On 8 Feb 2018, at 04:56, Arthur D. Edelstein arthuredelstein@gmail.com wrote:
Maybe we could make progress by considering a set of thought-experiment user stories (or even, user studies) visiting particular websites and describing what the decision making process should be. For example, if I visit YouTube (which has scripts, video and audio) under High Security or under Medium Security, what should my decision making process be? How many decisions/clicks should be required to get the website working, and at what stage do I decide to give up for security reasons? What security/privacy mistakes could I make and how can Tor Browser prevent those mistakes? Other important sites might be online games, social media, Google documents, etc.
Let's make sure we include some torproject sites in this list: * Atlas (for relay operators, requires JS, and SVG for graphs) * Trac (for users reporting bugs, requires JS to reply to a comment)
Personally, I run in High security mode, because I use Tor Browser to open links that people send me.
But that means I have to use NoScript all the time on these TPO sites.
Atlas and consensus-health graphs are the most common reason I accidentally end up in "medium" security mode on other sites.
A visual indicator would really help me here.
T
-- Tim Wilson-Brown (teor)
teor2345 at gmail dot com PGP C855 6CED 5D90 A0C5 29F6 4D43 450C BA7F 968F 094B ricochet:ekmygaiu4rzgsk6n ------------------------------------------------------------------------