[tor-dev] Rethinking Bad Exit Defences: Highlighting insecure and sensitive content in Tor Browser

nusenu nusenu at openmailbox.org
Tue Mar 28 18:03:00 UTC 2017

Tom Ritter:
> It seems reasonable but my first question is the UI. Do you have a
> proposal?  The password field UI works, in my opinion, because it
> shows up when the password field is focused on. Assuming one uses the
> mouse to click on it (and doesn't tab to it from the username) - they
> see it.

Depending on how "intrusive" you want to be you could hide the
bitcoin/onion addresses with an overlay similar how NoScript (used to?)
hide flash content and make it visible after clicking on it and
acknowledging a warning.

-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 801 bytes
Desc: OpenPGP digital signature
URL: <http://lists.torproject.org/pipermail/tor-dev/attachments/20170328/a6125e68/attachment.sig>

More information about the tor-dev mailing list