Inform Torbutton users about TBB

Once TBB has a way of telling users to upgrade properly (#2285 (moved) and friends), we should be more aggressive about telling regular Firefox users that they are out of date. The easiest way to do this is to pop up a XUL dialog that tells Torbutton users where to find TBB. Ticket #3811 (closed) created the string for this dialog window.

changed milestone to %TorBrowserBundle 2.3.x-stable

added MikePerry201205 actualpoints::2 component::torbrowserbutton milestone::TorBrowserBundle 2.3.x-stable owner::mikeperry points::1 priority::medium resolution::fixed status::closed type::enhancement labels

Trac:
Points: N/A to 1

My inclination is to wait until we have a working updater for TBB before doing this.

Trac:
Milestone: TorBrowserBundle 2.2.x-stable to TorBrowserBundle 2.3.x-stable

Replying to mikeperry:

My inclination is to wait until we have a working updater for TBB before doing this. I have no idea how long this is going to take.

However, they are using outdated software. Imho better be safe and tell them asap.

Trac:
Cc: N/A to proper@secure-mail.biz

Trac:
Keywords: N/A deleted, MikePerry201205 added

I did this by displaying a popop when you click on Torbutton. Here's the text:

Torbutton is no longer safe to use in a browser that is also used for non-Tor browsing.
We have disabled the ability to toggle Torbutton as a result.

If you wish to keep using Firefox for non-Tor browsing, you should uninstall Torbutton
and download Tor Browser. The privacy properties of Tor Browser are also superior to 
those of normal Firefox, even when Firefox is used with Torbutton.

  [ ] Do not show this message again

                                                        [OK]

Trac:
Resolution: N/A to fixed
Actualpoints: N/A to 1
Status: new to closed

Don't you think it were better, if this message were shown on browser start even better, directly after Tor Button update?

Who knows how long they not click on Tor Button...

Trac:
Status: closed to reopened
Resolution: fixed to N/A

I actually tried that first and I didn't like it. It was hard to tell where the popup was actually coming from in that case. I think making them click on the green onion to try to turn it off is the better route.

My assumption was that people who have Torbutton are already used to toggling it. I suppose there could be people who installed it, never toggled it, and have been assuming they've been using tor the entire time? That's probably worse.

Replying to mikeperry:

I suppose there could be people who installed it, never toggled it, and have been assuming they've been using tor the entire time? That's probably worse.

Yep, this is the group I meant.

And they perhaps used another browser or another browser profile for their non-Tor use. That advice is widespread.

Replying to proper:

Replying to mikeperry:

I suppose there could be people who installed it, never toggled it, and have been assuming they've been using tor the entire time? That's probably worse.

Yep, this is the group I meant.

Further thought reveals there is another group: People who have had Torbutton installed by someone they know who sometimes uses their computer. These people may be temporarily confused, until they talk to their "expert".

And they perhaps used another browser or another browser profile for their non-Tor use. That advice is widespread.

Yeah, those diehards is who this is primarily targeting, I think. I still think they're Doing It Wrong, but that doesn't mean we can't at least make a half-assed attempt to keep them from shooting their feet off.

I guess the question is: Is it worse to force the unsuspecting into using Tor, or is it better to protect the ignorant and the stubborn? I think everyone should be using Tor, so for me, that choice is easy ;)

If there is another option, please reopen. Otherwise I think the "notify upon button click" is better than random unidentified popup telling people to install random software. No one should listen to something like that anyways.

Trac:
Resolution: N/A to fixed
Status: reopened to closed

My above statements only really make sense if you believe #3838 (closed), #5863 (closed) and #5758 (closed) need be deployed together (Which they will be.. Probably too late to alter that).

Replying to mikeperry:

Replying to proper:

Replying to mikeperry:

I suppose there could be people who installed it, never toggled it, and have been assuming they've been using tor the entire time? That's probably worse.

Yep, this is the group I meant.

Further thought reveals there is another group: People who have had Torbutton installed by someone they know who sometimes uses their computer. These people may be temporarily confused, until they talk to their "expert".

Good point. One of my new suggestions will totally break Firefox and make them needing their "expert".

And they perhaps used another browser or another browser profile for their non-Tor use. That advice is widespread.

Yeah, those diehards is who this is primarily targeting, I think. I still think they're Doing It Wrong, but that doesn't mean we can't at least make a half-assed attempt to keep them from shooting their feet off.

Agreed.

I guess the question is: Is it worse to force the unsuspecting into using Tor, or is it better to protect the ignorant and the stubborn? I think everyone should be using Tor, so for me, that choice is easy ;)

Forcing into Tor is bad for some reasons, if you login into (many) banking services using Tor, your account gets suspended. Paypal does that. That were the worst publicity for Tor. Also exit sniffing... If you use Tor, you must know what you are doing.

Otherwise I think the "notify upon button click" is better than random unidentified popup telling people to install random software. No one should listen to something like that anyways.

Also agreed with that one. Random popups are bad.

If there is another option, please reopen.

I indeed thought about this one... New suggestions... Might be combined, can be used alone.

1. You know the noscript update page, which is sometimes shown, when noscript was (auto)updated? That's not a popup and doesn't look malicious. Many addons do it like that. You could do the same with Tor Button. Redirect them to a site on tpo.org, make a really big red warning and explain the situation.

2. You make a random unidentified popup and ask users to click on Tor Button, since there is an important news. The popup shows once updated and on each browser restart. Also with the ability to show the popup only once.

3. Let's face it. You are abandoning/discontinuing a software project. (Tor Button with toogle for Firefox gets taken off in favor of Tor Browser, due to technical reasons and/or lack of manpower.) It's impossible to make everyone happy, when doing something like that.

Prevent the Tor Button/Firefox users from connecting to any website. Tor or non-Tor. No more internet connections. All they see is an explanation and they have to uninstall Tor Button. The only thing, you should allow is connecting to tpo.org, to allow downloading the net Tor Browser Bundle over Tor (in case they are in a censored environment).

Trac:
Status: closed to reopened
Resolution: fixed to N/A

Replying to proper:

If there is another option, please reopen.

I indeed thought about this one... New suggestions... Might be combined, can be used alone.

1. You know the noscript update page, which is sometimes shown, when noscript was (auto)updated? That's not a popup and doesn't look malicious. Many addons do it like that. You could do the same with Tor Button. Redirect them to a site on tpo.org, make a really big red warning and explain the situation.

2. You make a random unidentified popup and ask users to click on Tor Button, since there is an important news. The popup shows once updated and on each browser restart. Also with the ability to show the popup only once.

3. Let's face it. You are abandoning/discontinuing a software project. (Tor Button with toogle for Firefox gets taken off in favor of Tor Browser, due to technical reasons and/or lack of manpower.) It's impossible to make everyone happy, when doing something like that.

I think I like option 3 the best, though I might accept a patch for option 1 if you can do one by tonight/tomorrow (and can commit to it now).

1.4.6 fixes a lot of important other issues for people who actually want to use Tor, and we should have gotten it out like yesterday or last week. I think that takes priority.

Prevent the Tor Button/Firefox users from connecting to any website. Tor or non-Tor. No more internet connections. All they see is an explanation and they have to uninstall Tor Button. The only thing, you should allow is connecting to tpo.org, to allow downloading the net Tor Browser Bundle over Tor (in case they are in a censored environment).

No, I want to allow Torbutton without toggle for a while longer. While I'm a TBB user, I'm not pleased with our lack of autoupdates or package manager integration. If you don't care about website tracking, these things might matter more to you than the added privacy of Tor Browser.

Trac:
Status: reopened to closed
Resolution: N/A to fixed

I guess option 2 isn't that bad, though... At least we can make an effort to make sure people know what just happened after update. I'll think about it. I like option 1 better, so if you can hack up a patch for that, I'd go with that. Otherwise, I'll see if I can last minute punt on option 2.

I am working on option 2, as well as new text on the suggestion of nickm and rransom.

Trac:
Status: closed to reopened
Resolution: fixed to N/A

Ok, well option 2 is rather sad. The event delivery at startup makes it appear as a lone window before the Firefox window is opened, at least on Linux. It has a title of "Important Torbutton Information", and here is its text:

Important Torbutton Information!

Torbutton is now always enabled.

Click on the Torbutton for more information.

Here is the new text for the warning when you click the button:

Torbutton works differently now: you can't turn it off any more.

We made this change because it isn't safe to use Torbutton in a browser 
that's also used for non-Tor browsing. There were too many bugs there 
that we couldn't fix any other way.

If you want to keep using Firefox normally, you should uninstall Torbutton
and download Tor Browser. The privacy properties of Tor Browser are also
superior to those of normal Firefox, even when Firefox is used with
Torbutton.

To remove Torbutton, go to Tools->Addons->Extensions and then click the
Remove button next to Torbutton.

  [ ] Do not show this message again

                                                                [ OK ]

Thanks for considering my solution. I am glad, if I can contribute something constructive.

The texts look fine.

Replying to mikeperry:

I'll think about it. I like option 1 better, so if you can hack up a patch for that, I'd go with that.

I am sorry, I don't know the Torbutton script language and Firefox API's, so I couldn't do it in a reasonable time.

This was deployed in 1.4.6. If you're a h8r and want toggle back so you can get pwnt by proxy bypass, go into the Torbutton preferences and uncheck the "Disable button and Hotkeys to prevent accidental toggle" checkbox at the bottom of the main Proxy Settings tab.

Trac:
Status: reopened to closed
Actualpoints: 1 to 2
Resolution: N/A to fixed

closed

changed time estimate to 8h

added 16h of time spent

mentioned in issue #4974 (closed)

mentioned in issue #5279 (closed)

mentioned in issue #5863 (closed)

mentioned in issue #6083 (closed)