Fastest exit strategy for a Panic Button in Crisis/Abuse Websites? [closed]

(ALMOST) FINAL EDIT

OK, I've read all the comments and this is what I think is the best solution but I've also thought of an ALL-LOCAL ALTERNATIVE. I'm open to further improvement/discussion

var panic= function(){
    document.body.innerHTML = '';
       //this clears the current html in the body 
       //making it look like the page is loading
    
    if(...){ //check if replaceState is supported so no error is thrown
        var title="Decoy Article Title",
        url="/decoypage"; //another endpoint on your server that gives the decoy website
        window.history.replaceState("", title , url); //replace current history entry
    }

    //should be pretty fast up to this point
    window.location.replace("http://www.google.com"); //load the google page or my alternative.
}

I put an example on my AWS instance at 54.186.79.95 Go to that page, click the button, visit another page, then hit back, you're now on 54.186.79.95/decoywebsite and there's no record of you being on 54.186.79.95/, if cache is disabled, your server will see the "../decoywebsite" request and send a decoy page. Unfortunately, you can't modify the entire domain so you would need the domain to be not suspicious.

If you want to get rid of the page content, I believe the best way is to use document.body.innerHTML='';. You are still technically on the page but all the content is gone.

Next step is to modify your browser history. window.history.replaceState (link to docs) is an HTML5 feature that can modify your history without doing a page reload or a request to your server. It's pretty fast but only works on modern browsers. When the user clicks the panic button, we will replace the current page in his history with a fake url.

If the abusive user clicks back, your server (Php, python, whatever) will receive a request with your fake url. So you need to have another endpoint in your server (Let me know if you don't understand endpoints). Make a benign article, recipe, or weather report with a similar look and feel to your original website in order to avoid suspicion if the abuser got a quick glance at the website. Also make sure the browser's doesn't cache by using the <META HTTP-EQUIV="CACHE-CONTROL" CONTENT="NO-CACHE">tag.

Additional Remarks

  • Ideally your entire website (except your decoy article of course) should be an SPA (Single Page Application) so that it only ever produces one browser history record and you only have to modify that one.
  • At the end of the day, I don't think you can't make a panic button that's 100% foolproof, there's gonna be ways around it. You just have to find one with an acceptable level of security and convenience.

ANOTHER ALTERNATIVE: LOCALLY CHANGE THE INCRIMINATING INFO AND MODIFY BROWSER HISTORY

I was also thinking if instead of loading google, if it's not best to actually transform your site locally with innocent info. This looks less suspicious than loading google (everyone does that) and you can do it all locally without reloading the page.

When they click the panic button, you do some fast (and cross-browser compliant) DOM manipulation to change the incriminating info on your website and make it look innocent (maybe just change the text, it has to be fast). This way, it's all done locally which in the vast majority of browsers today is almost instant. You don't have to worry about reload/servers because the scripts should already be loaded and ready to go. If you keep the same look and feel it looks like the user was just navigating to a different page of the website. Don't make it too obvious from the look of your website that it's a crisis website. Of course, you make it impossible to navigate back to the original content. I would also make it clear on the panic button what the strategy is so that the user doesn't freak out.

I would still try to change the browser history and buy another domain that hosts a copy of the decoy page, as in the previous example. Not only if the domain name is suspicious, but in case the abusive user hits refresh or goes back in his history. You should make your entire website an SPA because you can only modify your current entry, not your past history. Of course, this would still only work in HTML5 browsers, just make sure no error is thrown and the other part of the scripts still runs in old browsers.

What do people think? any weaknesses to this? What would be good content to replace with?


Since you said that lives are at risks in your implementation, i strongly suggests educating the users to use multiple tabs instead of clicking on some panic buttons.

My reasons being

  1. In times of 'emergency', how long does it take for the user to move their hands to the mouse (assuming they lifted their hands to type or touch their hair or whatever they wanted to do), let's assume it took them -> 0.5 seconds
  2. In your example site, the green bar is actually very small, to be frank, not everyone is very accurate with their hand, eyes coordination (moreover mouse cursor acceleration might differ between OS'es and User Profiles), the user has to move the mouse to the "Panic" button and click, unless they are professional FPS gamers, it's likely to take them another -> 1-2 seconds
  3. My last variable assumption is, if your script involves loading remote resources, for e.g. www.google.com, you can put lives at risk by assuming that the browser is
    • Modern
    • Has scripts enabled
    • Network speed & latency is optimal
    • Caches are primed.

If you are going to load remote resources, i suggests you to insert a div with z-index: -1 and some dummy web contents. On click, move their z-index higher to overlap everything on screen.

So if we assume you load a remote resource and with all the unknown variables, we can assume the time taken to be -> 0.5 - 10 seconds

If you are going to write a program that might kill someone, i strongly suggests you not to take the risk of doing something that might take 2 - 12 seconds to save them.

Educate your users by putting a banner with instructions

  1. Open a tab that wouldn't threaten their own lives (e.g. google.com, msn.com, yahoo.com)
  2. Open another tab with your site
  3. Navigate normally on your site
  4. In times of emergency, press Ctrl+W for Google Chrome, IE, Firefox, Opera (please confirm for other major browsers)

If you get the whole idea, press ctrl + w vs your planned solution, i can certainly guarantee that Ctrl+W is going to be faster.


This answer assumes that History and Address Bar aren't an Issue. At least, not immediately.

Scenario

Julie is a victim of spousal abuse. She is on the internet searching for help, and she comes to your website: http://www.crisisprevention.com (fictional for this answer)

As she is perusing your site, she hears her spouse approaching the room rapidly. She panics. Fortunately, you have a nice, large button, fixed to the page as she scrolls.

She clicks this button and ...

It takes her to Google.com

I dislike this approach for the following reason: no one is going to believe that you are simply sitting in front of your computer staring at the Google search prompt. Believe me. I've tried it before.

I used to keep a tab open with the Google prompt, and if I was browsing off-topic at work stuff, I'd switch to the Google tab so that no one was the wiser. It worked...sort of. Until people started to question why I was staring at the Google search screen all day.

I've since started opening a tab with various work projects in different states. Usually, stuff I'm working on anyways in between browsing. So, now I'm actually getting some work done! It doesn't take a tech genius to figure out this approach, which is why @LeeGary's answer may be the best.

It takes her ... it's still taking her ... oh Internet connection problems

Here's a reality you need to be prepared for. Perhaps the Internet Connection gets interrupted at the moment she is panicking. The current content stays displayed on the page while she waits for the HTTP GET request to get content it can start rendering...only, no content is being retrieved. The Internet connection is disconnected. This could happen for any number of reasons:

  • Spouse disconnected it.
  • Server being contacted is under extreme load.
  • Browser is running shy on memory.
  • ISP is having issues.
  • Dial-up connection/disconnect (yes these still exist).
  • Computer is just slow.
  • DNS server is down.

The reasons go on and on why the browser might choke when she hits the panic button, and it tries to move her to a new site.

Serve an Alternative Website Instantly

My solution suggests that you preload a website in the background of your site. Load it into a <div> and hide it behind your normal site. If it's a large bit of content, then you might consider hiding it with z-index instead of display: none. This way it will be pre-rendered (I believe, could be wrong here).

Now, it doesn't matter if her Internet connection is down. She already has the content. There is no latency involved with an HTTP GET request. It simply displays immediately.

If address bar is a concern, you might still be able to mitigate that by serving an alternative website that correlates to your domain.

For example, take the fictitious (for this answer) domain: http://www.crisisprevention.com

You could serve up some alternative article that relates to say, solving the world hunger crisis.

The idea here is that it's the initial first glance that is the most damning. When the spouse walks in and he sees her navigating away to Google.com, with that panicked look about her, he's going to suspect something is up and be more inclined to investigate. Likewise, it could be even worse if she's caught in the act of trying to hide her actions because the HTTP GET request was slow or fails.


There are some big problems with panic button:

  • it is hard to click on it (you have to be accurate)
  • it takes time to select it (and a huge amount of time if you are on laptop without a mouse)
  • it saves you in history
  • it is accessible via back button / backspace.

And how about the panicking random moves of a woman who is trying to quickly click on that button, when she was reading this. What if she will miss the button from the first attempt?

So if there are really human lives that could be saved, this is kind of bad idea.

The better way is to show them normal way of doing this (via some sort of help before you can possibly enter this site). It can be something like this:

Depending on the browser of a user you give them a list of steps to do which use only keyboard (no mouse at all). For example if she is on chrome.

  1. open a website you like (FB, twitter, funny bunnies and pretend like you are doing something).
  2. Press CRTL+SHIFT+N (opens incognito window) which will not allow backspace / history tricks
  3. enter our site there (no copypasting to prevent checking what is inside of your buffer)
  4. Read the stuff and always keep your hands on the keyboard close to CRTL and W
  5. In case of emergency press CRTL+W
  6. Continue starring at your FB, twitter, funny bunny

Surely you have to modify your explanation in appropriate language. But this way it is really hard to get caught. Also tell about sitting next to mirrors and other reflection surfaces like windows, glasses and other things. Ask them to try using these combination for some time to be familiar.

If human lives are involved, you have to be professional and do not use these panic buttons. Especially if it is so easy to teach people how to do it quicker and more secure.

Answer to Nobius

I got you point, thank you. But I disagree with your point. After a lot of campaign for it to be put on FB, have you actually seen it on FB? I have not. Nontechnical people are notorious for coming up with ridiculously bad ideas, some of which you might have experienced (preventing right click on banks' pages to improve security, 4 digit passwords to be easier to type from mobile phones). Pressing a button sounds easier, but look at my list of steps - the only thing you need to do in a stressful situation is pressing CTRL+W. You do not need to think in terms of tabs, modes and other things. This comes up to basic pattern - see someone, press CTRL+W. In my opinion this is not difficult at all and easy to remember. It is by far not harder than to remember to click on the button. Everything else you have to read in a normal atmosphere.

Pressing 2 buttons is MUCH faster than moving mouse, and it is really hard to miss them when your fingers are on them (do an experiment and put yourself in stress full situation and try to quickly click on that button). Also as I mentioned - I see at least four reasons how something can go wrong in panic button situation, whereas I see much less in reasons in CRTL+W. If humans lives are involve - you need to be professional.

Answer to NicolasMoise. Why people keep saying that you need to be tech savvy for pressing CTRL+W? I am not trying to show people how to use TOR, VPN, setting up encryption channel. This is just CTRL+W. People learned how to play angry birds to waist their time (which is much harder than to remember 2 buttons), so people can learn CRTL+W to save their lives. Tutorial can be shown in such a way that observer can not understand why you are reading this (when you see my list of steps, I do not believe that the first guess would be - ah this is for women abuse site).

But most probably giving people perception of false safety is much better. The answer is not off-topic. The person is asking how to implement panic button - and I am explaining why is the current way flawed and what can he do to do it better. It is on the same level as 'I want to make communication secure and I am using substitution cypher', yes you can improve the speed of his cypher and pretend that everything is OK, or you can show another way.

One last attempt to explain my additional point: you have to properly explain people the risks behind your approach. A good example when people suffered from not explaining problems properly was the issue with Belorussian bloggers, who thought that posting anonymously on the internet will make them untraceable from governmental repressions. The resource gave them false belief that they are save if they do not provide their real identity. They learned that this is not true in the hard way (when they were jailed for few years).

If someone would explain them the risk I think some of them would be happy to learn how to use any tool to save their next five years.

So why not to give women few options:

  • you can use approach A right away, and here are the list of problems you can encounter.
  • you can use approach B, which requires X minutes during the first time to read and to understand something. And then your list of possible problems decreases to a smaller list.

And let them decide what they want to do. This way they know the risks.


I think you still have a long journey ahead of you.

The reason for sending people to the Google page is that

  1. it loads very fast
  2. it's likely to be cached anyway
  3. it renders very fast
  4. it's really well optimized
  5. did I mention it's fast?

The link you provided is slow.

If you want to provide a fast way of changing the screen then open your site in a frameset - with the cloak in a frame of height 0, and your site in a frame of full height. Then when the user clicks on the link swap around the frame heights and redirect to the top level window to the page already loaded.