[tbb-bugs] #17103 [Tor Browser]: Shoulder Browsing/ Low tech surveillance
Tor Bug Tracker & Wiki
blackhole at torproject.org
Fri Sep 18 03:07:29 UTC 2015
#17103: Shoulder Browsing/ Low tech surveillance
------------------------------+--------------------------
Reporter: elypter | Owner: tbb-team
Type: project | Status: new
Priority: normal | Milestone:
Component: Tor Browser | Version:
Keywords: shoulderbrowsing | Actual Points:
Parent ID: | Points:
------------------------------+--------------------------
Torbrowser is good for hiding the identity of the user from an adversary
on the network but what if the adversary is behind his back? often people
have to fear low tech surveillance. either they have no way to privately
access a computer (cameras / people in a public place / espionage /
oppressors) or they dont have an own computer. To make the life of those
people a bit safer Torbrowser could have a stealth mode that provides
visual protection in 3 different stages:
Making Torbrowser pretend being Firefox:
-Torbrowser should have 2 different profiles. the normal one with
torbutton, noscript and all the customizations that the user made and the
carmouflage one that looks like an ususpicious firefox used in the
environment the user wants to blend in.
-both should run at the same time. the current page that is being shown
should be the one the user actually wants to read. the whole interface of
firefox should be the one of the carmouflage profile. the normal one only
gets shown if the user holds down the alt key.
-if the carmouflage interface is being used(not pressing alt) then it
behaves like the carmouflage profile. clicking on bookmarks shows the
carmouflage bookmarks, clicking on a tab shows the carmouflage tab...
so even if someone gets in control over the computer before the user can
click a panic button he wont see more than the current site the user is
looking at.
-ctrl+w could be the low danger panic button (closes current tab and show
unsuspicous tab instead)
-F4 could be the high danger panic button (close torbrowser immediately
and remove itself from disk)
Carmouflaging the content of the website:
-Animations and addons should be click to view
-Big text would be made small
-Big images would be click to view
-Audio would be disabled by default
-Plugins would be click to view
Carmouflaging that a browsr is being used at all by
making Torbrowser look like another application(in addition to the normal
website carmouflage):
-Remove borders and title bar.
-Place torbrowser where the text field of an unsuspicious application is
like inside MS outlook (ghostzilla and ghostfox did this)
-Hide the user interface (only show using alt)
-All text would be default color
-Buttons and other ui elements should mimic normal text
-no visual styles, no background color, no text backround
-Small images would be monochrome or greyscale
-Websites would be editable
-changing what is viewed under the torbrowser window would make it
disappear (like opening another mail in outlook)
-scrolling below or above the end or the beginning of a website scrolls in
what is behind the torbrowser. if the torbrowser is not visible anymore it
disappears and leaves the original background behind. the same can be done
deleting the whole page using backspace.
ps: writing about this made me remember tiny invaders :)
http://web.archive.org/web/20021003230748/http://www.tinywindowsgames.com/tiny/
(the compendium dl works)
--
Ticket URL: <https://trac.torproject.org/projects/tor/ticket/17103>
Tor Bug Tracker & Wiki <https://trac.torproject.org/>
The Tor Project: anonymity online
More information about the tbb-bugs
mailing list