On Mon, May 14, 2012 at 12:26 AM, Mike Perry <mikepe...@torproject.org> wrote: > I do *not* believe we can capture that userbase if we ship a > JS-disabled-by-default browser.
First, I would like to say that I agree that Javascript and other popular features (e.g., CSS, HTML5 video) need to be enabled by default, since this is what the users expect. It is not 1995 outside, and regular web browsing should include the usual capabilities expected of it. Not talking here about non-standard, insecure and outdated hacks like Flash that need to die, of course. All these frequent discussions about Javascript etc., however, revolve around an inherent conflict of interest. You (in general — i.e., the Tor project) want to attract a large userbase that will benefit the Tor network as a whole, and yet there is a sizable core group of users who require strong anonymity (not pseudonymity). Yet, by actually defining the anonymity set as one using those popular features, you basically force that core group to shift from anonymity towards pseudonymity once they selectively or completely block Javascript, install ad blockers, disable HTML5 extensions, etc. All that while the large userbase you want to bring in would be content with pseudonymity, yet you do not want them to block ads, for instance. So why not provide two profiles for the groups? I.e., a Torbutton-like interface, but one switching between the two profiles. The regular profile is as TBB is now, with a whitelist of approved addons (like Ad-Block Plus, I guess), which can update and change their internal state (e.g., filter lists) whenever they want. The hardcore profile uses a carefully restricted subset of HTML, CSS, Javascript, etc., with a hard-coded list of addons and their internal state. If some site doesn't work, the user has a choice to switch to the normal profile, but will in that case be aware that his anonymity is most likely less anonymous and more pseudonymous now. Otherwise, this continuous patching of an inherently non-anonymous solution seems like a task of Sisyphus to me. Consider a site that follows user's mouse movement and other unique behavior, and then classifies users by that data, for instance. Once some grad student implements this approach, and thousands of sites adopt it as a reliable fingerprinting technique, what will you do? -- Maxim Kammerer Liberté Linux (discussion / support: http://dee.su/liberte-contribute) _______________________________________________ tor-talk mailing list tor-talk@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk
