[RFE] Different zones for security and privacy

RESOLVED WONTFIX

Status

Thunderbird
Security
--
enhancement
RESOLVED WONTFIX
13 years ago
9 years ago

People

(Reporter: Zarco Zwier, Unassigned)

Tracking

Firefox Tracking Flags

(Not tracked)

Details

Attachments

(1 attachment)

(Reporter)

Description

13 years ago
User-Agent:       Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.8a4) Gecko/20040915 Firefox/0.9.1+
Build Identifier: 

Currently TB has several settings for security and privacy, but most users does
comprehend how settings add to security and privacy.
My request is an enhancement to put all the current and several new security and
privacy features in different zones.
I've made an example in HTML, which I'll attach shortly.

Reproducible: Always
Steps to Reproduce:
1. Open preferences
2. Go through all sections
Actual Results:  
You'll see different security and privacy settings, not grouped together.

Expected Results:  
All security and privacy settings should be grouped in zones.
(Reporter)

Comment 1

13 years ago
Created attachment 159191 [details]
Different security and privacy zones (Restricted, Safe but usable, Insecure and Custom)
(Reporter)

Comment 2

13 years ago
typo: 
most users does comprehend
should offcourse be:
most users don't comprehend
(Reporter)

Updated

13 years ago
Component: Preferences → MailNews: Security
Product: Thunderbird → Core
Version: unspecified → Other Branch
This is an automated message, with ID "auto-resolve01".

This bug has had no comments for a long time. Statistically, we have found that
bug reports that have not been confirmed by a second user after three months are
highly unlikely to be the source of a fix to the code.

While your input is very important to us, our resources are limited and so we
are asking for your help in focussing our efforts. If you can still reproduce
this problem in the latest version of the product (see below for how to obtain a
copy) or, for feature requests, if it's not present in the latest version and
you still believe we should implement it, please visit the URL of this bug
(given at the top of this mail) and add a comment to that effect, giving more
reproduction information if you have it.

If it is not a problem any longer, you need take no action. If this bug is not
changed in any way in the next two weeks, it will be automatically resolved.
Thank you for your help in this matter.

The latest beta releases can be obtained from:
Firefox:     http://www.mozilla.org/projects/firefox/
Thunderbird: http://www.mozilla.org/products/thunderbird/releases/1.5beta1.html
Seamonkey:   http://www.mozilla.org/projects/seamonkey/
(Reporter)

Comment 4

12 years ago
Still, I think this could feature could be very useful.

Comment 5

12 years ago
I just added a fairly detailed comment to bug 169106 (Network "zone" manager), which I interpreted as being similar to this one.

The bottom line is:
Without such facilities, a lot of FF's perceived security advantages over IE
will evaporate if MS makes IE's security settings distinguish between scripting
for DHTML (the worst this can do is push ads) and scripting for HTAs (which
have been used to install malware). If MS separates DHTML and HTAs while FF
does not provide something like zones, MS can claim that IE offers security /
privacy facilities which are easier to manage and therefore safer for the user.

Comment 6

12 years ago
Is this then not a dupe of 169106?  It pretty much covers both.
(Reporter)

Comment 7

12 years ago
(In reply to comment #6)
> Is this then not a dupe of 169106?  It pretty much covers both.

I'd say related, not a dupe, because this RFE is really about the Mail / News component, rather than the Network component.
I'd like to see some zones implemented that regulate the handling of messages rather than "some sections of the Internet".

Wouldn't it be a good idea to derive different RFEs for mail / news (this bug) and websites from bug 169106, because the are essentially different?
(Reporter)

Updated

12 years ago
Component: MailNews: Security → Security
Product: Core → Thunderbird
Version: Other Branch → unspecified
QA Contact: thunderbird

Updated

9 years ago
Assignee: mscott → nobody
Brian any thought on what is proposed here ?
Generally speaking I don't think security zones are going to be usable for the average person.  If someone sends you an attachment and you want to see it but your security zone settings don't allow it you'll just change the settings.  This tends to negate the value of the settings as it just becomes the bar you keep lowering to do what you want.

Much of this needs to be done in a larger vision taking into account the impact on the user interface and not just settings.  However unless this were implemented as an extension or some kind of patch to work it with it is hard to see the benefits and trade offs that would occur with this design.

I have to mark this WONTFIX for the project to note that we're not going to work on it, however reopen the bug if you have an extension or working patch toward this goal.
Status: UNCONFIRMED → RESOLVED
Last Resolved: 9 years ago
Resolution: --- → WONTFIX
You need to log in before you can comment on or make changes to this bug.