Opened 13 months ago

Last modified 2 months ago

#31283 new project

O3.2 - Design the flow of how our users can bypass the scenarios of O3.1.

Reported by: gaba Owned by: antonela
Priority: Medium Milestone:
Component: UX Version:
Severity: Normal Keywords:
Cc: antonela, cohosh Actual Points:
Parent ID: #31269 Points:
Reviewer: Sponsor: Sponsor30-must

Description

  • A1 - User flow part 1: User learns they are under censorship. Create mockups with different solutions on how to notify Tor Browser users about detected censorship.
  • A2 - User flow part 2: Once censorship is acknowledged by the user, we then guide them on how to bypass the detected censorship. Create mockups with different solutions on how to better guide our users to bypass censorship.

Child Tickets

TicketStatusOwnerSummaryComponent
#11132newbradeTor Launcher should suggest the use of bridges if Tor is dangerous in user's areaApplications/Tor Launcher
#11222needs_informationbradeInform user if reachable bridges drop below a configurable fraction/numberApplications/Tor Launcher
#14638newtbb-teamMake it easier to add a bridge in network settingsApplications/Tor Browser
#14836newCan we compile in WebRTC to allow QRCode bridge entry?Applications/Tor Browser
#14837newbradeSupport QRCode bridge entry and sharing in Tor LauncherApplications/Tor Launcher
#23838newtbb-teamUse OONI to inform Tor Launcher user workflowApplications/Tor Browser
#23839newtbb-teamTesting Framework for Censorship CircumventionApplications/Tor Browser
#23971newbradeimplement multi-step progress bar for new Tor Launcher UIApplications/Tor Launcher
#24452newbradeFirewall option is visible behind Tor Network Settings... but not during start-upApplications/Tor Launcher
#24527assignedmcsInform users in Tor Launcher of which settings are best for them based on their countryApplications/Tor Launcher
#25431newbrade"Tor is censored in my country" does not cover some scenariosApplications/Tor Launcher
#27476newtbb-teamRemove gap between Tor Launcher window and main browser windowApplications/Tor Browser
#28015newtbb-teamBrainstorm improved ux for orgs that want to give bridges to their peopleApplications/Tor Browser
#28556newtbb-teamDetect other installed circumvention tools and offer them as transportsApplications/Tor Browser
#29590newtbb-teamSmarter bootstrapping for Tor Browser taking censorship into accountApplications/Tor Browser
#30456newtbb-teamTBA - Provide bridges with a magic linkApplications/Tor Browser
#30473needs_informationbradeupdate Tor Browser proposal 102 to account for Tails team feedbackApplications/Tor Launcher
#33117closedTor Launcher Issues- Select a component

Attachments (2)

S30.png (373.0 KB) - added by antonela 2 months ago.
user-flow
wireframes.png (2.5 MB) - added by antonela 2 months ago.

Change History (6)

Changed 2 months ago by antonela

Attachment: S30.png added

user-flow

Changed 2 months ago by antonela

Attachment: wireframes.png added

comment:1 Changed 2 months ago by antonela

Proposal - Tor Browser 10

What if we plan Tor Browser 10 as the "anti-censorship/circumvention" release?

I want to make Tor Browser proactive in detecting censorship. Most of the time, users get aware of a kind of network interference when they wish to access specific content. But even in those cases, most users are not aware of the technical background under that censorship experience.

Using retroactive OONI data or an OONI vanilla test, can we make Tor Browser proactive on safety detect interference in the user's NAT and act upon that?

With this iteration, I aim to make Tor Browser smart enough to 1. detect interference, 2. ask for user consent to use bridges, and 3. open the best bridge available. Advanced users will be able to configure custom bridges, private bridges, friends bridges, and any tunnel they want via Advanced Options.

Also, this iteration will improve the no censored users launching experience by making it similar to any other browser.

We thought a bit about this flow back for TBA in #28329.

Out of scope?

  • Tails use case: people who want to hide the fact that they are connecting to Tor

User Flow

Current flow to access bridges:

  1. Open the browser
  2. User click "Configure"
  3. User click "Tor is censored in my country"
  4. User click "Select a built-in bridge"
  5. User select a bridge from the menu
  6. User repeat 4. until some chosen option works
  7. Gets connected

Proposed flow to access the Tor network

  1. Open the browser
  2. Wait for connecting
  3. If the connection failed, Tor Browser prompts users for consent to request a bridge
  4. User gives consent.

    Does user solve a puzzle? Does user disclose sensitive information eg. location?

  5. User gets connected

https://trac.torproject.org/projects/tor/raw-attachment/ticket/31283/S30.png

Wireframes

https://trac.torproject.org/projects/tor/raw-attachment/ticket/31283/wireframes.png


Questions

  • What do you think? Do you see it doable?
  • Do you see we can plan middle releases in alphas for testing this?
  • If we need to plan middle releases, which are the middle steps you would like to take before going to stable?
  • Do you feel comfortable with picking the best bridge for users instead of asking them to find one?
  • Given our short capacity for browser development, can this team provide the needed patches to tor browser devs for making this happen?
  • Can we still offer Tor Launcher to 3rd parties without an interface?

comment:3 Changed 2 months ago by phw

Does user solve a puzzle?


Moat currently serves a CAPTCHA before it hands out bridges. While not perfect, a CAPTCHA is still better than no CAPTCHA. That said, I'm open to hearing about alternatives!

Does user disclose sensitive information eg. location?


Knowing the user's location would help us pick the best circumvention method. For example, default bridges are all that a censored user needs in some places. Over at #28531, we are working on a censorship snapshot. We could embed this snapshot in Tor Browser, so it knows the best circumvention method in a given country. The problem is that censorship can change faster than we can ship a new version of Tor Browser, resulting in an outdated snapshot that suggest a circumvention method that no longer works.

However, we don't need to know the best circumvention method. Tor Browser could start with a direct connection and switch over to default bridges if it cannot connect to the network directly. If default bridges don't work either, it can start using Moat to request an obfs4 bridge. Bundling Tor Browser with OONI may be difficult because of size constraints.

Do you feel comfortable with picking the best bridge for users instead of asking them to find one?


Yes, definitely. We already know what works in many countries and we might as well make Tor Browser take this information into account.

Given our short capacity for browser development, can this team provide the needed patches to tor browser devs for making this happen?


Do you mean the anti-censorship team? That may be difficult because we have little to no experience with Tor Browser development. That said, if this turns out to be a mostly self-contained task (and I'm not in a position to tell if it is), we may be able to help here.

It would be great to hear from a Tor Browser person because most of the work for this ticket will happen in Tor Browser.

comment:4 Changed 2 months ago by cohosh

Cc: cohosh added

cohosh cc'ing myself on sponsor 30 work

Note: See TracTickets for help on using tickets.