The Tor Project issueshttps://gitlab.torproject.org/groups/tpo/-/issues2022-10-26T20:47:50Zhttps://gitlab.torproject.org/tpo/community/support/-/issues/40061Define a process to evaluate docs mirrors availability in China2022-10-26T20:47:50ZGusDefine a process to evaluate docs mirrors availability in ChinaAs part of S96 work, we want to track if/when a Tor documentation mirror is blocked in China, so we can advertise a new one.As part of S96 work, we want to track if/when a Tor documentation mirror is blocked in China, so we can advertise a new one.Sponsor 96: Rapid Expansion of Access to the Uncensored Internet through Tor in China, Hong Kong, & TibetGusGushttps://gitlab.torproject.org/tpo/anti-censorship/pluggable-transports/snowflake/-/issues/40094Disable standalone proxies on bridge2022-01-19T07:40:48ZDavid Fifielddcf@torproject.orgDisable standalone proxies on bridgeWe want to increase the tor capacity of the snowflake bridge. We should disable the two standalone proxies we run on that host, in order to open up some more CPU headroom. Cf. #40091.We want to increase the tor capacity of the snowflake bridge. We should disable the two standalone proxies we run on that host, in order to open up some more CPU headroom. Cf. #40091.Sponsor 96: Rapid Expansion of Access to the Uncensored Internet through Tor in China, Hong Kong, & TibetDavid Fifielddcf@torproject.orgDavid Fifielddcf@torproject.orghttps://gitlab.torproject.org/tpo/tpa/team/-/issues/40547hosting the telegram bridges bot2021-12-08T16:14:36Zmeskiomeskio@torproject.orghosting the telegram bridges botWe are handing bridges over telegram, for now is a [hacky bot](https://gitlab.torproject.org/meskio/telegram-bridge-bot), but at some point it might become part of rdsys. Should we host it in our infra? I guess the right place will be po...We are handing bridges over telegram, for now is a [hacky bot](https://gitlab.torproject.org/meskio/telegram-bridge-bot), but at some point it might become part of rdsys. Should we host it in our infra? I guess the right place will be polyanthum as this is where bridgedb and rdsys live.
I can run it under the rdsys user account, but it doesn't need access to anything of rdsys so it can easily live in its own user. I'm happy anyway.
The bot does produce prometheus metrics, we'll need TPA prometheus to be able to reach the bot metrics. I guess this will require configuring apache to export that metrics. I guess TPA will know what is the better mechanism to do that. The metrics will be published in /metrics on the local port of your choosing.Sponsor 96: Rapid Expansion of Access to the Uncensored Internet through Tor in China, Hong Kong, & Tibethttps://gitlab.torproject.org/tpo/community/team/-/issues/48O4.2 Create and publish user documentation.2023-02-01T20:33:10ZGabagaba@torproject.orgO4.2 Create and publish user documentation.We will need to create unique strategies for disseminating support and documentation for these target users, as torproject.org is often blocked. We will develop a strategy for hosting and sharing documentation that circumvents this. We w...We will need to create unique strategies for disseminating support and documentation for these target users, as torproject.org is often blocked. We will develop a strategy for hosting and sharing documentation that circumvents this. We will also update Tor Browser and OnionShare user documentation in English and Chinese.
This ticket will be related to documentation for TB, OnionShare as well as torproject.org. We will work on this starting in November and across the whole project.
/cc @gus @duncan @kezSponsor 96: Rapid Expansion of Access to the Uncensored Internet through Tor in China, Hong Kong, & TibetGusGushttps://gitlab.torproject.org/tpo/web/donate-static/-/issues/46Update privacy policy to be consistent with (new) donor FAQ2021-10-08T20:49:21Zal smithUpdate privacy policy to be consistent with (new) donor FAQIn ticket #35, we're updating the Donor FAQ. We want the [Donor Privacy Policy](https://donate.torproject.org/privacy-policy/) to reflect this updated version of the FAQ.
Please change this paragraph on https://donate.torproject.org/pri...In ticket #35, we're updating the Donor FAQ. We want the [Donor Privacy Policy](https://donate.torproject.org/privacy-policy/) to reflect this updated version of the FAQ.
Please change this paragraph on https://donate.torproject.org/privacy-policy/
> If you donate more than $5,000 and we know your name and address, we are required to disclose it to the IRS in Schedule B of the Form 990. But, that information is redacted from the publicly-available version of our Form 990.
to
> If you donate above a certain amount (roughly $80,000 USD as of 2020) to the Tor Project in a single year, we are required to report the donation amount and your name and address (if we have it) to the IRS, on Schedule B of the Form 990, which is filed annually.
>
> However, it's normal for nonprofits to redact individual donor information from the copy of the 990 that's made publicly-available on their website, and that's what we do.Redesign donate.torproject.orghttps://gitlab.torproject.org/tpo/web/donate-static/-/issues/45donate-static vanilla js rewrite2023-03-17T21:24:29ZKezdonate-static vanilla js rewriteThis is a ticket that should've been written around a month ago, but I didn't think to do it then, so I'm writing it now!
The [donate.tpo frontend](https://gitlab.torproject.org/tpo/web/donate-static) is currently written in a mix of re...This is a ticket that should've been written around a month ago, but I didn't think to do it then, so I'm writing it now!
The [donate.tpo frontend](https://gitlab.torproject.org/tpo/web/donate-static) is currently written in a mix of react and lektor (mostly react). Since nobody at TPI knows react very well, we want to rewrite it in vanilla javascript to make it easier for us to maintain, and hopefully allow us to reuse some of the loogic for the upcoming donate.tpo rewrite (#29).
## Plan
Here are the steps I've taken and plan to take to move to vanilla javascript (in no particular order):
- [x] Move all the JSON configuration from settings.js to lektor databags
- [x] Move the countries.json and regions.json files to lektor databags, re-structured to make working with them a bit more pythonic
- [x] Write a script to regenerate the countries.json/regions.json databags from the existing json files
- [x] Scaffold a new `tor-donate-js/` npm project with [esbuild](https://github.com/evanw/esbuild), [eslint](https://eslint.org), and [jsdoc](https://jsdoc.app/)
- [x] Render the cryptocurrency page statically with lektor, with a small amount of javascript to add an event listener to the anonymous donation checkbox, and copy-to-clipboard support for the wallet addresses (defined in `tor-donate-js/src/cryptocurrency.js`)
- [x] Move as many of the react components as possible to jinja2 macros and statically render them with lektor
- [x] Rewrite the donate-form.html template to use the jinja macros and render the donation form statically
- [x] Rewrite the donate form validation logic, interactivity/reactivity, and submit handlers in a vanilla es6 class (eslint and esbuild are using es2021)
- [x] Event handler reactivity:
- [x] Donation frequency selection buttons
- [x] Donation amount buttons
- [x] Other donation amount text box
- [x] No perk checkbox
- [x] Perk selection tiles
- [x] Donation method selection button
- [x] Credit card fields
- [x] Donation amount label
- [x] Gift selection label
- [x] Form field validation
- [x] Stripe API submit handler
- [x] Paypal API submit handler
- [x] Render Paypal buttons
- [x] Paypal button callback functions
- [x] onApprove
- [x] onCancel
- [x] createBillingAgreement
- ~~[ ] createOrder~~
- [x] Implement the giving form class on the donation pages
- [x] Main donation page (the index page)
- [x] Monthly giving page
- [x] Champions of privacy page
- [x] There are a few TODOs (mostly relating to form validation) that need to be cleaned up
- [x] jsdoc comments on all classes, methods, and top-level functions
- [x] Documentation describing the new JS architecture, with a guide to editing, and the build system/contribution process
- [x] Set up translations/l10n in lektor
- [x] Set up a staging site for my fork
The rewrite is mostly finished. I don't have a timeframe for when it should be complete; Paypal, Stripe, and the reactivity each took a bit longer than I expected. I'm hoping to have this done within the next week or so.
## Motivations for the new build system (esbuild, eslint, jsdoc)
esbuild is a fairly new tool, so I want to explain why I chose that instead of parcel, webpack, or rollup.
The main reason is simplicity. Other bundlers I've used usually require a fiarly complex configuration file, and tend to be slow and come with a lot of dependencies. esbuild is a single native binary with no dependencies, and works with a simple cli configuration.
jsdoc was added because the main issue I had with the react site was the complexity and lack of documentation. eslint is used for linting, and also to enforce jsdoc comments.Redesign donate.torproject.orghttps://gitlab.torproject.org/tpo/anti-censorship/pluggable-transports/snowflake/-/issues/40056O1.2: Increase the number of Snowflake proxies.2022-07-05T18:08:28ZGabagaba@torproject.orgO1.2: Increase the number of Snowflake proxies.With limited ramp up so far, we already have 6,000 volunteers running Snowflakes. Increasing Snowflake operators through more aggressive promotion will allow us to rapidly increase unblocked bridge entry points to the Tor network by thou...With limited ramp up so far, we already have 6,000 volunteers running Snowflakes. Increasing Snowflake operators through more aggressive promotion will allow us to rapidly increase unblocked bridge entry points to the Tor network by thousands.
- O1.2.1: Run a public campaign to encourage Internet users to install the Snowflake extension in Firefox or Chrome and use their web browser to act as bridges for censored people. This campaign will target individuals who care about free access to information but who may have limited capacity to operate a traditional bridge.
- O1.2.2: Scale Tor reachability through mobile Snowflakes. It’s also possible to build the Snowflake into mobile applications. We can rapidly increase the availability and diversity of bridge IP addresses that are not blocked in China by asking the millions of active Orbot users to “help censored users connect to Tor.” Through the Internews DISRUPT program, Guardian Project is designing and implementing “Orbot as Bridge” capability with the use of Snowflake, and as a result of this Activity, any Orbot user will be able to become a Snowflake bridge to Tor when they are not actively using their device. Guardian Project is also implementing as much of this capability as possible in Onion Browser for iOS.1 To do so, Guardian Project will: continue to improve Tor+Snowflake stability & performance on mobile devices and tune mobile-as-Snowflake bridge usability and performance, especially considering connections from the target regions.Sponsor 96: Rapid Expansion of Access to the Uncensored Internet through Tor in China, Hong Kong, & Tibet2022-12-31https://gitlab.torproject.org/tpo/anti-censorship/bridgedb/-/issues/40026Sponsor 96 - Objective 2: Improve the bridge distribution systems so that it’...2021-07-20T18:59:06ZGabagaba@torproject.orgSponsor 96 - Objective 2: Improve the bridge distribution systems so that it’s harder for censors to learn and block bridges and easier for users to get them.- O2.1: Make it easier for humans & harder for censors to get bridges from moat distributor.
- O2.2: Deploy improved bridge distribution systems.
- O2.3: React and steer our response to censorship.- O2.1: Make it easier for humans & harder for censors to get bridges from moat distributor.
- O2.2: Deploy improved bridge distribution systems.
- O2.3: React and steer our response to censorship.Sponsor 96: Rapid Expansion of Access to the Uncensored Internet through Tor in China, Hong Kong, & Tibethttps://gitlab.torproject.org/tpo/applications/tor-browser/-/issues/40259Inform users in Tor Browser of which settings are best for them based on thei...2022-04-04T17:11:17ZArturo FilastòInform users in Tor Browser of which settings are best for them based on their countryTor Browser Launcher would, for countries where we know Tor to either work for sure or not work for sure, advise users on whether to use a bridge or not.
This does open the question of "How does Tor Launcher know the country of the user...Tor Browser Launcher would, for countries where we know Tor to either work for sure or not work for sure, advise users on whether to use a bridge or not.
This does open the question of "How does Tor Launcher know the country of the user"?
I think this is at the end of the day a UX question, that can have various ways of doing it. For example you can have the user input their country (but that is maybe a bit sketchy from the users perspective) or you could show them a list of countries where tor is known to work OK and a list of where it's known to not work.Sponsor 96: Rapid Expansion of Access to the Uncensored Internet through Tor in China, Hong Kong, & Tibetrichardrichardhttps://gitlab.torproject.org/tpo/web/donate-static/-/issues/12Fix footer links in inner pages2021-06-21T12:26:21ZAntonelaantonela@torproject.orgFix footer links in inner pageshttps://donate.torproject.org/ inner pages footer links (Donor FAQ (current), Donor Privacy Policy) are going to a 404.
For example, you can reproduce clicking footer links in
https://donate.torproject.org/donor-faq/https://donate.torproject.org/ inner pages footer links (Donor FAQ (current), Donor Privacy Policy) are going to a 404.
For example, you can reproduce clicking footer links in
https://donate.torproject.org/donor-faq/Redesign donate.torproject.orghttps://gitlab.torproject.org/tpo/community/outreach/-/issues/28531Publish a snapshot of what PTs are needed for successful Tor use in each country2022-07-20T21:10:55ZRoger DingledinePublish a snapshot of what PTs are needed for successful Tor use in each countrySeveral countries have deployed censorship that includes trying to block Tor in various ways. And places change their censorship over time. What does the big picture look like today?
We have a scattering of resources on this topic curre...Several countries have deployed censorship that includes trying to block Tor in various ways. And places change their censorship over time. What does the big picture look like today?
We have a scattering of resources on this topic currently, e.g.:
* OONI has "vanilla Tor" measurements in some countries.
* We have anecdotal stories from talking to users in various places.
* There's the censorship wiki: https://trac.torproject.org/projects/tor/wiki/doc/OONI/censorshipwiki (legacy/trac#6149)
* metrics-timeline has something similar: https://trac.torproject.org/projects/tor/wiki/doc/MetricsTimeline
* And the Berkeley folks wrote up their own Tor censorship timeline: https://www.icsi.berkeley.edu/~sadia/tor_timeline.pdf
But what is the situation, this month, in every country? Which ones block the Tor directory authorities, which ones block the public relays, which ones block the default (i.e. included in tor browser) bridges, which ones enumerate bridges from bridges.torproject.org and block them by IP address, which ones use DPI to detect and cut various pluggable transport connections, which ones throttle protocols they don't want, etc?
When Venezuela's CANTV ISP did their IP address based blocking, they also blocked the default obfs4 bridges, which led to confusion and then unfortunate headlines like the one from Access: "Venezuela blocks Tor". (Tor worked fine if you got a fresh bridge, even a vanilla bridge.)
In Taipei I talked to some central asia experts who told me about how Tor only works in a degraded way in Belarus in the default configuration "because a few years ago they blocked all the relay IP addresses, but they haven't updated their block since then".
We need up-to-date information about Tor blocking to provide advice to our users when they ask for support, and also we want it for preemptively including good advice in Tor Launcher's UI. Knowing historical trends will help us prioritize the development of new pluggable transports vs new distribution methods of existing transports.
So, how do we get this information?
One option is that in the glorious future, the standard OONI decks will have all of these tools built-in. But that future is a long way off, and maybe it should never even arrive, since some Tor transports are huge and have no business being bundled into a little mobile testing app.
I think we instead want some combination of the following two plans:
* We have on-the-ground contacts in many countries, and it's often not just individuals but whole NGOs full of Tor enthusiasts. We should pull together our knowledge of who we know in each place, and ask them what they think the current situation is in their country, and talk to them regularly. We can prioritize the various countries that we think were, are, or might be trying to block Tor. Having these on-the-ground experts is going to be necessary no matter what else we add to the plan, and it's why I picked 'community outreach' as the ticket component.
* We should build automated tools to assist people in assessing Tor censorship on their network -- to increase the accuracy of reports that we get, and to make the reports come with actual data that we can compare over time. This idea is legacy/trac#23839.
This ticket is for pulling together one big-picture report. But once we have one, we will want to find ways of keeping ourselves up to date over time.Sponsor 96: Rapid Expansion of Access to the Uncensored Internet through Tor in China, Hong Kong, & Tibethttps://gitlab.torproject.org/tpo/core/arti/-/issues/1277Make VanguardMgr accessible to CircMgr2024-03-19T15:07:31Zgabi-250Make VanguardMgr accessible to CircMgr`CircMgr::launch_hs_unmanaged` will need to be able to launch circuits that use vanguards, so `CircMgr` will need a handle to `VanguardMgr`.
Depends on #1275`CircMgr::launch_hs_unmanaged` will need to be able to launch circuits that use vanguards, so `CircMgr` will need a handle to `VanguardMgr`.
Depends on #1275Arti: Guard discovery researchgabi-250gabi-250https://gitlab.torproject.org/tpo/applications/vpn/-/issues/100Design a temporary application icon for the VPN pre-alpha2023-08-01T16:33:33ZdonutsDesign a temporary application icon for the VPN pre-alphaI think something based on the onion rings (i.e. keeping it generic would be good enough for now. Maybe with a sparkle?
- Resources: [Guidelines](https://developer.android.com/develop/ui/views/launch/icon_design_adaptive) | [Templates](...I think something based on the onion rings (i.e. keeping it generic would be good enough for now. Maybe with a sparkle?
- Resources: [Guidelines](https://developer.android.com/develop/ui/views/launch/icon_design_adaptive) | [Templates](https://www.figma.com/file/sjNWeIOpb0BckjmxApXd5m/VPN-pre-alpha?node-id=939%3A2070&t=xXPiif40TbrHiSJg-1) (in Figma)Sponsor 101 - Tor VPN Client for Androiddonutsdonutshttps://gitlab.torproject.org/tpo/core/onionmasq/-/issues/21Integrate IPtProxy for PT support2024-02-01T12:07:48Zmicahmicah@torproject.orgIntegrate IPtProxy for PT supportWe expect that part of TorVPN need will be onionmasq being able to call IPtProxy for PT support, ideally onionmasq would start and stop IPtProxy as necessary and probably the communication would happen over SOCKS. This integration work i...We expect that part of TorVPN need will be onionmasq being able to call IPtProxy for PT support, ideally onionmasq would start and stop IPtProxy as necessary and probably the communication would happen over SOCKS. This integration work in onionmasq will need to be done at the rust level and use the FFI to interface.Sponsor 101 - Tor VPN Client for Androidhttps://gitlab.torproject.org/tpo/ux/research/-/issues/94Track User Research for VPN2023-10-02T13:22:42ZNahTrack User Research for VPNThis is a major issue to track all User Research done for S101.
During this research, we will carry on activities to design a Tor VPN client that meet the needs of target users. We will work together with other oganizations and conduct ...This is a major issue to track all User Research done for S101.
During this research, we will carry on activities to design a Tor VPN client that meet the needs of target users. We will work together with other oganizations and conduct research on the existing VPN ecosystem. We will conduct research on Android, desktop, and iOS platforms. Our goal with this phase is to understand the features and functionalities necessary to build a minimal viable product for our target audience, and to bring this research to Objective 2.
- Product: VPN.
- Stakeholders: The Guardian Project.
- Target audience: human rights defenders, NGOs, journalists, activists.
**Methodologies:**
- Surveys (user needs)
- Interviews (job/user stories) #70
- Card sorting (safety features)
- Desk research (vpn ecosystem) #64 #63
**Outcomes:**
- Report Survey
- Report Interviews
- RecommendationsSponsor 101 - Tor VPN Client for Androiddonutsdonutshttps://gitlab.torproject.org/tpo/core/arti/-/issues/461User should be able to run an onion service in the background on iOS2022-05-18T13:09:44ZholmesworcesterUser should be able to run an onion service in the background on iOS<!--
* Use this issue template for submitting a feature.
-->
### Summary
Tor-based apps like [OnionShare](https://onionshare.org/), [Ricochet Refresh](https://www.ricochetrefresh.net/), and [Quiet](https://github.com/ZbayApp/monorepo) ...<!--
* Use this issue template for submitting a feature.
-->
### Summary
Tor-based apps like [OnionShare](https://onionshare.org/), [Ricochet Refresh](https://www.ricochetrefresh.net/), and [Quiet](https://github.com/ZbayApp/monorepo) use Tor to share data directly and privately between peers.
On desktop platforms and Android, a user can choose to leave such an app running in the background.
However, iOS restricts what apps can run in the background. There isn't an obvious way to for these apps leave an onion service running in the background on iOS.
This might be unavoidable given iOS restrictions, but if there was some way for Tor to run an onion service as a background process (I've heard that VPNs might be able to do this?) and fire a notification or wake up another app when it receives an incoming connection, that would be very helpful for developers and users of this class of application, on iOS.
### What is the expected behavior?
An onion service runs in the background on iOS and is capable of receiving an incoming request, firing a notification, and/or waking up another app to handle the incoming request.Sponsor 101 - Tor VPN Client for AndroidAlexander Færøyahf@torproject.orgAlexander Færøyahf@torproject.orghttps://gitlab.torproject.org/tpo/core/arti/-/issues/423Design & specify handling UDP traffic from the VPN interface into Tor2022-03-29T00:51:43ZGabagaba@torproject.orgDesign & specify handling UDP traffic from the VPN interface into TorDesign & specify handling UDP traffic from the VPN interface into Tor; perform connection mapping on incoming UDP traffic into Tor circuits.Design & specify handling UDP traffic from the VPN interface into Tor; perform connection mapping on incoming UDP traffic into Tor circuits.Sponsor 101 - Tor VPN Client for Androidhttps://gitlab.torproject.org/tpo/ux/design/-/issues/35Create wireframes and document key user journeys for the Tor VPN2023-05-17T20:47:50ZdonutsCreate wireframes and document key user journeys for the Tor VPNKey screens and user flows will require illustration with low-fidelity wireframes, detailing their functions, rough hierarchy in terms of UI elements, and general user experience. Critical functionality (or anything not made immediately ...Key screens and user flows will require illustration with low-fidelity wireframes, detailing their functions, rough hierarchy in terms of UI elements, and general user experience. Critical functionality (or anything not made immediately obvious in the illustration itself) needs to be annotated for developer handoff.
Once complete, we should have a clear idea of the number of screens/templates and UI elements requiring design in order to begin development of the MVP.
This ticket relates to the following objectives:
* O1.3: Create wireframes and potential user flows for the VPN client based on research conducted in O1.1 and O1.2.Sponsor 101 - Tor VPN Client for Androiddonutsdonutshttps://gitlab.torproject.org/tpo/ux/research/-/issues/68Create technical specification for the Tor VPN2023-06-28T16:27:31ZdonutsCreate technical specification for the Tor VPNOnce the product requirements have been agreed upon in https://gitlab.torproject.org/tpo/ux/research/-/issues/66, the list of supported features will be translated into a full technical specification detailing the technical requirements,...Once the product requirements have been agreed upon in https://gitlab.torproject.org/tpo/ux/research/-/issues/66, the list of supported features will be translated into a full technical specification detailing the technical requirements, dependencies and approach required to accomplish each. The technical specification will also need to exercise a degree of foresight, and provide a foundation for the expansion of the MVP’s feature-set in future.
This activity will require multiple teams to collaborate to produce a single doc – each sharing responsibility to document their portion of the project – including: the UX team, the Applications team, the Network team and the Network Health/Metrics team.Sponsor 101 - Tor VPN Client for Androidhttps://gitlab.torproject.org/tpo/core/torspec/-/issues/73Write a proposal to send UDP traffic over Tor2023-11-08T19:10:20ZNick MathewsonWrite a proposal to send UDP traffic over TorNote that this is not for Tor-over-UDP; it's for UDP-over-Tor.Note that this is not for Tor-over-UDP; it's for UDP-over-Tor.Sponsor 101 - Tor VPN Client for AndroidNick MathewsonNick Mathewson