[ux] collaborating on the redesign of the connection to Tor in Tor Browser and Tails

sajolida sajolida at pimienta.org
Thu Apr 1 00:54:00 UTC 2021 

Antonela D:
 > I don't think we have the same end product design goal here.

Indeed. This became clear after reading your answer.

 > For Tor Browser, automatically connecting to Tor aims to be the
 > default in the short future.

Thanks for the clarification. I remembered a different vision from early 
discussions with David Fifield and Linda Lee back in Valencia 2016.

I remembered that, at that time, they also wanted to be careful not to 
automate too much autodetection and appearing too obviously as Tor 
Browser on the local network unless the user consented to this.

But I understand that your vision for Tor Browser has changed since then 
and is now focused on circumvention. I'll try to limit my answers to 
what would still matter to both Tor Browser and Tails, given these 
different visions.

 > In Tails, I see a resistance to make it happen.

Indeed, it's still important to our team to allow users to keep a low 
profile on their local network as much as possible. This might be 
relevant for people connecting to Tor from work (whistleblowers) or from 
home (domestic violence survivors).

For example, some parental controls can detect Tor and probably raise 
alerts when detected: https://www.mbreviews.com/pcwrt-router-review/.

The "Hide Tor" option that we designed for Tails might prevent you from 
being busted by your husband or your boss. It might still be better for 
you to use Tails with bridges, than not to use Tails at all.

 > How  joining the narrative that criminalizes users will help in
 > encouraging mainstream adoption? If Tor is criminalized in some
 > country, do we trust _just_ in a bridge to keep the user safe? Are you
 > oversimplifying the threat model or offering technical solutions to
 > social problems?

Good point. I'll discuss this with my team.

 >     2. Why a OONI vanilla test?
 >
 > [...]
 >
 > Here is the referred ticket
 > https://gitlab.torproject.org/tpo/applications/tor-browser/-/issues/23838

I'm tracking it now on GitLab :)

 >> 3. Why are you pausing the flow in case of interference in
 >>    autoconfig?
 >
 > We are not. If quickstart is enabled, the bridge wants to autoload and
 > the bootstrap starts again.

Understood.

 >> « Tor encrypts and anonymizes your connection by passing it through 3
 >> relays. Tor relays are servers operated by different people and
 >> organizations around the world. »
 >
 > Lovely. I like the idea to highlight "Encrypts and anonymizes". Some
 > connections don't have 3 relays, though.

Right, circuits for onion services don't have 3 relays. Outside of onion 
services, all circuits have 3 relays, correct?

Given the scope of the text and my experience observing users reading 
this while discovering Tor, I feel like simplicity is more important 
than technical accuracy to include the special case of onion services:

- Putting a number helps people build a mental model of the (usually) 3
   relays and how they help hiding your traffic and location.
- Stating that it's 3 helps debunk the myth that having more relays
   would add more anonymity, which is still common.

But maybe someone will propose a phrasing that combines both the 
simplicity and the technical accuracy.

 > Also, I feel "volunteers" is
 > stronger and renders a better statement of the infrastructure
 > ownership.

I'll try to combine both and test "Organizations and volunteers".

 >> « Bridges are secret Tor relays that hide that you are connecting
 >> to Tor. Use a bridge as your first Tor relay if connecting to Tor is
 >> blocked or criminalized, for example in China, on some public or
 >> corporate networks, or parental controls. »
 >
 > I'd avoid naming countries as examples
 > since the political narrative moves faster than our UI updates :)

Sure. I'll do that.

-- 
sajolida
Tails — https://tails.boum.org/
UX · Fundraising · Technical Writing


-------------- next part --------------
A non-text attachment was scrubbed...
Name: OpenPGP_signature
Type: application/pgp-signature
Size: 840 bytes
Desc: OpenPGP digital signature
URL: <http://lists.torproject.org/pipermail/ux/attachments/20210401/a326d63a/attachment-0001.sig>

More information about the UX mailing list