Hey y'all, here are some of my thoughts, which are also posted on the ticket [#9387] . I used my own terms here, made up on the spot, but please make me use yours if mine complicate the discussion.
After reading the ongoing discussion, here are my two Satoshi:
Splitting the JavaScript allowances between allowance setting positions on the slider could be confusing for people. It requires explaining what JavaScript is and what it does in detail, that is, presuming that explaining the settings in detail is necessary, and I think we are on the same page in thinking that it is. Alternatively, we can not explain the settings in detail, though that leaves people unclear as to what is actually happening, e.g., some JS is disabled/all JS is disabled, doesn't explain much.
However, whatever the number of allowance settings, and four seems to be the path forward from here, the details [what people see] should be written in human, not computer. Though maybe that could be toggled for those who prefer one or the other.
Regarding a 'Custom' allowance setting on the slider itself, that makes things a bit confusing. The slider could be the foremost front-end allowance settings option, inherently likening 'Custom' to 'Advanced'.
I agree that the allowance settings interface just after install should be the allowance settings interface in 'Preferences', as an attempt to lessen visual and mental fragmentation.
The tool tips for allowance setting positions are cool, but are hidden for most people. The always-on text for descriptions is better for full understanding of options/decisions, but takes up space. The always-on text for descriptions that is only visible at each allowance setting position fits in the middle of these two options but requires work, clicking and whatnot. Maybe, in addition to this middle option, the other unselected allowance setting position descriptions appear on hover, or in place, of the always-on text, as an alternative to grayed-out.
After reviewing TB 4.5 Alpha 2 [Mac]:
Setting security preferences could be a prompt in the second dialog, considering the first is the drag-to install dialog. I see benefit in not forcing people to make such decisions right away, but people are using TB for a reason, so maybe it can be expected.
'Cookie Protections' seems like a preference. What is cookie protection, IDK, so maybe this is an advanced setting.
'Proxy Settings' could be second after 'Privacy and Security Settings', however, 'Proxy Settings' seems like an advanced setting, maybe simplifying the experience for many people.
'Privacy Settings' and 'Security Level' could use some explaining. I would like to think that I am securing my data with the security settings, or, in other words, securing my privacy. Semantics could be important here. Are we only securing our anonymity?
I am all for the vertical slider, given the varying lengths in allowance setting position labels. We could move allowance setting position labels to the left of the slider with descriptions to the right. If we're only showing the current/selected allowance setting position description, this provides plenty of space for a more detailed explanation.
Questions:
Is there a visual flow of the dialogs and what they contain, or is it all in development text archives?
Is there an outlet for visuals, like wireframes?
Does there have to be a "tradeoff between features and security"? It is a big bite to take, but, can alternatives be written as stand-ins to replace the vulnerable features?
Awesome, SpencerOne
spencerone at openmailbox.org spencerone at openmailbox.org wrote:
Hey Georg!
Thanks! I jumped in on the discussion with some thoughts; I hope they provide some value.
Awesome, SpencerOne
Georg Koppen gk at torproject.org wrote:
Hi SpencerOne,
that fits perfectly. We are currently in the process of incorporating a security slider into Tor Browser which lets users choose between four different security levels: on the one end the slider allows the most features while on the other end promises you high security and is therefore restricting a bunch of browser features which are known to be risky security-wise. The big question now is: how do we get that idea transported to the user in the best possible way?
Ongoing discussion is happening in https://bugs.torproject.org/9387. For the current solution which still lacks some features (see the above mentioned ticket in our bugtracker for details) see our recently released 4.5-alpha-2: https://www.torproject.org/projects/torbrowser.html.en#downloads-alpha. You'll find our work-of-progress clicking on the green onion -> Preferences... -> Privacy and Security Settings.
Feedback and help is very much appreciated be it on this mailing list on the security slider ticket directly or on IRC in #tor-dev (I saw we missed us there). Oh, and if you are not interested in this particular issue, no worries we have plenty of other UX improvements we need. Just ask.
Georg