Opened 3 years ago

#19119 new enhancement

Repurpose block-malicious-sites-checkbox on TLS error page in Tor Browser

Reported by: gk Owned by: tbb-team
Priority: Medium Milestone:
Component: Applications/Tor Browser Version:
Severity: Normal Keywords:
Cc: Actual Points:
Parent ID: Points:
Reviewer: Sponsor:

Description

Right now the checkbox on the neterror page sends a report about an TLS error to Mozilla (containing host, port, timestamp, useragent, update channel, buildid, certificate chain and version of that feature). We might want to repurpose that checkbox as, first, I see no reason why Mozilla should gather data related to a Tor Browser user. Second, this message is highly confusing in our context. Say, an exit node is MITMing a user. Why should the user report that to Mozilla in order to identify and block malicious sites? What is Mozilla supposed to do with that information?

We could think about having an own infrastructure for this that might help detecting bad relays

Child Tickets

Change History (0)

Note: See TracTickets for help on using tickets.