[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]

Re: [tor-dev] Improving Private Browsing Mode/Tor Browser



Thus spake Robert Ransom (rransom.8774@xxxxxxxxx):

> On Thu, 23 Jun 2011 11:19:45 -0700
> Mike Perry <mikeperry@xxxxxxxxxx> wrote:
> 
> > So perhaps Torbutton controlled per-tab proxy username+password is the
> > best option? Oh man am I dreading doing that... (The demons laugh
> > again.)
> 
> If you do this, you will need to give the user some indication of each
> tab's ???compartment???, and some way to move tabs between compartments.
>
> Coloring each tab to indicate its compartment may fail for anomalous
> trichromats like me and *will* fail for more thoroughly colorblind
> users.  Putting a number or symbol in each tab will confuse most users.
> 
> I suggest one compartment per browser window.  (Of course, you can and
> should leave more detailed hooks in the browser's source if possible,
> in case someone wants to experiment with a different scheme.)

As soon as I sent the previous email, I wanted to edit it to change
"per-tab" to something else.  I think any kind of per-tab and
per-window isolation does not correspond to how people have been
trained to use their existing browsers.

In fact, I think we should also treat this linkability just like the
window.name and referer. So, how about we set the Proposal 171 SOCKS
username to a function of the hostname in the referer header (possibly
caching the first referer for subsequent link navigation). If the
referer is blank, use the request URL hostname. This policy should
effectively give us the top-level origin isolation we want for other
identifiers.


-- 
Mike Perry
Mad Computer Scientist
fscked.org evil labs

Attachment: pgp9a7ctTigmc.pgp
Description: PGP signature

_______________________________________________
tor-dev mailing list
tor-dev@xxxxxxxxxxxxxxxxxxxx
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-dev