[tor-bugs] #5761 [TorBrowserButton]: using Dooble Web Browser for the Torbrowser
Tor Bug Tracker & Wiki
torproject-admin at torproject.org
Fri May 4 22:30:36 UTC 2012
#5761: using Dooble Web Browser for the Torbrowser
---------------------------------+------------------------------------------
Reporter: mike123 | Owner: mike123
Type: enhancement | Status: closed
Priority: normal | Milestone:
Component: TorBrowserButton | Version:
Resolution: invalid | Keywords:
Parent: | Points:
Actualpoints: |
---------------------------------+------------------------------------------
Comment(by mikeperry):
rransom: You're totally harshing on my buzz, man. There's so many things
rolled into this Doobie my head is spinning.
Unfortunately, most of them seem useless to us. It looks like Doobie is
taking a temporal approach to privacy rather than an origin-based
approach. We're pretty sure this is not the right way to go, because of
cross-origin linkability problems even over short browsing sessions.
However, the minimum set of features for this Doobie to be passed around
the Tor community is to meet
https://www.torproject.org/projects/torbrowser/design/#security. If it
meets that and comes with some tests to show it (see
https://www.torproject.org/projects/torbrowser/design/#proxy-obedience),
we might reconsider our position of telling people to Just Say No.
But Doobie also has to meet
https://www.torproject.org/projects/torbrowser/design/#privacy before it
can replace our modified Firefox in Tor Browser. From the laundry list
above, it sounds like it only meets it if you break half the web by
blocking all third party iframes (and even then, it probably doesn't
really satisfy the requirements until you break *all* of the web by also
disabling third party images and scripts).
--
Ticket URL: <https://trac.torproject.org/projects/tor/ticket/5761#comment:12>
Tor Bug Tracker & Wiki <https://trac.torproject.org/>
The Tor Project: anonymity online
More information about the tor-bugs
mailing list