Opened 6 months ago

Last modified 6 months ago

#33357 new enhancement

Add option to remove addresses from window/tab titles

Reported by: juannelly Owned by: tbb-team
Priority: Medium Milestone:
Component: Applications/Tor Browser Version:
Severity: Normal Keywords: TorBrowserTeamTriaged, ux-team
Cc: antonela Actual Points:
Parent ID: Points:
Reviewer: Sponsor:


I would like to see a new feature where the user can uncheck a box to have the title/address removed from the window/tab title.

Some employers, especially in Europe, allow employees to browse privately but do scan EXE names and window titles to protect against malware that may be run. If I'm browsing a website on "Prostate Cancer", the title of my browser changes to "WebMd Prostate Cancer" or something like that. Configuration management products and vulnerability scanners will notice that and record it. Now my employer knows I've got prostate cancer.

2nd use case would be in the case of OS beta testers. A lot of telemetry is turned on during beta/early adoption. Even if I browse with Tor on my home machine, the OS vendor knows the names of the websites I've browsed to by the title of the window. As that telemetry gets submitted to the OS vendor, they now know of my health problems or adult extracurriculars.

If I could tell Tor that in ultimate privacy mode the window title never gets that information in the first place, then neither my employer nor my OS vendor gets this information. Boom, most private browser ever.

Child Tickets

Attachments (1)

33357.png (168.6 KB) - added by antonela 6 months ago.

Download all attachments as: .zip

Change History (3)

comment:1 Changed 6 months ago by pili

Component: UXApplications/Tor Browser
Keywords: TorBrowserTeamTriaged ux-team added
Owner: changed from antonela to tbb-team

Thank you for the enhancement request, we will add this to our list for review

comment:2 Changed 6 months ago by antonela

hi, i'm not sure if this feature request is going to make it the most secure browser on the planet, but the sexiest... maybe.

Now i wonder how this threat model reaches other elements (eg. favicons?) which can be logged by local "attackers". Let's see what devs say.

If the implementation is plausible, we can expose a pref in about:preferences#security

Changed 6 months ago by antonela

Attachment: 33357.png added
Note: See TracTickets for help on using tickets.