[tbb-bugs] #25658 [Applications/Tor Browser]: Activity 2.1: Improve user understanding and user control by clarifying Tor Browser's security features

Tor Bug Tracker & Wiki blackhole at torproject.org
Wed Oct 24 17:57:33 UTC 2018 

#25658: Activity 2.1: Improve user understanding and user control by clarifying Tor
Browser's security features
-------------------------------------------+---------------------------
 Reporter:  isabela                        |          Owner:  antonela
     Type:  project                        |         Status:  assigned
 Priority:  High                           |      Milestone:
Component:  Applications/Tor Browser       |        Version:
 Severity:  Normal                         |     Resolution:
 Keywords:  ux-team, TorBrowserTeam201810  |  Actual Points:
Parent ID:                                 |         Points:
 Reviewer:                                 |        Sponsor:  Sponsor17
-------------------------------------------+---------------------------

Comment (by antonela):

 back to game - from Geko's proposal

 [https://lists.torproject.org/pipermail/tbb-dev/2018-March/000799.html]

 **2.1.1 Removing HTTPS Everywhere and NoScript from the Toolbar**
 Agreed. Wondering how we will handle HTTPSE for .onion improvements. But I
 know, is further problem. Let's stick to this idea for now.

 **2.1.2 Adding a Security Settings Button to the Toolbar**
 As discussed previously, expose the security settings to the toolbar is a
 good addition, but it does not solve the real problem. I've tried a couple
 of options before in this thread.

 Also, in order to keep the cohesion between the UI components behavior, we
 agreed that global settings would live at `about:preferences.`

 **2.2 Dealing with Per-Site Security Settings**

 We agreed to move site-specific settings to the Control Center (url bar's
 doorhanger). I made a mockup to illustrate this iteration.

 Unfortunately, Firefox is using a shield icon to illustrate the Block
 Content aka Tracking Protection feature. This is cool, too. But, I agreed
 that could be confusing for users using the same kind of icon to show our
 Tor Browser protections. Perhaps a lock icon, which is also related to
 security topics, would help us.

 https://trac.torproject.org/projects/tor/attachment/ticket/25658/25658%20-%206.0.png

 Again: I think that the best way to improve the security slider is
 removing the slider component. As mentioned before, the slider is a UI
 artifact that doesn't add any value to this settings. Instead, it confuses
 users about their benefits on upgrade or downgrade.

 If we could simplify the security settings into a boolean option, we will
 follow the current Firefox approach on settings both in desktop and in
 mobile, and we will help users by making it easier to understand the
 trade-off: "Do I trust in this site?"

 My idea is to have our Security Protection ON by default on `HTTP` sites
 and OFF by default on `HTTPS` sites. For sure, it could be easy changed
 via global settings at `about:preferences`.  I'm happy to hear your
 thoughts about it.

 With the boolean option, this will look more like

 ON: HTTP protected, HTTPS protected
 OFF: HTTP protected, HTTPS unprotected

 https://trac.torproject.org/projects/tor/attachment/ticket/25658/25658%20-%206.1.png

 With this scenario, we are increasing Tor Browser security by default. The
 Control Center will contain the settings that affect the current tab. When
 the Security Protection is ON, as mentioned in the proposal, the user
 could be able to temporary enable JS or any other item to improve the
 website performance.

 https://trac.torproject.org/projects/tor/attachment/ticket/25658/25658%20-%206.2.png

 Also, following Firefox behavior, the small gear icon at the right side
 will move users to the general settings `about:preferences`.

 **General Settings - about:preferences#security**

 The settings which affects all tabs are global. Global settings live under
 about:preferences. Naturally, Security settings must go under
 `about:preferences#security`. We need to define which options we will
 expose to users here. A quick approach here (copy up to review/creation)

 https://trac.torproject.org/projects/tor/attachment/ticket/25658/25658%20-%206.3.png

 **Report breakage of sites**

 We need a secure way for tor browser users to report breakage of sites. It
 is important to securely measure how much we are degrading users browsing
 performance and also to have better suggestions for websites owners on how
 to improve it for their visitant's security. We could include an item at
 the hamburger menu, as shown here. It deserves their own proposal, tho.
 I'm opening it to a discussion, and I'll be happy if Metric's team folks
 join us on it.

 https://trac.torproject.org/projects/tor/attachment/ticket/25658/25658%20-%206.4.png

 ----
 If we are solid with this approach, **next steps** are:

  * Define `about:preferences#security` items
  * Define a name for the feature that can recall on users about it
 benefits. Options I explored: Security Shield, Security Protection, Tor
 Security
  * Make a clickeable prototype so we can explore and test different user
 flows
  * Discover, plan and review all different user scenarios for each
 disabled feature

--
Ticket URL: <https://trac.torproject.org/projects/tor/ticket/25658#comment:33>
Tor Bug Tracker & Wiki <https://trac.torproject.org/>
The Tor Project: anonymity online

More information about the tbb-bugs mailing list