Full Disclosure: Different google interface when using some Tor exit nodes

Nmap Security Scanner

Intro

Ref Guide

Install Guide

Download

Changelog

Book

Docs
Security Lists

Bugtraq

Basics

More
Security Tools

More
Site News
Site Search:
Exploit World
Advertising
About/Contact
Credits
Sponsors:

Full Disclosure mailing list archives

Different google interface when using some Tor exit nodes

From: Naxxtor Security <naxxtor_security () mailshack com>
Date: Thu, 01 Jun 2006 14:46:12 +0100

Whilst using the Tor network to search google, once in a while the
google search results interface changes to the "new look", as described
here:
http://arstechnica.com/news.ars/post/20060326-6460.html

But the method used there uses cookies.  This means one of two things:

 o      The decision to serve the "new" interface can be made using             
cookies or a your source IP.

 o      Tor exit nodes cache cookies.

With the later being a huge hole in security.

On investigation, none of the exit nodes used when the new interface was
shown had valid reverse DNS.  If people are interested I'll post the
results to the list.

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

By Date By Thread

Current thread:

Different google interface when using some Tor exit nodes Naxxtor Security (Jun 01)
- Re: Different google interface when using some Tor exit nodes Tonnerre Lombard (Jun 01)
  - Re: Different google interface when using some Tor exit nodes Naxxtor Security (Jun 01)
    - Re: Different google interface when using some Tor exit nodes Michael Holstein (Jun 01)
  - Re: Different google interface when using some Tor exit nodes Michael Holstein (Jun 01)
- Re: Different google interface when using some Tor exit nodes Dean Pierce (Jun 01)