Re: [Tails-dev] [review'n'merge 1.2] feature/7725-i2p-browse…

Poista viesti

Vastaa
Lähettäjä: Kill Your TV
Päiväys:  
Vastaanottaja: tails-dev
Aihe: Re: [Tails-dev] [review'n'merge 1.2] feature/7725-i2p-browser
On Fri, 26 Sep 2014 16:25:14 +0000 (UTC)
anonym <anonym@???> wrote:


> First of all, great work! It works really good, and works pretty
> nicely as-is. I have some doubts about it making it into Tails 1.2,
> which I attribute to me being so late with reviewing. I could
> consider merging it with if you commit strongly to be available to
> fix things post-freeze. What do you think? IMHO you should prioritize
> getting feature/7732-i2p-network-manager-hook ready for merge, though.


Assuming I'm not hit by a bus in the meantime, I'll be around for
fixing up things post-freeze.


[..]

> git diff
> e9f3486ec72f1b07cc04021b73e38a0db6e2b0ce..origin/feature/tor-browser-bundle
> -- config/chroot_local-includes/usr/local/sbin/unsafe-browser
>
> From what I can tell, the complete diff is relevant to incorporate
> into your script.


I've merged these in.

>
> * In this branch you can *completely* remove FoxyProxy (even from the
> Tor Browser, and not install the package and configure it any more)
> since we do not use it for anything any more, and it'd be a nice
> complexity reduction.


Removed.

> * The I2P Browser still has the search bar thing, all of which will
> broken and probably will cause some user confusion. Can it be removed?


I've disabled searching from the address bar in a commit I'll push
soon. (I'm assuming that's what you mean).

> Now for some commit-specific remarks:
>
> > commit 79f87a1b Hide bookmark/history
>
> Interesting. See https://labs.riseup.net/code/issues/7948 . Maybe what
> you suggest is actually better, since the start page is the router
> console and as a portal it definitely beats a lousy bookmarks folder.
> Actually the (unstated) rationale for #7948 was mostly to have the
> router console easily available.


I did what made the most sense to me at the time but I am open to
changes, ofc. :)

> > commit 2b0fe4a hide "get addons" in addon-manager
>
> Also interesting. This should be back-ported into the Unsafe Browser
> too, imho. Well, the correct thing to do would be to make a shell
> library to make task-specific chroot browsers, but that's a post-1.2
> goal.
>
> Can it be taken to the next level, i.e. disabling altering the add-ons
> completely?


It's likely doable but I don't know how at the moment. If it's doable I
can almost certainly figure it out for 1.2.1 or 1.3.

> > commit d264cc9 Switch I2P-Browser from Iceweasel to Tor-Browser
>
> Why not installing Torbutton too, and configuring it to use I2P
> instead? I imagine the protections it adds also make sense for I2P?
> If so, this is a regression (in terms of "security") from the
> FoxyProxy-way of doing this.
>
> Also, does AdBlock really make sense in I2P-space? I would imagine
> not...


After looking at the filters, no, it certainly does not make sense in
I2P so I'll remove it. (My personal filters have regexes to block
scripts but I see nothing like that here.)

>
> From the same commit:
>
> > +    cp -Pr /etc/tor-browser/profile/extensions/langpack-*.xpi \
> > +           ${NOSCRIPT} "${BROWSER_EXT}"
> and
> > +    rsync -a /etc/tor-browser/profile/adblockplus
> > ${BROWSER_PROFILE}


>
> I suggest using symlinks instead (with source inside the chroot, of
> course) to reduce the space-impact (well, RAM-usage since this will be
> stored in a tmpfs).


I'm now symlinking the langpacks. The Adblock bits were removed.

[..]


> Again, great work!


\o/

I think the changes requested have been addressed. Please see the
latest pushed commits.

--
GPG ID: 0x5BF72F42D0952C5A
Fingerprint: BD12 65FD 4954 C40A EBCB F5D7 5BF7 2F42 D095 2C5A