[tor-dev] Tor meets real users

[katmagic]

On Thu, 2011-05-12 at 10:59 -0400, Andrew Lewman wrote:
> A short while ago, I did a training for some activists from a country
> that is hostile to the Internet.  These people were some of the more
> technical people from their community.  There was a mix of Windows and
> OS X laptops in the session.  English was their third language, for
> added fun.
> 
> I walked them through finding tor browser bundle, downloading it,
> verifying it, unzipping it, and starting it.  Here was the first
> problem.  They couldn't find tbb on the download page.  Their comments
> were that all these files and releases on the page were confusing.
> They wanted just one thing to look at, pick their operating system, and
> go.  And they wanted the one thing to automatically detect their
> language preferences for tbb.

As Torbutton has taught us, browsers send quite a bit of information
with them. It seems like it would be helpful to automatically detect the
user's language and operating system, via the User-Agent and
Accept-Language headers.

> I ended up pointing them at tpo/torbrowser, which they also thought was
> confusing.  The aforementioned desires weren't satisfied on this page,
> but at least they could find their preferred language.  They all
> commented that back home, a 24MB file was too big, and can't they get
> it via bittorrent or some other piecemeal way?  A 24mb file would take
> hours to download.

Torrents are already auto-generated somewhere, though I can't seem to
find the link at the moment.

> Once they finally downloaded it, they all double clicked on their
> resulting zip file.  In fact, all of the mac people ended up
> downloading the windows tbb and unzipped it correctly.  In all cases,
> their operating system handled the zip file correctly. After fixing the
> mac people with mac tbb, we moved on to the next step.
> 
> None of them had pgp installed, and therefore no way to verify the .asc
> and zip file.

GPG4Win[1] somewhat usable, though it's still not as easy as Seahorse
and such on Linux. Doesn't Microsoft have a built-in way to digitally
sign binaries?
[1]: http://www.gpg4win.org/

> Most of them figured out to click inside the resulting folder and start
> the 'start tor browser' program.  For all of the macs, the tbb didn't
> start.  The people had to restart the system and then clicking on
> 'start tor browser' worked as expected.  
> 
> As tbb was starting up, nearly all of them clicked on 'start tor
> browser' one to three times more, because they didn't see anything
> starting up.  In fact, it was starting, it just wasn't instantaneous.
> I worry about forcing a splash screen that announces "I'm using Tor!"
> on the screen, but at the same time, it would let users know that tbb
> is starting.

This is a problem among many users, though one that is rather unrelated
to anything Tor-specific. The solution to this is probably better
startup notification systems, but that's very much out of scope for Tor.

> Once vidalia started, no one waited for tbb firefox to start, but
> rather started their own browser and tried to use it.  Once tbb firefox
> started up, in some cases, minutes later, they were confused.  Why
> didn't tbb firefox start right away instead of this useless vidalia
> control panel?  
> 
> A few of them felt the need to explore the vidalia control panel since
> we showed it to them.  As if to say, 'there are buttons you are showing
> me, I just click and explore.'

Maybe Vidalia should just start in the background and display a little
bubble at startup?

> Once tbb firefox started, they were ok with using firefox over tor just
> fine.  The first thing many of them did was to login to facebook or
> gmail over tor to see if it was different.  None of them verified the
> ssl cert presented for facebook or gmail logins.  For those that did
> login to gmail, gchat didn't work due to the lack of Flash in tbb
> firefox.  
> 
> We then tried to configure their chat clients for tor.  Adium on the
> mac was fairly easy.  The variety of clients on windows wasn't so
> easy.  A few wondered about logging in over ssl, but never did because
> the services didn't offer it (aol, msn, gchat).  I showed the windows
> people pidgin, but they liked their native apps and didn't see why one
> multi-protocol app was better.  

Google Chat, as it uses XMPP, has SSL support by default. Pidgin's
better because it has OTR and SOCKS support (minus the XMPP DNS
resolution thing), of course!

> The experience continued through pidgin with OTR, installing pgp for
> email and verifying files, and a general talk about openssl
> certificates, what they mean, and what verification of a cert entails.

Trying to get anyone, let alone 'real people', to understand the SSL
certificate model is futile.

> The relevant tor experience was what I wanted to communicate and for us
> to start thinking through ways to address it.  Perhaps Mike's desire
> for a anonymous browser is a correct path for usability and better
> anonymity for the user.  I believe torfox and torora have both come to
> the same conclusion (at different times) as well.

-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 836 bytes
Desc: This is a digitally signed message part
URL: <http://lists.torproject.org/pipermail/tor-dev/attachments/20110513/5b4bb727/attachment.pgp>