On 2/7/18 4:23 PM, teor wrote:
Let's make sure we include some torproject sites in this list:
- Atlas (for relay operators, requires JS, and SVG for graphs)
- Trac (for users reporting bugs, requires JS to reply to a comment)
Personally, I run in High security mode, because I use Tor Browser to open links that people send me.
But that means I have to use NoScript all the time on these TPO sites.
Atlas and consensus-health graphs are the most common reason I accidentally end up in "medium" security mode on other sites.
A visual indicator would really help me here.
I assume the reason you need to change the security slider from "Safest" (aka high) to "Safer" (aka medium) is to allow SVGs? Otherwise, you would just use the NoScript override to allow JS. But maybe there are other reasons, which definitely argues for working through some user stories as Arthur suggested.
Here are some additional thoughts that Kathy and I had after reading and thinking about the proposal:
- Some aspects of this design involve creating new UI for functionality that is handled under the covers by NoScript. We should think about how we will accomplish that integration. For example, should we contribute UI design assistance and patches to NoScript?
- There is some danger that redesigning things piecemeal that Tor Browser adds to Firefox will cause us to end up with a final result that is not as good as it could be. Specifically related to the security controls proposal, we should take time now to think about how each function that is currently in the Torbutton menu will be exposed. We may only have three items left: New Identity Tor Network Settings Check for Tor Browser Update
- We should think about how to best expose the current security slider level. If people change it often and then forget that they did so, we should consider making it very obvious what the active setting is, e.g., change the color and/or add a background pattern to the entire toolbar. We could also think about adding some kind of temporary mode for the security slider so it returns to the user's default level. It might be tricky to handle entering and leaving such a temporary setting though.