this post was submitted on 29 Oct 2024
6 points (100.0% liked)

Unofficial Tor Community

163 readers
1 users here now

Link to tor project (they made the icon I grabbed, and tor itself of course): https://www.torproject.org/

This is a community to discuss the tor project and your experience with tor, tor browser, etc.

Rules are generally: be nice, don't be bigoted, etc.

Only seems fair that an infosec instance should have a community about one of the most well known anonymity tools :)

founded 1 year ago
MODERATORS
sapient_cogbag@infosec.pub
6
Just dodged a tracker pixel (I think) -- thanks to a test-based mail client and Tor (lemmy.sdf.org)
submitted 1 week ago by evenwicht@lemmy.sdf.org to c/tor@infosec.pub
2 comments fedilink hide all child comments
 

cross-posted from: https://lemmy.sdf.org/post/24375297

Tracker pixels are surprisingly commonly used by legitimate senders.. your bank, your insurance company, any company you patronize. These assholes hide a 1-pixel image in HTML that tracks when you open your email and your IP (thus whereabouts).

I use a text-based mail client in part for this reason. But I got sloppy and opened an HTML attachment in a GUI browser without first inspecting the HTML. I inspected the code afterwards. Fuck me, I thought.. a tracker pixel. Then I visited just the hostname in my browser. Got a 403 Forbidden. I was happy to see that. Can I assume these idiots shot themselves in the foot with a firewall Tor blanket block? Or would the anti-tor firewall be smart enough to make an exception for tracker pixel URLs?

you are viewing a single comment's thread
view the rest of the comments
[–] evenwicht@lemmy.sdf.org 2 points 1 week ago

Question answered in the parent thread:

https://lemmy.sdf.org/comment/15364720

when a server pushes a 403, it still sees the full URL that was attempted.