[tbb-bugs] #25197 [Applications/Tor Browser]: Design document isn't precise about "Security" and "Privacy".

Tor Bug Tracker & Wiki blackhole at torproject.org
Tue Oct 23 12:13:51 UTC 2018 

#25197: Design document isn't precise about "Security" and "Privacy".
--------------------------------------+--------------------------
 Reporter:  arthuredelstein           |          Owner:  tbb-team
     Type:  defect                    |         Status:  new
 Priority:  Medium                    |      Milestone:
Component:  Applications/Tor Browser  |        Version:
 Severity:  Normal                    |     Resolution:
 Keywords:  tbb-spec                  |  Actual Points:
Parent ID:  #25021                    |         Points:
 Reviewer:                            |        Sponsor:
--------------------------------------+--------------------------

Comment (by gk):

 Before the advent of the security slider "code security" was not on the
 radar of the design document. It's aim was (and still to a large extent
 is) to describe what we think a Private Browsing Mode should look like,
 not what a whole browser should look like. In that context "security
 requirements" and "privacy requirements" had/have some particular meaning.

 So, in that regard I think this bug is not really valid, especially as it
 is quite clear in the document what is meant with those concepts. Sure, it
 gets tricky once one does not have the PBM scope of the document in mind,
 but that's not unexpected.

 Now, I am fine if we want to refocus slightly and getting the bigger
 picture into the document which started with the security slider (and
 mentioning it in our design doc) and is intensifying with our planned
 sandboxing efforts.

 I don't want to give up on the distinction made between security and
 privacy requirements per se as that one seems useful. But I think we can
 relabel those. I've been thinking about:

 "security requirements" -> "safety requirements"
 "privacy requirements" -> "unlinkability requirements"

 both under the umbrella of what we would commonly call Private Browsing
 Mode and thus, they are privacy requirements.

 We can call the other one "code security" and put into it the slider but
 as well the updater we deploy and the update notifications over
 Tor(button). Later on all our sandboxing efforts can get into that part,
 too.

--
Ticket URL: <https://trac.torproject.org/projects/tor/ticket/25197#comment:4>
Tor Bug Tracker & Wiki <https://trac.torproject.org/>
The Tor Project: anonymity online

More information about the tbb-bugs mailing list