tbb as a privacy enhancement tool - add ghostery and adblock
Keeping in tune with not presenting Tor as a censorship circumvention tool but instead mainly as a privacy enhancement tool, the Tor Browser Bundle should look into including privacy related Firefox addons.
tbb already includes these external extensions:
-
HTTPS Everywhere homepage https://www.eff.org/https-everywhere
-
NoScript on firefox addons https://addons.mozilla.org/en-US/firefox/addon/noscript/ homepage http://noscript.net/
I suggest adding the following extensions:
-
Ghostery on firefox addons https://addons.mozilla.org/en-US/firefox/addon/ghostery/ homepage http://www.ghostery.com/
-
Adblock Plus on firefox addons https://addons.mozilla.org/en-US/firefox/addon/adblock-plus/ homepage http://adblockplus.org/
Including these addons has these benefits:
-
Increased browsing speed and less load on the Tor network. Tor network is at times slow for normal web browsing. By including the new addons, the users browser needs to perform fewer DNS requests and download less data in scripts/images. This should speedup the browsing experience.
-
Additional security. By not downloading advertisements and by preventing tracking from questinable entities, the user is exposed to fewer external entities than the website that they are on.
-
Additionaly privacy. Without adblocking and tracking protections, it is possible to get a fingerprint of the user based on the websites they visit - when all the websites contain a Facebook like button or Google+ button etc. This way, there exists a theoretical possibility of identifying the user based on tracking their browsing habits when they use Tor.
There are a number of problems related to these extensions that should be discussed here:
- By including these extensions, we are effectively choosing what content our users are seeing (and mainly not seeing) - and that is not exactly Tor's goals are. However, we are already including HTTPS Everywhere, enabled by default, which already chooses for the users to go to a different place than they asked for by redirecting to a secure version of the requested website. Similarly, NoScript, which is not enabled by default, prevents some content from running on the users client which can also be seen as us choosing what the user sees or can do.
Hence, I would not say that including additional extensions would set a dangerous precedent of us choosing what the user sees, since in a way we already do that and do not get complaints on the #tor irc channel or on trac or in comments.
-
These extensions can break some parts of the web or prevent users from accessing some websites (e.g. sites say "Please disable adblock to continue"). I do not the extent to which the web breaks with these addons, but have personally not experienced any trouble in a few months of using those tools, this of course needs to be tested more. Both Ghostery and Adblock Plus can be easily disabled from the toolbar without needing to restart the browser or any other problems.
-
The addons will need to be audited for leaking information. Both of them have autoupdate functionality which can easily be disabled by default in their options. Both of them have a privacy policy which states that they do not collect any information by default unless the user opts in. I would happily perform an audit of them - but I am not a trusted enough person on the Tor project for it which is a problem.
-
We need to decide whether these addons would be enabled or disabled by default. Currently, we have HTTPS Everywhere enabled by default and NoScript disabled by default. So we already have a precedent of shipping addons which are disabled by default. Having the new addons disabled by default gives the user the choice of running them if he/she wants to without having to download them from the mozilla addons webpage (and thus leave a trace on mozilla servers or be exposed to a theoretical MITM attack when trying to download them since mozilla servers are a very nice target). By having them enabled by default, we make the user encounter the problems in 2).
-
Advertisement and tracking companies will view Tor as more of a threat and hence the Tor project will gain new enemies.
There are probably more issues with including the new extensions in tbb, and there are also probably some other extensions that could help the users privacy, so I would like to discuss it here to get a feel for what people think is the best approach to this issue.