That’s ok, also to other examples would be useful generally.
"SecBrowser"
has some google search results for SecBrowser.apk
. It’s still enough time to rename. Better to avoid confusion. What about…
- Sec1Browser
- 1st Security Browser
- Supreme Security Browser
- securetty browser
- securettyb
- securer
?
Since securer is into the business of tweaking settings while not having anonymity as a goal (which Tor Browser is for), why not set the security slider setting to maximum by default?
Done.
Reverted, since does not work unfortunately. After first browser start, noscript by default still allows everything.
Help welcome.
Also added a feature that allows downloading hardcoded alpha rather than stable versions to help keep always the newest version in newly created AppVMs / DispVMs.
Folder /etc/secbrowser.d
File /etc/secbrowser.d/50_user.conf
tbb_download_alpha_version=true
/usr/local/etc/secbrowser.d
settings drop-in folder now also supported.
(Would also work for /usr/local/etc/torbrowser.d
/ /usr/local/etc/i2pbrowser.d
.)
download-secbrowser
still needs to be run manually in TemplateVM to profit from updated SecBrowser in newly created TemplateBasedVMs / DispVMs. When doing so - just now tested - SecBrowser starts nicely in a Debian buster based DispVM.
A start menu entry (works also in Qubes) is functional.
A SecBrowser local homepage was added too:
https://github.com/Whonix/tb-starter/blob/master/usr/share/secbrowser/secbrowser.html
All needs testing / documentation.
vs
I agree if a good alternative can be found. SecBrowser is a good name imo and I think for the most part people only care if the software is use full or not. Not so much the name. For example, if we wanted to name a OS after an appendage found hanging off of a lizards ass, there would be a lot if resistance from the community. Tails is a huge success not really because of the name, but because its very useful.
I guess this works both ways, it doesn’t need to be called SecBrowser either so long as the users find the browser useful.
I’ll come up with more naming options
IIRC there are a few recent trac
tickets related to NoScript settings. I’’ take a peak and maybe get some insight on how to change settings
Nice touch!
Yes, have to update
- SecBrowser™ has been deprecated! → hxxps://whonix.org/wiki/our_new_browser_name
- https://github.com/0brand/Privacy-and-Security-Focused-Browser
Rebrand about:tor → about:secbrowser (or try to)
Maybe a https://github.com/whonix/secbrowser ?
Testing should be easy enough. I’ll start working on all of this later on today.
Maybe manual instructions can be removed from SecBrowser ™ has been deprecated! ? Add instructions for tb_updater
. This is a secure browser, lets focus on using tb-updater
in Debian, Debian based distros.
Yes, rename/move/change most contents (screenshots seem useful to keep). Contents of https://github.com/0brand/Privacy-and-Security-Focused-Browser could be ported to Debian.
Would be cool but seems difficult. I wouldn’t know. A rebrand would be good. We can see how far we get and then create feature requests upstream, see how they like the project once it stabilized a bit.
tb-updater package is still very Tor Browser focused in source code. The main script is /usr/bin/update-torbrowser
and the other scripts (update-i2pbrowser / download-secbrowser) just wrap around it. A major refactoring would be worthwhile but also a lot work. The shared code makes up most and secbrowser specific code is very, very little actually, so not sure if justified to have a separate package. Also under consideration is merging tb-updater and tb-starter package and then rename to tpo-downloader
(tpo
-downloader because in past support for downloading (the now deprecated) Tor Messenger was planned and looked simple enough to implement) or something else?
Awesome!
Personally I like SecBrowser. Unless this other reference actually has a sizable user population or whatever, probably okay to keep the name?
Yeah it has a nice ring to it. The only relevant result using this name is some ancient browser by a company named “Tropical software”. Their domain seems out of order with an offer to buy it.
Does our naming fall under Whonix trademark protection?
3 hours in and still luck
These prefs have to be hard coded. Even with when added to user.js the values keep getting reset after vm restart. I’ll start going through the files in tb profile.default next
pref("extensions.torbutton.security_slider", 1);
pref("extensions.torbutton.security_custom", true);
pref("extensions.torbutton.inserted_security_level"; false);
Also, found a link to a downloadable Tor Browser pref file. Its older but its handy to have for reference.
Let’s draft a feature request to be posted at trac.torproject.org. In my experience, the better any bug report / feature request is written, and then less [Whonix] specific it is, the better the chances of seing it implemented one day. On the other hand, the more discussion for clarification what it’s even about and reasoning why or off-topic deflection, the lower the chances anything ever is going to change.
All tickets on subject environment variable
, useful to see what already was discussed and as inspiration for good bug reports / feature requests.
[Feature Request] Environment Variable to set security slider level is wontfix
already.
Might edit this post. Feel free to edit it was a moderator / admin since the history feature to track changes is really neat.
subject:
document prefs / settings to set security slider level
content:
Could you please document how Tor Browser security level can be set via an prefs so we can give Whonix users an option to have more protection by default.
I’ve tried to start with a fresh installed Tor Browser profile, but it under git version control, start Tor Browser, change the setting and then see how file
Browser/TorBrowser/Data/Browser/profile.default/prefs.js
changed to then have a clue how to emulate to set these inBrowser/TorBrowser/Data/Browser/profile.default/user.js
.By doing so, the security slider might show being set to maximum, however without the actual changes that the security slider would apply such as enabling noscript globally by default for all websites.
pref("extensions.torbutton.security_slider", 1); pref("extensions.torbutton.security_custom", true); pref("extensions.torbutton.inserted_security_level"; false);
Related:
[Feature Request] Environment Variable to set security slider level
(#25391)
Having Tor Browser
in the title is really bad for SecBrowser
. Too easily confused one for the other by users of both.
Perhaps some leads on how to rebrand. No specific option found yet.
- desktopd/iceweasel-branding: Debian Iceweasel, forever! - NotABug.org: Free code hosting
- port to Firefox 60 - NotABug.org: Free code hosting
- [Support] Iceweasel Branding - Add-on Support - Mozilla Discourse
- WordPress › Setup Configuration File - look how Tor Browser did the rebrand and see if if it is feasible for us too (hopefully without recompilation - not feasible)
- Rebranding Firefox - MozillaZine Knowledge Base (outdated? should be reported?)
- ask Mozilla?