Sometimes, after you've used Gmail over Tor, Google presents a pop-up notification that your account may have been compromised. The notification window lists a series of IP addresses and locations throughout the world recently used to access your account.

In general, this is a false alarm: Google saw a bunch of logins from different places, as a result of running the service via Tor, and decided it was a good idea to confirm the account was being accessed by its rightful owner.

Even though this may be a byproduct of using the service via Tor, that doesn't mean you can entirely ignore the warning. It is probably a false positive, but it might not be since it is possible for someone to hijack your Google cookie.

Cookie hijacking is possible by either physical access to your computer or by watching your network traffic. In theory, only physical access should compromise your system because Gmail and similar services should only send the cookie over an SSL link. In practice, alas, it's way more complex than that.

Y si alguien se apoderó de tu cookie de Google, podría estar intentando ingresar a tu cuenta desde lugares no habituales para tí (o la causa podría ser otra). Resumiendo, podría decirse que al estar usando el Navegador Tor, esta medida de Google no es demasiado útil para tí, porque resulta en falsos positivos demasiadas veces. Deberás usar otros métodos, como mirar si hay actividad extraña en tu cuenta, o examinar las fechas de los ingresos recientes y preguntarte si eras tu quien ingresaba a aquellas horas.

Recientemente, los usuarios de Gmail pueden activar la verificación en dos pasos en sus cuentas para añadir una capa más de seguridad.