The Tor Project issueshttps://gitlab.torproject.org/groups/tpo/-/issues2022-07-08T11:58:28Zhttps://gitlab.torproject.org/tpo/web/manual/-/issues/127Add MetricsPort to the glossary2022-07-08T11:58:28ZemmapeelAdd MetricsPort to the glossaryWe should add to the glossary some more terms, and translator dfiguera has found MetricsPort.
Maybe there are more.We should add to the glossary some more terms, and translator dfiguera has found MetricsPort.
Maybe there are more.https://gitlab.torproject.org/tpo/network-health/metrics/exonerator/-/issues/40001Add ops instructions to restart or fix the server2022-08-15T09:40:03ZHiroAdd ops instructions to restart or fix the serverExonerator has been OOM-ing quite a bit lately and we have noticed we are missing ops instructions on how to restart and "fix" it if there are issues.
These should be added to the wiki.Exonerator has been OOM-ing quite a bit lately and we have noticed we are missing ops instructions on how to restart and "fix" it if there are issues.
These should be added to the wiki.HiroHirohttps://gitlab.torproject.org/tpo/network-health/metrics/website/-/issues/40058Mention onionperf "a" instances using guards2022-07-08T11:42:23ZGeorg KoppenMention onionperf "a" instances using guardshttps://metrics.torproject.org/onionperf-buildtimes.html says "We disable Entry Guards in the Tor client configuration used by OnionPerf, to ensure a new guard is selected for each circuit we measure." However, that's not true for the "a...https://metrics.torproject.org/onionperf-buildtimes.html says "We disable Entry Guards in the Tor client configuration used by OnionPerf, to ensure a new guard is selected for each circuit we measure." However, that's not true for the "a" instances which do use entry guards and rotate them every 12h. We should update the text on the website accordingly.Georg KoppenGeorg Koppenhttps://gitlab.torproject.org/tpo/web/community/-/issues/279add slides for sysadmin101 workshop2023-01-11T16:09:19Zemmapeeladd slides for sysadmin101 workshopthe workshop for sysadmin skills was a success, and we can add the slides to the community
portal so they get translated and can be used to do more presentations.the workshop for sysadmin skills was a success, and we can add the slides to the community
portal so they get translated and can be used to do more presentations.GeorgeGeorgehttps://gitlab.torproject.org/tpo/web/manual/-/issues/125Should we keep flash player plugin in "PLUGINS, ADD-ONS AND JAVASCRIPT"?2023-07-13T14:06:28ZcypherpunksShould we keep flash player plugin in "PLUGINS, ADD-ONS AND JAVASCRIPT"?Page "PLUGINS, ADD-ONS AND JAVASCRIPT" says about Flash Player. Should it really be mentioned now, when Flash Player is deprecated, stopped working and nobody is using it?Page "PLUGINS, ADD-ONS AND JAVASCRIPT" says about Flash Player. Should it really be mentioned now, when Flash Player is deprecated, stopped working and nobody is using it?GusGushttps://gitlab.torproject.org/tpo/network-health/metrics/website/-/issues/40053metrics/collector.html has broken torperf link2022-06-23T15:54:09ZRoger Dingledinemetrics/collector.html has broken torperf linkFrom https://metrics.torproject.org/torperf.html click on "reproduce"
which leads you to
https://metrics.torproject.org/reproducible-metrics.html#performance
Then click on "Obtain OnionPerf/Torperf measurement results from CollecTor."...From https://metrics.torproject.org/torperf.html click on "reproduce"
which leads you to
https://metrics.torproject.org/reproducible-metrics.html#performance
Then click on "Obtain OnionPerf/Torperf measurement results from CollecTor."
which leads you to
https://metrics.torproject.org/collector.html#type-torperf
then click on "> recent"
which leads you to
https://metrics.torproject.org/collector/recent/torperf/
which says "Error
Oops! Something went wrong here! We encountered a 404 Not Found when processing your request!"
Similarly, https://metrics.torproject.org/collector/archive/torperf/ looks strangely empty starting in mid 2020.
Thanks!Georg KoppenGeorg Koppenhttps://gitlab.torproject.org/tpo/web/community/-/issues/277Questionable DNSSEC usefulness2022-06-03T23:30:16ZcypherpunksQuestionable DNSSEC usefulnessAt page https://community.torproject.org/relay/setup/exit/#dns-on-exit-relays there is a recommendation to use DNSSEC-validating local resolver.
But does it help anything?
If validation fails, resolver will SERVFAIL and either OS will t...At page https://community.torproject.org/relay/setup/exit/#dns-on-exit-relays there is a recommendation to use DNSSEC-validating local resolver.
But does it help anything?
If validation fails, resolver will SERVFAIL and either OS will try fallback one (likely not validating) or exit will return error to client and client will retry on another circuit.https://gitlab.torproject.org/tpo/community/support/-/issues/40082Update links to the Telegram Bots (Support, GetBridges) across our support pl...2022-05-24T17:40:47Zchampionquizzerchampionquizzer@torproject.orgUpdate links to the Telegram Bots (Support, GetBridges) across our support platformsTelegram has changed the url of the bots (i.e https://t.me/@GetBridgesBot --> https://t.me/GetBridgesBot) and we need to accordingly update our documentation on RT, cdr.link, Forum and elsewhere. (Thanks to a translator and @emmapeel for...Telegram has changed the url of the bots (i.e https://t.me/@GetBridgesBot --> https://t.me/GetBridgesBot) and we need to accordingly update our documentation on RT, cdr.link, Forum and elsewhere. (Thanks to a translator and @emmapeel for spotting this!)
/cc @nina
Related: https://gitlab.torproject.org/tpo/web/support/-/merge_requests/110championquizzerchampionquizzer@torproject.orgchampionquizzerchampionquizzer@torproject.orghttps://gitlab.torproject.org/tpo/onion-services/onion-support/-/issues/100Write an Onion Service survival guide2022-08-31T21:49:04ZSilvio RhattoWrite an Onion Service survival guideNeed to start working on a survival guide for S123, something like [the one from the Anti-Censorship Team](https://gitlab.torproject.org/tpo/anti-censorship/team/-/wikis/Survival-Guides/BridgeDB-Survival-Guide). Topics to cover:
* [x] D...Need to start working on a survival guide for S123, something like [the one from the Anti-Censorship Team](https://gitlab.torproject.org/tpo/anti-censorship/team/-/wikis/Survival-Guides/BridgeDB-Survival-Guide). Topics to cover:
* [x] Diagnosing an error given by Onionprobe monitoring (and how to read Onionprobe reports).
* [x] Troubleshooting EOTK.
* [x] Other useful guidance.
This guide should be available at the Onion Support wiki and also be sent upstream via merge requests (like for EOTK-specific instructions).Sponsor 123: Tor Secure Access Package for USAGM [First Phase]Silvio RhattoSilvio Rhatto2022-08-31https://gitlab.torproject.org/tpo/onion-services/onion-support/-/issues/99General policy on how the Onion Support team should respond to Onionprobe alerts2022-09-27T09:49:18ZSilvio RhattoGeneral policy on how the Onion Support team should respond to Onionprobe alertsWrite a small quick policy in what to do when an incident happen and are detected/notified by Onionprobe, including:
* Inform the interested parties (like Sponsors and/or users) of the issue, if needed.
* Check agreement when/where admi...Write a small quick policy in what to do when an incident happen and are detected/notified by Onionprobe, including:
* Inform the interested parties (like Sponsors and/or users) of the issue, if needed.
* Check agreement when/where admins allow to be notified.
* Then check if admins online (or on shift) can work on it (depends on agreed channels and current time):
* Ping on IRC.
* Ping on email.
* Ping on Signal.
* Ping on X.
This policy should be available at the Onion Support wiki.Sponsor 123: Tor Secure Access Package for USAGM [First Phase]Silvio RhattoSilvio Rhatto2022-08-31https://gitlab.torproject.org/tpo/web/community/-/issues/273[Snowflake] Update the standalone instructions2022-08-18T15:17:12ZGus[Snowflake] Update the standalone instructionsFrom https://gitlab.torproject.org/tpo/anti-censorship/pluggable-transports/snowflake/-/issues/40125
If I may I'd point out that the NAT behaviour tool page linked at https://community.torproject.org/relay/setup/snowflake/standalone/ ne...From https://gitlab.torproject.org/tpo/anti-censorship/pluggable-transports/snowflake/-/issues/40125
If I may I'd point out that the NAT behaviour tool page linked at https://community.torproject.org/relay/setup/snowflake/standalone/ needs updating as well. Currently the syntax uses 'go get' which is deprecated in favour of 'go install'. I only had success with "go install github.com/pion/stun/cmd/stun-nat-behaviour@latest".Sponsor 96: Rapid Expansion of Access to the Uncensored Internet through Tor in China, Hong Kong, & Tibethttps://gitlab.torproject.org/tpo/web/tpo/-/issues/299Should Contact page point to Matrix rooms?2022-07-01T04:45:13ZJim NewsomeShould Contact page point to Matrix rooms?https://www.torproject.org/contact/ still only mentions IRC. AFAICT the only pointer to our matrix rooms is from the blog post https://blog.torproject.org/entering-the-matrix/https://www.torproject.org/contact/ still only mentions IRC. AFAICT the only pointer to our matrix rooms is from the blog post https://blog.torproject.org/entering-the-matrix/https://gitlab.torproject.org/tpo/applications/tor-browser-spec/-/issues/40030FF97 Audit2022-11-01T21:23:44ZrichardFF97 Audit# General
The audit begins at the commit hash where the previous audit ended. Use code_audit.sh for creating the diff and highlighting potentially problematic code. The audit is scoped to a specific language (currently C/C++, Rust, Java...# General
The audit begins at the commit hash where the previous audit ended. Use code_audit.sh for creating the diff and highlighting potentially problematic code. The audit is scoped to a specific language (currently C/C++, Rust, Java/Kotlin, and Javascript).
The output includes the entire patch where the new problematic code was introduced. Search for `XXX MATCH XXX` to find the next potential violation.
`code_audit.sh` contains the list of known problematic APIs. New usage of these functions are documented and analyzed in this audit.
## Firefox: https://github.com/mozilla/gecko-dev.git
- Start: `e6b83e1727b7e9a6847e6e15bdb935d9937099e4` ( `FIREFOX_RELEASE_97_BASE` )
- End: `82764d45153d175f4686ead7aac977810fe1fd1b` ( `FIREFOX_RELEASE_98_BASE` )
### Languages:
- [x] java
- [x] cpp
- [x] js
- [x] rust
Nothing of interest (using `code_audit.sh`)
**OR**
### foreach PROBLEMATIC_HASH:
#### $(PROBLEMATIC_HASH)
- Summary
- Review Result: (SAFE|BAD)
---
## Application Services: https://github.com/mozilla/application-services.git
- Start: `df53ad867be7d79899e05797533cd624f1eeb2a2` ( `v90.0.1` )
- End: `17942945873cdb8be56a9316d3cb8a611b3ef321` ( `v91.1.0` )
### Languages:
- [x] java
- [x] cpp
- [x] js
- [x] rust
Nothing of interest (using `code_audit.sh`)
## Android Components: https://github.com/mozilla-mobile/android-components.git
- Start: `604152ef532c33d8fc2412fd6d21cf29e9764c51` ( `v97.0.0` )
- End: `0465a6f809adafd5429c230e890e7f4911f0070e` ( `v97.0.13` )
### Languages:
- [x] java
- [x] cpp
- [x] js
- [x] rust
Nothing of interest (using `code_audit.sh`)
## Fenix: https://github.com/mozilla-mobile/fenix.git
- Start: `84d4a07c0067f7c51757b157c79658a891870d95` ( `v97.0.0-beta.1` )
- End: `16042ab2a16a64c9c94c8c01ea93578062415ac5` ( `releases_v97.0.0` )
### Languages:
- [x] java
- [x] cpp
- [x] js
- [x] rust
Nothing of interest (using `code_audit.sh`)
## Ticket Review ##
### Review List
#### 97 https://bugzilla.mozilla.org/buglist.cgi?query_format=advanced&resolution=FIXED&target_milestone=97%20Branch&order=priority%2Cbug_severity&limit=0
- https://bugzilla.mozilla.org/show_bug.cgi?id=1741428 @richard https://gitlab.torproject.org/tpo/applications/tor-browser/-/issues/41130
- https://bugzilla.mozilla.org/show_bug.cgi?id=1738983 @pierov https://gitlab.torproject.org/tpo/applications/tor-browser/-/issues/41131
- https://bugzilla.mozilla.org/show_bug.cgi?id=1432983 @pierov https://gitlab.torproject.org/tpo/applications/tor-browser/-/issues/41132
- https://bugzilla.mozilla.org/show_bug.cgi?id=1745092 @boklm https://gitlab.torproject.org/tpo/applications/tor-browser/-/issues/41133
Nothing of interest (manual inspection)
**OR** (foreach)**
### foreach PROBLEMATIC_TICKET:
#### $(PROBLEMATIC_TICKET)
- Summary
- Review Result: (SAFE|BAD)
## Regression/Prior Vuln Review ##
Review proxy bypass bugs; check for new vectors to look for:
- https://gitlab.torproject.org/groups/tpo/applications/-/issues?scope=all&utf8=%E2%9C%93&state=opened&label_name[]=Proxy%20Bypass
- Look for new features like these. Especially external app launch vectors
## Export
- [ ] Export Report and save to `tor-browser-spec/audits`Sponsor 131 - Phase 3 - Major ESR 102 Migrationrichardrichardhttps://gitlab.torproject.org/tpo/applications/tor-browser-spec/-/issues/40029FF95 Audit2022-11-02T20:48:15ZrichardFF95 Audit# General
The audit begins at the commit hash where the previous audit ended. Use code_audit.sh for creating the diff and highlighting potentially problematic code. The audit is scoped to a specific language (currently C/C++, Rust, Java...# General
The audit begins at the commit hash where the previous audit ended. Use code_audit.sh for creating the diff and highlighting potentially problematic code. The audit is scoped to a specific language (currently C/C++, Rust, Java/Kotlin, and Javascript).
The output includes the entire patch where the new problematic code was introduced. Search for `XXX MATCH XXX` to find the next potential violation.
`code_audit.sh` contains the list of known problematic APIs. New usage of these functions are documented and analyzed in this audit.
## Firefox: https://github.com/mozilla/gecko-dev.git
- Start: `6c9b6e1483551f220cd409e4e584349bc74a8231` ( `FIREFOX_RELEASE_95_BASE` )
- End: `6a277ae5bdf6554793cd0da292a9c9ea804b4ed9` ( `FIREFOX_RELEASE_96_BASE` )
### Languages:
- [x] java
- [x] cpp
- [x] js
- [x] rust
Nothing of interest (using `code_audit.sh`)
---
## Application Services: https://github.com/mozilla/application-services.git
- Start: `df1a47fde89f49201b1e839f960e8f16eb95a55d` ( `v87.1.0` )
- End: `5ceeb43598871a7d8550acc574a6a3fb93803ad7` ( `v87.3.0` )
### Languages:
- [x] java
- [x] cpp
- [x] js
- [x] rust
Nothing of interest (using `code_audit.sh`)
## Android Components: https://github.com/mozilla-mobile/android-components.git
- Start: `ef09fecd91dfcbffb85d9f4907b76cc9e5a0b70e` ( `v95.0.0` )
- End: `93066a8f082fa2db3d38d361d0a538c438d2e1b8` ( `v95.0.15` )
### Languages:
- [x] java
- [x] cpp
- [x] js
- [x] rust
Nothing of interest (using `code_audit.sh`)
## Fenix: https://github.com/mozilla-mobile/fenix.git
- Start: `9ab24a371b2dd51d18dab2f7f49facc6d2fd56ad` ( `v95.0.0-beta.1` )
- End: `d01642a0b1e3819cd2802b42a8a6aae43eb5ff12` ( `releases_v95.0.0` )
### Languages:
- [x] java
- [x] cpp
- [x] js
- [x] rust
Nothing of interest (using `code_audit.sh`)
## Ticket Review ##
### Review List
#### 95 https://bugzilla.mozilla.org/buglist.cgi?query_format=advanced&resolution=FIXED&target_milestone=95%20Branch&order=priority%2Cbug_severity&limit=0
- https://bugzilla.mozilla.org/show_bug.cgi?id=1732792 : @dan https://gitlab.torproject.org/tpo/applications/tor-browser/-/issues/41125
- https://bugzilla.mozilla.org/show_bug.cgi?id=1734262 : @ma1 https://gitlab.torproject.org/tpo/applications/tor-browser/-/issues/41126
- https://bugzilla.mozilla.org/show_bug.cgi?id=1726524 : @henry https://gitlab.torproject.org/tpo/applications/tor-browser/-/issues/41127
- https://bugzilla.mozilla.org/show_bug.cgi?id=1734331 : @boklm https://gitlab.torproject.org/tpo/applications/tor-browser/-/issues/41128
### foreach PROBLEMATIC_TICKET:
#### $(PROBLEMATIC_TICKET)
- Summary
- Review Result: (SAFE|BAD)
## Regression/Prior Vuln Review ##
Review proxy bypass bugs; check for new vectors to look for:
- https://gitlab.torproject.org/groups/tpo/applications/-/issues?scope=all&utf8=%E2%9C%93&state=opened&label_name[]=Proxy%20Bypass
- Look for new features like these. Especially external app launch vectors
## Export
- [x] Export Report and save to `tor-browser-spec/audits`Sponsor 131 - Phase 3 - Major ESR 102 Migrationrichardrichardhttps://gitlab.torproject.org/tpo/web/community/-/issues/271Vanity Addresses documentation2022-08-09T18:23:24ZSilvio RhattoVanity Addresses documentationCreate an "Vanity Addresses" page at the [Onion Services advanced docs](https://community.torproject.org/onion-services/advanced/).
It might be populated by the [Onionmine's README.md explanation](https://gitlab.torproject.org/tpo/onion...Create an "Vanity Addresses" page at the [Onion Services advanced docs](https://community.torproject.org/onion-services/advanced/).
It might be populated by the [Onionmine's README.md explanation](https://gitlab.torproject.org/tpo/onion-services/onionmine/-/commit/e59d1e00a41fd28caf7c59980078a1f6cbf547ed) about vanity addresses.Silvio RhattoSilvio Rhattohttps://gitlab.torproject.org/tpo/web/manual/-/issues/121Updating instructions are not related to the images shown2023-06-20T14:34:19ZemmapeelUpdating instructions are not related to the images shownReported by translator Kate_, thanks!
In the [Updating](https://tb-manual.torproject.org/updating/) section of the manual, we say:
`When you are prompted to update Tor Browser, click on hamburger menu (main menu), then select “Restart...Reported by translator Kate_, thanks!
In the [Updating](https://tb-manual.torproject.org/updating/) section of the manual, we say:
`When you are prompted to update Tor Browser, click on hamburger menu (main menu), then select “Restart to update Tor browser”.`
But the images before and after that sentence do not clearly show where it is that you need to click, and there is no 'Restart to update Tor Browser' shown:
![image-not-related](/uploads/cc9af16453fd8d598073e254d3851124/image-not-related.png)
We should change the screenshot, or maybe the text, to reflect the present situation.championquizzerchampionquizzer@torproject.orgchampionquizzerchampionquizzer@torproject.orghttps://gitlab.torproject.org/tpo/onion-services/onionprobe/-/issues/19Detailed Onionprobe documentation2023-03-14T13:14:54ZSilvio RhattoDetailed Onionprobe documentation* [x] Setup [Onion Mkdocs](https://rhatto.pages.torproject.net/onion-mkdocs/).
* [x] Enhance the existing documentation.
* [x] Create API and usage documentation.
* [x] Switch from [onion-tex](https://gitlab.torproject.org/ahf/onion-tex)...* [x] Setup [Onion Mkdocs](https://rhatto.pages.torproject.net/onion-mkdocs/).
* [x] Enhance the existing documentation.
* [x] Create API and usage documentation.
* [x] Switch from [onion-tex](https://gitlab.torproject.org/ahf/onion-tex) to [onion-tex-slim](https://gitlab.torproject.org/rhatto/onion-tex-slim).
* [x] CI/CD job to build slides.Silvio RhattoSilvio Rhattohttps://gitlab.torproject.org/tpo/community/support/-/issues/40073Review and update all articles on Frontdesk (RT) and text modules on cdr.link...2022-08-01T10:43:28Zchampionquizzerchampionquizzer@torproject.orgReview and update all articles on Frontdesk (RT) and text modules on cdr.link wrt TB 11.5 releaseWith the TB 11.5 release (https://gitlab.torproject.org/tpo/applications/tor-browser/-/issues/11698), we need to update a few articles/templates on frontdesk (Request Tracker) and text modules on cdr.link (Telegram User Support Channel) ...With the TB 11.5 release (https://gitlab.torproject.org/tpo/applications/tor-browser/-/issues/11698), we need to update a few articles/templates on frontdesk (Request Tracker) and text modules on cdr.link (Telegram User Support Channel) (related to: https://gitlab.torproject.org/tpo/web/manual/-/issues/119, https://gitlab.torproject.org/tpo/web/support/-/issues/298).
/cc @gus @ninachampionquizzerchampionquizzer@torproject.orgchampionquizzerchampionquizzer@torproject.orghttps://gitlab.torproject.org/tpo/web/manual/-/issues/120Create an alpha branch and environment2022-04-20T17:33:35ZGusCreate an alpha branch and environmentFor #119 we will need to push the new documentation for the website, so Duncan and others can make the TB-manual offline version.
This ticket we should create an alpha branch and have a review environment (like we have for l10n).
Or we c...For #119 we will need to push the new documentation for the website, so Duncan and others can make the TB-manual offline version.
This ticket we should create an alpha branch and have a review environment (like we have for l10n).
Or we can use 'staging', but it will deploy to prod if we aren't careful.https://gitlab.torproject.org/tpo/core/torspec/-/issues/116Incorrect (or confusing) documentation of ADD_ONION command2022-04-28T23:01:29ZrichardIncorrect (or confusing) documentation of ADD_ONION commandIn `control-spec.txt`:
Under the `ADD_ONION` section, the `V3Key` value definition ( https://gitlab.torproject.org/tpo/core/torspec/-/blob/main/control-spec.txt#L1808 ) says it is:
>>>
V3Key = The client's base32-encoded ed25519 public...In `control-spec.txt`:
Under the `ADD_ONION` section, the `V3Key` value definition ( https://gitlab.torproject.org/tpo/core/torspec/-/blob/main/control-spec.txt#L1808 ) says it is:
>>>
V3Key = The client's base32-encoded ed25519 public key, using only the key part of rend-spec-v3.txt section G.1.2 (v3 only).
>>>
Some experimentation suggests this is actually supposed to be the base32-encoded x25519 public key counterpart to the base64-encoded x25519 private key given to `ONION_CLIENT_AUTH_ADD`. This would also seem to agree with the reference to `rend-spec-v3.txt` ( https://gitlab.torproject.org/tpo/core/torspec/-/blob/main/rend-spec-v3.txt#L2471 ) which only refers to x25519 keys, not ed25519 keys.richardrichard