Trac issueshttps://gitlab.torproject.org/legacy/trac/-/issues2020-06-16T00:44:47Zhttps://gitlab.torproject.org/legacy/trac/-/issues/25580Torbutton should trigger Tor Browser auto update when it starts and it knows ...2020-06-16T00:44:47ZRoger DingledineTorbutton should trigger Tor Browser auto update when it starts and it knows it's out of dateWhen I start my Tor Browser 7.5, it starts up, and gives me an about:tor page with a black arrow trying to get me to click on stuff.
Shouldn't it instead just say "oh, you need to update, I'm doing that for you now"?
When I close down ...When I start my Tor Browser 7.5, it starts up, and gives me an about:tor page with a black arrow trying to get me to click on stuff.
Shouldn't it instead just say "oh, you need to update, I'm doing that for you now"?
When I close down my Tor Browser 7.5 and start it up again, I get the same black arrow, even though it could have already known from last time that it was going to be out of date.
(I've gotten used to the choices that yawning made in the sandboxed tor browser, where it checks for an update on startup, and if there is one, it updates me then.)https://gitlab.torproject.org/legacy/trac/-/issues/25151Update Tor Browser branding on installation2020-06-16T00:43:51ZstephwUpdate Tor Browser branding on installationThe installation package still calls Tor Browser Tor Browser Bundle and includes outdated branding.
- Match branding to new Tor Launcher: Tor | Browser logo
- Add space to application name: s/TorBrowser/Tor BrowserThe installation package still calls Tor Browser Tor Browser Bundle and includes outdated branding.
- Match branding to new Tor Launcher: Tor | Browser logo
- Add space to application name: s/TorBrowser/Tor Browserhttps://gitlab.torproject.org/legacy/trac/-/issues/25023visually mark alpha tor browser2020-06-16T00:43:37Zakreyvisually mark alpha tor browserThe alpha and stable tor browser bundle look exactly alike, making it hard to track which one you are using.
We could have an alpha sign on the green onion left to the url bar, or use a different color instead of the green there. (Viole...The alpha and stable tor browser bundle look exactly alike, making it hard to track which one you are using.
We could have an alpha sign on the green onion left to the url bar, or use a different color instead of the green there. (Violet comes to mind.)
The same goes for the application switcher and task bar in windows (green/gray? globe logo).https://gitlab.torproject.org/legacy/trac/-/issues/24918Help users finding the new circuit display2020-06-16T00:43:18ZGeorg KoppenHelp users finding the new circuit displayWe plan to improve and move the circuit display in #24309. In order to help the users getting accustomed to this change we need to implement some guidance into Tor Browser. The work for that both UX and coding-wise is tracked in this bug.We plan to improve and move the circuit display in #24309. In order to help the users getting accustomed to this change we need to implement some guidance into Tor Browser. The work for that both UX and coding-wise is tracked in this bug.https://gitlab.torproject.org/legacy/trac/-/issues/23649Adapt the design of the Tor Launcher, Torbutton, ...etc and even the about:to...2020-06-15T23:47:40ZcypherpunksAdapt the design of the Tor Launcher, Torbutton, ...etc and even the about:tor page to the new Firefox Photon UXPhoton UX guidelines are available here http://design.firefox.com/photon/ e.g.
* colors: http://design.firefox.com/photon/visual/color.html
* fonts: http://design.firefox.com/photon/visual/typography.html
...etcPhoton UX guidelines are available here http://design.firefox.com/photon/ e.g.
* colors: http://design.firefox.com/photon/visual/color.html
* fonts: http://design.firefox.com/photon/visual/typography.html
...etchttps://gitlab.torproject.org/legacy/trac/-/issues/23554Build noscript-style toggle for svg disable?2020-06-15T23:47:29ZRoger DingledineBuild noscript-style toggle for svg disable?Right now things like javascript and other security-related options can be toggled per-tab via the noscript interface, but our svg block (when the security slider is set to high) has no such per-tab toggle.
Especially now that youtube h...Right now things like javascript and other security-related options can be toggled per-tab via the noscript interface, but our svg block (when the security slider is set to high) has no such per-tab toggle.
Especially now that youtube has decided that svg is the way of the future, we should figure out a more usable way for people to retain most of their security while still loading youtube if they want.
Options that come to mind:
A) Build our own per-tab toggle interface for the svg blocker.
B) Ask noscript to learn how to block svg, and then use its existing per-tab toggle interface to let you configure your svg hopes.
C) Finish thinking about the "per-tab security slider settings" idea, and decide to move forward with it.
(Idea came from discussions with Nima and Nicolas.)https://gitlab.torproject.org/legacy/trac/-/issues/23547Delete flexible space around address bar for FF60 esr2020-06-15T23:47:28ZcypherpunksDelete flexible space around address bar for FF60 esrBy default FF57 has flexible space around the address bar (and I assume this will be the case with FF59 esr too).
Onion addresses will be 52 characters long at that time, the window is also only 1000px width long, and so it may be bette...By default FF57 has flexible space around the address bar (and I assume this will be the case with FF59 esr too).
Onion addresses will be 52 characters long at that time, the window is also only 1000px width long, and so it may be better to delete that flexible space.
Tagging `ux-team` for their opinion :)https://gitlab.torproject.org/legacy/trac/-/issues/23489Enhance about:tor design2020-06-15T23:47:24ZcypherpunksEnhance about:tor designI think the UX team should consider ways to enhance the `about:tor` page design, preferably using the same design ideas for the upcoming torproject.org design refresh. It should also respect if possible Photon (Firefox' new upcoming UI) ...I think the UX team should consider ways to enhance the `about:tor` page design, preferably using the same design ideas for the upcoming torproject.org design refresh. It should also respect if possible Photon (Firefox' new upcoming UI) design guidelines: http://design.firefox.com/photon/
I'm putting the `ff59-esr` keyword since such change will at best be for the next ESR release, and since `ff59-esr` should also offer a new design as mentioned above, so it's also the perfect occasion to refresh the `about:tor` design.https://gitlab.torproject.org/legacy/trac/-/issues/23267Cross-platform brand and features consistency: make Android and iOS browsers ...2020-06-15T23:46:55ZLinda LeeCross-platform brand and features consistency: make Android and iOS browsers as good as TBB= Background =
Currently, when users go to the app store, they get a bunch of apps that are impersonating Tor. Here are [some examples](https://docs.google.com/presentation/d/1WoQyQPSqFWDQ2zHZsCajy6Nb8oVC9EPl7M0aFNtg7OI/edit?usp=sharin...= Background =
Currently, when users go to the app store, they get a bunch of apps that are impersonating Tor. Here are [some examples](https://docs.google.com/presentation/d/1WoQyQPSqFWDQ2zHZsCajy6Nb8oVC9EPl7M0aFNtg7OI/edit?usp=sharing). Choosing the right mobile browser endorsed by Tor is difficult, when the "official" browsers (tor on mobile for Android, and onionbrowser for iOS, both use different icons, are developed by people who are not Tor, and have different names).
Even if people manage to download the correct browser, the users don't get all of the security guarantees that the desktop browser provides, and the mobile application has a subset of the features that the desktop browser has. We should make sure that the security guarantees and functionalities are as equivalent as possible.
= Vision =
All the browsers that we endorse across platforms are called Tor Browser, use the same icons, are developed by us, have the same(ish) security guarentees, have the same(ish) set of features, deploy/update at the same time. That way, users aren't confused, and we get more mobile users!
# Scope
This project is more of an ongoing, multi-year effort to pour a lot of effort into mobile. Anything from improving brand consistency, adding features to mobile, and helping test the mobile apps count.https://gitlab.torproject.org/legacy/trac/-/issues/21321.onion HTTP is shown as non-secure in Tor Browser2020-06-15T23:46:51Zcypherpunks.onion HTTP is shown as non-secure in Tor Browserblog.mozilla.org/security/2017/01/20/communicating-the-dangers-of-non-secure-http/
http version of .onion is safe. This must be the exception of that slash/ icon.blog.mozilla.org/security/2017/01/20/communicating-the-dangers-of-non-secure-http/
http version of .onion is safe. This must be the exception of that slash/ icon.https://gitlab.torproject.org/legacy/trac/-/issues/23151Tor Browser toolbar design2020-06-15T23:46:35ZLinda LeeTor Browser toolbar designIf we make the changes suggested by #23150 and child tickets, we'll need to:
* decide how many buttons to have
* where those buttons go
* what functionalities each button would have
* what icons we should use for each button
* what to d...If we make the changes suggested by #23150 and child tickets, we'll need to:
* decide how many buttons to have
* where those buttons go
* what functionalities each button would have
* what icons we should use for each button
* what to do about the noscript and onion buttonshttps://gitlab.torproject.org/legacy/trac/-/issues/23150Re-evaluating tor browser's security controls: let's have one place to adjust...2020-06-15T23:46:35ZLinda LeeRe-evaluating tor browser's security controls: let's have one place to adjust all per-tab, global, persistent, and per-session security preferences.= Background =
Currently, it's hard to get Tor Browser to do behave the way that you want. And the controls for these security preferences are scattered across dialogues that are asked once, the security slider, and the noscript extens...= Background =
Currently, it's hard to get Tor Browser to do behave the way that you want. And the controls for these security preferences are scattered across dialogues that are asked once, the security slider, and the noscript extension. We should combine this all in a way that makes sense, adding and removing some options if need be.
The document that sparked this discussion is [here](https://drive.google.com/file/d/0BzRaXGZ006aoWHJLd0hBT3IyRUE/view). The document suggests re-evaluate what buttons are in the toolbar, and what purposes they would serve. While this is definitely a part of the project, the purpose of the project is to organize the security controls, not design the toolbar. We also do not plan to respond to all the proposed changes, and took inspiration from a subset of them.
= Objective =
We're trying to fix the following problems:
* user confusion with what settings is global and what is for a tab
* all features are hidden under one icon or under the security preferences (which is buried)
* the settings overlap and need to be used together (security slider + noscript), which is hard
* in general, the buttons at the top (NoScript, torbutton) are confusing
* the buttons don't have a 1:1 corespondence with what users need
= Discussion points =
* What do users want to be able to toggle, but cannot?
* Does the current design allow for any mistakes? (i.e. leaving the security slider on low all the time so that it's more convenient when visiting one website regularly)
* Should we prioritize building a mental model/guiding user behavior (putting tab specific settings in toolbar, global settings in preferences) or should we cater to what users want to do most (putting most used things in toolbar, less used things in preferences)?
* how many buttons should there be in the tool bar, in what order, with what icons?Linda LeeLinda Leehttps://gitlab.torproject.org/legacy/trac/-/issues/22985Can we simplify and clarify click-to-play of audio/video?2020-06-15T23:46:01ZArthur EdelsteinCan we simplify and clarify click-to-play of audio/video?Right now click-to-play of videos is quite cumbersome and has poor usability. For example on youtube, this is what I observe on Medium Security.
* On first page load, no video or audio is visible -- the video box is gray. A "musical not...Right now click-to-play of videos is quite cumbersome and has poor usability. For example on youtube, this is what I observe on Medium Security.
* On first page load, no video or audio is visible -- the video box is gray. A "musical notes" icon appears in the middle of the video box, and an "orbiting dots" indicator seems to indicate some problem loading. After a few seconds the video box goes black and it says "an error occured." Then after another few seconds the "musical notes" icon reappears.
* If I click on the "musical notes" icon, then a confirmation box appears, that says "Temporarily allow ... [URLs and codec gibberish]". If I click OK, then the whole page reloads. Again I get a gray video box with orbiting dots. This time there is a film canister icon in the middle of the dots.
* If I click on the film canister it says, "Temporarily allow [URL and more codec gibberish]". again I click OK, the page reloads and the video finally plays.
So here, click-to-play required two clicks and two reloads (plus confirmation clicks). Ideally it should require only one reload. The option to click to play the video should be much more clear (it should probably have the text "Click to Play"). The click-to-play button shouldn't disappear when the youtube page tries to re-load the video. If a confirmation prompt is to be shown, then it should clearly explain to the user that video/audio is about to be loaded, and what the security concerns are.https://gitlab.torproject.org/legacy/trac/-/issues/21183Basic Usability Issues2020-06-15T23:46:01ZTracBasic Usability IssuesHi:
I'm a longtime UX'er, and new to using Tor. Some very basic heuristics I felt compelled to respond to, in a PDF—and was advised by a FOSS person, to submit in a ticket, here.
Namely:
- The "Tor Button" is illegible (recommended re...Hi:
I'm a longtime UX'er, and new to using Tor. Some very basic heuristics I felt compelled to respond to, in a PDF—and was advised by a FOSS person, to submit in a ticket, here.
Namely:
- The "Tor Button" is illegible (recommended replacement included)
- The "NoScripts" icon is illegible (recommended replacement included)
- Most of the functionality behind the TorButton should be in a preferences pane, not a toolbar button
- The three pieces of functionality appropriate for toolbar buttons, should each have their own buttons. Replacement icons and interaction pane recommendations, included.
Document here, if I'm not able to upload it myself:
https://drive.google.com/open?id=0BzRaXGZ006aoWHJLd0hBT3IyRUE
**Trac**:
**Username**: ninavizzhttps://gitlab.torproject.org/legacy/trac/-/issues/22982Introduce a single "adjust security" toolbar button for security slider and n...2020-06-15T23:46:01ZArthur EdelsteinIntroduce a single "adjust security" toolbar button for security slider and noscript optionsRight now, the security slider is buried under a submenu. We could promote it to its own toolbar buttun/popup menu, similar to how ninavizz suggested in #21183. And we could move needed NoScript functionality (namely "temporarily whiteli...Right now, the security slider is buried under a submenu. We could promote it to its own toolbar buttun/popup menu, similar to how ninavizz suggested in #21183. And we could move needed NoScript functionality (namely "temporarily whitelist video/audio/scripts for this tab") from the NoScript dropdown to the security popup. Other dangerous NoScript functionality could be omitted altogether (including "Allow Scripts Global" and "Options".
Finally the security slider button could have a decoration that indicates the current setting "H/M/L" as well as a second indicator showing whether we have temporarily whitelisted for this tab.https://gitlab.torproject.org/legacy/trac/-/issues/22981Don't block audio/video on https sites under Medium Security2020-06-15T23:46:00ZArthur EdelsteinDon't block audio/video on https sites under Medium SecurityRight now "Medium Security" on the security slider blocks all audio and video using NoScript. But JavaScript is allowed for https sites. I would suggest also unblocking video and audio for https sites but keeping them blocked for http si...Right now "Medium Security" on the security slider blocks all audio and video using NoScript. But JavaScript is allowed for https sites. I would suggest also unblocking video and audio for https sites but keeping them blocked for http sites. This would increase usability for sites such as YouTube.
High Security would continue to block audio and video for both https and http sites.https://gitlab.torproject.org/legacy/trac/-/issues/22980Indicate Security Slider Level applies globally2020-06-15T23:45:59ZArthur EdelsteinIndicate Security Slider Level applies globallyWhen a user adjust the security settings, it applies to all tabs (currently open and in the future). So we should probably add something in the security slider text to indicate that.When a user adjust the security settings, it applies to all tabs (currently open and in the future). So we should probably add something in the security slider text to indicate that.https://gitlab.torproject.org/legacy/trac/-/issues/22809Tor Browser does not provide red security warning for downloading executable ...2020-06-15T23:45:26ZnaifTor Browser does not provide red security warning for downloading executable in HTTPThis ticket is to enhance Tor Browser that today does not provide red security warning for downloading executable in HTTP in clear text that can be easy subject to MITM attacks.
Actually there's a ticket sitting on Mozilla Firefox to im...This ticket is to enhance Tor Browser that today does not provide red security warning for downloading executable in HTTP in clear text that can be easy subject to MITM attacks.
Actually there's a ticket sitting on Mozilla Firefox to implement exactly that https://bugzilla.mozilla.org/show_bug.cgi?id=1303739 .
The very same should apply for mixed content where from an HTTPS website there's download of executable from an HTTP resource.
Attached the standard warning provided by Firefox that does not explain to the end-user how risky is the download of an executable over HTTP in clear.https://gitlab.torproject.org/legacy/trac/-/issues/22785Show an alternative icon for features that are blocked and not broken.2020-06-15T23:45:21ZLinda LeeShow an alternative icon for features that are blocked and not broken.Tor Browser blocks certain features, and especially so if the user is using the the highest security setting. Currently, there is nothing distinguishing elements on a page which were legitimately broken versus ones that were blocked.
I...Tor Browser blocks certain features, and especially so if the user is using the the highest security setting. Currently, there is nothing distinguishing elements on a page which were legitimately broken versus ones that were blocked.
Instead of the broken image icon, it would be ideal to have another icon (onion icon?) there instead if it was blocked, to indicate that it's not broken, and Tor Browser is working as intended. Adding a popup on hover or click to describe why it was blocked would be even better! I've mocked this up below.
![page-with-broken-icon.png, 300px](uploads/page-with-broken-icon.png, 300px)
![page-with-onion-icon.png,600px](uploads/page-with-onion-icon.png,600px)https://gitlab.torproject.org/legacy/trac/-/issues/22396What does "never for this site" for the canvas warning really mean?2020-06-15T23:44:13ZRoger DingledineWhat does "never for this site" for the canvas warning really mean?When I get an html5 canvas warning in Tor Browser, it suggests that I pick "never for this site".
To me, the word "never" implies that Tor Browser is writing down my answer, and it will use that answer forever after. Like the "permanent...When I get an html5 canvas warning in Tor Browser, it suggests that I pick "never for this site".
To me, the word "never" implies that Tor Browser is writing down my answer, and it will use that answer forever after. Like the "permanent exceptions" for SSL certs.
On the other hand, my understanding of Tor Browser behavior is that it wouldn't write it to disk, so my choice would be lost on the next browser reset or new identity click.
There's a contradiction here. I'm assuming the second one is right. Is there a better phrase we can use than "never"?