[tor-dev] Tor meets real users

Andrew Lewman andrew at torproject.org
Wed May 18 19:37:28 UTC 2011

On Fri, 13 May 2011 00:25:00 -0700
Lucky Green <shamrock at cypherpunks.to> wrote:
> Easily solved. A download page should be workflow based. You can lay
> it out as columns or successive pages. Example:

We have this, sort of, at

> The first issue is the UE problem, meaning page design bug, of giving
> the user choices inside the default work flow of having to select a
> particular product, such as tpo/torbrowser. There should only be one
> default choice per OS.

If we used javascript to magically detect their preferred language,
then we could default the page to that, for their OS too.

> The other issue has too sub-issues. The first sub-issue is that users
> can be whiny, as they are here. How are those users with their shiny
> MacOS laptops getting OS updates? How large are those OS updates? How
> big was that last iTunes update? Oh, those updates are larger than 24
> MB?

Assume for this set of users, everything is possibly not legally
obtained. They swap cdroms and usb drives around.  They may not be able
to legally buy the software in their home country.  

> The second sub-issue (only useful to know after having figured out the
> first) is which download options to offer as part of the regular work
> flow. http/our download manager/BT are common, but that doesn't
> necessary make them the correct choices for Tor.

I was thinking of thandy/secure updater here.  They download one tiny
thandy-stub program, which then does the rest via https or bittorrent.

> > None of them had pgp installed, and therefore no way to verify
> > the .asc and zip file.
> That is to be expected. (And I am confident was expected by Andrew).

Yes, expected.

> > Most of them figured out to click inside the resulting folder and
> > start the 'start tor browser' program.  For all of the macs, the
> > tbb didn't start.  The people had to restart the system and then
> > clicking on 'start tor browser' worked as expected. 
> Bug of some sort. (Possibly in the installer not prompting the user
> for the required reboot).

It's a bug.  There is no installer for TBB by design.  It should just
unzip and work.

> You are striving for user notification of actions in 3/10th of a
> second. Anything more than that and the user will perceive lag. Note
> that 3/10 of a second is plenty of time to load a stub that reads
> "Please wait, Tor is loading". Take much longer after that notice is
> presented to the user for the final app to load and you'll want some
> visual indicator of progress, such as a spinning ball.

Something optional that loads the first time, with a check
box that says 'never load this message again' would also work.

> Again, multiple issues here. Clearly the browser is loading too
> slowly, which may be inherent to the browser. If so - and if it is
> not possible to make the browser load faster by stripping it down -
> you are using the wrong default browser. Obvious area to explore here
> is how fast the users' regular browsers are loading. Must be faster
> than tbb firefox or they wouldn't have been able to start their own
> browsers in the interim. Figure out why their default browsers are
> loading faster and go from there.

This is firefox, stripped down already.  I think the problem here isn't
that firefox was a dog on OSX, because it loaded fast on the window's
systems, but rather they didn't even know a browser was going to load.  

> UE design bug. The user should only be presented with UI elements that
> the user needs to interact with to complete the task. Anything else
> should be buried in a "Tools" (think Chrome) menu or Tray icon. If
> what you are loading is a new browser, there shouldn't even be a Tray
> icon, but an additional button or sub-menu in the browser.

I like what TAILS has done here.  They strip out all of the
configuration options from Vidalia, so you can't click to change any

> The Tor Project would do well to not ADHD its activities into fixing
> all security ills of this world, such as email encryption, full disk
> encryption, or how to secure data once it leaves the exit node. 

If not us, then who?  ;)  Yes, I agree, but users invariably ask us
about this stuff because we all use it daily.

> We do not
> know how to achieve this goal given the present state of the art in
> computer science.

Well, I look at TAILS and Haven as two anonymous OSes that make strides
towards this.  Anonymous and mostly-secure by default enforce the
'power of the defaults'. 

And yes, your comments are always welcome.

pgp 0x74ED336B

More information about the tor-dev mailing list