[tbb-bugs] #25658 [Applications/Tor Browser]: Activity 2.1: Improve user understanding and user control by clarifying Tor Browser's security features
Tor Bug Tracker & Wiki
blackhole at torproject.org
Fri Mar 22 11:32:02 UTC 2019
#25658: Activity 2.1: Improve user understanding and user control by clarifying Tor
Browser's security features
-------------------------------------------------+-------------------------
Reporter: isabela | Owner:
| antonela
Type: project | Status:
| needs_information
Priority: High | Milestone:
Component: Applications/Tor Browser | Version:
Severity: Normal | Resolution:
Keywords: ux-team, GeorgKoppen201812, | Actual Points:
TorBrowserTeam201903, tbb-8.5 |
Parent ID: | Points:
Reviewer: | Sponsor:
| Sponsor17
-------------------------------------------------+-------------------------
Comment (by gk):
Replying to [comment:109 antonela]:
> Replying to [comment:107 gk]:
>
> > What I mean is not a redesign of how per-site security settings should
work but we thought about making site-specific settings _as they are
available today_ accessible. Ideas we had were outlined in section 2.2 of
the proposal.
>
> Got it! I approached a UI for what is described at 2.2.
>
> [[Image(https://trac.torproject.org/projects/tor/raw-
attachment/ticket/25658/25658%20-%202.2.png, 700px)]]
The control center looks good to me. For the URL bar see more below.
> Questions:
>
> - ` By default only the option to temporarily allow JavaScript would be
visible.` When? On the Default level? Or in all security levels?
Only when a security level would block it, I think. I think the active
content one should at least be visible if a user clicked on a click-to-
play icon and got, e.g. WebGL going. But we could have that for a future
iteration if we wanted.
> - What happens when user enable/disable JS or Active Content? Should
they reload to apply effects?
Yes.
> - We cannot prompt users to enable JS for each website who wants to use
JS. How are we going to balance it? One option could be to not prompt
users but enable it automatically and giving users visual feedback at the
URL bar with the colored icon. If this is the road we are going to take,
then we should expose this in global settings as an opt-in.
It's meant to be used as a feature for power users, ideally never ever.
So, no, I would not want to prompt users. I think we could have a little
icon in the URL bar grayed out, and that's it as an indicator. I wonder
whether we should put this icon on the right side of the URL bar, though,
given that users might click on it by accident when they only wanted to
see the circuit being used.
> - Can users save trusted sites in any safe way? Those trusted sites
could have JS enabled, even if the global security level is `Safest`.
I don't know yet. We could think about saving those permissions in a
future iteration. In general, I am a bit reluctant to optimize things for
power users, in particular as the slider should not used that way, or only
with great care.
> - The gear icon at the Control Center goes to `about:preferences#privacy
Permissions`. Should we incorporate JS and Active Content as an option
there too?
No. The permissions we give are site-specific (which is why they are in
the URL bar) but do not apply to the whole browser session (which those on
the preferences pane do). We should not mix that (in fact one of our big
goals with the redesign was to make that distinction clearer).
--
Ticket URL: <https://trac.torproject.org/projects/tor/ticket/25658#comment:111>
Tor Bug Tracker & Wiki <https://trac.torproject.org/>
The Tor Project: anonymity online
More information about the tbb-bugs
mailing list