-
Notifications
You must be signed in to change notification settings - Fork 977
WebTorrent should warn users of potential privacy risks #12631
Comments
how about: in black bold letters instead of grey. Also I suggest replacing "Start Download(ing)" with "Start Torrenting" to make it more clear that it's going to torrent the file, not just save it locally over HTTP. |
As for the button text, how about "Start Torrent"? I think that sounds better than "Start Torrenting" and conveys to point that it's not a normal download. |
@feross thanks for the replies! I didn't realize (3), that's great. Another question that @flamsmark had (sorry if you already saw it in Slack): do we need to point out to users that they should abide by their local laws when torrenting (for legal or other reasons)? Tom points out, "It sounds like we assume that folks generally use torrents for no good. I don’t think that’s the case, and I don’t think we should suggest that it is." Re: button text, I changed it to 'Start Torrent' in the PR |
@diracdeltas That phrasing was copied from the window that Transmission shows when you first open the app. I thought it was prudent to include it (to be safe) but I agree with @flamsmark that torrents have many uses that are perfectly legal. If the phrasing implies that torrents are mainly used for ill, let's remove it. FWIW, WebTorrent Desktop doesn't include such phrasing but IANAL. |
@diracdeltas Also, I think the correct path forward is your first choice:
I think it's important that Brave never starts torrenting without the user explicitly asking it to. Which is why we designed the interstitial page with the "Start Torrent" button. IMO, there are sufficiently many steps to start a torrent that no one should be doing it accidentally and disabling the extension by default would make it a lot harder to discover the torrent functionality in Brave. |
@feross yup i think we have consensus on Option 1. i will remove the legal disclaimer from the PR |
Currently WebTorrent is integrated into Brave as an on-by-default extension. There are a couple of risks, such as:
(2) is probably the biggest concern. It means that if you click on a .torrent or magnet file in Brave, you are at risk of publicly broadcasting that your IP address is downloading that file (or the IP address of your VPN, etc.). This may not be a concern for users who are torrenting .ISO files or the full text of wikipedia or other such non-sensitive content, but it may present a serious privacy hazard for people who are downloading things like adult content.
I think our options are:
cc @flamsmark @feross @dcposch
The text was updated successfully, but these errors were encountered: