securedrop
securedrop copied to clipboard
Re-evaluate Orfox warnings
Description
Orfox is no more, and Tor Browser for Android, which took its place, is not being caught by the current regular expression targeting Orfox. This results in confusing warning messages if JavaScript is executed because of the "Standard" security setting:
It is recommended to use Tor Browser
But I am! Just the Android version.
Steps to Reproduce
- (Download Orfox)
- (Get redirected to) Download Tor Browser for Android
- Access SecureDrop source interface
Actual Behavior
Comments
For more contemporary mobile (torified) browser context I left some notes in #1450
The Orfox warning in place now is essentially dead code. Tweaking the language and regular expression would be a minimum, but I don't think we should imply that the security or anonymity guarantees of Tor Browser for Android are worse than that of Tor Browser for any other officially supported platform.
I realise this may be a big box of worms, but Tor Project does not seem to treat Tor Browser for Android different than the desktop versions. Would it be reasonable to follow suit (not in 2.3.0, mind you) and integrate TB4A with security level warning instead? Would that require adapting threat models?
I think that although we might consider Tor Browser for Android as trustworthy as the desktop one, the same cannot be said for the overall environment. Most Android phones will backup files to Google or other cloud services, as well as snoop on the keyboard for learning purposes. Even if Tor Browser may prevent some of these things it is reasonable to think that almost anything that goes through a modern smartphone will hit the cloud at some point.
So if we have to write a warning, I would go in that direction mostly.
Tentatively added to 2.4.0 milestone since the current behavior is clearly a bug.
I'm moving this to 2.6.0, we should still do it because Orfox is dead, but it is not going to make it into 2.5.0 without adding a delay that IMO would be unjustified.
We discussed this when we were weeding out issues for hackathon participants, and decided to lay out what the requirements to close this issue are:
- Change the wording to drop the reference to Orfox, and that the existence of Tor Browser for Android isn't confusing anymore either.
- Ensure that the warning is shown on Tor Browser for Android
- If it is not, adapt the User-Agent regular expression that triggers the warning
- Add the Tor Browser for Android User Agent to the frontend tests
The larger mobile question (#1450) is out of scope but discussion input there is appreciated as well!