Description

Orfox is no more, and Tor Browser for Android, which took its place, is not being caught by the current regular expression targeting Orfox. This results in confusing warning messages if JavaScript is executed because of the "Standard" security setting:

It is recommended to use Tor Browser

But I am! Just the Android version.

Steps to Reproduce

• (Download Orfox)
• (Get redirected to) Download Tor Browser for Android
• Access SecureDrop source interface

Actual Behavior

Comments

For more contemporary mobile (torified) browser context I left some notes in #1450

The Orfox warning in place now is essentially dead code. Tweaking the language and regular expression would be a minimum, but I don't think we should imply that the security or anonymity guarantees of Tor Browser for Android are worse than that of Tor Browser for any other officially supported platform.

I realise this may be a big box of worms, but Tor Project does not seem to treat Tor Browser for Android different than the desktop versions. Would it be reasonable to follow suit (not in 2.3.0, mind you) and integrate TB4A with security level warning instead? Would that require adapting threat models?