securedrop icon indicating copy to clipboard operation
securedrop copied to clipboard

Published 20 hours ago verified publisher icon freedomofpress

Re-evaluate Orfox warnings

Open eaon opened this issue 2 years ago • 4 comments

Description

Orfox is no more, and Tor Browser for Android, which took its place, is not being caught by the current regular expression targeting Orfox. This results in confusing warning messages if JavaScript is executed because of the "Standard" security setting:

It is recommended to use Tor Browser

But I am! Just the Android version.

Steps to Reproduce

  • (Download Orfox)
  • (Get redirected to) Download Tor Browser for Android
  • Access SecureDrop source interface

Actual Behavior

Screenshot_20220304-111925

Comments

For more contemporary mobile (torified) browser context I left some notes in #1450

The Orfox warning in place now is essentially dead code. Tweaking the language and regular expression would be a minimum, but I don't think we should imply that the security or anonymity guarantees of Tor Browser for Android are worse than that of Tor Browser for any other officially supported platform.

I realise this may be a big box of worms, but Tor Project does not seem to treat Tor Browser for Android different than the desktop versions. Would it be reasonable to follow suit (not in 2.3.0, mind you) and integrate TB4A with security level warning instead? Would that require adapting threat models?

eaon avatar Mar 04 '22 18:03 eaon

I think that although we might consider Tor Browser for Android as trustworthy as the desktop one, the same cannot be said for the overall environment. Most Android phones will backup files to Google or other cloud services, as well as snoop on the keyboard for learning purposes. Even if Tor Browser may prevent some of these things it is reasonable to think that almost anything that goes through a modern smartphone will hit the cloud at some point.

So if we have to write a warning, I would go in that direction mostly.

lsd-cat avatar Mar 10 '22 19:03 lsd-cat

Tentatively added to 2.4.0 milestone since the current behavior is clearly a bug.

eloquence avatar Mar 16 '22 01:03 eloquence

I'm moving this to 2.6.0, we should still do it because Orfox is dead, but it is not going to make it into 2.5.0 without adding a delay that IMO would be unjustified.

zenmonkeykstop avatar Sep 20 '22 16:09 zenmonkeykstop

We discussed this when we were weeding out issues for hackathon participants, and decided to lay out what the requirements to close this issue are:

  • Change the wording to drop the reference to Orfox, and that the existence of Tor Browser for Android isn't confusing anymore either.
  • Ensure that the warning is shown on Tor Browser for Android
    • If it is not, adapt the User-Agent regular expression that triggers the warning
    • Add the Tor Browser for Android User Agent to the frontend tests

The larger mobile question (#1450) is out of scope but discussion input there is appreciated as well!

eaon avatar Nov 02 '22 16:11 eaon