[tor-bugs] #25658 [Applications/Tor Browser]: Activity 2.1: Improve user understanding and user control by clarifying Tor Browser's security features

Tor Bug Tracker & Wiki blackhole at torproject.org
Fri Nov 2 15:56:37 UTC 2018 

#25658: Activity 2.1: Improve user understanding and user control by clarifying Tor
Browser's security features
-------------------------------------------+---------------------------
 Reporter:  isabela                        |          Owner:  antonela
     Type:  project                        |         Status:  assigned
 Priority:  High                           |      Milestone:
Component:  Applications/Tor Browser       |        Version:
 Severity:  Normal                         |     Resolution:
 Keywords:  ux-team, TorBrowserTeam201810  |  Actual Points:
Parent ID:                                 |         Points:
 Reviewer:                                 |        Sponsor:  Sponsor17
-------------------------------------------+---------------------------

Comment (by kevun):

 Replying to [comment:48 antonela]:
 > **2.1.1 Removing HTTPS Everywhere and NoScript from the Toolbar - Done**
 >
 > **2.1.2 Showing Security Slider State**
 >
 > Since the shield icon is being used by Firefox for the Content Blocking
 feature, I made a new one for the Tor Security Settings.
 >
 > I think is better if when users click to the icon, they go directly to
 `about:preferences#security` page.
 >
 > Both Safer and Safest levels will have the firefox violet active color
 once active.
 > Both Safer and Safest levels will have permissions per-site.
 >
 > **2.1.2.X Change Security Level and Restart to Apply Changes**
 >
 > As we discussed, once a user changes the security level Tor Browser
 needs to restart to apply changes. The safest way to do it is restarting
 with a new identity.
 >
 > **2.1.3 Reorganizing the Toolbar - Done**
 >
 > **2.2 Dealing with Per-Site Security Settings**
 >
 > Safer level will allow enabling javascript per session.
 > Safest level will allow enabling javascript and active content per
 session.
 >
 > **3.x Restore Default Security Settings**
 >
 > When a user wants to have their current per-site Preference back to
 default (javascript nor active content allowed), it can use the [x] at the
 control center and a message will appear, as current firefox, "You may
 need to reload to apply changes."
 >
 > When a user wants to have the global Security Settings back to default,
 then they can click to "Default" in about:preferences#security and a
 prompt will appear to confirm the Restart with new identity.
 >
 >
 > Here is the concept. If all the details above are ok, I'll update the
 prototype.
 >
 >
 https://trac.torproject.org/projects/tor/attachment/ticket/25658/25658%20-%208.png

 I love the way this looks. The only thing I see here that might be a bit
 confusing is that Safer and Safest have the same icon on the UI.

--
Ticket URL: <https://trac.torproject.org/projects/tor/ticket/25658#comment:51>
Tor Bug Tracker & Wiki <https://trac.torproject.org/>
The Tor Project: anonymity online

More information about the tor-bugs mailing list