Disabling JavaScript / JS in Tor Browser (TBB) by default?

@Patrick Since we ship Tor Browser by default do you think it’s a good idea to disable JS by default?

It doesn’t really change the fingerprint and it raises baseline sec.

It’s a interesting / tempting idea…

Why doesn’t Tor Project (TPO) do that?

Does anyone else do that such as Tails?

I am hesitant about changing defaults in Tor or Tor Browser.


In…

permission to install Tor Browser by default in Whonix

Roger Dingledine:

  1. Is the Tor Browser that Whonix wants to ship modified in any way from the Tor Browser that you get from the Tor website?

By making a change, we might loose permission to install Tor Browser by default in Whonix. It’s not clear from the ticket. Could be interpreted either way.

They may or may not object. If allowed, we’d still need to figure out how to make this change in a reliable way. Most likely we should upstream a patch so this can be enabled through an environment variable.


Related:

Rather related:

Mostly related:

A general Whonix design principle is to keep the Tor process as uniform as possible, in order to simplify any security audits. Diverging from this practice would introduce unnecessary complexity, possibly worsen fingerprinting or degrade anonymity, and limit Whonix discussions to the security impacts of the modified routing algorithm.

So once we get into browser modifications, simple answers such as “same as Tor Browser” are no longer possible.

1 Like

They don’t do it to avoid making advertisers angry and and also because of user complaints that the web is broken. If these reasons are not a concern then the best way to go about this is to ask TPO for permission first and also about the environment variable to use to enable high security setting by default since this disables JS.

1 Like

Thanks to the workaround in the other thread this could be achieved via a custom profile. I will open a ticket to keep this on the radar in the future if you agree that there is more good than bad here.

These are the type of “brilliant” ideas that usually originate from Micah, unfortunately.

Could you please also request an environment variable to change security
slider default settings?

Let’s see. Perhaps we’ll make it a whonix-setup-wizard question. Though
it’s a very bad question to ask users.

Do you want high security but broke websites or low security and working
websites? This discourages users and lets them fall back to not using
Whonix at all.

My perspective as a common user:

I came to Tor/Tails/Whonix/Qubes for maximum privacy, security, and anonymity. I expect the defaults to be as secure as possible. I do not expect Whonix to work like Windows (everything nice and shiny right out of the box, with a nice GUI for everything). I expect my insecure actions to be hindered by secure policies.

If my actions are hindered, I assume it is for a reason, and I am forced to research before blindly deactivating some security feature.

In my opinion, anyone savvy enough to get Whonix installed, is savvy enough to handle a JS-disabled torbrowser.

If the user has come this far, and is thwarted by a browser addon, then they’ve come to the wrong place.

I don’t know. I mean it shouldn’t be that bad if the know what to expect. Also the whonixcheck page can show a small animated gif on how to change it if they ever need to?

2 Likes

i dont c it is a good choice to maintain TBB or changing anything inside it , because as result of that we need a continuous look out to TBB from torproject changes to change whatever it needs to change in our TBB in order to adjust the variation between the two versions. and thats absolutely not recommended at the moment because this time and effort we need it somewhere with whonix tickets.

Could you please draft a new ticket similar to [Feature Request] Environment Variable to set security slider level (#25391) · Issues · Legacy / Trac · GitLab?

  • reference the old ticket, summarize and its conclusion
  • ask if permission still granted if we disable JS by default

Time of confusion vs time of education.

  • If whonixcheck runs before users notice about disabled JS, users get confused by that message.
  • If Tor Browser runs before whonixcheck, users get confused about disabled JS without explanation.