[tbb-bugs] #24351 [Applications/Tor Browser]: Block Global Active Adversary Cloudflare
Tor Bug Tracker & Wiki
blackhole at torproject.org
Sun Dec 31 08:26:28 UTC 2017
#24351: Block Global Active Adversary Cloudflare
-------------------------------------------------+-------------------------
Reporter: nullius | Owner: tbb-
| team
Type: enhancement | Status:
| reopened
Priority: High | Milestone:
Component: Applications/Tor Browser | Version:
Severity: Major | Resolution:
Keywords: security, privacy, anonymity, mitm, | Actual Points:
cloudflare |
Parent ID: #18361 | Points:
Reviewer: | Sponsor:
-------------------------------------------------+-------------------------
Comment (by cypherpunks):
> Medium
> Cloudflare websites's title and favicon are changed, so the user can
notice it.
> (from add-on's settings: "Don't show warning message; just change title
and favicon")
>> I myself would want the option to either warn or block at this level.
I think "warning" is enough for this "medium" level.
"Block" is for the "High" level, just IMO.
Next, what text should be added to TorButton's level description?
> Tor Browser Security Settings
> Low: (not changed)
> Medium: "The title and icon is changed in MITM proxied websites."
> High: "MITM proxied websites are blocked. Whitelist is not permanent."
-----
> if nobody noticed that in the past few years, then very few people
> (including TBB devs) ever surf with the slider on “High”.
Wikipedia's math webpage, right? I know and I don't care about it.
I use TorButton's high level all the time, and the level descrption
clearly states:
"Some font rendering features are disabled"
It's a trade-off. Or maybe someone can fix it.
--
Ticket URL: <https://trac.torproject.org/projects/tor/ticket/24351#comment:47>
Tor Bug Tracker & Wiki <https://trac.torproject.org/>
The Tor Project: anonymity online
More information about the tbb-bugs
mailing list