A question of preferences

Arrakis arrakistor at gmail.com
Thu Nov 15 17:44:35 UTC 2007


I'm writing the preferences for the xB Browser, and I've been thinking
about the problem of users who are smart enough to be dangerous to
themselves. I'm talking about those that jump into the proxy settings
and think they are speeding things up by changing to a direct connection
or auto-detect.

Well, yeah, they're speeding up alright, but at the cost of breaking
their anonymity.

So it occurs to me I can keep those settings from being persistent
(nothing can stop someone who is determined to wreck their privacy). I
can do this by employing the user.js, which over-rides whatever the
users sets in their prefs.js files.

Therefore, I am thinking about what settings should be hard-coded on
browser/client startup.

The goal was "The purpose of user.js is to hardcode browser settings to
keep users from compromising their network anonymity beyond preferences."

That means for Tor/SSH usage, the browser needs to block plugins.
That means for VPN usage, the browser doesn't need to block plugins.

So now we're talking about two different user.js files entirely.
OK fine. But we get to a new point where we have to decide what things
should and shouldn't be blocked from being persistent from one session
to the next.

Of the following, beyond proxy settings, I'm thinking we should keep
persistent:

network.dns.disableIPv6 = true ; ipv6 addresses fail through tor.
network.proxy.socks_remote_dns = true
network.proxy.failover_timeout = 0 ;always retry the proxy, never revert.
layout.css.report_errors = false ;get rid of java console errors

There are other privacy related settings such as DOM and session info
that are a grey area, but I am thinking those don't meet the above goal,
and thus should be left as preferences for the user.

Comments and suggestions welcome,
Steve




More information about the tor-talk mailing list