Commit d11a7c19 authored by Tails developers's avatar Tails developers
Browse files

Merge remote-tracking branch 'origin/feature/tor-browser-bundle' into testing

parents 3463a71b e082e31d
......@@ -17,8 +17,8 @@ Networking
- the [Vidalia](https://www.torproject.org/projects/vidalia) graphical frontend
* [NetworkManager](http://projects.gnome.org/NetworkManager/) for easy
network configuration
* [Firefox](http://getfirefox.com) preconfigured with:
- TorBrowser patches
* [Tor Browser](https://www.torproject.org/projects/torbrowser.html.en), a web
browser based on [Mozilla Firefox](http://getfirefox.com) and modified to protect your anonymity with:
- [Torbutton](https://www.torproject.org/torbutton) for anonymity
and protection against evil JavaScript
- all cookies are treated as session cookies by default;
......
......@@ -7,8 +7,8 @@ whether a particular user is using Tails or not.
[[As explained on our warning page|warning#fingerprint]], when using
Tails it is possible to know that you are using Tor. But Tails tries to
**make it as difficult as possible to distinguish Tails users from other
Tor users**, especially Tor Browser Bundle (TBB) users. If it is
possible to determine whether your are a Tails users or a TBB user, this
Tor users**, especially users of <span class="application">Tor Browser</span> outside of Tails. If it is
possible to determine whether you are a user of <span class="application">Tor Browser</span> inside or outside of Tails, this
provides more information about you and in consequence reduces your
anonymity.
......@@ -23,18 +23,17 @@ about your browser. That information can include its name and version,
window size, list of available extensions, timezone, available fonts,
etc.
To make it difficult to distinguish Tails users from TBB users, **the
Tor browser tries to provide the same information as the TBB** in
To make it difficult to distinguish Tails users,
**<span class="application">Tor Browser</span> in Tails tries to provide the same information as <span class="application">Tor Browser</span> on other operating systems** in
order to have similar fingerprints.
See the [[fingerprint section of known issues
page|support/known_issues#fingerprint]] for a list of known differences
between the fingerprints of the Tor browser and the TBB.
between the fingerprints of <span class="application">Tor Browser</span> inside and outside of Tails.
Apart from that, **some of the extensions included in Tor browser are
different** than the ones included in the TBB. More sophisticated
attacks can use those differences to distinguish Tails user from TBB
users.
Apart from that, **some of the <span class="application">Tor Browser</span> extensions included in Tails are
specific to Tails**. More sophisticated
attacks can use those differences to distinguish Tails users.
For example, Tails includes <span class="application">Adblock
Plus</span> which removes advertisements. If an attacker can determine
......@@ -53,10 +52,10 @@ For your ISP or local network administrator
our documentation about [[doc/first_steps/startup_options/bridge_mode]].
- A Tails system is **almost exclusively generating Tor activity** on
the network. Usually TBB users also have network activity outside of
the network. Usually users of <span class="application">Tor Browser</span> on other operating systems also have network activity outside of
Tor, either from another web browser or other applications. So the
proportion of Tor activity could be used to determine whether a user
is using Tails or the TBB. If you are sharing your Internet
proportion of Tor activity could be used to determine whether a user of <span class="application">Tor Browser</span>
is using Tails or not. If you are sharing your Internet
connection with other users that are not using Tails it is probably
harder for your ISP to determine whether a single user is generating
only Tor traffic and so maybe using Tails.
......@@ -67,11 +66,11 @@ For your ISP or local network administrator
user always uses the same few relays as first hops. As Tails does not
store any Tor information between separate working sessions, it does
not store the entry guards information either. This behaviour could
be used to distinguish Tails users from TBB users across several
be used to distinguish Tails users across several
working sessions.
- When starting, Tails synchronizes the system clock to make sure it
is accurate. While doing this, if the time is set too much in the
past or in the future, Tor is shut down and started again. This
behavior could be used to distinguish Tails from TBB users,
behavior could be used to distinguish Tails users,
especially this happens every time Tails starts.
- [[!traillink Connecting_to_the_network_with_NetworkManager|anonymous_internet/networkmanager]]
- [[!traillink Logging_in_to_captive_portals|anonymous_internet/unsafe_browser]]
- [[!traillink Controlling_Tor_using_<span_class="application">Vidalia</span>|anonymous_internet/vidalia]]
- [[!traillink Browsing_the_web_with_Tor_Browser|anonymous_internet/tor_browser]]
- [[!traillink Browsing_the_web_with_<span_class="application">Tor_Browser</span>|anonymous_internet/tor_browser]]
- [[!traillink Chatting_with_Pidgin_&_OTR|anonymous_internet/pidgin]]
- [[!traillink Using_I2P|anonymous_internet/i2p]]
- [[!traillink Why_Tor_is_slow?|anonymous_internet/why_tor_is_slow]]
......@@ -2,10 +2,10 @@
[[!img Tor_Browser/mozicon128.png link=no alt="Tor Browser icon"]]
Tor Browser is a rebranded version of the [[Mozilla
Firefox|http://www.mozilla.com/firefox/]] web browser. Given its popularity many
of you have probably used it before and its user interface is like any other
modern web browser.
<span class="application">[Tor Browser](https://www.torproject.org/projects/torbrowser.html.en)</span> is a web
browser based on [Mozilla Firefox](http://getfirefox.com) and configured to
protect your anonymity. Given the popularity of Firefox, you might have used it
before and its user interface is like any other modern web browser.
Here are a few things worth mentioning in the context of Tails.
......@@ -27,20 +27,15 @@ with. But those mechanisms can be flawed,
[[as explained on our warning page|about/warning#man-in-the-middle]].
For example, here is how the browser looks like when we try to log in an email
account at [lavabit.com](http://lavabit.com/), using their [webmail
interface](https://lavabit.com/apps/webmail/src/login.php):
account at [riseup.net](https://riseup.net/), using their [webmail
interface](https://mail.riseup.net/):
[[!img doc/anonymous_internet/Tor_Browser/lavabit.png link=no alt="Tor browser"]]
[[!img doc/anonymous_internet/Tor_Browser/riseup.png link=no alt="Tor Browser"]]
Notice the small area on the left of the address bar saying "lavabit.com" on a
blue background and the address beginning with "https://" (instead of
"http://"):
[[!img Tor_Browser/address-bar.png link=no alt="address bar showing 'lavabit.com'
/ 'https://lavabit.com/'"]]
These are the indicators that an encrypted connection using [[!wikipedia HTTPS]]
is being used.
Notice the padlock icon on the left of the address bar saying "mail.riseup.net"
and the address beginning with "https://" (instead of "http://"). These are the
indicators that an encrypted connection using [[!wikipedia HTTPS]] is being
used.
You should try to only use services providing HTTPS when you are sending or
retrieving sensitive information (like passwords), otherwise its very easy for
......@@ -55,7 +50,7 @@ HTTPS Everywhere
[[!img https-everywhere.jpg link=no alt="HTTPS Everywhere logo"]]
[HTTPS Everywhere](https://www.eff.org/https-everywhere) is a Firefox extension
shipped in Tails and produced as a collaboration between [The Tor
included in <span class="application">Tor Browser</span> and produced as a collaboration between [The Tor
Project](https://torproject.org/) and the [Electronic Frontier
Foundation](https://eff.org/). It encrypts your communications with a number of
major websites. Many sites on the web offer some limited support for encryption
......@@ -80,7 +75,7 @@ JavaScript]], [[!wikipedia Adobe_Flash]], [[!wikipedia HTTP_cookie
desc="cookies"]] and other services which have been shown to be able to defeat
the anonymity provided by the Tor network.
In Tails all such features are handled from inside the browser by an extension
In <span class="application">Tor Browser</span> all such features are handled from inside the browser by an extension
called [Torbutton](https://www.torproject.org/torbutton/) which does all sorts
of things to prevent the above type of attacks. But that comes at a price: since
this will disable some functionalities and some sites might not work as
......@@ -94,7 +89,7 @@ Protection against dangerous JavaScript
Having all JavaScript disabled by default would disable a lot of harmless and
possibly useful JavaScript and render unusable many websites.
That's why **JavaScript is enabled by default** in Tails.
That's why **JavaScript is enabled by default** in <span class="application">Tor Browser</span>.
But we rely on Torbutton to **disable all potentially dangerous JavaScript**.
......@@ -102,7 +97,7 @@ We consider this as a necessary compromise between security and usability and as
of today we are not aware of any JavaScript that would compromise Tails
anonymity.
For more technical details you can refer to the [Tor Browser design
For more technical details you can refer to the [<span class="application">Tor Browser</span> design
document](https://www.torproject.org/projects/torbrowser/design/).
<a id="noscript"></a>
......@@ -113,7 +108,7 @@ NoScript to have even more control over JavaScript
[[!img noscript.png link=no alt="NoScript logo"]]
To allow more control over JavaScript, for example to disable JavaScript
completely, Tails includes the <span class="application">NoScript</span>
completely, <span class="application">Tor Browser</span> includes the <span class="application">NoScript</span>
extension.
By default, <span class="application">NoScript</span> is disabled and some
......
......@@ -18,7 +18,7 @@ purpose, and it can be started via the menu
<span class="guimenuitem">Unsafe Web Browser</span></span>.
The <span class="application">Unsafe Browser</span> has a red and yellow theme
to differentiate it from the [[Tor Browser|Tor_Browser]].
to differentiate it from [[<span class="application">Tor Browser</span>|Tor_Browser]].
<div class="caution">
......@@ -29,8 +29,8 @@ anonymous</strong>. Use it only to log in to captive portals.</p>
Security recommendations:
* Do not run this browser at the same time as the normal, anonymous
web browser. This makes it easy to not mistake one browser for the
* Do not run this browser at the same time as the anonymous
[[<span class="application">Tor Browser</span>|Tor_Browser]]. This makes it easy to not mistake one browser for the
other, which could have catastrophic consequences.
* When using [[doc/first_steps/startup_options/windows_camouflage]]
......
......@@ -28,7 +28,7 @@ starting.
The <span class="application">Vidalia</span> onion icon sometimes stays yellow
even if Tor is already started. If the <span class="guilabel">Tor is
ready</span> notification appears or if you can browse the Internet using the
ready</span> notification appears or if you can browse the Internet using
<span class="application">Tor Browser</span>, then Tor is started correctly.
Tails has other protections that would prevent your from connecting to the
......
......@@ -36,7 +36,7 @@ documentation](https://help.gnome.org/users/orca/stable/).
<div class="bug">
The screen reading functionality of <span class="application">GNOME
Orca</span> works neither with the <span
Orca</span> works neither with <span
class="application">Tor Browser</span> nor with the <span
class="application">Unsafe Web Browser</span>.
......
......@@ -254,7 +254,7 @@ you to reuse them during future working sessions, even offline.
<div class="text"><h2>Browser bookmarks</h2></div>
</div>
When this feature is activated, changes to the bookmarks in the
When this feature is activated, changes to the bookmarks in
<span class="application">Tor Browser</span> are saved in the persistent
volume. This does not apply to the Unsafe web browser.
......
......@@ -145,8 +145,8 @@ Web browser
<a id="javascript"></a>
Why is JavaScript enabled by default in the Tor browser?
--------------------------------------------------------
Why is JavaScript enabled by default in <span class="application">Tor Browser</span>?
-------------------------------------------------------------------------------------
Many websites today require JavaScript to work correctly. As a consequence
JavaScript is enabled by default in Tails to avoid confusing many users. But
......@@ -164,10 +164,10 @@ compromise between usability and security in this case.
<a id="add-ons"></a>
Can I install other add-ons in the browser?
-------------------------------------------
Can I install other add-ons in <span class="application">Tor Browser</span>?
----------------------------------------------------------------------------
Installing add-ons in the browser might break the security built in Tails.
Installing add-ons in <span class="application">Tor Browser</span> might break the security built in Tails.
Add-ons can do many things within the browser, and even if all the networking goes
through Tor, some add-ons might interact badly with the rest of the
......@@ -192,7 +192,7 @@ considered safe to use in this context.
<div class="next">
<ul>
<li>[[Warnings about persistence|doc/first_steps/persistence/warnings#index3h1]]</li>
<li>[[Browsing the web with the Tor Browser|doc/anonymous_internet/Tor_browser]]</li>
<li>[[Browsing the web with <span class="application">Tor Browser</span>|doc/anonymous_internet/Tor_browser]]</li>
<li>[[Can I hide the fact that I am using Tails?|doc/about/fingerprint/]]</li>
</ul>
</div>
......@@ -220,7 +220,7 @@ We have considered including open-source alternative software to Adobe
Flash, such as [Gnash](http://www.gnu.org/software/gnash/), but it is
not the case yet, see [[!tails_ticket 5363]].
But you can already watch HTML5 videos with the Tor browser.
But you can already watch HTML5 videos with <span class="application">Tor Browser</span>.
<a id="anonymity_test"></a>
......@@ -234,25 +234,25 @@ your browser to see if it can be used to identify you.
As explained in our documentation about
[[fingerprinting|doc/about/fingerprint]], Tails provides anonymity on the web by
making it difficult to distinguish a particular user amongst all the users of
Tails and the Tor Browser Bundle (TBB).
<span class="application">Tor Browser</span> (either in Tails or on other operating systems).
So, the information retrieved by such fingerprinting websites is not harmful for
anonymity in itself, as long as it is the same for all Tor users.
anonymity in itself, as long as it is the same for all users of <span class="application">Tor Browser</span>.
For example, the user-agent property of the browser was set to `Mozilla/5.0
(Windows; U; Windows NT 6.1; en-US; rv:1.9.2.3) Gecko/20100401 Firefox/3.6.3`,
as of Tails 0.21 and TBB 2.3.25-13. This value preserves your anonymity even if
as of Tails 0.21 and <span class="application">Tor Browser</span> 2.3.25-13. This value preserves your anonymity even if
the operating system installed on the computer is Windows NT and you usually run
Firefox. On the other hand, changing this value makes you distinguishable from
others Tor users and breaks your anonymity.
others users of <span class="application">Tor Browser</span> and breaks your anonymity.
Furthermore, we verify the result of those websites before each release, see our
[[test suite|contribute/release_process/test]].
<a id="java"></a>
Is Java installed in the Tor browser?
---------------------------------------
Is Java installed in the <span class="application">Tor Browser</span>?
----------------------------------------------------------------------
Tails does not include a Java plugin in its browser because it could break your anonymity.
......
......@@ -269,7 +269,7 @@ Fingerprint
<!-- If this section is empty adjust the [[fingerprint documentation|doc/about/fingerprint]]. -->
<!-- The fingerprints of the Tor browser and the TBB are different: -->
<!-- The fingerprints of <span class="application">Tor Browser</span> in Tails and on other operating systems are different: -->
* Browser window resizing is in not reliable: [[!tails_ticket 6377]]
and [[!tor_bug 10095]].
......@@ -329,8 +329,8 @@ Touchpad configurations
synclient FingerLow=1;
synclient FingerHigh=1;
TorBrowser takes too long to shutdown
-------------------------------------
Tor Browser takes too long to shutdown
--------------------------------------
Since Tails 0.22, the browser sometimes takes too long to shutdown
([[!tails_ticket 6480]]). Waiting a few more seconds is usually enough
......
......@@ -9,7 +9,7 @@
<p>This is a public mailing list, so <strong>be careful with what you
are sending</strong>. Give only the necessary informations about
yourself, and if possible use Tails or the [[Tor Browser Bundle|https://torproject.org/torbrowser/]] to hide your IP
yourself, and if possible use Tails or [[<span class="application">Tor Browser</span>|https://torproject.org/torbrowser/]] to hide your IP
address.</p>
</div>
......
Markdown is supported
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment