[tor-bugs] #9387 [Tor Launcher]: Tor Launcher/Torbutton should provide a "Security Slider"
Tor Bug Tracker & Wiki
blackhole at torproject.org
Thu Mar 5 13:06:27 UTC 2015
#9387: Tor Launcher/Torbutton should provide a "Security Slider"
-------------------------+-------------------------------------------------
Reporter: | Owner: gk
mikeperry | Status: new
Type: | Milestone:
enhancement | Version:
Priority: major | Keywords: tbb-security, tbb-usability, tbb-
Component: Tor | linkability, tbb-3.0, extdev-interview, tbb-
Launcher | isec-report, tbb-4.5-alpha,
Resolution: | TorBrowserTeam201503
Actual Points: | Parent ID:
Points: |
-------------------------+-------------------------------------------------
Comment (by mikeperry):
GK and I spent some time discussing strings for each position. Our plan is
to create a set of vbox's, one for each position, and hide all of them
except for the relevant one. Each vbox will have some set of DTD elements
describing the features of that position of the slider, as well as
tooltips to describe technical details for some options. Tooltips are in
brackets. Roughly each line/bullet point will correspond to a separate DTD
element.
{{{
======= Low ===========
At this security level, all browser features are enabled.
This is the most usable experience.
======= Medium-Low ===========
At this security level, the following changes apply:
* HTML5 video and audio media become click-to-play via NoScript.
* Some Javacript performance optimizations are disabled.
Scripts on some sites may run slower.
[ION JIT, Type Inference, ASM.JS]
* Some mechanisms of displaying math equations are disabled.
[MathML]
======= Medium-High ===============
At this security level, the following changes apply:
* HTML5 video and audio media become click-to-play via NoScript.
* All Javacript performance optimizations are disabled.
Scripts on some sites may run slower.
* Some mechanisms of displaying math equations are disabled.
[MathML]
* Some font rendering features are disabled.
[The Graphite font rendering mechanism is disabled]
* Some types of images will be disabled.
[SVG images fonts are disabled]
* Javascript is disabled by default on all non-HTTPS sites.
(Javascript can be enabled on a per-site basis via the NoScript toolbar
button).
======= High ==========
At this security level, the following changes apply:
* HTML5 video and audio media become click-to-play via NoScript.
* All Javacript performance optimizations are disabled.
Scripts on some sites may run slower.
* Some mechanisms of displaying math equations are disabled.
[MathML]
* Some font rendering features are disabled.
[The Graphite font rendering mechanism is disabled]
* Some types of images will be disabled.
[SVG images fonts are disabled]
* Javascript is disabled by default on all sites.
(Javascript can be enabled on a per-site basis via the NoScript toolbar
button).
* Most audio and video formats are disabled.
[WebM is the only codec that remains enabled]
* Some fonts and icons may display incorrectly.
[Website-provided font files are blocked]
}}}
--
Ticket URL: <https://trac.torproject.org/projects/tor/ticket/9387#comment:82>
Tor Bug Tracker & Wiki <https://trac.torproject.org/>
The Tor Project: anonymity online
More information about the tor-bugs
mailing list