[tor-bugs] #9387 [Tor Launcher]: Tor Launcher/Torbutton should provide a "Security Slider"
Tor Bug Tracker & Wiki
blackhole at torproject.org
Tue Feb 3 21:40:44 UTC 2015
#9387: Tor Launcher/Torbutton should provide a "Security Slider"
-------------------------+-------------------------------------------------
Reporter: | Owner: gk
mikeperry | Status: new
Type: | Milestone:
enhancement | Version:
Priority: major | Keywords: TorBrowserTeam201502, tbb-security,
Component: Tor | tbb-usability, tbb-linkability, tbb-3.0,
Launcher | extdev-interview, tbb-isec-report,
Resolution: | tbb-4.5-alpha
Actual Points: | Parent ID:
Points: |
-------------------------+-------------------------------------------------
Comment (by mikeperry):
Replying to [comment:74 gk]:
> mikeperry: This is the comment to commit
7975b2023d5dc9bc0437cb5d5fbfe539448900e4: Originally, I had a similar idea
but just looking at the particular security level and binding the custom
pref to it is wrong I think. We need to think about the custom setting
being bound to the *whole* slider instead. And here is why: Level 4 (or
"high") is not only about setting the preferences in the High section in
comment:43 but rather all the preferences in Low-Medium/Low-Medium/High
must be set accordingly as well in order to guarantee the full protection
AND making sure there are only 4 partitions of users if they stick to the
slider and don't prefer custom settings. Or take the default mode: if one
selects the default mode but disables JavaScript then first of all this is
no default mode anymore even if no particular preference in that mode is
changed. Doing this is pretty dangerous as we could easily get some users
that are in default mode but have JavaScript disabled and some that are in
that mode but have it enabled. And then maybe some that have
media.audio.enabled and some not, leading to a much larger partition than
is good for our users.
>
> Hence just the check if any of the security slider related preferences
got touched. If so, AND we are not in custom mode, set the custom
checkbox. The only way to set it back currently is via the Torbutton menu.
We could think about an additional option: if the user manages it to
manually set all the security slider related preferences back to their
respective values (which is depending on the current slider level) then
uncheck the custom checkbox as well.
>
> Still guessing at the meaning of the comment a bit: `m_tb_sliderUpdate`
is only set if we set the slider level on the Torbutton dialog which is
only possible if the custom checkbox is unchecked. Thus, the reasoning was
if we get the notification AND `m_tb_sliderUpdate` is not set AND we are
not in custom mode we can just set it without checking the value of any
pref.
Well, the way I use the slider in the high position is as a default state.
I frequently temporarily allow many sites via NoScript, and sometimes if a
site needs to perform many redirects, I globally enable script permissions
for a bit, and then disable them later. I think it is this global script
enable that is causing my slider to get stuck in the "Custom" position.
So, in my opinion, this means two things:
1. I think that the slider should recognize that when I globally disable
scripts again, "Custom" should become unchecked. Really, I think this
should be the case for all of our prefs, but globally enabling/disabling
JS is facilitated by our NoScript UI (for good reason) and may be common.
1. I think the slider shouldn't actually become locked if "Custom" is set.
I should be able to drag it and go back to one of the official positions,
which would uncheck "Custom" and reset all the prefs appropriately.
--
Ticket URL: <https://trac.torproject.org/projects/tor/ticket/9387#comment:76>
Tor Bug Tracker & Wiki <https://trac.torproject.org/>
The Tor Project: anonymity online
More information about the tor-bugs
mailing list