[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]
Re: [tor-bugs] #9387 [Tor Launcher]: Tor Launcher/Torbutton should provide a "Security Slider"
#9387: Tor Launcher/Torbutton should provide a "Security Slider"
-----------------------------------------------------+----------------------
Reporter: mikeperry | Owner: brade
Type: enhancement | Status: new
Priority: major | Milestone:
Component: Tor Launcher | Version:
Keywords: tbb-usability, tbb-linkability, tbb-3.0 | Parent:
Points: | Actualpoints:
-----------------------------------------------------+----------------------
Comment(by mikeperry):
Ok, it looks like we're starting to avalanche down the slippery slope
here. Time to reign this back in to something reasonable in scope and
purpose.
First, I am not sure how we can easily disable compression short of some
header filter that asks the server not to do it (which may or may not
actually work against an active attacker, since the browser still actually
does support it and likely will still decompress any compressed data it
does receive). Also, we should wait to see if the browser vendors come up
with a real solution to such attacks instead of trying to jump the gun on
them and proactively disable shit as if it were an actual fix. I'm still
as against that as I ever was. In fact, such temporary hacks definitely do
not belong under this mechanism.
Second, as for "somewhere in the middle" as a default, I'm also against
that. If you have no idea what the slider does because you just clicked
"Connect" without reading anything, you should not be subjected to a
broken experience by default. The user will have no idea why or how to fix
it, and their reaction will be to stop using the browser.
Third, especially in its first revision, the slider should exist only to
disable a few key items that already have prefs in either about:config or
NoScript. It should have no more than 3 or 4 positions to avoid
fragmentation of the anonymity set. This means several things will be
grouped together under each tick.
This ticket is solely about giving users in specific situations advanced
opportunity to configure some security defaults in a way that does not
damage their anonymity set too much, and also gives them advanced notice
and opportunity to alter what some may perceive as permissive defaults.
Everything else, including hijacking this ticket to alter defaults to re-
disable a bunch of features we were just funded fix to make HTML5
usability better, is out of scope.
--
Ticket URL: <https://trac.torproject.org/projects/tor/ticket/9387#comment:12>
Tor Bug Tracker & Wiki <https://trac.torproject.org/>
The Tor Project: anonymity online
_______________________________________________
tor-bugs mailing list
tor-bugs@xxxxxxxxxxxxxxxxxxxx
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs