Change External File Advice Using Tor #179
Conversation
As per Micah's out-of-band comment, changed the advice for opening files using Tor to be more general, and mention pdf.js.
|
nitpick on "anonymously": isn't more of a sandboxing mechanism? |
There was a problem hiding this comment.
Agree with @harlo - anonymously isn't the right word to use here. You're more concerned about potential malware (including malware that could de-anonymize you, yes, but really any kind of malware) so I'd say "securely" view PDF's would be a better word choice. Although given recent events, we should probably not tout pdf.js as a secure solution for viewing PDF's.
There was a problem hiding this comment.
Yes, "securely" is better phrasing, but I agree that PDF.js has had a rough summer. If we don't recommend PDF.js, however, we'll need to remove the recommendation not to use external apps.
There was a problem hiding this comment.
I think we should say "be careful" or "think twice" about downloads that require external apps. I'm not sure if it's realistic to say "don't open them", since that's kind of a big part of what the Internet is for. You should only download files like that from sites you trust that use HTTPS (to avoid exit node tampering).
4 participants
As per Micah's out-of-band comment, changed the advice for opening files using Tor to be more general, and mention pdf.js.