[tor-bugs] #18361 [Applications/Tor Browser]: Issues with corporate censorship and mass surveillance

Tor Bug Tracker & Wiki blackhole at torproject.org
Thu Jan 11 11:27:49 UTC 2018 

#18361: Issues with corporate censorship and mass surveillance
--------------------------------------+--------------------------
 Reporter:  ioerror                   |          Owner:  tbb-team
     Type:  defect                    |         Status:  reopened
 Priority:  High                      |      Milestone:
Component:  Applications/Tor Browser  |        Version:
 Severity:  Critical                  |     Resolution:
 Keywords:                            |  Actual Points:
Parent ID:                            |         Points:
 Reviewer:                            |        Sponsor:
--------------------------------------+--------------------------

Comment (by cypherpunks):

 Replying to [comment:267 cypherpunks]:
 > Read the title of this ticket. Sure you can't tie Cloudflare-thing to
 the security slider but you can tie "corporate MITM" to the security
 slider.

 You missed the point entirely, the Security Slider is a way to provide
 vulnerability surface reduction and so including "corporate MiTM" in it
 seems meaningless, https://www.torproject.org/projects/torbrowser/design/

 `In order to provide vulnerability surface reduction for users that need
 high security, we have implemented a "Security Slider" to allow users to
 make a tradeoff between usability and security while minimizing the total
 number of choices (to reduce fingerprinting). Using metrics collected from
 Mozilla's bug tracker, we analyzed the vulnerability counts of core
 components, and used information gathered from a study performed by iSec
 Partners to inform which features should be disabled at which security
 levels.`

 Replying to [comment:268 cypherpunks]:
 > Hey, why Tor Browser can't have one or two checkbox?
 It will make you even more fingerprintable. Imagine a website loading many
 tracking iframes some of whom are behind Cloudflare and get as a result
 blocked, wouldn't that make your fingerprint more unique?

--
Ticket URL: <https://trac.torproject.org/projects/tor/ticket/18361#comment:269>
Tor Bug Tracker & Wiki <https://trac.torproject.org/>
The Tor Project: anonymity online

More information about the tor-bugs mailing list