The Tor Project issueshttps://gitlab.torproject.org/groups/tpo/-/issues2023-09-27T12:14:46Zhttps://gitlab.torproject.org/tpo/community/team/-/issues/81Content for social media, including Twitter, Facebook, Instagram, YouTube, an...2023-09-27T12:14:46ZGabagaba@torproject.orgContent for social media, including Twitter, Facebook, Instagram, YouTube, and the Tor Forum.https://gitlab.torproject.org/tpo/community/team/-/issues/80Write script and social media copy for how to use bridges.2023-09-27T12:13:41ZGabagaba@torproject.orgWrite script and social media copy for how to use bridges.rayarayahttps://gitlab.torproject.org/tpo/community/team/-/issues/79Create video and social assets: Use Loom (or similar tool) to record one demo...2023-09-27T12:13:42ZGabagaba@torproject.orgCreate video and social assets: Use Loom (or similar tool) to record one demonstration video per languagerayarayahttps://gitlab.torproject.org/tpo/community/team/-/issues/78Create graphics and video / gif assets2023-09-27T12:13:43ZGabagaba@torproject.orgCreate graphics and video / gif assetsnicobnicobhttps://gitlab.torproject.org/tpo/community/team/-/issues/77Coordinate localization of copy. 2023-09-27T12:13:45ZGabagaba@torproject.orgCoordinate localization of copy. emmapeelemmapeelhttps://gitlab.torproject.org/tpo/community/team/-/issues/76Content for social media, including Twitter, Facebook, Instagram, YouTube, an...2023-09-27T12:13:47ZGabagaba@torproject.orgContent for social media, including Twitter, Facebook, Instagram, YouTube, and the Tor Forum.https://gitlab.torproject.org/tpo/community/team/-/issues/75 Write script and social media copy for how to use Onionshare.2023-09-27T12:13:49ZGabagaba@torproject.org Write script and social media copy for how to use Onionshare.rayarayahttps://gitlab.torproject.org/tpo/network-health/tor-weather/-/issues/34Add more details to email2023-12-13T15:44:20ZbauruineAdd more details to emailAt the moment the email only contains the fingerprint. It would be nice to have additional information like the nickname, ip and hostname. And maybe also a link to the relay on metrics.tpo.At the moment the email only contains the fingerprint. It would be nice to have additional information like the nickname, ip and hostname. And maybe also a link to the relay on metrics.tpo.https://gitlab.torproject.org/tpo/core/arti/-/issues/793Change tor_circmgr::hspool target pool size dynamically2023-06-23T15:33:25ZNick MathewsonChange tor_circmgr::hspool target pool size dynamicallyRight now we hardcode the desired size of our pool of hs circuits. We should instead let it grow and shrink adaptively.
Step 1 here is to see what Tor does, and see whether that makes sense.Right now we hardcode the desired size of our pool of hs circuits. We should instead let it grow and shrink adaptively.
Step 1 here is to see what Tor does, and see whether that makes sense.Arti: Onion service supporthttps://gitlab.torproject.org/tpo/applications/mullvad-browser/-/issues/121Portable and System installs on Windows using the same profile.2023-03-28T12:55:50ZrichardPortable and System installs on Windows using the same profile.discussion here: https://gitlab.torproject.org/tpo/applications/privacy-browser/-/issues/62#note_2887842
This needs to be fixed before the initial release so we don't break back-compat when the separate system vs portable installers are...discussion here: https://gitlab.torproject.org/tpo/applications/privacy-browser/-/issues/62#note_2887842
This needs to be fixed before the initial release so we don't break back-compat when the separate system vs portable installers are introduced.https://gitlab.torproject.org/tpo/core/arti/-/issues/786Extract copy_interactive and/or onionmasq's InteractiveCopier into a new crate2023-10-19T15:01:34ZNick MathewsonExtract copy_interactive and/or onionmasq's InteractiveCopier into a new crateThe functionality in this function/future seem generally useful for implementing something kinda like sendfile/splice with `AsyncRead` and `AsyncWrite`; I'd suggest we make a new crate that provides this functionality, so both projects c...The functionality in this function/future seem generally useful for implementing something kinda like sendfile/splice with `AsyncRead` and `AsyncWrite`; I'd suggest we make a new crate that provides this functionality, so both projects can use it. (And so can anybody else who wants it.)https://gitlab.torproject.org/tpo/anti-censorship/team/-/issues/122Update x/net and x/crypto to latest version in Obfs4proxy and Snowflake2023-04-20T08:36:45ZtlaUpdate x/net and x/crypto to latest version in Obfs4proxy and SnowflakeSomebody sent me an issue about this:
https://github.com/tladesignz/IPtProxy/issues/45
> For security purposes, golang.org/x/crypto and golang.org/x/net should be updated to latest versions. This also requires the obfs4 and snowflake s...Somebody sent me an issue about this:
https://github.com/tladesignz/IPtProxy/issues/45
> For security purposes, golang.org/x/crypto and golang.org/x/net should be updated to latest versions. This also requires the obfs4 and snowflake submodules to do the same thing, so there needs to be some coordination between all three projects for this to happen.
Please let me know, if this is valid, and if there's any problems with that request! Thank you!meskiomeskio@torproject.orgmeskiomeskio@torproject.orghttps://gitlab.torproject.org/tpo/network-health/tor-weather/-/issues/30Do not allow negative hours2023-03-27T06:34:06ZGeorg KoppenDo not allow negative hoursWhen selecting after how many hours a notification will be sent for a particular subscription I am allowed to select a negative amount (e.g. by clicking on the arrow down in the text field), which is weird. Moreover, I am not even sure t...When selecting after how many hours a notification will be sent for a particular subscription I am allowed to select a negative amount (e.g. by clicking on the arrow down in the text field), which is weird. Moreover, I am not even sure this case is handled correctly. Either way we should make sure something > 0 is entered.https://gitlab.torproject.org/tpo/core/onionmasq/-/issues/39Throughput statistics reporting2023-06-28T13:02:03ZetaThroughput statistics reportingWe'd like to be able to show some pretty graphs about how much traffic the app is using (I guess maybe both pre- and post-VPN, i.e. log both user traffic and Arti traffic)? @trinity-1686a pointed out the latter can be done easily by just...We'd like to be able to show some pretty graphs about how much traffic the app is using (I guess maybe both pre- and post-VPN, i.e. log both user traffic and Arti traffic)? @trinity-1686a pointed out the latter can be done easily by just wrapping the TCP sockets.
As for exporting this data; probably just over the JNI, but @ahf also suggested maybe exporting it as prometheus(-style) metrics over HTTP by having the VPN listen on its gateway IP. That might be neat to explore, if only for development and testing purposes.
This should also ideally be per-app, too!VPN pre-alpha 02https://gitlab.torproject.org/tpo/applications/tor-browser/-/issues/41679Backport Android-specific security fixes from Firefox 111 to ESR 102.9-based ...2023-04-10T16:09:57ZrichardBackport Android-specific security fixes from Firefox 111 to ESR 102.9-based Tor Browser<details>
<summary>Explanation of Variables</summary>
- `$(ESR_VERSION)` : the Mozilla defined ESR version, used in various places for building tor-browser tags, labels, etc
- example : `102.8.0`
- `$(RR_VERSION)` : the Mozilla defin...<details>
<summary>Explanation of Variables</summary>
- `$(ESR_VERSION)` : the Mozilla defined ESR version, used in various places for building tor-browser tags, labels, etc
- example : `102.8.0`
- `$(RR_VERSION)` : the Mozilla defined Rapid-Release version; Tor Browser for Android is based off of the `$(ESR_VERSION)`, but Mozilla's Firefox for Android is based off of the `$(RR_VERSION)` so we need to keep track of security vulnerabilities to backport from the monthly Rapid-Release train and our frozen ESR train.
- example: `110`
- `$(TOR_BROWSER_MAJOR)` : the Tor Browser major version
- example : `12`
- `$(TOR_BROWSER_MINOR)` : the Tor Browser minor version
- example : either `0` or `5`; Alpha's is always `(Stable + 5) % 10`
- `$(BUILD_N)` : a project's build revision within a its branch; many of the Firefox-related projects have a `$(BUILD_N)` suffix and may differ between projects even when they contribute to the same build.
- example : `build1`
</details>
**NOTE:** It is assumed the `tor-browser` rebase has already happened and there exists a `build1` build tag for both `base-browser` and `tor-browser`
### **Bookkeeping**
- [ ] Link this issue to the appropriate [Release Prep](https://gitlab.torproject.org/tpo/applications/tor-browser-build/-/issues/?sort=updated_desc&state=opened&label_name%5B%5D=Release%20Prep) issues (stable and alpha).
### **Security Vulnerabilities Report** : https://www.mozilla.org/en-US/security/advisories/
- Potentially Affected Components:
- `firefox`/`geckoview` : https://github.com/mozilla/gecko-dev
- `application-services` : https://github.com/mozilla/application-services
- `android-components` : https://github.com/mozilla-mobile/firefox-android
- `fenix` : https://github.com/mozilla-mobile/firefox-android
**NOTE:** `android-components` and `fenix` used to have their own repos, but since November 2022 they have converged to a single `firefox-android` repo. Any backports will require manually porting patches over to our legacy repos.
- [x] Go through any `Security Vulnerabilities fixed in Firefox $(RR_VERSION)` (or similar) and create a candidate list of CVEs which potentially need to be backported in this issue:
- CVEs which are explicitly labeled as 'Android' only
- CVEs which are fixed in Rapid Release but not in ESR
- 'Memory safety bugs' fixed in Rapid Release but not in ESR
- [x] Foreach issue:
- Create link to the CVE on [mozilla.org](https://www.mozilla.org/en-US/security/advisories/)
- example: https://www.mozilla.org/en-US/security/advisories/mfsa2023-05/#CVE-2023-25740
- Create link to the associated Bugzilla issues (found in the CVE description)
- Create a link to the relevant `gecko-dev`/other commit hashes which need to be backported OR a brief justification for why the fix does not need to be backported
- To find the `gecko-dev` version of a `mozilla-central`, search for a unique string in the relevant `mozilla-central` commit message in the `gecko-dev/release` branch log.
- **NOTE:** This process is unfortunately somewhat poorly defined/ad-hoc given the general variation in how Bugzilla issues are labeled and resolved. In general this is going to involve a bit of hunting to identify needed commits or determining whether or not the fix is relevant.
### **tor-browser** : https://gitlab.torproject.org/tpo/applications/tor-browser.git
- [x] Backport any Android-specific security fixes from Firefox rapid-release
- [x] Sign/Tag commit:
- Tag : `tor-browser-$(ESR_VERSION)-$(TOR_BROWSER_MAJOR).$(TOR_BROWSER_MINOR)-1-$(BUILD_N)`
- Message: `Tagging $(BUILD_N) for $(ESR_VERSION)-based alpha)`
- [x] Push tag to `origin`
**OR**
- [ ] No backports
### **application-services** : *TODO: we will need to setup a gitlab copy of this repo that we can apply security backports to if there are ever any security issues here*
- [ ] Backport any Android-specific security fixes from Firefox rapid-release
- [ ] Sign/Tag commit:
- Tag : `application-services-$(ESR_VERSION)-$(TOR_BROWSER_MAJOR).$(TOR_BROWSER_MINOR)-1-$(BUILD_N)`
- Message: `Tagging $(BUILD_N) for $(ESR_VERSION)-based alpha`
- [ ] Push tag to `origin`
**OR**
- [x] No backports
### **android-components** : https://gitlab.torproject.org/tpo/applications/android-components.git
- [x] Backport any Android-specific security fixes from Firefox rapid-release
- **NOTE**: Since November 2022, this repo has been merged with `fenix` into a singular `firefox-android` repo: https://github.com/mozilla-mobile/firefox-android. Any backport will require a patch rewrite to apply to our legacy `android-components` project.
- [ ] Sign/Tag commit:
- Tag : `android-components-$(ESR_VERSION)-$(TOR_BROWSER_MAJOR).$(TOR_BROWSER_MINOR)-1-$(BUILD_N)`
- Message: `Tagging $(BUILD_N) for $(ESR_VERSION)-based alpha)`
- [ ] Push tag to `origin`
**OR**
- [ ] No backports
### **fenix** : https://gitlab.torproject.org/tpo/applications/fenix.git
- [ ] Backport any Android-specific security fixes from Firefox rapid-release
- **NOTE**: Since February 2023, this repo has been merged with `android-components` into a singular `firefox-android` repo: https://github.com/mozilla-mobile/firefox-android. Any backport will require a patch rewrite to apply to our legacy `fenix` project.
- [ ] Sign/Tag commit:
- Tag : `tor-browser-$(ESR_VERSION)-$(TOR_BROWSER_MAJOR).$(TOR_BROWSER_MINOR)-1-$(BUILD_N)`
- Message: `Tagging $(BUILD_N) for $(ESR_VERSION)-based alpha)`
- [ ] Push tag to `origin`
**OR**
- [x] No backports
### CVEs
- [ ] https://www.mozilla.org/en-US/security/advisories/mfsa2023-09/#CVE-2023-28159
- https://bugzilla.mozilla.org/show_bug.cgi?id=1783561
- **patches**:
- android-components: https://github.com/mozilla-mobile/firefox-android/pull/565/commits
- fenix: https://github.com/mozilla-mobile/fenix/pull/28572/commits
- [ ] https://www.mozilla.org/en-US/security/advisories/mfsa2023-09/#CVE-2023-25748
- https://bugzilla.mozilla.org/show_bug.cgi?id=1798798
- **patch**: https://github.com/mozilla-mobile/firefox-android/commit/1dc21a3786506200be124733e654dff8f39b5395
- [x] https://www.mozilla.org/en-US/security/advisories/mfsa2023-09/#CVE-2023-25749
- https://bugzilla.mozilla.org/show_bug.cgi?id=1810705
- **patch**: https://github.com/mozilla-mobile/firefox-android/commit/4ff195aa268af1dabbcac050bb6e3e6e9abecff7
- **note**: our existing fix for fenix#34378 actually fixes this already so let's not backport this one :D
- [x] https://www.mozilla.org/en-US/security/advisories/mfsa2023-09/#CVE-2023-25750
- https://bugzilla.mozilla.org/show_bug.cgi?id=1814733
- esr102 unaffected AND this is a service workers issue (service workers are not enabled in Tor Browser)
- [x] https://www.mozilla.org/en-US/security/advisories/mfsa2023-09/#CVE-2023-28160
- https://bugzilla.mozilla.org/show_bug.cgi?id=1802385
- **patch**: https://hg.mozilla.org/mozilla-central/rev/554a5aa89673
- **note:** This is a potential fingerprinting vector fix, but only accessible from webextensions which Android in general doesn't support very many of so if this is a pain to backport that's fine
- [x] https://www.mozilla.org/en-US/security/advisories/mfsa2023-09/#CVE-2023-28161
- https://bugzilla.mozilla.org/show_bug.cgi?id=1811181
- This patch would apparently require a lot of re-work for esr102 (and is not applicable to Android) so lets skip it
- [x] https://www.mozilla.org/en-US/security/advisories/mfsa2023-09/#CVE-2023-28177
- [x] https://bugzilla.mozilla.org/show_bug.cgi?id=1817336
- esr102 unaffected, affects linux desktop
- [x] https://bugzilla.mozilla.org/show_bug.cgi?id=1803109
- only happens when profiling which is one reason they didn't backport
- **patch**: https://hg.mozilla.org/mozilla-central/rev/adcb31b93a01
- [x] https://bugzilla.mozilla.org/show_bug.cgi?id=1809542
- esr102 unaffected, affects Windows
- [x] https://bugzilla.mozilla.org/show_bug.cgi?id=1808832
- esr102 unaffected,
<!-- Create CVE resolution here -->ma1ma1https://gitlab.torproject.org/tpo/applications/tor-browser-build/-/issues/40804Remove openssl error patch from tor once we upgrade tor to 0.4.82023-03-10T16:54:24ZrichardRemove openssl error patch from tor once we upgrade tor to 0.4.8See https://gitlab.torproject.org/tpo/core/tor/-/issues/40759
We have a temporary patch in projects/tor/build which we can remove once we update the tor version.See https://gitlab.torproject.org/tpo/core/tor/-/issues/40759
We have a temporary patch in projects/tor/build which we can remove once we update the tor version.richardrichardhttps://gitlab.torproject.org/tpo/network-health/onbasca/-/issues/146Add missing defaults to onbrisca2023-03-13T12:18:29ZjugaAdd missing defaults to onbriscaAs `NUM_THREADS`, maybe there're more.As `NUM_THREADS`, maybe there're more.jugajugahttps://gitlab.torproject.org/tpo/web/donate-static/-/issues/110Change "ZIP Code" to "Postal code" in web form2023-04-10T22:02:32ZmattlavChange "ZIP Code" to "Postal code" in web formA non-American person tells me he refuses to donate to Tor until this detail of donate.tpo is changed. I propose we give him what he wants, can we do this outside of the overall reboot?A non-American person tells me he refuses to donate to Tor until this detail of donate.tpo is changed. I propose we give him what he wants, can we do this outside of the overall reboot?https://gitlab.torproject.org/tpo/applications/tor-browser/-/issues/41644fonts linux: test whitelist breakage2023-04-17T15:03:19ZThorinfonts linux: test whitelist breakagenot an issue, but a Q for @pierov
In my much awaited but not yet deployed new fang-dangled snazzy TZP (30% smaller, 30% faster, with MOAR metrics), I am not just collecting font enumeration and sizes, but now also checking that any whi...not an issue, but a Q for @pierov
In my much awaited but not yet deployed new fang-dangled snazzy TZP (30% smaller, 30% faster, with MOAR metrics), I am not just collecting font enumeration and sizes, but now also checking that any whitelist (or RFP's font vis) doesn't leak (as well as for missing bundled fonts in TB). But there is no need to check massive lists in TB, as most fonts are bundled: this would just adds lots of perf overhead
<details><summary>sample code</summary><p>
lists are snipped for brevity where stated
```js
let fntMaster = {
// TB bundled
"bundled": {
"all": [ // 118 win/mac/linux
"Noto Sans Adlam","Noto Sans Balinese", // SNIP
],
"android": [],
"linux": [ // +16
"Arimo","Cousine", // SNIP
],
"mac": [ // +5
"Noto Sans Armenian","Noto Sans Hebrew", // SNIP
],
"windows": [ // +4
"Noto Naskh Arabic", // SNIP
],
},
// TB whitelist
"allowlist": {
"android": [],
"linux": [],
"mac": [
"AppleGothic","Apple Color Emoji", // SNIP
],
"windows": [
"Arial","Cambria Math" // SNIP
],
},
// TB unexpected: to catch failures
"blocklist": {
"android": [],
"linux": [
'Arial','Courier','Courier New','Noto Emoji','Noto Sans','Noto Serif',
'Noto Color Emoji','Noto Mono','Cantarell','DejaVu Sans','DejaVu Serif',
'Droid Sans','STIX','Symbola','Dingbats','FreeMono','Ubuntu',
],
"mac": ["Apple Symbols","Avenir","Charter","Impact","Palatino","Rockwell",],
"windows": ["Calibri","Candara","Corbel","Impact","Ebrima","Gabriola",],
},
```
</p></details>
so we end up with something like this, where the green `[TB]` notation means no bundled fonts were missing _AND_ we didn't leak anything outside the whitelist (I call it an allowlist on the page so as to not be offensive). The bundled list (122) is a subset of allowed (155), which is a subset of the fonts tested (162 - which includes a fake random font as a poison pill)
![example](/uploads/3f3c8ffbbc960747ea70a90a8797b08b/example.png)
Now windows/mac is simple - I can add expected system fonts since win7/macOS10.12 to the "blocklist" and if they are detected then the whitelist is failing.
But linux is trickier. My initial "blocklist"ed items are, I think fairly common, especially on ubuntu and fedora, but I am not super linux font savvy. Can you improve on this list (without going massive on it: smaller is better) - see code examplehttps://gitlab.torproject.org/tpo/applications/tor-browser/-/issues/41642Do not hide new PBM in the hamburger menu if auto PBM is not enabled2023-10-03T15:37:43ZPier Angelo VendrameDo not hide new PBM in the hamburger menu if auto PBM is not enabledImprovement for 2a6e497977d8ab4996d8a1c77dbdcb1ae60eb486.Improvement for 2a6e497977d8ab4996d8a1c77dbdcb1ae60eb486.