Changes between Initial Version and Version 1 of Ticket #18382, comment 8


Ignore:
Timestamp:
Feb 28, 2016, 12:48:58 AM (5 years ago)
Author:
cypherpunks
Comment:

Legend:

Unmodified
Added
Removed
Modified
  • Ticket #18382, comment 8

    initial v1  
    1414
    1515> When all tabs related to an URL bar domain are closed, a reasonable user expectation is that that particular session is closed and that a new tab will start from a clean slate.
    16 This sound neat. However, reasonable expectation? What other web browser ever did this? I can't think of any. What makes you think that users would expect such behavior? Not to mention the amount of breakage doing this would result in.
     16This sounds neat. However, reasonable expectation? What other web browser ever did this? I can't think of any. What makes you think that users would expect such behavior? Not to mention the amount of breakage doing this would result in.
    1717
    1818> > Unless you're fond of security theater
    1919>
    2020> This is not security theater. This is about breaking up browser sessions into smaller pieces that are harder to correlate.
    21 I sympathize with your intention here. This sound good. But you said nothing about the very important point I raised about the ineffectiveness of just focusing on history, cookies and cache. If Tor Browser were to clear those while leaving the rest of the state in place, the result is that correlation has only been made harder for some of the less resourceful adversaries. This would only lead to an unwarranted sense of security. Hence why I would call it security theater.
     21I sympathize with your intention here. This sounds good. But you said nothing about the very important point I raised about the ineffectiveness of just focusing on history, cookies and cache. If Tor Browser were to clear those while leaving the rest of the state in place, the result is that correlation has only been made harder for some of the less resourceful adversaries. This would only lead to an unwarranted sense of security. Hence why I would call it security theater.
     22
     23(Edit: typos)