Feature #15766
Prevent accidental Tor Browser window maximizing
0%
Description
During Tails trainings with journalists, many are using Gnome for the first time and have a hard time getting accustomed to the way their laptop’s trackpad reacts to clicking/dragging speed and gesture mapping when they don’t match up with what they’re used to in macOS, Windows or ChromeOS. At every single training, without exception, at least one journalist has accidentally maximized Tor Browser when they meant to simply move the Tor Browser Window.
UX recommendations:
- Disable double-clicking as a trigger for maximizing/un-maximizing Tor Browser.
- Disable dragging to the top of the screen as a trigger for maximizing Tor Browser.
There may be some cases where one must intentionally maximize the Tor Browser window. In that case, the maximize window button in the application title bar should remain, as should the maximize option in the application context menu (when you right-click on the window list item in the bottom desktop bar).
There may be some concerns for setting a different set of interaction settings for just one application, which makes it less consistent from expected behaviors in other applications, but the risk associated with browser fingerprinting may outweigh that specific UX concern in this case.
Subtasks
Related issues
Related to Tails - Feature #14544: Spend software developer time on smallish UX improvements | In Progress | 2018-08-31 |
History
#1 Updated by intrigeri 2018-08-07 08:16:06
> * Disable double-clicking as a trigger for maximizing/un-maximizing Tor Browser.
> * Disable dragging to the top of the screen as a trigger for maximizing Tor Browser.
My 2 technical cts: I don’t think we can do that without either disabling these behavior for all apps (which would create other UX problems) or deeply patching GNOME Shell.
I’ll let sajolida handle this.
#2 Updated by huertanix 2018-08-07 20:14:44
intrigeri wrote:
>
> My 2 technical cts: I don’t think we can do that without either disabling these behavior for all apps (which would create other UX problems) or deeply patching GNOME Shell.
>
Thanks for the feedback. I wonder if it may be possible to create a custom GNOME extension (https://extensions.gnome.org/) that can selectively disable maximize functionality for only certain apps? If that’s possible to do from an extension level that may help us avoid deep surgery in the GNOME codebase itself.
#3 Updated by intrigeri 2018-08-08 05:36:46
> Thanks for the feedback. I wonder if it may be possible to create a custom GNOME extension (https://extensions.gnome.org/) that can selectively disable maximize functionality for only certain apps?
I believe this would currently be doable with a GNOME Shell extension, because they can override/replace/extend basically every part of GNOME Shell via monkeypatching. But I don’t think that’s viable in the long run:
- Monkey patching such a core feature of GNOME Shell feels scary and potentially hard to maintain across changes of the GNOME Shell internals.
- The GNOME project has started to reconsider this design because it gives extensions too much power, including crashing the Shell. It’s unclear yet what the future will look like but I would personally bet on a restricted API for extensions. Ensuring doing what you’re suggesting is part of that API would require quite some work (communication, negotiation, code).
Now, I’m no expert at GNOME Shell extensions, I did not look at the code, and it may very well be that it’s currently doable with a very simple GNOME Shell extension, not so hard to maintain (and worst case we drop it, too bad), and the current extension “API” will probably survive for a few more years.
#4 Updated by sajolida 2018-08-11 09:40:11
- Status changed from New to Confirmed
- Type of work changed from User interface design to Wait
Good to see you again huertanix and thanks for the very good ticket description.
Seeing that, from intrigeri’s brief research, it doesn’t seem easy to prevent this only for Tor Browser, I’m quite reluctant to disable this everywhere in Tails. At least current, a good share of our user base (~30%?, see https://tails.boum.org/blueprint/veracrypt/) might be used to the default behavior of windows in GNOME.
I’m also not super convinced by how this feature works in Tor Browser. For example, it’s warning you when you maximize the window but not if you resize it manually, while your fingerprint probably becomes even more unique. See https://trac.torproject.org/projects/tor/ticket/16982.
I found other tickets on the Tor trac that would actually provide better solutions to the same problem, but allowing users to “Undo” the maximizing:
- https://trac.torproject.org/projects/tor/ticket/16364
- https://trac.torproject.org/projects/tor/ticket/20260
And I think that’s the way forward.
I commented on Tor:#20260, pointing to this ticket and explaining why this issue affects Tails users a bit more severely.
Also: do these people find how to de-maximize their window after maximizing it by mistake?
#5 Updated by Anonymous 2018-08-16 10:24:32
- Assignee set to huertanix
- QA Check set to Info Needed
Reassigning to huertanix for more info on sajolida’s last question.
#6 Updated by huertanix 2018-08-20 18:37:24
sajolida wrote:
> I found other tickets on the Tor trac that would actually provide better solutions to the same problem, but allowing users to “Undo” the maximizing:
>
> * https://trac.torproject.org/projects/tor/ticket/16364
> * https://trac.torproject.org/projects/tor/ticket/20260
>
> And I think that’s the way forward.
>
> I commented on Tor:#20260, pointing to this ticket and explaining why this issue affects Tails users a bit more severely.
>
Sounds good. If there’s a way for Tor Browser itself to solve accidental resizing across all supported operating systems that would be the ideal option.
> Also: do these people find how to de-maximize their window after maximizing it by mistake?
Not right away; Usually a trainer points out the browser fingerprinting issue, then the trainee asks how to restore, which I explain with the caveat that JavaScript could be used to detect the new window size even if it was only maximized once for even the briefest period of time, etc.
#7 Updated by sajolida 2018-09-10 17:41:16
- related to Feature #14544: Spend software developer time on smallish UX improvements added
#8 Updated by intrigeri 2019-03-08 14:58:19
- Assignee deleted (
huertanix) - QA Check deleted (
Info Needed)
@sajolida, see huertanix’ answer above :)
#9 Updated by sajolida 2019-11-20 18:25:04
- Status changed from Confirmed to Rejected
It’s safe to maximize Tor Browser now that we have letter boxing.