The Tor Project issueshttps://gitlab.torproject.org/groups/tpo/-/issues2022-05-17T21:22:24Zhttps://gitlab.torproject.org/tpo/onion-services/onionmine/-/issues/17Adds HARICA's onion-csr tool2022-05-17T21:22:24ZSilvio RhattoAdds HARICA's onion-csr toolAdds [onion-csr](https://github.com/HARICA-official/onion-csr) as a submodule, a compilation procedure and a wrapper to it.Adds [onion-csr](https://github.com/HARICA-official/onion-csr) as a submodule, a compilation procedure and a wrapper to it.Sponsor 123: Tor Secure Access Package for USAGM [First Phase]Silvio RhattoSilvio Rhatto2022-05-13https://gitlab.torproject.org/tpo/onion-services/onionprobe/-/issues/43Stem is unable to find cryptography module when runing from the pip package2022-05-11T15:41:16ZSilvio RhattoStem is unable to find cryptography module when runing from the pip packageHow to reproduce:
$ pip install onionprobe
Collecting onionprobe
Using cached onionprobe-0.3.2-py3-none-any.whl (58 kB)
Requirement already satisfied: pyyaml>=6.0 in /home/user/.local/lib/python3.9/site-packages (from ...How to reproduce:
$ pip install onionprobe
Collecting onionprobe
Using cached onionprobe-0.3.2-py3-none-any.whl (58 kB)
Requirement already satisfied: pyyaml>=6.0 in /home/user/.local/lib/python3.9/site-packages (from onionprobe) (6.0)
Requirement already satisfied: stem>=1.8.0 in /home/user/.local/lib/python3.9/site-packages (from onionprobe) (1.8.0)
Requirement already satisfied: cryptography>=37.0.2 in /home/user/.local/lib/python3.9/site-packages (from onionprobe) (37.0.2)
Requirement already satisfied: requests>=2.27.1 in /home/user/.local/lib/python3.9/site-packages (from onionprobe) (2.27.1)
Requirement already satisfied: prometheus-client>=0.14.1 in /home/user/.local/lib/python3.9/site-packages (from onionprobe) (0.14.1)
Requirement already satisfied: pysocks>=1.7.1 in /home/user/.local/lib/python3.9/site-packages (from onionprobe) (1.7.1)
Requirement already satisfied: cffi>=1.12 in /home/user/.local/lib/python3.9/site-packages (from cryptography>=37.0.2->onionprobe) (1.15.0)
Requirement already satisfied: pycparser in /home/user/.local/lib/python3.9/site-packages (from cffi>=1.12->cryptography>=37.0.2->onionprobe) (2.21)
Requirement already satisfied: urllib3<1.27,>=1.21.1 in /usr/lib/python3/dist-packages (from requests>=2.27.1->onionprobe) (1.26.5)
Requirement already satisfied: certifi>=2017.4.17 in /usr/lib/python3/dist-packages (from requests>=2.27.1->onionprobe) (2020.6.20)
Requirement already satisfied: charset-normalizer~=2.0.0 in /home/user/.local/lib/python3.9/site-packages (from requests>=2.27.1->onionprobe) (2.0.12)
Requirement already satisfied: idna<4,>=2.5 in /usr/lib/python3/dist-packages (from requests>=2.27.1->onionprobe) (2.10)
Installing collected packages: onionprobe
Successfully installed onionprobe-0.3.2
$ onionprobe -e http://2gzyxa5ihm7nsggfxnu52rck2vv4rvmdlkiu3zzui5du4xyclen53wid.onion
2022-05-11 13:22:58,482 INFO: Starting Onionprobe version 0.3.2...
2022-05-11 13:22:58,485 INFO: Initializing Tor process...
2022-05-11 13:23:01,668 INFO: Onionprobe is initialized. Hit Ctrl-C to interrupt it.
2022-05-11 13:23:01,669 INFO: Processing http://2gzyxa5ihm7nsggfxnu52rck2vv4rvmdlkiu3zzui5du4xyclen53wid.onion...
2022-05-11 13:23:01,669 INFO: Trying to get descriptor for 2gzyxa5ihm7nsggfxnu52rck2vv4rvmdlkiu3zzui5du4xyclen53wid.onion (attempt 1)...
2022-05-11 13:23:03,630 INFO: Unable to import the cryptography module. Because of this we'll be unable to verify descriptor signature integrity. You can get cryptography from: https://pypi.org/project/cryptography/
UnboundLocalError("local variable 'inner' referenced before assignment")
2022-05-11 13:23:03,630 INFO: Error while receiving a control message (SocketClosed): received exception "read of closed file"Sponsor 123: Tor Secure Access Package for USAGM [First Phase]Silvio RhattoSilvio Rhattohttps://gitlab.torproject.org/tpo/onion-services/onionprobe/-/issues/42tpo.py fails with an AttributeError exception2022-05-11T15:21:20Zanarcattpo.py fails with an AttributeError exceptioni tried to run tpo.py without arguments since i don't have the magic configuration file we expect in https://gitlab.torproject.org/tpo/tpa/team/-/issues/40717#note_2796985:
```
exec { 'onionprobe-refresh-config':
command => '/usr/shar...i tried to run tpo.py without arguments since i don't have the magic configuration file we expect in https://gitlab.torproject.org/tpo/tpa/team/-/issues/40717#note_2796985:
```
exec { 'onionprobe-refresh-config':
command => '/usr/share/doc/onionprobe/examples/tpo.py /srv/puppet.torproject.org/puppet-facts/onionbalancev3-services.yaml /etc/onionprobe/tpo.yaml',
creates => '/etc/onionprobe/tpo.yaml',
user => 'root',
}
file { '/etc/onionprobe/tpo.yaml', # or tor.yaml if we don't mind overwriting a file shipped by the package
ensure => 'present',
owner => 'root',
group => 'root',
mode => '0644',
notify => Service['onionprobe'], # defined elsewhere together with the package and the /etc/default/onionprobe config
}
```
unfortunately, it just crashes:
```
root@hetzner-nbg1-02:~# /usr/share/onionprobe/examples/tpo.py
Traceback (most recent call last):
File "/usr/share/onionprobe/examples/tpo.py", line 161, in <module>
instance.build_onionprobe_config()
File "/usr/share/onionprobe/examples/tpo.py", line 132, in build_onionprobe_config
self.config['shuffle'] = False
AttributeError: 'TPOSites' object has no attribute 'config'
```
boom! boom! whoohoo! :smile:Sponsor 123: Tor Secure Access Package for USAGM [First Phase]Silvio RhattoSilvio Rhattohttps://gitlab.torproject.org/tpo/onion-services/onionmine/-/issues/3Encrypted storage2022-06-16T17:34:41ZSilvio RhattoEncrypted storageSupport for encrypting pools into a password storage such those mentioned at the [evaluate password management options](https://gitlab.torproject.org/tpo/tpa/team/-/issues/29677) ticket.Support for encrypting pools into a password storage such those mentioned at the [evaluate password management options](https://gitlab.torproject.org/tpo/tpa/team/-/issues/29677) ticket.Sponsor 123: Tor Secure Access Package for USAGM [First Phase]Silvio RhattoSilvio Rhatto2022-06-16https://gitlab.torproject.org/tpo/onion-services/onionmine/-/issues/2Keypair testing2022-05-17T21:22:24ZSilvio RhattoKeypair testingAn Onion Service key is created by Onionmine using an external tool and should be tested:
* Check the quality of generated keys is needed.
* How to properly test ed25519 keys?
* Does keys generated by `mkp224o` pass the criteria?
This ...An Onion Service key is created by Onionmine using an external tool and should be tested:
* Check the quality of generated keys is needed.
* How to properly test ed25519 keys?
* Does keys generated by `mkp224o` pass the criteria?
This issue tracks the support for testing a given candidate keypair by Onionmine, check if it works well as an Onion Service.Sponsor 123: Tor Secure Access Package for USAGM [First Phase]Silvio RhattoSilvio Rhattohttps://gitlab.torproject.org/tpo/onion-services/onionprobe/-/issues/4Onionprobe: Debian package2022-05-10T20:26:05ZSilvio RhattoOnionprobe: Debian packageCreate a Debian Package for Onionprobe:
* [x] Work on an initial packaging implementation.
* [x] Systemd service unit file.
* [x] Provide a `README.Debian` explaning about the system-wide service and why it's not enabled by default, alo...Create a Debian Package for Onionprobe:
* [x] Work on an initial packaging implementation.
* [x] Systemd service unit file.
* [x] Provide a `README.Debian` explaning about the system-wide service and why it's not enabled by default, along with a link for the upstream documentation.
* [x] Upload the package into the private TPA-only repository.Sponsor 123: Tor Secure Access Package for USAGM [First Phase]Silvio RhattoSilvio Rhatto2022-04-21https://gitlab.torproject.org/tpo/tpa/team/-/issues/40717Onionprobe testbed using TPO onion sites2023-06-30T19:05:40ZSilvio RhattoOnionprobe testbed using TPO onion sitesIntegrate Onionprobe into Tor's Prometheus instance to monitor https://onion.torproject.org sites (and optonally other .onions for comparison).
This could not only helping Onionprobe development but also be a test environment for monito...Integrate Onionprobe into Tor's Prometheus instance to monitor https://onion.torproject.org sites (and optonally other .onions for comparison).
This could not only helping Onionprobe development but also be a test environment for monitoring the quality of service of onion services maintained by Tor.Sponsor 123: Tor Secure Access Package for USAGM [First Phase]anarcatanarcat2022-04-01https://gitlab.torproject.org/tpo/onion-services/onion-support/-/issues/59Onionprobe testbed using TPO onion sites2022-04-06T18:25:14ZSilvio RhattoOnionprobe testbed using TPO onion sitesIntegrate Onionprobe into Tor's Prometheus instance to monitor https://onion.torproject.org sites (and optonally other .onions for comparison).
This could not only helping Onionprobe development but also be a test environment for monito...Integrate Onionprobe into Tor's Prometheus instance to monitor https://onion.torproject.org sites (and optonally other .onions for comparison).
This could not only helping Onionprobe development but also be a test environment for monitoring the quality of service of onion services maintained by Tor.Sponsor 123: Tor Secure Access Package for USAGM [First Phase]Silvio RhattoSilvio Rhatto2022-04-01https://gitlab.torproject.org/tpo/anti-censorship/pluggable-transports/snowflake/-/issues/40235Help partner organizations to setup standalone snowflake proxies2023-03-03T17:00:16ZGabagaba@torproject.orgHelp partner organizations to setup standalone snowflake proxiesSnowflake works by creating a “flurry” of available proxies all around the world. Individuals who want to help people bypass censorship can install a Snowflake proxy into their web browser and become a temporary proxy as long as their br...Snowflake works by creating a “flurry” of available proxies all around the world. Individuals who want to help people bypass censorship can install a Snowflake proxy into their web browser and become a temporary proxy as long as their browser is open and online. This means that it’s extremely easy for many people to run proxies–we’ve seen an increase from about 30,000 to about 110,000 in the last month!
It’s also possible to set up standalone Snowflake proxies that run on their own machines or servers. While they are not as easy as a browser plugin to run, standalone Snowflake proxies have some benefits:
(1) standalone Snowflakes are connected 24/7 (instead of just when a user’s browser is on);
(2) they have a dedicated, fast, and stable connection in a data center; and
(3) they have unrestricted NAT–this is important because when using residential connections, modems and routers limit a lot of what can connect to an individual’s proxy.
In order to accommodate the amount of new traffic on the network, we need to increase the number of standalone Snowflake proxies.
In this activity, we will work with partner organizations and individuals to set up, host, and run standalone Snowflake proxies and offer them technical support. We also will help the operators monitor their proxies for blocking and respond when there are censorship events or changes so that these proxies remain available.Sponsor 139: Rapid Response IranHackerNCoderhackerncoder@encryptionin.spaceHackerNCoderhackerncoder@encryptionin.spacehttps://gitlab.torproject.org/tpo/anti-censorship/gettor-project/OnionSproutsBot/-/issues/46distribute Onion Browser .ipa files2023-04-22T12:23:13Zmeskiomeskio@torproject.orgdistribute Onion Browser .ipa filesWe can fetch them from their github releases:
https://github.com/OnionBrowser/OnionBrowser/releasesWe can fetch them from their github releases:
https://github.com/OnionBrowser/OnionBrowser/releasesSponsor 139: Rapid Response Iranirlirlhttps://gitlab.torproject.org/tpo/anti-censorship/gettor-project/OnionSproutsBot/-/issues/15provide android builds2023-04-22T12:23:15Zn0tooseprovide android buildsWe want to provide Android builds, but the endpoint we use (https://gitlab.torproject.org/tpo/anti-censorship/gettor-project/onionsproutsbot/-/blob/rewrite/example.yaml#L6) only provides downloads for desktop versions.
## Solutions
###...We want to provide Android builds, but the endpoint we use (https://gitlab.torproject.org/tpo/anti-censorship/gettor-project/onionsproutsbot/-/blob/rewrite/example.yaml#L6) only provides downloads for desktop versions.
## Solutions
### httpdirfs
We could use httpdirfs (see https://gitlab.torproject.org/tpo/anti-censorship/gettor-project/onionsproutsbot/-/issues/11) and use binaries as provided by https://dist.torproject.org, but it's a bit hard to distinguish which files are to be used, as, not only is there a "version mismatch" between the latest stable version of the desktop and the mobile edition, but there are also many different versions, some of which are suitable for daily usage, whereas some of them aren't. (As of the time of this writing, the example that shows this happens to be **11.0.8**, https://dist.torproject.org/torbrowser/11.0.8/ with the latest version being 11.0.10. The former version's directory only contains Android builds, whereas none of the more latest, stable versions provide Android builds.)
The bot having to decide which version is good based on parameters that may no longer exist in the future (e.g. someone could remove all Android builds ending in `*androidTest.apk`, because "why not, what could possibly go wrong with this" is most likely a bad idea, and the maintenance burden would be higher than desired. This bot is meant to be robust, just running in the background and doing its job without causing problems every now and then.
### F-Droid
We could use an F-Droid endpoint that provides builds (right now, the Guardian Project does so, and if the work is made to support obtaining files from their frontend, this can be easily switched to Tor's later on). This is by far the most realistic approach if other teams are not able to work on this, and F-Droid does provide APIs that could help. My recent efforts to make different parts of the program modular would help with getting something like this done. They have APIs as well: https://f-droid.org/en/docs/All_our_APIs/
However, I am concerned that the end result would turn out to be more fragile than it should be (such as telling apart the correct versions to be included), and a big refactoring session would still turn out to be required.
### Website scraping
This website providing a list of downloads for the browser is manually updated (I think I recall @gaba telling me this): https://www.torproject.org/download/#android
We could hypothetically just scrape the website and just get the downloads and be done with this. However, again, this bot should just sit back, quietly, doing its job and not breaking over the smallest changes, such as a website redesign. In conclusion, *no.*
### Tor Endpoint
To obtain a list of downloads for the desktop version, we currently use the following API endpoint: https://aus1.torproject.org/torbrowser/update_3/release/downloads.json
(See: https://gitlab.torproject.org/tpo/anti-censorship/gettor-project/onionsproutsbot/-/blob/rewrite/example.yaml#L6)
It would be pretty great if the project provided an endpoint for Android builds as well, especially because that would mean that a single "point of contact" would be telling my bot, as well as other projects that utilize the aforementioned endpoint, what to do, instead of my own bot scrambling to figure out what to do with a volatile set of data like that. However, with an F-Droid repository being supposedly around the corner, such a feature may be realistically way too much effort that I would be "outsourcing" to other people. However, something like that could also be useful for things such as providing lists of downloads through the website quickly. But that's neither my field or my fight.Sponsor 139: Rapid Response Iranirlirlhttps://gitlab.torproject.org/tpo/applications/vpn/-/issues/81Test all the features included in v01 of the VPN pre-alpha2023-06-06T19:19:56ZGabagaba@torproject.orgTest all the features included in v01 of the VPN pre-alphaWe need to test all the features implemented in this pre-alpha release of the Tor VPN. The instructions to test them are:
1. Download and install the pre-alpha APK on your Android device. The instructions for it are at https://gitlab.to...We need to test all the features implemented in this pre-alpha release of the Tor VPN. The instructions to test them are:
1. Download and install the pre-alpha APK on your Android device. The instructions for it are at https://gitlab.torproject.org/tpo/applications/vpn/-/blob/main/README.md#torvpn
2. Go feature by feature and test that it works as described in the feature’s issue in GitLab. The features that we have to test for this version are:
| Feature | When... | I want to... | So I can... |
| ------ | ------ | ------ | ------ |
| **[Killswitch](tpo/applications/vpn#23)** | my connection to Tor drops out | immediately block all traffic from my device, with the option to override if desired | avoid compromosing my privacy by allowing apps to fallback to a regular Internet connection[**1**] |
| **[Route all traffic over Tor](tpo/applications/vpn#23)** | apps on my device send traffic over the Internet | easily require all traffic from my device to go over Tor | ensure my privacy isn’t compromised by traffic being sent in the clear |
| **[Quickstart](tpo/applications/vpn#24)** | I restart my device | connect to Tor automatically | browse safely in the event that I forget to connect, or traffic is sent from my device before I can do so manually |
| **[Proxy bypass prevention](tpo/applications/vpn#27)** | an app is set to be routed through Tor | prevent any traffic leaking in the clear | preserve my privacy and anonymity[*] |
| **[Application isolation](tpo/applications/vpn#25)** | I’m routing multiple apps through Tor at the same time | ensure that each app uses different circuit | prevent my activity from one app being linked to another |
| **[Per-app permissions (blocked)](tpo/applications/vpn#27)** | only certain apps are blocked in my location | be able to choose which apps I do and don’t route over Tor | unblock certain apps without slowing my connection or running into issues with others |
| **[Bootstrapping](tpo/applications/vpn#39)** | the Tor app is in the process of connecting to Tor | see its progress as it connects | know that it’s working and hasn’t stalled |
| **[Per-app permissions (slow)](tpo/applications/vpn#27)** | an app or service blocks or is too slow over Tor | exempt that app’s traffic from being routed through Tor | use that app without needing to turn Tor routing off for my entire device |
| **[Connection error](tpo/applications/vpn#42)** | my Tor connection has been interrupted | receive a warning that I’m no longer connected to Tor | understand how to remedy the issue and reconnect |
| **[Data usage chart](tpo/applications/vpn#44)** | I’m connected to and routing my device’s apps over Tor | see a chart of my up/down data over time | feel reassured my traffic is being successfully routed through Tor, and monitor my data usage |
| **[View Tor logs](tpo/applications/vpn#50)** | I’ve encountered an issue or wish to verify a process happened as expected | be able to view the Tor logs | debug the issue, and forward the logs to others who can help if appropriate |
3. Submit bugs into https://gitlab.torproject.org/tpo/applications/vpn/-/issues/ . Each issue needs to have:
- include which Android version you are testing it in
- include information on how to reproduce the bug and what it should happen instead
- label “BUG”
- link it to the issue of the feature you are testing (if there is one)
- add it to the milestone related to the release (in this case https://gitlab.torproject.org/tpo/applications/vpn/-/milestones/1#tab-issues )
@tpo/applications please spend some time in the next week testing the VPN pre-alpha.VPN pre-alpha 01Gabagaba@torproject.orgGabagaba@torproject.org2023-05-24https://gitlab.torproject.org/tpo/applications/vpn/-/issues/69wire Protect All Apps setting in connection screen2023-04-27T21:32:38Zcybertawire Protect All Apps setting in connection screenCurrently the switch has no effect on the app routing settings.Currently the switch has no effect on the app routing settings.VPN pre-alpha 01cybertacybertahttps://gitlab.torproject.org/tpo/applications/vpn/-/issues/68Add disabled state for switch components2023-04-28T08:58:47ZcybertaAdd disabled state for switch componentsCurrently a visual disabled state is missing. An example: If protect all apps in the App routing screen was enabled, all subsequent settings are disabled. That's not visually indicated though.
see @donuts comment from figma:
> That's ...Currently a visual disabled state is missing. An example: If protect all apps in the App routing screen was enabled, all subsequent settings are disabled. That's not visually indicated though.
see @donuts comment from figma:
> That's a good question. I noticed M3 uses state layers for this, but I didn't bother with them when designing these components. For the purposes of the pre-alpha I think a general rule of 40% opacity will be fine – and we can refine this later if needed.VPN pre-alpha 01cybertacybertahttps://gitlab.torproject.org/tpo/applications/vpn/-/issues/66Add touch feedback in Configuration screen settings entries2023-04-28T09:20:34ZcybertaAdd touch feedback in Configuration screen settings entriescurrently there is no optical feedback / a selection state for the settings listcurrently there is no optical feedback / a selection state for the settings listVPN pre-alpha 01cybertacybertahttps://gitlab.torproject.org/tpo/applications/vpn/-/issues/65Improve App routing screen2023-04-28T08:58:47ZcybertaImprove App routing screen* [x] reduce list flickering
* [x] show loading indicator on initial loading. Initial loading takes some time so that an empty list is presented for about 1-2 seconds.
* [x] reorder cached app list items after loading from shared prefere...* [x] reduce list flickering
* [x] show loading indicator on initial loading. Initial loading takes some time so that an empty list is presented for about 1-2 seconds.
* [x] reorder cached app list items after loading from shared preferences to reduce the diff between async queried app list and immediately loaded cached app list. That reduces the likelihood of visual list changes after entering the the app routing screenVPN pre-alpha 01cybertacybertahttps://gitlab.torproject.org/tpo/applications/vpn/-/issues/24Quickstart2023-06-14T17:51:52Zmicahmicah@torproject.orgQuickstartThe "Quickstart" is defined as essentially a user restarting their device and connecting to Tor automatically. The goal is to browse 'safely' by default, if the user forgets to connect, or traffic would be sent out of the device before m...The "Quickstart" is defined as essentially a user restarting their device and connecting to Tor automatically. The goal is to browse 'safely' by default, if the user forgets to connect, or traffic would be sent out of the device before manual activation.
This would also cover the Job Story "Turn off network before bootstrapping" which describes blocking any connections when launching the TorVPN.
Although https://gitlab.torproject.org/tpo/ux/research/-/issues/66 indicates it as 'Research', this could be integrated fairly easily and I'd advocate that it be moved to being MVP.VPN pre-alpha 01cybertacybertahttps://gitlab.torproject.org/tpo/applications/tor-browser/-/issues/41600Some users have difficulty finding the circuit display2023-10-11T12:10:02ZdonutsSome users have difficulty finding the circuit displayIn recent usability testing conducted for ~"Sponsor 30" @nah discovered that:
> During this study, **participant 3** pointed that they never used the `New Circuit` because they didn't know where it was. And as most browsers use the padl...In recent usability testing conducted for ~"Sponsor 30" @nah discovered that:
> During this study, **participant 3** pointed that they never used the `New Circuit` because they didn't know where it was. And as most browsers use the padlock to show website certificate, so they would never look for it there. They suggested to change the icon for the `New Circuit`, to make it more visible.(https://gitlab.torproject.org/tpo/ux/research/-/issues/91#note_2840558)
This has also been reported by an independent user researcher here: https://gitlab.torproject.org/tpo/ux/research/-/issues/34
And came up during user interviews for ~"Sponsor 101" too: https://gitlab.torproject.org/tpo/ux/research/-/issues/70
If possible, I'd like to explore potential fixes for this issue in time for the usability testing scheduled in March/April.Sponsor 30 - Objective 3.5henryhenry2023-04-17https://gitlab.torproject.org/tpo/applications/tor-browser/-/issues/41085Refactor the UI to remove all bridges2023-05-01T12:53:10ZdonutsRefactor the UI to remove all bridgesIn #40782 we introduced the concept of bridge cards. As part of that work, we provided a means to remove all bridge cards using a red button positioned below the bridge stack:
- [remove-all-bridges](/uploads/3c9cf520633386ed07bc35ee6341...In #40782 we introduced the concept of bridge cards. As part of that work, we provided a means to remove all bridge cards using a red button positioned below the bridge stack:
- [remove-all-bridges](/uploads/3c9cf520633386ed07bc35ee63418704/remove-all-bridges.png)
However it shares the same position as the "Show all bridges" button, which was terrible UX on my part. We should consider improving this.Sponsor 30 - Objective 3.5Dan BallardDan Ballard2023-04-17https://gitlab.torproject.org/tpo/applications/tor-browser/-/issues/41080Some users are choosing an adjacent country for circumvention settings2023-05-01T12:49:53ZdonutsSome users are choosing an adjacent country for circumvention settingsDuring usability testing of Connection Assist conducted in https://gitlab.torproject.org/tpo/ux/research/-/issues/52 & https://gitlab.torproject.org/tpo/ux/research/-/issues/78, several participants decided to choose a different country ...During usability testing of Connection Assist conducted in https://gitlab.torproject.org/tpo/ux/research/-/issues/52 & https://gitlab.torproject.org/tpo/ux/research/-/issues/78, several participants decided to choose a different country to the one they were located in after reaching this screen:
- [location-check-light](/uploads/59a5f701eb983f4541f97863a8e661cc/location-check-light.png)
Each of these participants opted to choose a country adjacent to theirs instead – for example, a participant located in Brazil selected Bolivia. OnionShare reported the same behavior when testing their implementation of circumvention settings, whereby a participant in Mexico selected the United States instead. This suggests the behavior is not a quirk of Tor Browser's UX, but a deeper issue.
Participants seem to be selecting an adjacent country in the hope that the Internet is not blocked there, and/or are mistaking the location settings selector for a list of VPN-style server locations.
The same behavior wasn't observed on the initial Connection Assist screen due to the presence of the "Automatic" option, which users favored instead of selecting a location manually.Sponsor 30 - Objective 3.5Dan BallardDan Ballard