Feature #12101
PLEASE Allow Unsafe Browser an option to download and save files to persistent volume
0%
Description
I’m finding a critical problem in my use of TAILS is inability for the Unsafe Browser to download and save files where I can retreive them.
Some servers refuse the TOR browser, so the user is forced to switch to the Unsafe Browser.
And if the user needs to download some files from that site, there is no way to do that!
So the user is left with one browser which is blocked for access, and one browser which blocks itself from saving files, and ultimately no way to download a file from a server which rejects the TOR browser!
I had this problem today trying to download a manual from the samsung.com website today. I have to switch OS or go without that manual because I can’t download it in TAILS.
I don’t know how other users deal with this but I find it extremely frustrating to be blocked from doing a basic function.
Subtasks
History
#1 Updated by elouann 2017-01-02 21:06:19
- Priority changed from High to Normal
Hi,
this is indeed not supported so far, and I don’t if this will be supported one day. But you can have a look to this method published a while ago:
https://mailman.boum.org/pipermail/tails-dev/2013-July/003271.html
and the answer by intrigeri:
https://mailman.boum.org/pipermail/tails-dev/2013-July/003275.html
Cheers
#2 Updated by intrigeri 2017-01-02 21:21:16
- Status changed from New to Rejected
> this is indeed not supported so far, and I don’t if this will be supported one day.
Right.
So I’m rejecting this ticket (keeping it open means we want to do what it’s about, which is not the case here).
elouann: please do it yourself next time when triaging New tickets, otherwise someone else has to go through them again :)
#3 Updated by Velexx 2017-01-02 21:55:24
I know you guys work hard for the community for free, but I have also been contributing to the TAILS project in another way.
I don’t understand how users would not want this feature, or why it’s a big risk, or why it’s complicated to implement.
In any case you’ve admitted the problem but rejected my notion of a fix: immediately, permanently, and without any reason.
TAILS is your project and I’m starting to understand and respect that.
—Velexx
intrigeri wrote:
> > this is indeed not supported so far, and I don’t if this will be supported one day.
>
> Right.
>
> So I’m rejecting this ticket (keeping it open means we want to do what it’s about, which is not the case here).
>
> elouann: please do it yourself next time when triaging New tickets, otherwise someone else has to go through them again :)
#4 Updated by intrigeri 2017-01-02 22:57:52
> but I have also been contributing to the TAILS project in another way.
Much appreciated :)
> I don’t understand how users would not want this feature,
It’s clear to me that some definitely would want it. But our mission is not to satisfy all the needs/desires of all users combined (guess what? sometimes they conflict). Our mission is to build a usable amnesic-by-default system that sends everything through Tor.
> or why it’s a big risk, or why it’s complicated to implement.
> In any case you’ve admitted the problem but rejected my notion of a fix: immediately, permanently, and without any reason.
I’m sorry the rejection was blunt. It was meant to be a mere description of the state of things: using the Unsafe Browser for such things is unsupported, and we have no plans to put work into it in the future. Now, I think I see where the communication broke down: you see the current behaviour as a problem that needs fixing; while I see it as part of the definition of the Unsafe Browser, which itself comes from the very definition of what Tails is about.
I’ll explain my PoV. As said above, Tails aims at sending everything through Tor. The Unsafe Browser is a dangerous kludge (both the idea and its current implementation), that extends Tails’ attack surface quite a bit, and confused many users. We (currently) include it only to allow connecting to captive portals; it’s documented this way, and I don’t think we’ve ever recommended using it for anything else. If we ever get to addressing the captive portals problem in a better way (Feature #10491 and Feature #5785) then I expect we’ll remove the Unsafe Browser. So adding incentives for people to use the Unsafe Browser for other things would be 1. work that’ll be wasted sooner or later; 2. a promise (to users) we’ll break at some point (we dislike removing features, even if sometimes it’s the best way to go). I’d rather avoid that.
Now, “what Tails is about” is not set in stone. It has changed along the way, and will keep changing. There’s definitely a case to make in favour of more fine-grained traffic handling, e.g. Subgraph OS (and Qubes?) allow sending some connections through Tor, some via a VPN, some directly to the Internet, and they try to build a good user experience around it. Those are not solved problems though, and I don’t think that Tails is ready to go this way. Those things are better discussed on tails-dev@boum.org and/or tails-ux@boum.org though.
#5 Updated by Velexx 2017-01-03 00:53:07
Dear integri,
I appreciate you taking the time to give an explanation. But if you want to discuss I must say that I don’t understand the myopic vision for TAILS you’re talking about.
You say the TAILs mission is “to build a usable amnesic-by-default system that sends everything through Tor”.
OK… but why are there all these other applications installed, like Libre Office, Audacity, and disk management tools? I mean you’re really REALLY close to a full-featured operating system.
Based on that, I don’t understand why you don’t care about downloads. My view of what TAILS could be is a full-featured OS focused on privacy protection (but not at the cost of basic functions: I was willing to sacrifice flash but not downloads).
But based on the TAILs mission the way you’ve stated it, I understand you are within your project parameters and I apologize for wasting your time with my vision for your project.
—Velexx
#6 Updated by Velexx 2017-01-03 01:23:31
intrigeri wrote:
> There’s definitely a case to make in favour of more fine-grained traffic handling, e.g. Subgraph OS (and Qubes?) allow sending some connections through Tor, some via a VPN, some directly to the Internet, and they try to build a good user experience around it.
The above is a good idea; I was thinking about this too the other day.
(Am not really sure about the site you mentioned tails-dev@boum.org: I can’t access discussion that way)
#7 Updated by intrigeri 2017-01-03 10:57:49
> I appreciate you taking the time to give an explanation.
:)
> But if you want to discuss I must say that I don’t understand the myopic vision for TAILS you’re talking about.
> You say the TAILs mission is “to build a usable amnesic-by-default system that sends everything through Tor”.
That was a very quick summary.
> OK… but why are there all these other applications installed, like Libre Office, Audacity, and disk management tools?
This is somewhat of a corollary to the amnesia-by-default property. It’s part of the intended user experience that one can create and edit various kinds of documents, benefiting from Tails’ properties: Tails is not just a (Tor-powered) web browsing platform, it’s also useful to produce (and publish) stuff with great control over the traces left on storage media (typically, all traces are confined either to RAM and disappear on shutdown; and for longer-lived projects, all traces are on one USB stick, in the persistent volume, and if desired one can dispose of that USB stick once the project is done).
> I mean you’re really REALLY close to a full-featured operating system.
Right, that’s on purpose as explained above. But it doesn’t entail supporting absolutely all the use cases than any other OS supports. If we tried to do that, first of all we would have a serious resources problem, and perhaps more importantly, the purpose of Tails would get blurry, which would make it harder for people to understand what it’s about, what they can/should use it for, and what it guarantees. So we do need to set some limits and define the scope and properties of Tails clearly enough. In my experience, “all connections to the Internet are forced to go through the Tor network” (quoted from our homepage) helps a lot current and potential users understand what Tails provides.
> Based on that, I don’t understand why you don’t care about downloads.
We do care about downloads. We (well, at least I) don’t care about Internet activity that doesn’t go through Tor.
> My view of what TAILS could be is a full-featured OS focused on privacy protection (but not at the cost of basic functions: I was willing to sacrifice flash but not downloads).
For your information, we have put absolutely no effort in making the Unsafe Browser provide much privacy.
#8 Updated by intrigeri 2017-01-03 10:58:47
> The above is a good idea; I was thinking about this too the other day.
Same here :) But it’s a looong way ahead.
> (Am not really sure about the site you mentioned tails-dev@boum.org: I can’t access discussion that way)
tails-dev@boum.org is a (public) mailing list: https://mailman.boum.org/listinfo/tails-dev
#9 Updated by Velexx 2017-01-03 15:30:24
I appreciate that you’ve been courteous to take the time to reply to my concerns.
Really TAILS is the best OS I’ve ever seen in my life and a champion work for a small group of volunteers to assemble (though not to ignore the work of other contributing teams like Debian’s).
But the lack of literally one or two basic functions, such as a mechanism to be allowed to download hardware support files from samsung.com, is pushing me away, because it means I can’t use TAILS or everything.
elouann posted a workaround on this thread and I’m thinking about that too (but I’m fairly new to linux and trying to set aside time to learn).
I am not sure what I’ll decide yet but for you please keep up the good work.
—Velexx
#10 Updated by Velexx 2017-01-03 15:33:20
Velexx wrote:
> I can’t use TAILS or everything.
sorry that should read: I can’t use TAILS for everything. I almost could use it for everything I needed to do.