A Usability Evaluation of Tor Launcher

Abstract Although Tor has state-of-the art anticensorship measures, users in heavily censored environments will not be able to connect to Tor if they cannot configure their connections. We perform the first usability evaluation of Tor Launcher, the graphical user interface (GUI) that Tor Browser uses to configure connections to Tor. Our study shows that 79% (363 of 458) of user attempts to connect to Tor in simulated censored environments failed. We found that users were often frustrated during the process and tried options at random. In this paper, we measure potential usability issues, discuss design constraints unique to Tor, and provide recommendations based on what we learned to help more users connect to Tor while reducing the time they take to do so. Tor Browser incorporated the changes proposed by this study.

[1]  Nick Mathewson,et al.  Tor: The Second-Generation Onion Router , 2004, USENIX Security Symposium.

[2]  S. Iliffe,et al.  Bmc Medical Research Methodology Open Access the Hawthorne Effect: a Randomised, Controlled Trial , 2007 .

[3]  Thomas Ristenpart,et al.  Protocol misidentification made easy with format-transforming encryption , 2013, CCS.

[4]  Ying Zhu,et al.  Graphical passwords: a survey , 2005, 21st Annual Computer Security Applications Conference (ACSAC'05).

[5]  Steven B. Leeb,et al.  Power signature analysis , 2003 .

[6]  Stefan Lindskog,et al.  How the Great Firewall of China is Blocking Tor , 2012, FOCI.

[7]  George Danezis,et al.  Privacy-Friendly Aggregation for the Smart-Grid , 2011, PETS.

[8]  Rainer Böhme,et al.  The security cost of cheap user interaction , 2011, NSPW '11.

[9]  Lorrie Faith Cranor,et al.  You've been warned: an empirical study of the effectiveness of web browser phishing warnings , 2008, CHI.

[10]  Stuart E. Schechter,et al.  The Emperor's New Security Indicators , 2007, 2007 IEEE Symposium on Security and Privacy (SP '07).

[11]  M. Angela Sasse,et al.  Users are not the enemy , 1999, CACM.

[12]  Deirdre K. Mulligan,et al.  Noticing notice: a large-scale experiment on the timing of software license agreements , 2007, CHI.

[13]  Philipp Winter,et al.  ScrambleSuit: a polymorphic network protocol to circumvent censorship , 2013, WPES.

[14]  J. Doug Tygar,et al.  Why Johnny Can't Encrypt: A Usability Evaluation of PGP 5.0 , 1999, USENIX Security Symposium.

[15]  Dan Boneh,et al.  Evading Censorship with Browser-Based Proxies , 2012, Privacy Enhancing Technologies.

[16]  Jakob Nielsen,et al.  Improving a human-computer dialogue , 1990, CACM.

[17]  Jeremy Clark,et al.  Usability of anonymous web browsing: an examination of Tor interfaces and deployability , 2007, SOUPS '07.

[18]  Ka-Ping Yee,et al.  User Interaction Design for Secure Systems , 2002, ICICS.

[19]  Cathleen Wharton,et al.  The cognitive walkthrough method: a practitioner's guide , 1994 .

[20]  G. W. Hart,et al.  Nonintrusive appliance load monitoring , 1992, Proc. IEEE.

[21]  Steffen Kunz,et al.  Privately Waiting - A Usability Analysis of the Tor Anonymity Network , 2010, AMCIS.

[22]  Vern Paxson,et al.  Blocking-resistant communication through domain fronting , 2015, Proc. Priv. Enhancing Technol..

[23]  W. Keith Edwards,et al.  A Brief Introduction to Usable Security , 2008, IEEE Internet Computing.

[24]  Ken Thompson,et al.  Password security: a case history , 1979, CACM.

[25]  Marti A. Hearst,et al.  Why phishing works , 2006, CHI.

[26]  Nick Mathewson,et al.  Anonymity Loves Company: Usability and the Network Effect , 2006, WEIS.

[27]  Nicolas Christin,et al.  Please Continue to Hold: An Empirical Study on User Tolerance of Security Delays , 2010, WEIS.

[28]  Rainer Böhme,et al.  Trained to accept?: a field experiment on consent dialogs , 2010, CHI.

[29]  Rob Miller,et al.  Johnny 2: a user test of key continuity management with S/MIME and Outlook Express , 2005, SOUPS '05.

[30]  Adrian Perrig,et al.  This copyright notice must be included in the reproduced paper. USENIX acknowledges all trademarks herein. Déjà Vu: A User Study Using Images for Authentication , 2000 .

[31]  L. J. Camp,et al.  Eliminating Stop-Points in the Installation and Use of Anonymity Systems : a Usability Evaluation of the Tor Browser Bundle , 2012 .

[32]  Adrienne Porter Felt,et al.  Alice in Warningland: A Large-Scale Field Study of Browser Security Warning Effectiveness , 2013, USENIX Security Symposium.

[33]  Kat Krol,et al.  Towards Robust Experimental Design for User Studies in Security and Privacy , 2016 .