharing >> profiles, extensions probably will be shared also. >> >> An easy to check this without devling through arcane browser settings >> is to install a cookie monitoring extension. I really like Add N' Edit >> cookies myself. You can search for yahoo via each browser and make >> sure no cookies are cross-populating. >> >> > 2. >> > The same base as in the example 1 above, but with the difference >> > that no cookies enabled anywhere and the webmail account is at >> > Fastmail with complete https connection for everything. Now the >> > question is, are there some unique properties by my computer?s >> > https handling that appear the same on the Fastmail head quarter >> > to make sure the two webmail accounts was runned from the one >> > same computer? >> >> I think that unless you have installed a client certificate, there >> should be no identifying information in an SSL handshake. If you do >> have a client certificate installed (you will know if you do), I think >> the client only uses it if the server requests it. >> >> -- >> Mike Perry >> Mad Computer Scientist >> fscked.org evil labs -- Best regards, Arrakistor mailto:[EMAIL PROTECTED]