Nick Levinson
2018-10-06 00:19:25 UTC
This replies to a September 26 post with the same title.
Thank you; I was unaware of the division. No, in the past I was using Tor as if it is a browser, so I was using the browser it comes with. I did not try to use it with any other browser.
I did not know if Tor's browser uses Firefox's security architecture and I don't know about esr versions. You wrote, "[b]y design, Tor Browser doesn't save data to disk across sessions." Firefox isn't supposed to but a computer shutdown allows only limited time for apps to clean themselves up and so, even without a crash, FF data may be preserved through a power-down and power-up, and I confirmed that it is. If Tor not only defaults to data erasure ("design") but is not hampered by a time limit during shutdown so that the data is always gone when settings call for it to be gone, then that's an improvement over FF. Consider the risk that many apps may have to clean up extensively and that there won't be enough time during shutdown to complete the cleanup, so that Tor may still leave data persisting through the next power cycling.
It took some effort to find the bug in FF, it took some more effort to convince people at FF that data is persistently stored, and a FF derivative is being used in Tor, so I would not be surprised if no one reported the bug at Tor before my question last month. The discussion at FF was going on for years. So the open question for Tor is not whether it's unreported but whether Tor behaves differently, and you and I have narrowed it down to the difference between design and behavior at shutdown time and similar times. If you or someone else knows the answer to that question, please post accordingly.
If the shutdown or similar time limit forces persistence of data, then that's a security bug.
And the UI language should be precise. "Never Remember History" is not that, given the persistence issue and if persistence is not to be ended. The people Tor is intended for, spies et al., are not full-time geeks and they can't make their use of Tor too visible by asking questions in the wrong places. So the UI issue is more sensitive for targeted Tor users than for most FF users. It's okay (not great but okay) to require using options but then the UI "Never" should be reworded so Tor (or FF) users are not misled. But if Tor doesn't present that "Never" language then Tor may not have a UI issue. UI language should be judged as most users would understand it. When, years ago, Microsoft wanted to discourage uninstalling its browser from Windows platforms, one of its techniques was to force people trying to properly uninstall to go through a nearly incomprehensible UI; I was geeky at the time and I didn't know what a couple of messages meant. And at least I knew it was incomprehensible. "Never Remember History" is easily comprehensible but, in FF's case, as most people would understand it, is wrong. A derivative of FF is in Tor. Thus, I ask about Tor's UI.
Thank you; I was unaware of the division. No, in the past I was using Tor as if it is a browser, so I was using the browser it comes with. I did not try to use it with any other browser.
I did not know if Tor's browser uses Firefox's security architecture and I don't know about esr versions. You wrote, "[b]y design, Tor Browser doesn't save data to disk across sessions." Firefox isn't supposed to but a computer shutdown allows only limited time for apps to clean themselves up and so, even without a crash, FF data may be preserved through a power-down and power-up, and I confirmed that it is. If Tor not only defaults to data erasure ("design") but is not hampered by a time limit during shutdown so that the data is always gone when settings call for it to be gone, then that's an improvement over FF. Consider the risk that many apps may have to clean up extensively and that there won't be enough time during shutdown to complete the cleanup, so that Tor may still leave data persisting through the next power cycling.
It took some effort to find the bug in FF, it took some more effort to convince people at FF that data is persistently stored, and a FF derivative is being used in Tor, so I would not be surprised if no one reported the bug at Tor before my question last month. The discussion at FF was going on for years. So the open question for Tor is not whether it's unreported but whether Tor behaves differently, and you and I have narrowed it down to the difference between design and behavior at shutdown time and similar times. If you or someone else knows the answer to that question, please post accordingly.
If the shutdown or similar time limit forces persistence of data, then that's a security bug.
And the UI language should be precise. "Never Remember History" is not that, given the persistence issue and if persistence is not to be ended. The people Tor is intended for, spies et al., are not full-time geeks and they can't make their use of Tor too visible by asking questions in the wrong places. So the UI issue is more sensitive for targeted Tor users than for most FF users. It's okay (not great but okay) to require using options but then the UI "Never" should be reworded so Tor (or FF) users are not misled. But if Tor doesn't present that "Never" language then Tor may not have a UI issue. UI language should be judged as most users would understand it. When, years ago, Microsoft wanted to discourage uninstalling its browser from Windows platforms, one of its techniques was to force people trying to properly uninstall to go through a nearly incomprehensible UI; I was geeky at the time and I didn't know what a couple of messages meant. And at least I knew it was incomprehensible. "Never Remember History" is easily comprehensible but, in FF's case, as most people would understand it, is wrong. A derivative of FF is in Tor. Thus, I ask about Tor's UI.
--
tor-talk mailing list - tor-***@lists.torproject.org
To unsubscribe or change other settings go to
https://lists.to
tor-talk mailing list - tor-***@lists.torproject.org
To unsubscribe or change other settings go to
https://lists.to