Enable Unsafe browser + Clearnet user via Greeter

from today’s chat on #tails

Presence of Unsafe Browser (and therefore clearnet user who is able to connect without any Tor whatsoever to the internet) only if user enables it via Greeter.

Why?

Unsafe browser / clearnet user can connect to the internet outside of Tor connections. Leaks real IP. If live session gets compromised, real IP of Tails user is obtained more than easily.

Why not?

Up to you to tell me.

Usability issue?

Unsafe browser is (as of documentation) in Tails mainly because of captive portals. User who needs to access captive portal can enable Unsafe browser in Greeter. (in advanced options)

Majority of Tails users will never use Unsafe browser. They use Tails because it routes (almost) everything through Tor. Existence of Unsafe browser can be pointless and possible danger for them.

Quotations

’I believe most people use Tails with no need to use ’clearnet’ browser. At least I thought that is why people use it. That it routes (almost) everything through Tor.’

’95% of users > start Tails > default options > pure everything-is-tor OS.’
5% of users > start Tails > enable Unsafe browser > say hello to admins of captive portals’

’Well the presence of Unsafe browser / clearnet user which can access internet with your real IP with no Tor whatsoever seems slightly concerning.’

Loving Tails.
That’s why.

Related issues

Related to #10491

Original created by @nerouwosid on 10100 (Redmine)

To upload designs, you'll need to enable LFS and have an admin enable hashed storage. More information