The Tor Project issueshttps://gitlab.torproject.org/groups/tpo/-/issues2022-03-01T15:55:27Zhttps://gitlab.torproject.org/tpo/anti-censorship/pluggable-transports/snowflake/-/issues/40102Several devices on the same network ?2022-03-01T15:55:27ZcypherpunksSeveral devices on the same network ?Hi !
I got in touch with you once with that question :
- Is it possible to install Snowflake on all the devices connected to the same local network ? (Ex : On a family, on 2 PCs)
Your answer :
- Mmm, it's not recommended.
My request :
...Hi !
I got in touch with you once with that question :
- Is it possible to install Snowflake on all the devices connected to the same local network ? (Ex : On a family, on 2 PCs)
Your answer :
- Mmm, it's not recommended.
My request :
- To know if your answer is still relevant
- Whatever, can you write in the Wiki/website FAQ, etc. ?
Thank you ! Tons of love. :) ♥https://gitlab.torproject.org/tpo/web/community/-/issues/253Update Windows guide to include Windows Firewall2022-02-15T19:29:19ZemmapeelUpdate Windows guide to include Windows Firewall[As reported by lokodlare in our forum](https://forum.torproject.net/t/high-speed-relays-on-windows-not-great-not-terrible/2056) we should include information about Windows Firewall on our Windows instructions at https://community.torpro...[As reported by lokodlare in our forum](https://forum.torproject.net/t/high-speed-relays-on-windows-not-great-not-terrible/2056) we should include information about Windows Firewall on our Windows instructions at https://community.torproject.org/relay/setup/guard/windows/, because our guide _"sadly omits to even mention Windows’ integrated Firewall. Windows Firewall is enabled by default in all more recent versions of Windows (for good reason!) and you will need to create new rules for your tor relay(s) or bridge(s) to be reachable from the outside"_.https://gitlab.torproject.org/tpo/web/community/-/issues/250snowflake: add debian package as installation method2022-08-03T01:37:40Ztxt.filesnowflake: add debian package as installation method<!--
* Use this issue template for suggesting new docs or updates to existing docs.
-->
### Problem to solve
<!-- Include the following detail as necessary:
-->
* On debian its a good idea to use the package manager instead of docker/a...<!--
* Use this issue template for suggesting new docs or updates to existing docs.
-->
### Problem to solve
<!-- Include the following detail as necessary:
-->
* On debian its a good idea to use the package manager instead of docker/ansible/self-compilation
* debian has a snowflake-proxy package
### Further details
<!--
* Include use cases, benefits, and/or goals for this work.
* If adding content: What audience is it intended for? (What roles and scenarios?)
-->
* https://packages.debian.org/search?keywords=snowflake%2Dproxy
### Proposal
<!-- Further specifics for how can we solve the problem. -->
Add installation via debian packages to `content/relay/setup/snowflake/standalone/contents.lr`.
### Who can address the issue
<!-- What if any special expertise is required to resolve this issue? -->
Anyperson able to write text.
### Other links/references
<!-- E.g. related Tor issues/MRs -->https://gitlab.torproject.org/tpo/network-health/team/-/issues/170Add a section about prefered way to distribute packages at Python Guidelines2022-02-28T14:17:59ZjugaAdd a section about prefered way to distribute packages at Python GuidelinesAs commented at https://gitlab.torproject.org/tpo/network-health/sbws/-/issues/28759#note_2772472 we thought it might be useful to have an small section about distributing Python packages at https://gitlab.torproject.org/tpo/network-heal...As commented at https://gitlab.torproject.org/tpo/network-health/sbws/-/issues/28759#note_2772472 we thought it might be useful to have an small section about distributing Python packages at https://gitlab.torproject.org/tpo/network-health/team/-/wikis/Python-guidelines.https://gitlab.torproject.org/tpo/applications/tor-browser-build/-/issues/40421Expand/revise android build docs2022-12-22T10:54:03ZaguestuserExpand/revise android build docs
# context
- this build workflow has several layers with lots of moving parts, some stale docs, and non-obvious gotchas could use some documentation to make it easier/faster to avoid/fix mistakes
- we could also (IMHO) use some common kn...
# context
- this build workflow has several layers with lots of moving parts, some stale docs, and non-obvious gotchas could use some documentation to make it easier/faster to avoid/fix mistakes
- we could also (IMHO) use some common knowledge of steps we take during builds (gleaned from discussion in tor-browser#40784 and tor-browser-build#40418) to communicate more smoothly about our work
# tasks
- [ ] expand `/docs/how-to-create-gradle-dependencies-list.txt` to include more explicit pointers of when manual overrides for `git_url` and `git_target` are needed in step (1), and how copying/renaming `gradle-dependencies.txt` works in step (3)
- [ ] add `/docs/how-to-run-android-build` to capture all steps for generating and publishing a build for a new in a TODO-list-like formathttps://gitlab.torproject.org/tpo/ux/research/-/issues/59Create page that answers common questions about independent user research2023-12-08T18:56:47ZNahCreate page that answers common questions about independent user researchFrom time to time, independent User Researchers (some academics, some funded by other orgs) contact us to help them share their call for participation, either through e-mail, mailings lists or using Tor's social media.
It would be good ...From time to time, independent User Researchers (some academics, some funded by other orgs) contact us to help them share their call for participation, either through e-mail, mailings lists or using Tor's social media.
It would be good to have a topic on our User Research page explaining which mailing lists are better to recruit participants, and how to have your social media quoted by Tor communication channels.https://gitlab.torproject.org/tpo/anti-censorship/pluggable-transports/snowflake/-/issues/40092Improve docs on network_mode: host (and network in general)2023-01-18T16:18:15ZchmacImprove docs on network_mode: host (and network in general)When I found this repo, the example line `network_mode: host` jumped out at me as suspicious. I looked up the docs and figured that it's probably because snowflake requires lots of ports or so. I figured that my trust in the tor project ...When I found this repo, the example line `network_mode: host` jumped out at me as suspicious. I looked up the docs and figured that it's probably because snowflake requires lots of ports or so. I figured that my trust in the tor project is pretty high, and so I'm running a snowflake node.
But, I'm not really sure what network conditions it needs. Does it expect that `network_mode: host` means it's running on a host which has a publicly accessible IP? Does it needs ports on that host's firewall open?
The idea behind this issue is to improve the docs in this area so that snowflake hosts like myself can figure out what network conditions are required for snowflake to work. For example, I have no idea if my node is actually functional right now, I also have no idea how to test it.
Some example questions we could aim to answer:
- What ports does snowflake run on?
- Does snowflake need to be run on a machine with a public IP?
- Does snowflake run properly if behind a NAT?
- Does snowflake require specific ports to be opened in the system firewall?
- How can a server admin test if snowflake is properly configured and working?
As an add on, it would be great to see answers to questions like these:
- How much bandwidth can one expect snowflake to use?
- Does it make sense to add any kind of limits?
- If so, how would that be done?
- Are there any security considerations to running a snowflake server?
- What sort of system resources (CPU, memory) does snowflake use?
- Does it make sense to check on this periodically for memory leaks, etc?
- How can one be notified when updates are published to the docker image?
- Is there a security mailing list where one could be notified of any security issues that require urgent update of the snowflake server?
Finally, thanks for making the tor network more resilient, snowflake looks to be an awesome improvement for people in locations with internet censorship, and thanks for working on tor in general, it's a phenomenal resource supporting the human experience.https://gitlab.torproject.org/tpo/web/manual/-/issues/114Explain *why* you would want to make Tor Browser portable2023-11-07T17:02:58ZGusExplain *why* you would want to make Tor Browser portableUser feedback:
The description doesn't explain the value of making Tor Browser portable.
What is the advantage, security and reason for portable?User feedback:
The description doesn't explain the value of making Tor Browser portable.
What is the advantage, security and reason for portable?https://gitlab.torproject.org/tpo/anti-censorship/pluggable-transports/snowflake-webext/-/issues/36Lockscreen, screensaver disabled while a proxy session is active2022-09-28T21:30:47ZpromeneurLockscreen, screensaver disabled while a proxy session is activeopenSUSE 15.3
Chrome 96
snowflake 0.5.4
When someone uses snowflake and uses webrtc protocol
then
my PC lokscreen and screensaver are disabled.
It's normal if I use webrtc but not if someone uses webrtc via snowflake.openSUSE 15.3
Chrome 96
snowflake 0.5.4
When someone uses snowflake and uses webrtc protocol
then
my PC lokscreen and screensaver are disabled.
It's normal if I use webrtc but not if someone uses webrtc via snowflake.https://gitlab.torproject.org/tpo/web/support/-/issues/276[Tor Bridge] Introducing a seperate page for Tor Bridge2023-05-11T18:34:15ZMelroy van den Berg[Tor Bridge] Introducing a seperate page for Tor BridgeMy proposal is to add a separate page for "**Tor Bridge**", which should also be visible in the menu:
![image](/uploads/185cd4e6ed89c694ee4aab4028a0584c/image.png)
I think new users definitely do _not_ know where to look for, I won't ...My proposal is to add a separate page for "**Tor Bridge**", which should also be visible in the menu:
![image](/uploads/185cd4e6ed89c694ee4aab4028a0584c/image.png)
I think new users definitely do _not_ know where to look for, I won't think about looking at 'relay operators'. Since that name is too ambitious in my opinion anyway.
Please consider my proposal! Especially since you need more Tor Bridges on the network, why not make the documentation more clear???
Regards,
Melroy vd Berghttps://gitlab.torproject.org/tpo/anti-censorship/team/-/issues/39explain replay prevention in obfs4 spec2021-11-22T18:50:21ZRoger Dingledineexplain replay prevention in obfs4 specphw informs me that obfs4 does indeed have replay prevention (where if you record the client traffic and send it again, you don't get to learn if it's an obfs4 bridge). But when I look at
https://gitweb.torproject.org/pluggable-transport...phw informs me that obfs4 does indeed have replay prevention (where if you record the client traffic and send it again, you don't get to learn if it's an obfs4 bridge). But when I look at
https://gitweb.torproject.org/pluggable-transports/obfs4.git/tree/doc/obfs4-spec.txt
then the word 'replay' doesn't show up.
How does the protection work? Should it be in the spec?https://gitlab.torproject.org/tpo/anti-censorship/team/-/issues/38Formalize and document what it takes for a PT to get deployed.2022-03-01T17:19:09ZYawning AngelFormalize and document what it takes for a PT to get deployed.It would be good to formalize what it takes to get a PT to be considered for deployment beyond the rough guidelines we have as part of our Sponsor S/T draft. I have some ideas here about things that should be considered that aren't, tha...It would be good to formalize what it takes to get a PT to be considered for deployment beyond the rough guidelines we have as part of our Sponsor S/T draft. I have some ideas here about things that should be considered that aren't, that other people are likely to disagree about, so discussion is needed.
The last 3 PTs that got deployed were FTE, ScrambleSuit and obfs4.
* What did we do?
* Out of what we did, what was right?
* Out of what we did, what was wrong?
* What did we consider that we should ignore in the future?
* What did we not consider that we should in the future?
* Who's going to do all the evaluation work?https://gitlab.torproject.org/tpo/web/lego/-/issues/39Create 'sitemap.xml' for our Lektor websites2022-06-29T21:38:49ZGusCreate 'sitemap.xml' for our Lektor websitesA relay operator [suggested](https://lists.torproject.org/pipermail/tor-relays/2021-November/020015.html) creating a 'sitemap'.
Checking Lektor docs, I found this guide:
https://www.getlektor.com/docs/guides/sitemap/A relay operator [suggested](https://lists.torproject.org/pipermail/tor-relays/2021-November/020015.html) creating a 'sitemap'.
Checking Lektor docs, I found this guide:
https://www.getlektor.com/docs/guides/sitemap/https://gitlab.torproject.org/tpo/web/manual/-/issues/110Add Android 12 battery optiization tip2023-11-08T07:17:09ZHackerNCoderhackerncoder@encryptionin.spaceAdd Android 12 battery optiization tipI'm using GrapheneOS which just updated to Android 12, it is even more battery optimizing, to the point where it feels like it is killing Tor Browser in the background by default. Whenever I close the app, and open it again, I have to cl...I'm using GrapheneOS which just updated to Android 12, it is even more battery optimizing, to the point where it feels like it is killing Tor Browser in the background by default. Whenever I close the app, and open it again, I have to click connect. Unless I change the battery optimization level to "Unrestricted".https://gitlab.torproject.org/tpo/ux/research/-/issues/51Create simple research plans for first-time contributors2023-12-08T18:56:47ZNahCreate simple research plans for first-time contributorsWe should create around 2-3 easy to follow research plans that can be carried out by first-time contributors.We should create around 2-3 easy to follow research plans that can be carried out by first-time contributors.https://gitlab.torproject.org/tpo/web/support/-/issues/268Add new entry about Tor mailing lists2023-01-18T18:32:02ZGusAdd new entry about Tor mailing listsAs we have a bunch of mailing lists, it would be nice to have a page with a list of our mailing lists and a description.
We have an old trac entry:
https://gitlab.torproject.org/legacy/trac/-/wikis/doc/emailLists
But it would be great ...As we have a bunch of mailing lists, it would be nice to have a page with a list of our mailing lists and a description.
We have an old trac entry:
https://gitlab.torproject.org/legacy/trac/-/wikis/doc/emailLists
But it would be great to list only public and maintained lists.https://gitlab.torproject.org/tpo/tpa/team/-/issues/40421enhance incident response procedures2024-02-13T16:04:39Zanarcatenhance incident response procedurestoday we had an ... interesting situation with the puppet infrastructure. while we have actually recovered pretty well, all things considered, it would be important to enhance our response to such situation so that they are less stressfu...today we had an ... interesting situation with the puppet infrastructure. while we have actually recovered pretty well, all things considered, it would be important to enhance our response to such situation so that they are less stressful and why not, even more "fun", if i can be so daring.
some background reading:
* [Got game? Secrets of great incident management](https://bitfieldconsulting.com/blog/got-game-secrets-of-great-incident-management)
* [pager duty incident response documentation](https://response.pagerduty.com/)
some ideas:
* have an issue template for incidents (so, in git, which requires a git repository here, but maybe it's finally time to merge the wiki repo here anyways), available offline
* run simulations/games
* have post-mortem templates, here's the [pager duty template](https://response.pagerduty.com/after/post_mortem_template/)
* gitlab has some [incident management primitives](https://docs.gitlab.com/ee/operations/incident_management/) including aforementioned "[incidents](https://docs.gitlab.com/ee/operations/incident_management/incidents.html)" (which are really just issues)...
* ... but also [integrations](https://docs.gitlab.com/ee/operations/incident_management/integrations.html) which is especially interesting considering they have *native* Prometheus integration, which might require switching from nagios to prometheus (#29864)
anyways, the core idea here is:
1. have incident roles (note-taker, driver, comms, etc)
2. incident and post-mortem templates
3. run gameshttps://gitlab.torproject.org/tpo/web/support/-/issues/262[Tor Browser] Add question "How do I install Tor Browser on Windows Pro?"2023-11-06T19:40:31Zchampionquizzerchampionquizzer@torproject.org[Tor Browser] Add question "How do I install Tor Browser on Windows Pro?"On Windows 10 Pro, by default, users cannot install non-Microsoft Store apps. There are some added steps for installing Tor Browser:
1. Go to 'Start'
2. Go to 'Settings'
3. Navigate to 'Apps'
4. Navigate to 'Apps and features'
5. Fro...On Windows 10 Pro, by default, users cannot install non-Microsoft Store apps. There are some added steps for installing Tor Browser:
1. Go to 'Start'
2. Go to 'Settings'
3. Navigate to 'Apps'
4. Navigate to 'Apps and features'
5. From the dropdown menu against 'Choose where to get apps' select any option beside 'The Microsoft Store only'.
6. Then launch the Tor Browser Windows binary and it should install as intended.
Out of *(1) Anywhere, (2) Anywhere, but warn me before installing an app that's not from MS Store and (3) Anywhere, but let me know if there's a comparable app in MS Store*, keeping in mind the security implications of each of the options, I'm not sure which one we should recommend (I am looking for feedback from regular Windows Pro users on this!)ebanamebanam@torproject.orgebanamebanam@torproject.orghttps://gitlab.torproject.org/tpo/web/support/-/issues/259Add reproducible builds verification notes for Android to our verifying signa...2022-01-20T19:20:29ZGeorg KoppenAdd reproducible builds verification notes for Android to our verifying signature pageOn https://www.torproject.org/docs/verifying-signatures.html.en#BuildVerification we outline how to make a link between the bundles we actually ship (including update files) to the artifacts one gets by following our reproducible builds ...On https://www.torproject.org/docs/verifying-signatures.html.en#BuildVerification we outline how to make a link between the bundles we actually ship (including update files) to the artifacts one gets by following our reproducible builds path.
So far, this contains instructions for Linux and Windows bundles. macOS is tricky and dealt with in legacy/trac#18925.
This ticket is to add respective instructions for our .apk file(s) we ship.https://gitlab.torproject.org/tpo/team/-/issues/41TPA-RFC-18: Tor security policy2023-11-03T22:44:22ZtraumschuleTPA-RFC-18: Tor security policyTor Project currently has not general security policy. We need to work out a security policy that covers all of Tor:
See https://trac.torproject.org/projects/tor/ticket/13968#comment:27Tor Project currently has not general security policy. We need to work out a security policy that covers all of Tor:
See https://trac.torproject.org/projects/tor/ticket/13968#comment:27