[Foundation-l] Release of squid log data
Gwern Branwen
gwern0 at gmail.com
Fri Sep 21 01:14:54 UTC 2007
On 2007.09.20 20:15:12 -0400, Ben McIlwain <cydeweys at gmail.com> scribbled 39 lines:
...
> And by the way, remember that all unencrypted web traffic ends up
> unencrypted at the Tor exit node, and can be (and sometimes is) sniffed
> by unscrupulous folks. If you are using Tor you *must* make sure to use
> only the secure Wikimedia https proxy. Even that is difficult though,
> because you'll end up clicking a link that takes you to unsecure http
> pages (such as a diff links), and before you can blink, your admin
> cookie has gone across the web unencrypted.
...
Is this actually true, though? As I've said before, I edit through secure.wikimedia.org, and I've done so for the past few months. In that time, I've clicked on external links to en.wikipedia.org/wiki/whatever - not internal links to https://secure.wikimedia.org/wikipedia/en/wiki/whatever - and not once have I found myself to be logged in on En.
--
gwern
veggie GEODSS NOCS JRA Marxist 2010 SP4 JICA 5707 Yobie
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 189 bytes
Desc: not available
Url : http://lists.wikimedia.org/pipermail/foundation-l/attachments/20070920/7a856b6d/attachment.pgp
More information about the foundation-l
mailing list