[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]

Re: [tor-bugs] #24310 [Applications/Tor Browser]: Consider encrypted bookmarks addon for storing onions on the browser



#24310: Consider encrypted bookmarks addon for storing onions on the browser
----------------------------------------+--------------------------
 Reporter:  asn                         |          Owner:  tbb-team
     Type:  enhancement                 |         Status:  new
 Priority:  Medium                      |      Milestone:
Component:  Applications/Tor Browser    |        Version:
 Severity:  Normal                      |     Resolution:
 Keywords:  prop224, tbb, network-need  |  Actual Points:
Parent ID:                              |         Points:  6
 Reviewer:                              |        Sponsor:
----------------------------------------+--------------------------
Description changed by asn:

Old description:

> Onion addresses are hard to remember and with prop224 they are even
> harder, [https://blog.torproject.org/cooking-onions-names-your-onions
> yada yada].
>
> One technique that people are using to remember their onions are local
> browser bookmarks. That's a pretty secure way to do it actually, with the
> biggest drawback being that the bookmarks are stored long-term on your
> computer which is a problem if your computer gets compromised.
>
> One way to improve the situation would be to be able to encrypt your
> bookmarks (a bit like a password manager) so that attackers without your
> password are not able to retrieve your list of onions.
>
> Some extra features that would be cool to have:
> - Some sort of deniability where attackers are not able to see if you
> have any stored bookmarks if they don't know your password.
> - Extra storage for client authorization credential for those onions.
>
> I'm not sure if there is already an addon that does what we want to do
> here, but perhaps we could find something.

New description:

 Onion addresses are hard to remember and with prop224 they are even
 harder, [https://blog.torproject.org/cooking-onions-names-your-onions yada
 yada].

 One technique that people are using to remember their onions are local
 browser bookmarks. That's a pretty secure way to do it actually, with the
 biggest drawback being that the bookmarks are stored long-term on your
 computer which is a problem if your computer gets compromised.

 One way to improve the situation would be to be able to encrypt your
 bookmarks (a bit like a password manager) so that attackers without your
 password are not able to retrieve your list of onions.

 Some extra features that would be cool to have:
 - Some sort of deniability where attackers are not able to see if you have
 any stored bookmarks if they don't know your password.
 - Extra storage for client authorization credential for those onions.
 - Even better this wouldn't be a separate addon, but just an enhancement
 over the current bookmark system of firefox, so that people don't need two
 understand two UXs.

 I'm not sure if there is already an addon that does what we want to do
 here, but perhaps we could find something.

--

--
Ticket URL: <https://trac.torproject.org/projects/tor/ticket/24310#comment:1>
Tor Bug Tracker & Wiki <https://trac.torproject.org/>
The Tor Project: anonymity online
_______________________________________________
tor-bugs mailing list
tor-bugs@xxxxxxxxxxxxxxxxxxxx
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs