Re: [Tails-ux] A few UI/UX concerns

Delete this message

Reply to this message
Author: duc01k
Date:  
To: tails-ux
Subject: Re: [Tails-ux] A few UI/UX concerns
duc01k@???:
> sajolida:
>> duc01k@???:
>>> sajolida:
> <snip>
>>>> We're totally aware that the current situation regarding the Unsafe
>>>> Browser is not optimal. See #15635 & co. The real solution would be to
>>>> get rid of the Unsafe Browser entirely and only allow connecting through
>>>> captive portals using an even more restricted app.
>>>
>>> In my case I was connecting to a local device's HTTP webGUI over a LAN
>>> and wasn't accessing the Internet at all. There was no risk involved. I
>>> couldn't perform the task with TB because TB pipes all over Tor, and I
>>> couldn't use UB because I couldn't access the file I pulled from that
>>> device once it was downloaded. Probably not a common situation but a
>>> legitimate one.
>>
>> Indeed, uncommon but legitimate. And I forgot that we actually also
>> document using the Unsafe Browser to browse resources on the local
>> network. We even have a tip on how to download files from the local network:
>>
>> https://tails.boum.org/doc/advanced_topics/lan/index.en.html
>>
>> As it's uncommon I feel like the documented workaround (using curl on
>> the command line), though requiring the command line, is a good enough
>> solution for now.
>
> I'll have to look into that as a workaround. I know from experience that
> it won't work with the webGUI I was logged into because the file I
> download is generated on request and saved directly to the host through
> a dialogue - there is no local filesystem to save it to so that I can
> pull it afterwards with curl.
>

I thought of one good reason why the curl workaround isn't ideal and
shouldn't be relied on as a fallback if removing the Unsafe Browser.
Sometimes I use a 3G dongle to connect to the web. This dongle has a
webGUI that allows me to access device settings and check for network
operator SMS texts, like alerts on remaining data allowance and so on.
Users would definitely need to have access to this on a continual basis
in the future. Check out the Whonix article here:
https://www.whonix.org/wiki/Host_Security , the very first section is
about how connecting over a 3G/4G dongle is a potentially great way to
maintain anonymity, so there's a strong chance I'm not the only one with
this concern.