The Tor Project issueshttps://gitlab.torproject.org/groups/tpo/-/issues2021-02-18T15:39:51Zhttps://gitlab.torproject.org/tpo/network-health/sbws/-/issues/29952Document that there is now stable branch2021-02-18T15:39:51ZjugaDocument that there is now stable branchAnd how bugfixes should be merged in the stable branch and this merged into masterAnd how bugfixes should be merged in the stable branch and this merged into mastersbws: 1.1.x-finalhttps://gitlab.torproject.org/tpo/web/support/-/issues/237Add snowflake-client.exe to antivirus allowlist2021-09-04T16:18:05ZGusAdd snowflake-client.exe to antivirus allowlistSome users are reporting that their [Windows Defender](https://www.reddit.com/r/TOR/comments/of1gu3/windows_defender_latest_tor_browser_bundle/) is removing/messing up with their Tor Browser 10.5 because of `snowflake-client.exe`.
We sh...Some users are reporting that their [Windows Defender](https://www.reddit.com/r/TOR/comments/of1gu3/windows_defender_latest_tor_browser_bundle/) is removing/messing up with their Tor Browser 10.5 because of `snowflake-client.exe`.
We should update our recommendations here:
https://support.torproject.org/tbb/tbb-10/Tor Browser: 10.5https://gitlab.torproject.org/tpo/web/tpo/-/issues/204[TB 10.5] Update censorship circumvention instruction 'Select 'Tor is censore...2021-07-09T21:46:43ZGus[TB 10.5] Update censorship circumvention instruction 'Select 'Tor is censored in my country'"As Tor Browser is improving the user experience of connecting to the Tor network, this text block needs to update:
>If you are in a country where Tor is blocked, you can configure Tor to connect to a bridge during the setup process.
>Se...As Tor Browser is improving the user experience of connecting to the Tor network, this text block needs to update:
>If you are in a country where Tor is blocked, you can configure Tor to connect to a bridge during the setup process.
>Select "Tor is censored in my country."
>If Tor is not censored, one of the most common reasons Tor won't connect is an incorrect system clock. Please make sure it's set correctly.
https://www.torproject.org/download/Tor Browser: 10.5GusGushttps://gitlab.torproject.org/tpo/web/manual/-/issues/93v2 onion services deprecation and documentation review2021-07-08T14:22:07ZGusv2 onion services deprecation and documentation reviewAs v2 onion services are deprecating soon, let's review all the Onion Services page in TB-Manual and make sure the documentation points to v3 information.
For example:"An onion address is a string of 16 (and in V3 format, 56) mostly rand...As v2 onion services are deprecating soon, let's review all the Onion Services page in TB-Manual and make sure the documentation points to v3 information.
For example:"An onion address is a string of 16 (and in V3 format, 56) mostly random letters and numbers...", now we should say "a string of 56 mostly random letters and numbers...".
Let's use this ticket to review the page and track all the changes the need to be done.
https://tb-manual.torproject.org/onion-services/Tor Browser: 10.5GusGushttps://gitlab.torproject.org/tpo/web/manual/-/issues/92Tor Browser launcher removal2021-07-09T18:55:12ZGusTor Browser launcher removalAs TB 10.5 will remove the Tor Browser launcher, we need to find all the occurrences in the documentation and update it.
This ticket will track all the changes that need to happen in TB-Manual.
### Running Tor Browser
http://dsbqrprgk...As TB 10.5 will remove the Tor Browser launcher, we need to find all the occurrences in the documentation and update it.
This ticket will track all the changes that need to happen in TB-Manual.
### Running Tor Browser
http://dsbqrprgkqqifztta6h3w7i2htjhnq7d3qkh3c7gvc35e66rrcv66did.onion/running-tor-browser/
- [ ] Screenshots: update [Connect](http://dsbqrprgkqqifztta6h3w7i2htjhnq7d3qkh3c7gvc35e66rrcv66did.onion/static/images/connect.png), update [Configure](http://dsbqrprgkqqifztta6h3w7i2htjhnq7d3qkh3c7gvc35e66rrcv66did.onion/static/images/configure.png), [remove Proxy question](http://dsbqrprgkqqifztta6h3w7i2htjhnq7d3qkh3c7gvc35e66rrcv66did.onion/static/images/proxy_question.png), update [Pluggable Transport](http://dsbqrprgkqqifztta6h3w7i2htjhnq7d3qkh3c7gvc35e66rrcv66did.onion/static/images/pluggable-transport.png)
- [ ] Update text to reflect new connecting experience
- [ ] Proxy: update text and [screenshot](http://dsbqrprgkqqifztta6h3w7i2htjhnq7d3qkh3c7gvc35e66rrcv66did.onion/static/images/proxy.png) when using a proxy
### Circumvention
http://dsbqrprgkqqifztta6h3w7i2htjhnq7d3qkh3c7gvc35e66rrcv66did.onion/circumvention/
- [ ] We don't have "Tor is censored in my country" checkbox. Remove or update this text:"After checking the checkbox "Tor is censored in my country," choose the "Select a built-in bridge" option."
### Bridges
http://dsbqrprgkqqifztta6h3w7i2htjhnq7d3qkh3c7gvc35e66rrcv66did.onion/bridges/
- [ ] Remove text: "After checking the checkbox 'Tor is censored in my country,' "
- [ ] Remove "Tor Launcher" reference from:"Once you have obtained some bridge addresses, you will need to enter them into Tor Launcher."
- [ ] Remove text: "After checking the checkbox 'Tor is censored in my country,' "
### Troubleshooting
http://dsbqrprgkqqifztta6h3w7i2htjhnq7d3qkh3c7gvc35e66rrcv66did.onion/troubleshooting/
- [ ] Update screenshot - http://dsbqrprgkqqifztta6h3w7i2htjhnq7d3qkh3c7gvc35e66rrcv66did.onion/static/images/connect.pngTor Browser: 10.5GusGushttps://gitlab.torproject.org/tpo/web/support/-/issues/205Update Snowflake status: Tor Browser Alpha -> Stable2021-07-20T20:37:03ZGusUpdate Snowflake status: Tor Browser Alpha -> StableSnowflake will be released in Tor Browser 10.5 (stable).
For TB 10.5 release, the user support entry needs to be updated:
https://support.torproject.org/censorship/how-can-i-use-snowflake/Snowflake will be released in Tor Browser 10.5 (stable).
For TB 10.5 release, the user support entry needs to be updated:
https://support.torproject.org/censorship/how-can-i-use-snowflake/Tor Browser: 10.5GusGushttps://gitlab.torproject.org/tpo/core/arti/-/issues/130Naming issue on `tor-client` crate2021-10-21T18:23:16ZNick MathewsonNaming issue on `tor-client` crateThere is already a crate called `tor_client`, which apparently conflicts with `tor-client`. Whoops! For 0.0.0, I've renamed `tor-client` to `arti-tor-client`.
Before 0.0.1, we should either update the documentation to always refer to ...There is already a crate called `tor_client`, which apparently conflicts with `tor-client`. Whoops! For 0.0.0, I've renamed `tor-client` to `arti-tor-client`.
Before 0.0.1, we should either update the documentation to always refer to arti-tor-client, or we should rename the crate to something else.Arti 0.0.1 release: basic anonymityNick MathewsonNick Mathewsonhttps://gitlab.torproject.org/tpo/web/community/-/issues/237[Relay] Add a link to forum on 'Getting Help'2021-11-15T15:29:18Zchampionquizzerchampionquizzer@torproject.org[Relay] Add a link to forum on 'Getting Help'On https://community.torproject.org/relay/getting-help/, we should add a link to the '[Relay Operator](https://forum.torproject.net/c/support/relay-operator/17)' support category on our Forum.
sub-task to: https://gitlab.torproject.org...On https://community.torproject.org/relay/getting-help/, we should add a link to the '[Relay Operator](https://forum.torproject.net/c/support/relay-operator/17)' support category on our Forum.
sub-task to: https://gitlab.torproject.org/tpo/community/support/-/issues/40046Launch support's Forum and Blog migrationchampionquizzerchampionquizzer@torproject.orgchampionquizzerchampionquizzer@torproject.orghttps://gitlab.torproject.org/tpo/web/support/-/issues/250Add to Support portal the new forum link and other references2021-10-27T16:10:43ZGabagaba@torproject.orgAdd to Support portal the new forum link and other referencesUpdate portals with links to the new forum.Update portals with links to the new forum.Launch support's Forum and Blog migrationGusGus2021-10-30https://gitlab.torproject.org/tpo/core/tor/-/issues/40467fingerprint-ed25519 file is not documented in the manpage FILES section2021-09-16T14:21:52Znusenufingerprint-ed25519 file is not documented in the manpage FILES sectionThe file fingerprint-ed25519 got added in #30642
but the man page has not been updated for it.
When adding this entry the description of the fingerprint file
should get more specific.
> DataDirectory/fingerprint
> Only used...The file fingerprint-ed25519 got added in #30642
but the man page has not been updated for it.
When adding this entry the description of the fingerprint file
should get more specific.
> DataDirectory/fingerprint
> Only used by servers. Contains the fingerprint of the server’s identity key.
..the fingerprint of the server's RSA identity key.Tor: 0.4.7.x-freezehttps://gitlab.torproject.org/tpo/core/tor/-/issues/31078improve docs for config var abstraction2021-11-06T13:27:41ZTaylor Yuimprove docs for config var abstractionIn ticket:30864#comment:11, I commented on some vagueness in the code comments that made it difficult for me to understand some of what's going on.
We should revise those comments to use improved terminology to help other developers und...In ticket:30864#comment:11, I commented on some vagueness in the code comments that made it difficult for me to understand some of what's going on.
We should revise those comments to use improved terminology to help other developers understand what's going on. This might need to wait until the other refactoring on that branch is done.Tor: 0.4.7.x-freezeNick MathewsonNick Mathewsonhttps://gitlab.torproject.org/tpo/applications/tor-browser/-/issues/40564[meta] Evaluate if Tor Browser is meeting the needs of our users2022-01-31T16:54:17ZMatthew Finkel[meta] Evaluate if Tor Browser is meeting the needs of our usersTor Browser has many goals as defined in the [Design document](https://2019.www.torproject.org/projects/torbrowser/design/), but we should take a step backward and look at the larger picture of whether these goals are actually important ...Tor Browser has many goals as defined in the [Design document](https://2019.www.torproject.org/projects/torbrowser/design/), but we should take a step backward and look at the larger picture of whether these goals are actually important for the [people](https://community.torproject.org/user-research/persona/) we are trying to protect.
We should be able to justify our general design requirements through the needs of our users, instead of defining the strictest-possible private browser design and then applying that to all of the use cases. Indeed, this should influence tor-browser-spec#25021.
cc @duncan @nahTor Browser: 11.0 Issues with previous releasehttps://gitlab.torproject.org/tpo/applications/tor-browser-spec/-/issues/25021Update Tor Browser spec2024-03-20T23:28:07ZGeorg KoppenUpdate Tor Browser specTor Browser 11.0 is coming out soon. We should update our design document to cover all the new issues that are showing up in it. Highlights are
1) Switch to rbm/tor-browser-build
2) The security slider copy update
...
The update should...Tor Browser 11.0 is coming out soon. We should update our design document to cover all the new issues that are showing up in it. Highlights are
1) Switch to rbm/tor-browser-build
2) The security slider copy update
...
The update should cover the current goals and state of the browser, and fold in all the 8.0, 8.5, 9.0, 9.5, 10.0, and 10.5 changes.Tor Browser: 11.0 Issues with previous releaserichardrichardhttps://gitlab.torproject.org/tpo/web/community/-/issues/213Come up with a better terminology for bridges2021-10-27T13:31:53ZPhilipp Winterphw@torproject.orgCome up with a better terminology for bridgesOur terminology for bridges is confusing:
* *Private* bridges are bridges that BridgeDB doesn't know about. Users may mistakenly conclude that if a bridge isn't private, it must be public, which is incorrect. Suggestions for other terms:...Our terminology for bridges is confusing:
* *Private* bridges are bridges that BridgeDB doesn't know about. Users may mistakenly conclude that if a bridge isn't private, it must be public, which is incorrect. Suggestions for other terms: unshared, exclusive, unlisted, unknown.
* *Default* bridges are part of Tor Browser. Conceptually, default bridges are more like obfs4-enabled guard relays. Suggestions for other terms: built-in (we may have been using that term occasionally), standard, public.
* We don't have a consistent term for bridges that are distributed by BridgeDB/rdsys. Perhaps we don't need a term because that's the default?
How can we improve the situation?
Copying @cohosh, @antonela, @arma, and @gus.
# Update
proposal is to change this terminology **everywhere**
- default bridges -> built-in bridges
- will not do private/public bridges anymore
- private bridges -> secret bridges
- public bridges -> distributed bridges
Everywhere means:
- [ ] documentation - needs tickets in each portal
- [ ] [Browser's UI](tpo/applications/tor-browser#40623)
- [ ] Code - needs ticketSponsor 30 - Objective 2.2GusGushttps://gitlab.torproject.org/tpo/core/tor/-/issues/29612Update the documentation for ExitRelay2021-07-22T16:19:43ZteorUpdate the documentation for ExitRelayIn legacy/trac#21530 in 0.3.5, we changed the default of ExitRelay: relays used to be exits by default, but now they are not.
But we forgot to update the documentation.In legacy/trac#21530 in 0.3.5, we changed the default of ExitRelay: relays used to be exits by default, but now they are not.
But we forgot to update the documentation.Tor: 0.3.5.x-finalteorteorhttps://gitlab.torproject.org/tpo/core/tor/-/issues/28979Current alpha manual typo authorized_clients2021-07-22T16:20:05ZTracCurrent alpha manual typo authorized_clientsManual text, key word `Client Authorization` mentions `public-key` vs `privkey` for service:
```
To configure client authorization on the service side, the "<HiddenServiceDir>/authorized_clients/" directory needs to exist. Each file in t...Manual text, key word `Client Authorization` mentions `public-key` vs `privkey` for service:
```
To configure client authorization on the service side, the "<HiddenServiceDir>/authorized_clients/" directory needs to exist. Each file in that directory should be suffixed with ".auth" (i.e. "alice.auth"; the file name is irrelevant) and its content format MUST be:
<auth-type>:<key-type>:<base32-encoded-public-key>
The supported <auth-type> are: "descriptor". The supported <key-type> are: "x25519". The <base32-encoded-privkey> is the base32 representation of the raw key bytes only (32 bytes for x25519).
```
rend-spec-v3.txt (4329f00194bdb7adff2c9daa1cf47b09ce4c2a9e) confirms `public-key` instead of `privkey`.
So `privkey` is wrong for service.
**Trac**:
**Username**: FelixixTor: 0.3.5.x-finalNick MathewsonNick Mathewsonhttps://gitlab.torproject.org/tpo/core/tor/-/issues/28275hs-v3: Rotate intro points and close RP circuits when removing client auth se...2021-09-30T13:25:26ZDavid Gouletdgoulet@torproject.orghs-v3: Rotate intro points and close RP circuits when removing client auth service sideOn the service side (only), when a client authorization is removed and then tor is HUP, right now the service notices that and re-upload a new descriptor containing that new auth.
However, the into points are most likely kept as is (if ...On the service side (only), when a client authorization is removed and then tor is HUP, right now the service notices that and re-upload a new descriptor containing that new auth.
However, the into points are most likely kept as is (if no normal rotation happened during re-build) which means that a revoked client can still access the service with their cached descriptor because the intro points are still valid...
Furthermore, the RP circuits for that client aren't closed.
Security wise, that is not ideal to have a "not really revoked client" ;). Fortunately, only applies to 0.3.5.1-alpha and onward so no need for a TROVE.Tor: 0.3.5.x-finalhttps://gitlab.torproject.org/tpo/core/tor/-/issues/28221Fix typo in ReleasingTor.md2021-07-22T16:20:37ZteorFix typo in ReleasingTor.mdTor: 0.3.5.x-finalteorteorhttps://gitlab.torproject.org/tpo/core/tor/-/issues/28160outdated docs in rust/tor_log2021-07-22T16:20:37ZTracoutdated docs in rust/tor_log`torlog.c` was moved.
**Trac**:
**Username**: cyberpunks`torlog.c` was moved.
**Trac**:
**Username**: cyberpunksTor: 0.3.5.x-finalhttps://gitlab.torproject.org/tpo/core/tor/-/issues/28026make hs-v3 client auth configuration clearer in man page2021-09-30T13:25:25Zmtigasmake hs-v3 client auth configuration clearer in man pageRe: convo w/ asn yesterday on IRC (tor-dev).
Jumping off of legacy/trac#27547, this is my attempt at clearing up some things I thought should be made more explicit in the man page, such as not needing to set HiddenServiceAuthorizeClient...Re: convo w/ asn yesterday on IRC (tor-dev).
Jumping off of legacy/trac#27547, this is my attempt at clearing up some things I thought should be made more explicit in the man page, such as not needing to set HiddenServiceAuthorizeClient, ClientOnionAuthDir doesn't contain just one file literally named ".auth_private", it's "some_handle.auth_private", etc.
This depends on legacy/trac#25796 (& my patch in this comment https://trac.torproject.org/projects/tor/ticket/25796#comment:10 ), since I'm following the convention in other parts of the manpage to point to spec.torproject.org, but rend-spec-v3 is not yet on that page.Tor: 0.3.5.x-final