[tor-bugs] #25658 [Applications/Tor Browser]: Activity 2.1: Improve user understanding and user control by clarifying Tor Browser's security features

Tor Bug Tracker & Wiki blackhole at torproject.org
Fri Oct 26 12:59:02 UTC 2018


#25658: Activity 2.1: Improve user understanding and user control by clarifying Tor
Browser's security features
-------------------------------------------+---------------------------
 Reporter:  isabela                        |          Owner:  antonela
     Type:  project                        |         Status:  assigned
 Priority:  High                           |      Milestone:
Component:  Applications/Tor Browser       |        Version:
 Severity:  Normal                         |     Resolution:
 Keywords:  ux-team, TorBrowserTeam201810  |  Actual Points:
Parent ID:                                 |         Points:
 Reviewer:                                 |        Sponsor:  Sponsor17
-------------------------------------------+---------------------------

Comment (by gk):

 Replying to [comment:37 arthuredelstein]:
 > Replying to [comment:34 gk]:
 > > The security risks don't map the the underlying transport ot its
 security being used. The security risks we try to tackle are to a large
 part due to the *content* that gets transferred. Someone injecting this
 content on the path from server to user is an important risk but just one
 of those we need to defend against. This binding the security state to
 HTTP/HTTPS is not sufficient. Moreover, the strongest security we want to
 provide is something like the current "safest" option we have. We won't be
 able to enable this by default probably forever as the breakage is too
 high, irrespective of the transport being used.
 >
 > We have discussed this issue previously, but I wanted to try laying it
 out in more detail and see if that helps to clarify the different
 approaches. :)

 > Design (2), proposed in comment:33:
 > || || Unblocked || Blocked ||
 > || HTTP || || WebFont, blob, SVG, scripts, WebGL, Video, Audio,
 WebAudio, MathML, JIT ||
 > || HTTPS || WebFont, blob, SVG, scripts, WebGL, Video, Audio, WebAudio,
 MathML, JIT || ||

 Just reply to this item: That's not proposed in comment:33. Here is what
 antonela wrote:
 {{{
  Again: I think that the best way to improve the security slider is
 removing the slider component. As mentioned before, the slider is a UI
 artifact that doesn't add any value to this settings. Instead, it confuses
 users about their benefits on upgrade or downgrade.

 If we could simplify the security settings into a boolean option, we will
 follow the current Firefox approach on settings both in desktop and in
 mobile, and we will help users by making it easier to understand the
 trade-off: "Do I trust in this site?"
 }}}
 So, comment:33 proposes to reduce the slider from three options to two *in
 general* and bind all the security features to the transport. But you want
 to keep "safest", "safer", and "standard" but redo the "safer" option. So,
 these are different things.

--
Ticket URL: <https://trac.torproject.org/projects/tor/ticket/25658#comment:38>
Tor Bug Tracker & Wiki <https://trac.torproject.org/>
The Tor Project: anonymity online


More information about the tor-bugs mailing list