On Thu, 2011-05-12 at 10:59 -0400, Andrew Lewman wrote:
A short while ago, I did a training for some activists from a country that is hostile to the Internet. These people were some of the more technical people from their community. There was a mix of Windows and OS X laptops in the session. English was their third language, for added fun.
I walked them through finding tor browser bundle, downloading it, verifying it, unzipping it, and starting it. Here was the first problem. They couldn't find tbb on the download page. Their comments were that all these files and releases on the page were confusing. They wanted just one thing to look at, pick their operating system, and go. And they wanted the one thing to automatically detect their language preferences for tbb.
As Torbutton has taught us, browsers send quite a bit of information with them. It seems like it would be helpful to automatically detect the user's language and operating system, via the User-Agent and Accept-Language headers.
I ended up pointing them at tpo/torbrowser, which they also thought was confusing. The aforementioned desires weren't satisfied on this page, but at least they could find their preferred language. They all commented that back home, a 24MB file was too big, and can't they get it via bittorrent or some other piecemeal way? A 24mb file would take hours to download.
Torrents are already auto-generated somewhere, though I can't seem to find the link at the moment.
Once they finally downloaded it, they all double clicked on their resulting zip file. In fact, all of the mac people ended up downloading the windows tbb and unzipped it correctly. In all cases, their operating system handled the zip file correctly. After fixing the mac people with mac tbb, we moved on to the next step.
None of them had pgp installed, and therefore no way to verify the .asc and zip file.
GPG4Win[1] somewhat usable, though it's still not as easy as Seahorse and such on Linux. Doesn't Microsoft have a built-in way to digitally sign binaries? [1]: http://www.gpg4win.org/
Most of them figured out to click inside the resulting folder and start the 'start tor browser' program. For all of the macs, the tbb didn't start. The people had to restart the system and then clicking on 'start tor browser' worked as expected.
As tbb was starting up, nearly all of them clicked on 'start tor browser' one to three times more, because they didn't see anything starting up. In fact, it was starting, it just wasn't instantaneous. I worry about forcing a splash screen that announces "I'm using Tor!" on the screen, but at the same time, it would let users know that tbb is starting.
This is a problem among many users, though one that is rather unrelated to anything Tor-specific. The solution to this is probably better startup notification systems, but that's very much out of scope for Tor.
Once vidalia started, no one waited for tbb firefox to start, but rather started their own browser and tried to use it. Once tbb firefox started up, in some cases, minutes later, they were confused. Why didn't tbb firefox start right away instead of this useless vidalia control panel?
A few of them felt the need to explore the vidalia control panel since we showed it to them. As if to say, 'there are buttons you are showing me, I just click and explore.'
Maybe Vidalia should just start in the background and display a little bubble at startup?
Once tbb firefox started, they were ok with using firefox over tor just fine. The first thing many of them did was to login to facebook or gmail over tor to see if it was different. None of them verified the ssl cert presented for facebook or gmail logins. For those that did login to gmail, gchat didn't work due to the lack of Flash in tbb firefox.
We then tried to configure their chat clients for tor. Adium on the mac was fairly easy. The variety of clients on windows wasn't so easy. A few wondered about logging in over ssl, but never did because the services didn't offer it (aol, msn, gchat). I showed the windows people pidgin, but they liked their native apps and didn't see why one multi-protocol app was better.
Google Chat, as it uses XMPP, has SSL support by default. Pidgin's better because it has OTR and SOCKS support (minus the XMPP DNS resolution thing), of course!
The experience continued through pidgin with OTR, installing pgp for email and verifying files, and a general talk about openssl certificates, what they mean, and what verification of a cert entails.
Trying to get anyone, let alone 'real people', to understand the SSL certificate model is futile.
The relevant tor experience was what I wanted to communicate and for us to start thinking through ways to address it. Perhaps Mike's desire for a anonymous browser is a correct path for usability and better anonymity for the user. I believe torfox and torora have both come to the same conclusion (at different times) as well.