Silk Road forums
Discussion => Security => Topic started by: sicklikesaddam on February 08, 2012, 09:13 am
-
Hi
Randomly when i entered the silkroad web url today i was taken directly to the home page. (The page with the photo selection when you first log in). I had not entered any username or password.
I closed browser and reset TOR and tried again, same thing.
Why would this happen? Silk roads URL is not saved in my favourites and i always type it out from memory every time. Any suggestions?
SLS
-
thats pretty goofy. maybe delete your tor browser and reinstall it. you may have a plugin you dont know about?
-
I had this happen a few times too.. It's kinda weird.. How does it still know who I am after I've shut tor down and reopened it?
--FF
-
Hi
Randomly when i entered the silkroad web url today i was taken directly to the home page. (The page with the photo selection when you first log in). I had not entered any username or password.
I closed browser and reset TOR and tried again, same thing.
Why would this happen? Silk roads URL is not saved in my favourites and i always type it out from memory every time. Any suggestions?
SLS
One way this could happen is bad handling of sessions by SR.
SR, like many other websites, uses a session cookie to track your login session. Which is why you don't get prompted for login every time you navigate to a page. This session cookie is supposed to be expired by SR based on several things (inactivity, etc.). But if it is not expired for some reason, it will connect you to your previous session, IF the browser goes in with an existing session cookie.
It could be other things too, I am sure. But SR should really be looking into this. At your end, you should check to see that your browser is configured to drop all cookies on exit (I am assuming you restarted your browser when you restarted TOR).
-
It hasnt happened again since then and it also happened at the same time that i pressed the remember me button on another forum i use TOR for. Maybe it was just a coincidence.
I am just double checking everytime i log off now
-
Tools > Options > Privacy > Check: Always use private browsing mode, everything else unchecked.
You will need to add the SR website to exceptions when you start up. The cookie should delete itself but if you want to make sure then go to Show Cookies in the same menu and delete it manually after you've logged out.