[tor-bugs] #9387 [Tor Launcher]: Tor Launcher/Torbutton should provide a "Security Slider"

Tor Bug Tracker & Wiki blackhole at torproject.org
Tue Aug 13 15:43:09 UTC 2013 

#9387: Tor Launcher/Torbutton should provide a "Security Slider"
-----------------------------------------------------+----------------------
 Reporter:  mikeperry                                |          Owner:  brade
     Type:  enhancement                              |         Status:  new  
 Priority:  major                                    |      Milestone:       
Component:  Tor Launcher                             |        Version:       
 Keywords:  tbb-usability, tbb-linkability, tbb-3.0  |         Parent:       
   Points:                                           |   Actualpoints:       
-----------------------------------------------------+----------------------

Comment(by mikeperry):

 Ok, it looks like we're starting to avalanche down the slippery slope
 here. Time to reign this back in to something reasonable in scope and
 purpose.

 First, I am not sure how we can easily disable compression short of some
 header filter that asks the server not to do it (which may or may not
 actually work against an active attacker, since the browser still actually
 does support it and likely will still decompress any compressed data it
 does receive). Also, we should wait to see if the browser vendors come up
 with a real solution to such attacks instead of trying to jump the gun on
 them and proactively disable shit as if it were an actual fix. I'm still
 as against that as I ever was. In fact, such temporary hacks definitely do
 not belong under this mechanism.

 Second, as for "somewhere in the middle" as a default, I'm also against
 that. If you have no idea what the slider does because you just clicked
 "Connect" without reading anything, you should not be subjected to a
 broken experience by default. The user will have no idea why or how to fix
 it, and their reaction will be to stop using the browser.

 Third, especially in its first revision, the slider should exist only to
 disable a few key items that already have prefs in either about:config or
 NoScript. It should have no more than 3 or 4 positions to avoid
 fragmentation of the anonymity set. This means several things will be
 grouped together under each tick.

 This ticket is solely about giving users in specific situations advanced
 opportunity to configure some security defaults in a way that does not
 damage their anonymity set too much, and also gives them advanced notice
 and opportunity to alter what some may perceive as permissive defaults.
 Everything else, including hijacking this ticket to alter defaults to re-
 disable a bunch of features we were just funded fix to make HTML5
 usability better, is out of scope.

-- 
Ticket URL: <https://trac.torproject.org/projects/tor/ticket/9387#comment:12>
Tor Bug Tracker & Wiki <https://trac.torproject.org/>
The Tor Project: anonymity online

More information about the tor-bugs mailing list