Silk Road forums

Discussion => Security => Topic started by: bluesclues on August 15, 2011, 06:28 am

Title: Security Risk?
Post by: bluesclues on August 15, 2011, 06:28 am
I've been told to never enable cookies using tor, but for some reason the silk road market requires you have cookies enabled to get past the captcha. Try it for yourself, it's impossible to complete the captcha without cookies enabled.

I hope this is fixed, because it may be a potential security risk.
Title: Re: Security Risk?
Post by: Ineluctable on August 15, 2011, 04:24 pm
Cookies are used to store your login session, else you'd need to login on every page. As long as your browser is set to clear cookies when it is closed you'll be fine.
Title: Re: Security Risk?
Post by: ekko on August 15, 2011, 04:50 pm
You can disable third party cookies and still login, Torbutton isolates your non-TOR cookies anyway in a protected area, amongst other features
It defaults to wiping when you close Vidalia/Firefox anyway, or you can manually monitor and remove individually

There isn't a risk providing you have disabled all other plugins, scripting..flash,java,js etc.. techniques such as 'evercookie' to fingerprint you won't work.. If you are only using TOR browser to access this Silk Road forum and mainsite anyway, clear the cookies and disable them in prefs before browsing around somewhere else  or close and restart if you feel the need