Confusing/Conflicting Info Provided About Flash in Tor Browser, Usability Issue
Tor Browser 3.5.1
There is a serious conflict here between documentation for the Tor Browser Bundle, and the interface provided by the Tor Browser. If there is another ticket, this should be grouped in.
Not using the seperate components, noscript, torbutton, as an excuse, the following things are incompatable:
--[1]--Buttons in noscript plugin for flash are now unchecked.(See #10772 (moved) https://trac.torproject.org/projects/tor/ticket/10772). These buttons don't do anything--see other ticket. This is misleading to user.
--[2]--Documentation in design document (https://www.torproject.org/projects/torbrowser/design/) says "In addition, to reduce any unproxied activity by arbitrary plugins at load time, and to reduce the fingerprintability of the installed plugin list, we also patch the Firefox source code to prevent the load of any plugins except for Flash and Gnash."
This statement in and of itself may lead a user to believe Flash is now "Tor Safe".
--[3]--The "Disable browser plugins (such as Flash)" checkbox under Torbutton->Preferences->Security Settings does not provide adaquate warning to a naive user. When this is unchecked, and the browser restarted, addons shows the addons-manager set flash to "ask to activate."
--[4]--A rather large pop-up window with generic information about plugins possibly being dangerous shows up. Given the other points here, this message did not seem to state clearly that Flash WILL bypass your proxy.
--[5]--The existance of a project in Tor Project called "FlashProxy". This name is misleading. It should be changed to "FlashRelay."
The combination of all these factors led an expert user to believe that Flash now worked with Tor Browser, had been scrutinized, and would be proxied. Luckily, that user was using TAILS.
But this can result in immediate anonymity loss for someone else. Because once activated, it completely appears that Flash is running in the Tor Browser, and a naive user may think it is being proxied.
I think the Torbutton checkbox needs more information there. Specifically, maybe renaming it to something like "Activate Flash for use with VM Transproxy or TAILS system ONLY. Flash will not be proxied and is not considered Tor Safe."
Simply because a setting is under "Security Settings" does not mean you should be an oracle to know what it does. It should still be documented and have a specific function.
Regarding ticket #10280 (moved), https://trac.torproject.org/projects/tor/ticket/10280, this is related. Depending on how that ticket is addressed may affect this, but this is still a different ticket. This ticket is about usability concerns mostly, and also documentation concerns, and wordings.
Again regarding #10772 (moved), to many buttons in too many places that don't do what user expects--are not documented (A design document isn't really documentation!)--this is a general problem here with Tor Browser UI design
Trac:
Username: guranna2