[tbb-bugs] #25658 [Applications/Tor Browser]: Activity 2.1: Improve user understanding and user control by clarifying Tor Browser's security features
Tor Bug Tracker & Wiki
blackhole at torproject.org
Mon Apr 23 11:44:38 UTC 2018
#25658: Activity 2.1: Improve user understanding and user control by clarifying Tor
Browser's security features
-------------------------------------------+---------------------------
Reporter: isabela | Owner: antonela
Type: project | Status: assigned
Priority: High | Milestone:
Component: Applications/Tor Browser | Version:
Severity: Normal | Resolution:
Keywords: ux-team, TorBrowserTeam201804 | Actual Points:
Parent ID: | Points:
Reviewer: | Sponsor: Sponsor17
-------------------------------------------+---------------------------
Comment (by hiro):
Replying to [comment:18 tom]:
> Yea. Talking about the slider settings gets confusing because different
words mean different things to different people, and there are a lot of
things I think we're trying to roll up into a single slider.
>
The problem I see is exactly that and what we communicate to users. If I
click on the learn more link on the slider I am taken to the Tor Browser
Manual.
The first sentence I see is the following:
"Tor Browser includes a “Security Slider” that lets you increase your
security by disabling certain web features that can be used to attack your
security and anonymity. Increasing Tor Browser’s security level will stop
some web pages from functioning properly, so you should weigh your
security needs against the degree of usability you require."
If I had not read the design document I would think of the security slider
as mainly an increased privacy protection.
I understand maybe the slider is not the place to talk about de-
anonymisation in the Tor network and go into details, so maybe we should
do that in the Tor Browser manual to make it more clear?
Also, I think that, as a user I'd be able to better understand this if we
would at least explain why we disable certain features and what I am
loosing if I enable them.
It is also worth to consider that it might be a risk to give the user the
habit of lowering their security every time a website doesn't work. What
if it is the website that is broken and not Tor Browser just to strict?
A few of these considerations I suppose could also be included in the
styleguide as a reference of how a page would work in the various Tor
Browser modes. Also as some "tracking-blocking" features become used by
other browser, this reasoning could be used to make pages generally more
privacy friendly.
--
Ticket URL: <https://trac.torproject.org/projects/tor/ticket/25658#comment:20>
Tor Bug Tracker & Wiki <https://trac.torproject.org/>
The Tor Project: anonymity online
More information about the tbb-bugs
mailing list