GMAIL and TOR, what the heck!!! GMAIL finds my IP :-((

Hey Fellas,

Lately, I was checking all my Privacy filters and Firewalls and IDS, and when i checked on my Tor and Vidalia, guess what?

GMAIL was showing up my real IP, from my ISP, and not the one which i was spoofing, however, when i checked @ whatismyip they showed the one which was spoofed using Tor>>

so, guess what, Google is really upto something fishy?

why the hell on earth they would step ahead and extract your private info, other than for legal purposes.

I know it is possible to get this information in java/ JS

now, There are two ways java/javascript can be used to get your IP:
1. your IP is read from a variable, then it is transmitted to the
2. a connection is made back to the server (royally ignoring your proxy
settings) and this allows the server to read your IP (gateway).

Method 1 is quite natural and is bound to be used by conventional web
sites. Method 2 is more tricky and a web site making this could be
blamed because ignoring the proxy settings of the browser isn’t

A way to avoid that your IP is revealed through Method 1 is to stay
behind a NAT router: in this case what is read from the variable is
your internal address, which is worthless.

Against Method 2 one can identify the outgoing traffic and block it,
but this breaks the workflow of the application.

so, the best way is to avoid using such services  :-DD

Need all your comments.


Nitin Kushwaha


Categories: Basics, Browsers, ComputerForensics, DigitalForensics, Googled, Hot and Latest, IncidentResponse, MyOwn, Personal, Techno, Uncategorized | 2 Comments

Post navigation

2 thoughts on “GMAIL and TOR, what the heck!!! GMAIL finds my IP :-((

  1. ugottobekidding

    Is there an offshore email provider or proxy that google can’t glean your information from, legally or otherwise?

    Perhaps a lawsuit against google for stealing your info would work?

  2. kuroswami

    Well, disable JS/Java and Gmail won’t know your IP address. Their basic HTML interface works well enough.

    The real problem with Gmail is that they won’t let you create new account with JS disabled if you’re on Tor (at least that was the case for me).

    BTW, if you need all our comments, allow anonymous commenting, you can’t expect in this age for somebody to register just to leave a comment.

Leave a Reply

Fill in your details below or click an icon to log in: Logo

You are commenting using your account. Log Out /  Change )

Google photo

You are commenting using your Google account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s

%d bloggers like this: