[tor-dev] Improving Private Browsing Mode/Tor Browser
Mike Perry
mikeperry at fscked.org
Thu Jun 23 19:02:41 UTC 2011
Thus spake Robert Ransom (rransom.8774 at gmail.com):
> On Thu, 23 Jun 2011 11:19:45 -0700
> Mike Perry <mikeperry at fscked.org> wrote:
>
> > So perhaps Torbutton controlled per-tab proxy username+password is the
> > best option? Oh man am I dreading doing that... (The demons laugh
> > again.)
>
> If you do this, you will need to give the user some indication of each
> tab's ???compartment???, and some way to move tabs between compartments.
>
> Coloring each tab to indicate its compartment may fail for anomalous
> trichromats like me and *will* fail for more thoroughly colorblind
> users. Putting a number or symbol in each tab will confuse most users.
>
> I suggest one compartment per browser window. (Of course, you can and
> should leave more detailed hooks in the browser's source if possible,
> in case someone wants to experiment with a different scheme.)
As soon as I sent the previous email, I wanted to edit it to change
"per-tab" to something else. I think any kind of per-tab and
per-window isolation does not correspond to how people have been
trained to use their existing browsers.
In fact, I think we should also treat this linkability just like the
window.name and referer. So, how about we set the Proposal 171 SOCKS
username to a function of the hostname in the referer header (possibly
caching the first referer for subsequent link navigation). If the
referer is blank, use the request URL hostname. This policy should
effectively give us the top-level origin isolation we want for other
identifiers.
--
Mike Perry
Mad Computer Scientist
fscked.org evil labs
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 189 bytes
Desc: not available
URL: <http://lists.torproject.org/pipermail/tor-dev/attachments/20110623/53798714/attachment.pgp>
More information about the tor-dev
mailing list