Howdy, On 01/02/2018 06:01 AM, George wrote: > Allen Gunn: >> Hello friends, >> >> I hope 2018 is off to a good start wherever this finds you. >> >> So for those who aren't aware, my NGO, Aspiration, advises other NGOs >> and activists on technology as part of our core mission. >> >> And a common piece of advice we proffer is "make sure your web site >> works well with Tor Browser", i.e., doesn't use Flash or overly depend >> on Javascript. > > For *years* I've had a custom "badge" of sorts on queair.net indicating > the site is "Tor friendly." It seems a worthwhile low-level campaign to > wage that might not be relevant today, but can be tomorrow. > > A well-signed but small log (maybe like the 'valid css' one?) could be > useful. > > Or even a "Tor-friendly check" www-based tool might be an interesting > direction. It could check Flash easily enough, and maybe diff the site > over plain old HTTP versus over torsocks. These are all great thoughts, thanks. >> The more I have given that advice, the more I have wondered if it was >> documented anywhere what it actually takes to be a "Tor-friendly" site. > > Yes. Simple enough with old-school HTML and perl-based mailforms. Not > so much with more complex contemporary sites. > >> >> Big thanks to GeKo, who first confirmed for me that no such >> documentation seems to exist. And then for helping me to bootstrap this >> page: >> >> https://pad.riseup.net/p/torfriendlysite > > While not prolific, it's a solid start. Thanks :^) >> I'm writing to ask folks on this list to both add any thoughts you have >> on the matter, and to correct or comment on anything that's already >> there and doesn't seem quite right. >> >> Any contributions, both to the pad or emailed to me directly, are most >> appreciated. >> >> This is especially true if you know of relevant documentation anywhere >> else that I should be looking at. >> >> Once folks have weighed in, I will figure out where to post this on the >> Tor wiki and elsewhere in order to make it more broadly and reliably >> available. >> >> And if for any reason you think this is an ill-informed endeavor, I >> welcome that feedback as well :^) > > All of the guidelines might be useful for sites not yet online, but for > sites already up and functional, migrating to "Tor friendly" is going to > be the challenge. Agreed. But even getting more sites coming online to test against TB will hopefully improve things over time. > I also think it might be useful to give a brief "tagline" to the idea of > a Tor friendly www site, such as "allowing anonymity by design, not by > privacy policies" since I think it could be counterposed to long and > legelese-written privacy policies. From one angle, it's about enabling > anonymity by the user, and not necessarily doing anything in particular > for them. Yep, that makes total sense. Thanks! gunner > > g > > > > > _______________________________________________ > tor-project mailing list > tor-project@xxxxxxxxxxxxxxxxxxxx > https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-project > -- Allen Gunn Executive Director, Aspiration +1.415.216.7252 www.aspirationtech.org Aspiration: "Better Tools for a Better World" Read our Manifesto: http://aspirationtech.org/publications/manifesto Twitter: www.twitter.com/aspirationtech
Attachment:
signature.asc
Description: OpenPGP digital signature
_______________________________________________ tor-project mailing list tor-project@xxxxxxxxxxxxxxxxxxxx https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-project