(.onion) Bookmarks and Data Forensics
When you need to visit an specific .onion repeatedly, you mainly have two options:
- Bookmark it
- write them down on a piece of paper
-as you might have guessed no one goes for the second option, so let's talk about the first one-
Bookmarks are currently being stored in clear on disk.
Scenario: A person gets arrested by [put-your-fav-adversary-here] with Tor Browser installed on their computer. So far so good. We've a big range of users... plausible deniablity and all that. Until... they find a link to say a whistle-blowing platform bookmarked on their Tor Browser.
How do we want to deal with this issue?
Should we show user a warning message when they're bookmarking an .onion address, like the one we do when they try to download something and advise them not to bookmark any sensitive address?
Should we somehow encrypt their bookmarks with a password or something? (Tails style)
Should we give them an option to plug in a (possibly encrypted) external storage like a USB stick and never save the bookmark on the primary disk?
Bookmarks are one of the most effective tool users have to defeat phishing attacks.
How do we communicate danger to users?