Multiple Tor Browsers is Awful Decision by TPO

What the hell is Tor Project thinking?

Perfect example of the kind of design pitfalls that Whonix should avoid. There is absolutely ZERO explanation of Experimental or Hardened Browsers on their download page. If you search hard enough and dig through enough comments on their blog, you can come to realization that the experimental versions are slower, larger, and more prone to failure.[1] They are in fact, experimental. Yes, the Hardened version is also experimental.

So why is an organization devoted to protecting the most vulnerable Internet users providing experimental versions of their software without any warnings? This stuff should be hidden on a development page since it should not be used by 90%+ of the user base. Many of the Whonix forum posts concerning the Hardened Browser are made by users who clearly do not have the technical background to be using that version in the first place. (<- Not directed at any poster specifically). Does it even have the same fingerprint as stable?

The biggest problem is the name. When a user sees 3 versions of the Browser, do you think that they’ll go for the one that is (un)(less)-Hardened? I think Whonix Docs can do what TPO has not done. Also, tb-downloader could use better warnings (and explain that all Tor Browsers are “Hardened”). Edit: Perhaps tb-downloader shouldn’t even present a choice - anyone who should be using an experimental version will know how to get it themselves.

[1] https://blog.torproject.org/blog/tor-browser-55a4-hardened-released:

This hardening comes with some downsides: these builds are slower than regular builds, and consume more memory … We should also point out that the hardening provided by Address Sanitizer is not perfect.

I don’t think too many people are using TBB hardened, since that would not work in Whonix VirtualBox at the moment (i386 vs TBB hardened for amd64 only.

tb-updater sets the lowest available recommended version by default.

tb-updater contains an explanation.

Only versions still considered secure should be listed here. Higher version numbers does not necessarily mean more secure here. Could be alpha or beta versions. In most cases you are best off choosing the lowest version number among them.

I am not sure there is much that can be done to protect fast clicking users that do not read a lot.

Not showing any options is not an option either since https://www.torproject.org/projects/torbrowser/RecommendedTBBVersions is not reliable. Sometimes lists no longer downloadable versions.

This is a huge mess that wasted hours and hours and hours for so many people. The root cause is Tor Browser not being available as Debian package.

Make a deb of the Torbrowser and add to repository
https://trac.torproject.org/projects/tor/ticket/5236

Get TorBrowser in Debian
https://trac.torproject.org/projects/tor/ticket/3994

Actually there would be a way to avoid the version choice screen of tb-updater. The version choice could be disabled by default. RecommendedTBBVersions file by The Tor Project would be ignored. Instead tb-updater would go ahead and download the version as defined in tbb_hardcoded_version.

I have to keep the tb-updater package updated for the tbb_hardcoded_version file in context of https://www.whonix.org/wiki/Tor_Browser#Qubes_specific anyhow.

After I am notified about new Tor Browser stable versions, I usually lack 1-2 days behind until updated tbb_hardcoded_version tb-updater package ends up in Whonix stable repository. The manual version choice could become a command line switch --choice or so. And once sort of cumbersomeness, the version choice would be replaced by a different sort of cumbersomeness: tb-updater would have to be updated (for most users not knowing about --choice using apt-get before ruining update-torbrowser starts downloading current versions. Or before tb-updater starts working again at all - in case the older version has been removed by The Tor Project already.