[tor-bugs] #25658 [Applications/Tor Browser]: Activity 2.1: Improve user understanding and user control by clarifying Tor Browser's security features

Tor Bug Tracker & Wiki blackhole at torproject.org
Thu Nov 1 18:49:13 UTC 2018 

#25658: Activity 2.1: Improve user understanding and user control by clarifying Tor
Browser's security features
-------------------------------------------+---------------------------
 Reporter:  isabela                        |          Owner:  antonela
     Type:  project                        |         Status:  assigned
 Priority:  High                           |      Milestone:
Component:  Applications/Tor Browser       |        Version:
 Severity:  Normal                         |     Resolution:
 Keywords:  ux-team, TorBrowserTeam201810  |  Actual Points:
Parent ID:                                 |         Points:
 Reviewer:                                 |        Sponsor:  Sponsor17
-------------------------------------------+---------------------------

Comment (by antonela):

 **2.1.1 Removing HTTPS Everywhere and NoScript from the Toolbar** - Done

 **2.1.2 Showing Security Slider State**

 Since the shield icon is being used by Firefox for the Content Blocking
 feature, I made a new one for the Tor Security Settings.
 I think is better if when users click to the icon, they go directly to
 `about:preferences#security` page.

 Both Safer and Safest levels will have the firefox violet active color
 once active.
 Both Safer and Safest levels will have permissions per-site.

 **2.1.2.X Change Security Level and Reload to Apply Changes**

 As we discussed, once a user changes the security level Tor Browser needs
 to reload to apply changes. The safest way to do it is loading a new
 identity.

 **2.1.3 Reorganizing the Toolbar - Done**

 **2.2 Dealing with Per-Site Security Settings**

 Safer level will allow enabling javascript per session.
 Safest level will allow enabling javascript and active content per
 session.

 **3.x Restore Default Security Settings**

 When a user wants to have the global Security Settings back to default, it
 will click at "Restore to defaults" in about:preferences#security and a
 prompt will appear to confirm the Restart with a new identity.

 When a user wants to have their current per-site Preference back to
 default (nothing allowed), it can use the [x] at the control center, and a
 message will appear, as current firefox, "You may need to reload to apply
 changes."

--
Ticket URL: <https://trac.torproject.org/projects/tor/ticket/25658#comment:48>
Tor Bug Tracker & Wiki <https://trac.torproject.org/>
The Tor Project: anonymity online

More information about the tor-bugs mailing list