[tbb-dev] Proposal for redesigning the security controls
teor
teor2345 at gmail.com
Thu Feb 8 23:36:42 UTC 2018
On 9 Feb 2018, at 03:04, Mark Smith <mcs at pearlcrescent.com> wrote:
>> On 2/7/18 4:23 PM, teor wrote:
>> Let's make sure we include some torproject sites in this list:
>> * Atlas (for relay operators, requires JS, and SVG for graphs)
>> * Trac (for users reporting bugs, requires JS to reply to a comment)
>>
>> Personally, I run in High security mode, because I use Tor Browser
>> to open links that people send me.
>>
>> But that means I have to use NoScript all the time on these TPO
>> sites.
>>
>> Atlas and consensus-health graphs are the most common reason I
>> accidentally end up in "medium" security mode on other sites.
>>
>> A visual indicator would really help me here.
>
> I assume the reason you need to change the security slider from "Safest"
> (aka high) to "Safer" (aka medium) is to allow SVGs?
Yes, consensus health and atlas need SVG for graphs.
> Otherwise, you
> would just use the NoScript override to allow JS.
I use NoScript now.
But after the proposal is implemented, I am not sure how I will allow
JS for some sites.
> But maybe there are
> other reasons, which definitely argues for working through some user
> stories as Arthur suggested.
Not that I can recall. But the slider makes it hard to identify fine-grained
features needed by each website.
T
More information about the tbb-dev
mailing list