The Tor Project issueshttps://gitlab.torproject.org/groups/tpo/-/issues2023-10-31T16:10:20Zhttps://gitlab.torproject.org/tpo/web/support/-/issues/313Review and update the support article about circumventing censorship in China2023-10-31T16:10:20Zchampionquizzerchampionquizzer@torproject.orgReview and update the support article about circumventing censorship in ChinaWe should encourage users to use Connection Assist (ref. https://gitlab.torproject.org/tpo/anti-censorship/rdsys-admin/-/merge_requests/7/diffs)We should encourage users to use Connection Assist (ref. https://gitlab.torproject.org/tpo/anti-censorship/rdsys-admin/-/merge_requests/7/diffs)Sponsor 96: Rapid Expansion of Access to the Uncensored Internet through Tor in China, Hong Kong, & TibetGusGushttps://gitlab.torproject.org/tpo/community/team/-/issues/5User Documentation Guideline2023-10-31T16:08:08ZGusUser Documentation GuidelineWe need to have an User Documentation Guideline, for example:
* Avoid to redirect users from Support Portal to Trac.
* If a resource is only available in 2019.www.tpo we should migrate it to other portal: support, tb-manual, community.We need to have an User Documentation Guideline, for example:
* Avoid to redirect users from Support Portal to Trac.
* If a resource is only available in 2019.www.tpo we should migrate it to other portal: support, tb-manual, community.Gabagaba@torproject.orgGabagaba@torproject.orghttps://gitlab.torproject.org/tpo/web/blog/-/issues/40066Update CoC link2023-10-25T21:24:35ZGusUpdate CoC linkTor Code of Conduct document moved from gitweb to gitlab (https://gitlab.torproject.org/tpo/community/policies/-/blob/master/code_of_conduct.txt?ref_type=heads).
We need to change the link: https://gitlab.torproject.org/tpo/web/blog/-/b...Tor Code of Conduct document moved from gitweb to gitlab (https://gitlab.torproject.org/tpo/community/policies/-/blob/master/code_of_conduct.txt?ref_type=heads).
We need to change the link: https://gitlab.torproject.org/tpo/web/blog/-/blob/main/templates/macros/blog.html#L87Jérôme Charaouilavamind@torproject.orgJérôme Charaouilavamind@torproject.orghttps://gitlab.torproject.org/tpo/core/tor/-/issues/28084Proposed "Best Practices" for running Tor public network services2023-10-25T16:05:33ZGeorgeProposed "Best Practices" for running Tor public network servicesProposed Best Practices for Tor Public Services
including directory authorities and bandwidth scanners
In an effort to work towards standardized and current "best practices" for Tor public network infrastructure, this document servers a...Proposed Best Practices for Tor Public Services
including directory authorities and bandwidth scanners
In an effort to work towards standardized and current "best practices" for Tor public network infrastructure, this document servers as a starting point. Configuring and maintaining high-uptime internet public services is not a skill anyone is born with, but comes from experience and instruction. Input and updates are vital.
* Single-Purpose Servers
The most important rule for all Tor public services is that the servers should be configured and maintained for a single-purpose. These are critical servers for the network and millions of users, and extraneous functions can not only deprecate the operation, but provides a large footprint of possible vulnerabilities.
* Bare Metal over Virtualized
When there's a choice between a "bare metal" versus a virtual solution such as VPS or a cloud instance, opt for the former. Actual server hardware provides lower-level access to the system than any virtualized system. Virtualized systems are sharing various resources, such as processors, entropy sources and so on.
* Multiple IPs
Multiple IPs are useful to separate remote access via SSHD(8) from the publicly listening services.
* Operating System and Application Options
Stable versions of both the operating system and applications should be chosen over snapshot or current branches, as the former should require less attention and provide more stability. Tor public network services are not playgrounds to tinker with new software versions. The best operating system to use is the one the administrator is most comfortable with.
* Full-Disk Encryption (FDE)
FDE is an important aspect of security in the event an adversary takes physical control of the server. For a remote server, some type of console access may be required for FDE password.
* System Partitioning
Separate partition for the relevant service, in some cases this would be the
${TOR_DATA_DIR}. There are two benefits. First, distinct mount(8) options can be enforced to enhance security such as removing the ability to execute binaries (-o noexec). Second, in the event that the partition reaches full capacity, the server should remain accessible as it's separate from the main operating system's partitions. A minimum partition size should be pre-determined.
directory authority:
bandwidth scanner:
bridge directory authority: current partition utilization is 228Mb
* Time Synchronization
Reasonably accurate time is critical. All operating systems contain some sort of time-syncing daemon, such as NTPD. Accurate time should not be scheduled with tools like rdate, which perform periodic hard resets of time. Accurate time allows for easier correlation in troubleshooting any issues between remote servers. Setting time to UTC makes this task simpler between systems on different time zones.
* SSHD(8) and SSH(1)
SSHD should be configured with strong security knobs including the most current asymmetric encryption (ED25519 currently), public/private keypair authentication, with a password-secured private key. SSHD keypairs should periodically be replaced. Consider using tested two-factor authentication, such as YubiKey. By default, ssh(1) should notify you if host keys change. Turn off any non-essential sshd(8) knobs, such as "AllowAgentForwarding" and "X11Forwarding".
* SSHD(8) Host Keys
The SSHD(8) host keys are another critical authenticity measure. A list of host keys should be maintained, and in the event host key's change, other relevant parties should be notified immediately. Print out a hard copy of any relevant servers' host keys.
* .Onion SSHD
Running a separate tor instance with SSHD as a hidden or .onion service provides a quiet entryway into the server more difficult to locate for most adversaries.
* Ports/Packages over Source
Third-party packages/ports should be installed from the operating systems' packages/ports system which eases future upgrades. Installing from source means upgrades may leave residual files, and is more difficult to script.
* Minimize Ports/Packages
Post-install packages/ports should be kept to a bare minimum. In most cases, the base operating system utilities should be preferred over third-party packages.
* torrc Configuration
The specific torrc file should be provided, and configuration changes, if necessary, need to be communicated clearly. Only the minimum options should be included in the torrc.
* User Configuration
Separate users should be employed when possible to provide least-privilege. A regular, non-privileged user with sudo-type access should be the main remote management login. Any local scripts run via cron(8) should be run as separate, non-privileged users without a login shell (eg, /sbin/nologin). The root user's crontab(1) should not be used for Tor-related server functions if possible.
* Data Backups
Regular backups are vital, particularly for the ${TOR_DATA_DIR} which includes the server's fingerprint and keys. Backups should be stored remotely in a secure location.
* Backup Hardware
A cold, offline hardware backup server is strongly recommended. While the backup server might not have all the current data, it should be fully capable of quickly syncing once connected.
* DNS
DNS can be a tool to mitigate certain security problems. PTR records should be set to assist in determining the authenticity of a remote server. In the case that SSL/TLS is used, CAA records should also be configured. DNSSec should be employed for better verification of DNS queries. Servers might consider running a local DNS caching server if lookups are a required part of the system's requirements
* IPv6
IPv6 should be configured for the server. IPv6 is slowly being integrated into the Tor infrastructure, and maintaining functional IPv6 means developers can test code without server administrators playing catch-up.
* daily(8)
Daily operating system reports should be configured whether part of the base system, scripted or added as a third-party package. A regular check on system operation and health, including RAID disk status and packet throughput is important for maintaining server uptime.
* Remote Monitoring
Remote monitoring is vital for knowing when services are unavailable. Systems which require a listening agent, such as Nagios, should not be used, as they increase possible vulnerability footprints. There are lighter monitoring systems, such as Sysmon (xxxxx) which don't require any local configuration on the monitored device. With Sysmon, for instance, particular IP/port combinations can be checked at set intervals for responsiveness, with an alert delivered by email.
* Know Your Upstream Provider(s)
Relations with provider and upstream is critical, most obviously in instances where cold backup hardware needs to be swapped out with failing current hardware. Additionally, in the event of dealing with hardware seizure, DDOS attacks, etc. coordination with provider can be the critical ingredient.
* Backup Administrators and Mentoring
In most cases a single administrator is responsible for each network service. Carefully selected secondary administrators should be mentored in an effort to extend knowledge of building and maintaining high-uptime Tor services. Such person should be considered well-trusted, and it's also an opportunity to diversify Tor's administrators to more women and other less-represented groups.https://gitlab.torproject.org/tpo/web/manual/-/issues/150[Tor Browser 13 release] Update Tor Browser user manual2023-10-19T23:06:08ZGus[Tor Browser 13 release] Update Tor Browser user manualMain ticket to manage all modifications for the Tor Browser 13 release.Main ticket to manage all modifications for the Tor Browser 13 release.Sponsor 9 - Phase 7 - Usability and Community Intervention on Support for Democracy and Human Rightsebanamebanam@torproject.orgebanamebanam@torproject.orghttps://gitlab.torproject.org/tpo/web/community/-/issues/326Clarify the section about using privileged ports2023-10-16T16:36:05ZharpiaClarify the section about using privileged ports<!--
* Use this issue template for suggesting new docs or updates to existing docs.
-->
### Problem to solve
In step number 5, we have instructions for using privileged ports
> If you decide to use a fixed obfs4 port smaller than 1024....<!--
* Use this issue template for suggesting new docs or updates to existing docs.
-->
### Problem to solve
In step number 5, we have instructions for using privileged ports
> If you decide to use a fixed obfs4 port smaller than 1024...
And it continues with
> To work around systemd hardening...
which is still talking about privileged ports. But visually, these paragraphs don't seem to be related. See how it renders:
![Screenshot_2023-10-14_at_21-16-06_Tor_Project_Debian___Ubuntu](/uploads/bd8165250bc43d9c9ee4f98b651c0f36/Screenshot_2023-10-14_at_21-16-06_Tor_Project_Debian___Ubuntu.png)
I'm not using a privileged port, but because of the structure of this document, for a while I thought I had to configure systemd!
### Further details
Link to the page: https://community.torproject.org/relay/setup/bridge/debian-ubuntu/
Link to the source: https://gitlab.torproject.org/tpo/web/community/-/blob/main/content/relay/setup/bridge/debian-ubuntu/contents.lr
I'm running Firefox 118.0.2 (64-bit) on Linux
### Proposal
<!-- Further specifics for how can we solve the problem. -->
I couldn't edit the page myself, as I don't recognize the syntax of these files. It looks a bit like Markdown, but it's different.GusGushttps://gitlab.torproject.org/tpo/anti-censorship/team/-/issues/79Help operators to test their bridges in China2023-10-11T12:18:22ZGusHelp operators to test their bridges in ChinaI saw some engagement with the new metrics "blocklist" info. I think having that info displayed for other countries like China would be good for the bridge operator community, as many of them don't know that their bridges are blocked.
A...I saw some engagement with the new metrics "blocklist" info. I think having that info displayed for other countries like China would be good for the bridge operator community, as many of them don't know that their bridges are blocked.
As this would require some integration in rdsys/metrics/probetest and more work for the AC team, we could start small. @meskio and @shelikhoo suggested of writing a short howto to be published in the Support portal to help operators to test manually their bridge if it's blocked in China.Sponsor 96: Rapid Expansion of Access to the Uncensored Internet through Tor in China, Hong Kong, & Tibetshelikhooshelikhoohttps://gitlab.torproject.org/tpo/network-health/metrics/descriptorParser/-/issues/44Review when a bridge is labeled as online or offline2023-10-09T11:24:01ZHiroReview when a bridge is labeled as online or offlineWe currently use both bridgestrap tests and online/offline flag from the bridge authority to mark when a bridge is online or offline.
We might have to review all the rules that we are currently using and document them. If necessary we ...We currently use both bridgestrap tests and online/offline flag from the bridge authority to mark when a bridge is online or offline.
We might have to review all the rules that we are currently using and document them. If necessary we should check if we can change these rules.
@meskio do we have any other test that we are currently performing for bridges besides bridgestrap?https://gitlab.torproject.org/tpo/network-health/team/-/issues/331Clean up and merge Onionoo documentation2023-10-04T10:37:59ZGeorg KoppenClean up and merge Onionoo documentationWe currently have https://gitlab.torproject.org/tpo/network-health/team/-/wikis/metrics/onionoo/home and https://gitlab.torproject.org/tpo/network-health/team/-/wikis/metrics/onionoo/onionoo-ops with overlapping content. We should clean ...We currently have https://gitlab.torproject.org/tpo/network-health/team/-/wikis/metrics/onionoo/home and https://gitlab.torproject.org/tpo/network-health/team/-/wikis/metrics/onionoo/onionoo-ops with overlapping content. We should clean that up and merge the content where needed.
/cc @hirohttps://gitlab.torproject.org/tpo/anti-censorship/lox/-/issues/10Populate wiki with documentation2023-10-03T18:38:55ZCecylia BocovichPopulate wiki with documentationLet's use this overview project as a way to aggregate issues and documentation since Lox is made of many different pieces. A good start would be:
- There's some high level docs written up at https://gitlab.torproject.org/cohosh/lox/-/wi...Let's use this overview project as a way to aggregate issues and documentation since Lox is made of many different pieces. A good start would be:
- There's some high level docs written up at https://gitlab.torproject.org/cohosh/lox/-/wikis/Lox-Overview that should be moved here and also checked to see if they are accurate
- @onyinyang made some cool graphics at https://gitlab.torproject.org/tpo/anti-censorship/team/-/issues/116#note_2884107Sponsor 96: Rapid Expansion of Access to the Uncensored Internet through Tor in China, Hong Kong, & Tibetonyinyangonyinyanghttps://gitlab.torproject.org/tpo/applications/tor-browser-build/-/issues/40886Update README with instructions for Arch linux2023-10-03T15:38:27ZDan BallardUpdate README with instructions for Arch linuxI'm using Arch linux now, so there's a lot of packages to install to run RBM, I think I've collected them allI'm using Arch linux now, so there's a lot of packages to install to run RBM, I think I've collected them allDan BallardDan Ballardhttps://gitlab.torproject.org/tpo/applications/tor-browser-build/-/issues/40898Add doc from tor-browser-spec/processes/ReleaseProcess to gitlab issue templates2023-10-03T15:38:12ZboklmAdd doc from tor-browser-spec/processes/ReleaseProcess to gitlab issue templatesWith tor-browser-spec#40049 we're going to remove
`tor-browser-spec/processes/ReleaseProcess`. Before doing that we should
add anything from that file not yet in the issue templates.With tor-browser-spec#40049 we're going to remove
`tor-browser-spec/processes/ReleaseProcess`. Before doing that we should
add anything from that file not yet in the issue templates.boklmboklmhttps://gitlab.torproject.org/tpo/applications/tor-browser-build/-/issues/40880The README doesn't include some dependencies needed for building incrementals2023-10-03T15:38:11ZPier Angelo VendrameThe README doesn't include some dependencies needed for building incrementalsIt seems we're missing at least `libxml-libxml-perl`, but possibly also `libxml-writer-perl` and `libparallel-forkmanager-perl`.
```
$ make mullvadbrowser-incrementals-release
git submodule update --init
./rbm/rbm build release --step u...It seems we're missing at least `libxml-libxml-perl`, but possibly also `libxml-writer-perl` and `libparallel-forkmanager-perl`.
```
$ make mullvadbrowser-incrementals-release
git submodule update --init
./rbm/rbm build release --step update_responses_config --target release --target create_unsigned_incrementals --target mullvadbrowser
tools/update-responses/download_missing_versions release
Can't locate XML/LibXML.pm in @INC (you may need to install the XML::LibXML module) (@INC contains: /etc/perl /usr/local/lib/x86_64-linux-gnu/perl/5.32.1 /usr/local/share/perl/5.32.1 /usr/lib/x86_64-linux-gnu/perl5/5.32 /usr/share/perl5 /usr/lib/x86_64-linux-gnu/perl-base /usr/lib/x86_64-linux-gnu/perl/5.32 /usr/share/perl/5.32 /usr/local/lib/site_perl) at tools/update-responses/download_missing_versions line 20.
BEGIN failed--compilation aborted at tools/update-responses/download_missing_versions line 20.
make: *** [Makefile:501: mullvadbrowser-incrementals-release] Error 2
```
/cc @boklmDan BallardDan Ballardhttps://gitlab.torproject.org/tpo/applications/tor-browser-build/-/issues/40615Consider adding a readme to the fonts directory2023-10-03T15:38:05ZPier Angelo VendrameConsider adding a readme to the fonts directoryWe could add a readme.txt to the font directory, in which we explain users that they aren't supposed to add fonts on their own, sum up the risk, and link some FAQ page.We could add a readme.txt to the font directory, in which we explain users that they aren't supposed to add fonts on their own, sum up the risk, and link some FAQ page.Sponsor 131 - Phase 2 - Privacy Browserhttps://gitlab.torproject.org/tpo/community/l10n/-/issues/40034add some content from https://wiki.localizationlab.org/index.php/Tor to our l...2023-09-27T15:24:29Zemmapeeladd some content from https://wiki.localizationlab.org/index.php/Tor to our l10n wikiI see some content hosted there could/should be maintained by us. We could maintain:
https://wiki.localizationlab.org/index.php/Tor#Style_Guide
(there is some more material to add to each language)
Also maybe the priorities list. Or an...I see some content hosted there could/should be maintained by us. We could maintain:
https://wiki.localizationlab.org/index.php/Tor#Style_Guide
(there is some more material to add to each language)
Also maybe the priorities list. Or an explanation of each of the translation resources.emmapeelemmapeelhttps://gitlab.torproject.org/tpo/community/l10n/-/issues/40082Document possibility of submitting merge requests to the translation repo, in...2023-09-27T15:23:23ZemmapeelDocument possibility of submitting merge requests to the translation repo, instead of using a translation platformIt is possible to update the translation files through git, and then using the tx client push function in transifex. in weblate it will be even easier.
But it is not documented.
So, we should document a way for contributors to contribu...It is possible to update the translation files through git, and then using the tx client push function in transifex. in weblate it will be even easier.
But it is not documented.
So, we should document a way for contributors to contribute like this.
This will also be beneficial for example if we need to change a term in many places at once.emmapeelemmapeelhttps://gitlab.torproject.org/tpo/community/team/-/issues/93Onion Services PoW feature release strategy2023-09-25T16:04:26ZSilvio RhattoOnion Services PoW feature release strategyRelease strategy on the [PoW](tpo/core/tor#40634) protection:
* [x] Draft [Q&A][] for ext. inquiries (cc @rhatto).
* [x] Write the docs (handled on tpo/web/community#312).
* [x] Write a [call for ~testers~ operators](https://pad.riseup....Release strategy on the [PoW](tpo/core/tor#40634) protection:
* [x] Draft [Q&A][] for ext. inquiries (cc @rhatto).
* [x] Write the docs (handled on tpo/web/community#312).
* [x] Write a [call for ~testers~ operators](https://pad.riseup.net/p/powcallfortesters) for a forum post (how/where to test, submitting feedback etc) (audience: Onion Service operators). Consider using the [Conjure one](https://forum.torproject.net/t/call-for-testers-help-the-tor-project-to-test-conjure-on-tor-browser-alpha/7815) as a template.
* [x] Write a blog post to be released along with the stable; involve Comms team (cc @pavel).
* [x] Final fact check with the larger team.
* [x] Publish the [blog post][].
* [x] Publish the [forum post][].
* [x] Publish an additional ~forum post~ [wiki page][] with the full [Q&A][].
Feedback collection ([moved to another ticket](tpo/community/team#95)):
* [~] Report back ~"For Network Health Team" (via forum post comments and issues).
* [~] Update the [Support Portal](https://support.torproject.org/) with the questions most asked by users (instead of just including everything from the Q&A, which would increase the number of strings to translate).
[Q&A]: https://pad.riseup.net/p/powqna
[blog post]: https://blog.torproject.org/introducing-proof-of-work-defense-for-onion-services/
[forum post]: https://forum.torproject.org/t/proof-of-work-pow-defense-for-onion-service-is-released/8887
[wiki page]: https://gitlab.torproject.org/tpo/onion-services/onion-support/-/wikis/Documentation/PoW-FAQSilvio RhattoSilvio Rhatto2023-08-23https://gitlab.torproject.org/tpo/network-health/onbasca/-/issues/142Ensure deployment instructions and install example include the steps for a no...2023-09-21T10:34:49ZjugaEnsure deployment instructions and install example include the steps for a non root userAfter meskio has explained me how things are deployed, we should facilitate the deployment for a non root user at https://gitlab.torproject.org/tpo/tpa/team/-/issues/41046.After meskio has explained me how things are deployed, we should facilitate the deployment for a non root user at https://gitlab.torproject.org/tpo/tpa/team/-/issues/41046.jugajugahttps://gitlab.torproject.org/tpo/network-health/onbasca/-/issues/51Update license and copyright2023-09-21T10:34:49ZGeorg KoppenUpdate license and copyrightWe should think about which license we actually want for onbasca (in particular as it borrows ideas/code from sbws) and update the copyright notice, too. It should include at least TPI in addition to @juga.We should think about which license we actually want for onbasca (in particular as it borrows ideas/code from sbws) and update the copyright notice, too. It should include at least TPI in addition to @juga.onbasca: 1.0jugajugahttps://gitlab.torproject.org/tpo/network-health/metrics/website/-/issues/40090Add links to all specs available on collector page2023-09-19T09:32:05ZGeorg KoppenAdd links to all specs available on collector pageWhile trying to review collector#40016 I was hunting down references for all the specs involved. It turns out they are all over the place and it's hard to keep track of them. On collector.html we link to some of those specs, which is goo...While trying to review collector#40016 I was hunting down references for all the specs involved. It turns out they are all over the place and it's hard to keep track of them. On collector.html we link to some of those specs, which is good. However, we should collect the links to all the missing specs and add them there, too, so we have at least one canonical place where all specs are just one click away.
Oh, and while we are at it we should replace those old gitweb links.Georg KoppenGeorg Koppen