The Tor Project issueshttps://gitlab.torproject.org/groups/tpo/-/issues2023-02-28T19:22:54Zhttps://gitlab.torproject.org/tpo/core/arti/-/issues/663Use humantime in tests2023-02-28T19:22:54ZNick MathewsonUse humantime in testsIn various places in our test codes, we write times like `time::SystemTime::UNIX_EPOCH + time::Duration::new(1668455932, 0)`. Instead we should just write the time we want in UTC, adding the dev-dependencies that we need to do that.
We...In various places in our test codes, we write times like `time::SystemTime::UNIX_EPOCH + time::Duration::new(1668455932, 0)`. Instead we should just write the time we want in UTC, adding the dev-dependencies that we need to do that.
We can identify places to make this change by grepping for `UNIX_EPOCH`.https://gitlab.torproject.org/tpo/anti-censorship/pluggable-transports/snowflake/-/issues/40232snowflake proxy README includes an old version of ./proxy --help2023-07-29T22:27:43ZRoger Dingledinesnowflake proxy README includes an old version of ./proxy --helpIn snowflake/proxy/README, we have this section:
```
The Snowflake proxy can be run with the following options:
Usage of ./proxy:
-broker string
broker URL (default "https://snowflake-broker.torproject.net/")
-capacity uint...In snowflake/proxy/README, we have this section:
```
The Snowflake proxy can be run with the following options:
Usage of ./proxy:
-broker string
broker URL (default "https://snowflake-broker.torproject.net/")
-capacity uint
maximum concurrent clients
-keep-local-addresses
keep local LAN address ICE candidates
-log string
log filename
-relay string
websocket relay URL (default "wss://snowflake.torproject.net/")
-stun string
stun URL (default "stun:stun.stunprotocol.org:3478")
-unsafe-logging
prevent logs from being scrubbed
```
but ./proxy --help now shows more options than that:
```
Usage of ./proxy:
-allow-non-tls-relay
allow relay without tls encryption
-allowed-relay-hostname-pattern string
a pattern to specify allowed hostname pattern for relay URL. (default "snowflake.torproject.net$")
-broker string
broker URL (default "https://snowflake-broker.torproject.net/")
-capacity uint
maximum concurrent clients
-ephemeral-ports-range string
ICE UDP ephemeral ports range (format:"<min>:<max>")
-keep-local-addresses
keep local LAN address ICE candidates
-log string
log filename
-nat-retest-interval duration
the time interval in second before NAT type is retested, 0s disables retest. Valid time units are "s", "m", "h". (default 24h0m0s)
-relay string
websocket relay URL (default "wss://snowflake.bamsoftware.com/")
-stun string
STUN URL (default "stun:stun.stunprotocol.org:3478")
-summary-interval duration
the time interval to output summary, 0s disables summaries. Valid time units are "s", "m", "h". (default 1h0m0s)
-unsafe-logging
prevent logs from being scrubbed
-verbose
increase log verbosity
```
The really simple fix would be to update the README with the newer text. The more robust approach would be to stop trying to maintain the same data in both places (because it's clearly not working), and change the README to teach you how to run ./proxy --help to get the usage, and/or change it to list just the most important options.https://gitlab.torproject.org/tpo/web/support/-/issues/315expand/collapse button has a reverted behavior in support.torproject.org2023-03-21T17:56:07Zcypherpunksexpand/collapse button has a reverted behavior in support.torproject.orgexpand/collapse button has a reverted behavior in e.g. https://support.torproject.org/tbb/tbb-10/expand/collapse button has a reverted behavior in e.g. https://support.torproject.org/tbb/tbb-10/Ashish SoniAshish Sonihttps://gitlab.torproject.org/tpo/web/donate-static/-/issues/97twitter metacard not appearing2022-11-07T22:06:55ZKeztwitter metacard not appearing@nicob pointed out in IRC that twitter is not showing our card image. i've checked with a few unofficial validators (<https://tweetpik.com/twitter-card-validator>, <https://www.bannerbear.com/tools/twitter-card-preview-tool/>) and they h...@nicob pointed out in IRC that twitter is not showing our card image. i've checked with a few unofficial validators (<https://tweetpik.com/twitter-card-validator>, <https://www.bannerbear.com/tools/twitter-card-preview-tool/>) and they have no issues. but on twitter, our card looks like this: ![image](/uploads/89374a3a73809ab58e8e5a86ad018c6b/image.png)
i think the issue is the robots.txt file i added to logo, it disallows crawlers from checking the /static directory (containing our card image), and twitter respects robots.txtYear End Campaign 2022https://gitlab.torproject.org/tpo/applications/tor-browser-build/-/issues/40638Visit our website link after build-to-build upgrade in Nightly channel points...2022-10-27T22:48:08ZrichardVisit our website link after build-to-build upgrade in Nightly channel points to old v2 onionAfter upgrade nightly builds have the following copy on about:tor:
----
### Tor Browser has been updated.
For the most up-to-date information about this release, [visit our website](http://f4amtbsowhix7rrf.onion/).
----
We need to u...After upgrade nightly builds have the following copy on about:tor:
----
### Tor Browser has been updated.
For the most up-to-date information about this release, [visit our website](http://f4amtbsowhix7rrf.onion/).
----
We need to upgrade this to the new v3 onionSponsor 131 - Phase 3 - Major ESR 102 MigrationPier Angelo VendramePier Angelo Vendramehttps://gitlab.torproject.org/tpo/applications/tor-browser-build/-/issues/40634Update the project/browser path in tools/changelog-format-blog-post and other...2022-10-07T10:17:01ZPier Angelo VendrameUpdate the project/browser path in tools/changelog-format-blog-post and other filesIt's still leading to tor-browser on current main, and a 404 in turn in the 12.0a3 blog post.It's still leading to tor-browser on current main, and a 404 in turn in the 12.0a3 blog post.boklmboklmhttps://gitlab.torproject.org/tpo/anti-censorship/rdsys/-/issues/127Add dropbox provider to gettor2022-10-05T13:19:15Zmeskiomeskio@torproject.orgAdd dropbox provider to gettorThe [gettor updater](https://gitlab.torproject.org/tpo/anti-censorship/rdsys/-/blob/main/doc/gettor.md) could upload Tor Browser also to a [dropbox](https://dropbox.com), like already do to other providers: https://gitlab.torproject.org/...The [gettor updater](https://gitlab.torproject.org/tpo/anti-censorship/rdsys/-/blob/main/doc/gettor.md) could upload Tor Browser also to a [dropbox](https://dropbox.com), like already do to other providers: https://gitlab.torproject.org/tpo/anti-censorship/rdsys/-/tree/main/pkg/presentation/updaters/gettorhttps://gitlab.torproject.org/tpo/anti-censorship/rdsys/-/issues/126Telegram distributor: give some guidance on how to use bridges2022-10-28T15:58:28Zmeskiomeskio@torproject.orgTelegram distributor: give some guidance on how to use bridgesProvide some information on how to use bridges when the bot hands bridges over telegram. For example the following text might work:
```
Here are your bridges:
obfs4 ...
obfs4 ...
If you are using Tor Browser:
1. Choose "☰ ▸ Settings ▸...Provide some information on how to use bridges when the bot hands bridges over telegram. For example the following text might work:
```
Here are your bridges:
obfs4 ...
obfs4 ...
If you are using Tor Browser:
1. Choose "☰ ▸ Settings ▸ Tor" to open your Tor settings.
2. In the "Bridges" section, enter your bridge in the "Provide a bridge" field.
If you don't have Tor Browser you can download it from https://torbrowser.org or if this website is blocked ask the gettor bot for it: @gettor_bot
```
The implementation of the distributor is here: https://gitlab.torproject.org/tpo/anti-censorship/rdsys/-/blob/main/pkg/presentation/distributors/telegram/telegram.gohttps://gitlab.torproject.org/tpo/anti-censorship/pluggable-transports/snowflake/-/issues/40185overflow in bandwidth reporting2022-11-21T15:34:42Ztrinity-1686aoverflow in bandwidth reportingA user reported on `#tor` they see strange bandwidth report on their snowflake proxy.
![image](/uploads/2840f9598f1d194a89058c04a84023e4/image.png)
It looks very much like an overflowed signed 32b integer. They use snowflake on raspber...A user reported on `#tor` they see strange bandwidth report on their snowflake proxy.
![image](/uploads/2840f9598f1d194a89058c04a84023e4/image.png)
It looks very much like an overflowed signed 32b integer. They use snowflake on raspberry pi 3 (64 bit), however I've heard more than one time of things going 32b on raspberries, so may be reproducible only in 32b modehttps://gitlab.torproject.org/tpo/web/community/-/issues/295Change for Vultr's stance on Tor for Good Bad ISPs page2024-02-05T21:22:54ZGhost UserChange for Vultr's stance on Tor for Good Bad ISPs page```
Company/ISP: Vultr (https://vultr.com)
ASN: -
Bridges: No
Relay: No
Exit No
Comments: "TOR exit nodes are listed, merely as an example, as part of our Sample list of Prohibited Activities. We do not support any TOR related activity o...```
Company/ISP: Vultr (https://vultr.com)
ASN: -
Bridges: No
Relay: No
Exit No
Comments: "TOR exit nodes are listed, merely as an example, as part of our Sample list of Prohibited Activities. We do not support any TOR related activity on our network, including but not limited to TOR exit relays."
Last update: 20/09/2022 (D/M/Y)
```
After contacting Vultr support, they told me that they do not permit any Tor-related activity on their network. Even if someone manages to run nodes with them without getting in trouble for now, I feel it should still be updated to let others know about their stance and the potential risk of account termination.
![supportimage](/uploads/3ead185df4d77958c05fe54795e244d3/Untitled.jpg)GusGushttps://gitlab.torproject.org/tpo/applications/tor-browser/-/issues/41279TorConnect.jsm module added in the TorSettings commit but not added to moz.bu...2022-09-06T15:58:53ZrichardTorConnect.jsm module added in the TorSettings commit but not added to moz.build until the TorConnect commitSeems like we have some leftover stuff from when these two commits were more intertwined. A cursory look suggests the `TorConnect.jsm` module implementation should be moved from the TorSettings commit ( 4c501c79aed3cb7096997355ced2869cb3...Seems like we have some leftover stuff from when these two commits were more intertwined. A cursory look suggests the `TorConnect.jsm` module implementation should be moved from the TorSettings commit ( 4c501c79aed3cb7096997355ced2869cb342d6e3 ) to the TorConnect commit ( 777c84f5211c153beb3506c362ec5a37be0d9650 ).
@pierov please close this if I'm wrong here and we do actually need the TorConnect module this early in the history
@henry otherwise, the MR for this would be a pair of fixup! commits ( see https://git-scm.com/docs/git-commit#Documentation/git-commit.txt---fixupamendrewordltcommitgt for details ), one removing module from the TorSettings commit, and one adding it in the TorConnect commit.Sponsor 131 - Phase 3 - Major ESR 102 Migrationhenryhenryhttps://gitlab.torproject.org/tpo/anti-censorship/rdsys/-/issues/118support multiple moat-shim tokens2022-12-16T12:05:21Zmeskiomeskio@torproject.orgsupport multiple moat-shim tokensRight now moat has a configuration field for a [shim_token](https://gitlab.torproject.org/tpo/anti-censorship/rdsys/-/blob/main/conf/config.json#L99) used to authenticate connections coming from the domain fronting so we provide differen...Right now moat has a configuration field for a [shim_token](https://gitlab.torproject.org/tpo/anti-censorship/rdsys/-/blob/main/conf/config.json#L99) used to authenticate connections coming from the domain fronting so we provide different bridges if is from domain fronting or from the open internet. Let's provide a list of shim-tokens so all of them are used to authenticate and provide the same kind of bridges if a valid token is provided, so other clients can have their own token.Sponsor 96: Rapid Expansion of Access to the Uncensored Internet through Tor in China, Hong Kong, & Tibetmeskiomeskio@torproject.orgmeskiomeskio@torproject.orghttps://gitlab.torproject.org/tpo/applications/tor-browser/-/issues/41164Add some #define for the base-browser section2022-10-06T00:19:32ZrichardAdd some #define for the base-browser sectionWith the first esr102 alpha we're just `#if 0`'ing out the browser elevation logic for macOS in Bug 41108.With the first esr102 alpha we're just `#if 0`'ing out the browser elevation logic for macOS in Bug 41108.Sponsor 131 - Phase 2 - Privacy Browserhttps://gitlab.torproject.org/tpo/applications/tor-browser-build/-/issues/40615Consider adding a readme to the fonts directory2023-10-03T15:38:05ZPier Angelo VendrameConsider adding a readme to the fonts directoryWe could add a readme.txt to the font directory, in which we explain users that they aren't supposed to add fonts on their own, sum up the risk, and link some FAQ page.We could add a readme.txt to the font directory, in which we explain users that they aren't supposed to add fonts on their own, sum up the risk, and link some FAQ page.Sponsor 131 - Phase 2 - Privacy Browserhttps://gitlab.torproject.org/tpo/applications/tor-browser-build/-/issues/40599Windows 32bit installer is missing many languages from the NSIS file2022-10-04T19:01:53ZDavid Fifielddcf@torproject.orgWindows 32bit installer is missing many languages from the NSIS fileThe installer file lists 56 languages,
* https://github.com/MarkCSmith/tbb-windows-installer/blob/00133b8741eb8ca34fc8153d344c7c54a5e3fae9/torbrowser.nsi#L51
but the installer only shows 26.
It looks like these are the 30 languages tha...The installer file lists 56 languages,
* https://github.com/MarkCSmith/tbb-windows-installer/blob/00133b8741eb8ca34fc8153d344c7c54a5e3fae9/torbrowser.nsi#L51
but the installer only shows 26.
It looks like these are the 30 languages that are missing, notably including TBB official languages Arabic, Farsi, Korean, Polish, Russian, Turkish, and Chinese.
```
!insertmacro MUI_LANGUAGE "SimpChinese"
!insertmacro MUI_LANGUAGE "TradChinese"
!insertmacro MUI_LANGUAGE "Japanese"
!insertmacro MUI_LANGUAGE "Korean"
!insertmacro MUI_LANGUAGE "Greek"
!insertmacro MUI_LANGUAGE "Russian"
!insertmacro MUI_LANGUAGE "Polish"
!insertmacro MUI_LANGUAGE "Ukrainian"
!insertmacro MUI_LANGUAGE "Czech"
!insertmacro MUI_LANGUAGE "Slovak"
!insertmacro MUI_LANGUAGE "Croatian"
!insertmacro MUI_LANGUAGE "Bulgarian"
!insertmacro MUI_LANGUAGE "Hungarian"
!insertmacro MUI_LANGUAGE "Thai"
!insertmacro MUI_LANGUAGE "Romanian"
!insertmacro MUI_LANGUAGE "Latvian"
!insertmacro MUI_LANGUAGE "Macedonian"
!insertmacro MUI_LANGUAGE "Estonian"
!insertmacro MUI_LANGUAGE "Turkish"
!insertmacro MUI_LANGUAGE "Lithuanian"
!insertmacro MUI_LANGUAGE "Slovenian"
!insertmacro MUI_LANGUAGE "Serbian"
!insertmacro MUI_LANGUAGE "SerbianLatin"
!insertmacro MUI_LANGUAGE "Arabic"
!insertmacro MUI_LANGUAGE "Farsi"
!insertmacro MUI_LANGUAGE "Hebrew"
!insertmacro MUI_LANGUAGE "Mongolian"
!insertmacro MUI_LANGUAGE "Albanian"
!insertmacro MUI_LANGUAGE "Belarusian"
!insertmacro MUI_LANGUAGE "Bosnian"
```Sponsor 131 - Phase 3 - Major ESR 102 Migrationhttps://gitlab.torproject.org/tpo/applications/tor-browser/-/issues/41104Visit our website link after build-to-build upgrade in Nightly channel points...2022-10-18T12:22:22ZrichardVisit our website link after build-to-build upgrade in Nightly channel points to old v2 onionAfter upgrade nightly builds have the following copy on about:tor:
----
### Tor Browser has been updated.
For the most up-to-date information about this release, [visit our website](http://f4amtbsowhix7rrf.onion/).
----
We need to u...After upgrade nightly builds have the following copy on about:tor:
----
### Tor Browser has been updated.
For the most up-to-date information about this release, [visit our website](http://f4amtbsowhix7rrf.onion/).
----
We need to upgrade this to the new v3 onionSponsor 131 - Phase 3 - Major ESR 102 MigrationPier Angelo VendramePier Angelo Vendramehttps://gitlab.torproject.org/tpo/anti-censorship/pluggable-transports/snowflake/-/issues/40167debian-testing pipeline failed2022-10-10T15:56:59ZCecylia Bocovichdebian-testing pipeline failedFailed job: https://gitlab.torproject.org/tpo/anti-censorship/pluggable-transports/snowflake/-/jobs/159231
This seems to be a problem with packaged debian dependencies. I don't think it actually has anything to do with the most recent c...Failed job: https://gitlab.torproject.org/tpo/anti-censorship/pluggable-transports/snowflake/-/jobs/159231
This seems to be a problem with packaged debian dependencies. I don't think it actually has anything to do with the most recent commit. But rather that the pipeline hasn't been triggered for a while now. The last time it was run (and passed) [was a month ago](https://gitlab.torproject.org/tpo/anti-censorship/pluggable-transports/snowflake/-/jobs/147158).
The exact error is:
```
$ apt-get -qy install --no-install-recommends build-essential ca-certificates git golang golang-github-cheekybits-genny-dev golang-github-jtolds-gls-dev golang-github-klauspost-reedsolomon-dev golang-github-lucas-clemente-quic-go-dev golang-github-smartystreets-assertions-dev golang-github-smartystreets-goconvey-dev golang-github-tjfoc-gmsm-dev golang-github-xtaci-kcp-dev golang-github-xtaci-smux-dev golang-golang-x-crypto-dev golang-golang-x-net-dev golang-goptlib-dev golang-golang-x-sys-dev golang-golang-x-text-dev golang-golang-x-xerrors-dev lbzip2
Reading package lists...
Building dependency tree...
Reading state information...
E: Unable to locate package golang-github-xtaci-kcp-dev
```meskiomeskio@torproject.orgmeskiomeskio@torproject.orghttps://gitlab.torproject.org/tpo/applications/tor-browser/-/issues/41075The Tor Browser is showing caution sign but your document said it won't2023-06-29T15:15:51ZcypherpunksThe Tor Browser is showing caution sign but your document said it won'thttps://support.torproject.org/onionservices/onionservices-5/
Above support document shows that `The Onion Service is served over HTTPS with a Self-Signed certificate.` WILL NOT show caution sign.
However when I visit HTTPS onion sig...https://support.torproject.org/onionservices/onionservices-5/
Above support document shows that `The Onion Service is served over HTTPS with a Self-Signed certificate.` WILL NOT show caution sign.
However when I visit HTTPS onion signed with self-sign AND `not expired` AND `not wrong domain` the Tor Browser 11.5 clealy shows this:
```
Warning: Potential Security Risk Ahead
Tor Browser detected a potential security threat and did not continue to www.REDACTED.onion. If you visit this site, attackers could try to steal information like your passwords, emails, or credit card details.
What can you do about it?
The issue is most likely with the website, and there is nothing you can do to resolve it.
If you are on a corporate network or using anti-virus software, you can reach out to the support teams for assistance. You can also notify the website’s administrator about the problem.
```
Advanced ---> AcceptContinue
- Result: **An onion with caution sign**
Why is this? Can you fix this already? To repeat, this is NOT certificate's mistake.Dan BallardDan Ballardhttps://gitlab.torproject.org/tpo/applications/tor-browser-build/-/issues/40585Prune the manual more2022-10-12T18:31:41ZPier Angelo VendramePrune the manual moreWe have had an increase in TBB size, and it's partly due to the manual.
We should remove webfonts because they are not even rendered (7.9MB uncompressed), there are not minimized JS and CSS, and we should see if we can remove some image...We have had an increase in TBB size, and it's partly due to the manual.
We should remove webfonts because they are not even rendered (7.9MB uncompressed), there are not minimized JS and CSS, and we should see if we can remove some images.
We can remove what we don't need with the script that packs the manual (it just copies the static files).Sponsor 131 - Phase 3 - Major ESR 102 MigrationPier Angelo VendramePier Angelo Vendramehttps://gitlab.torproject.org/tpo/applications/tor-browser/-/issues/41049QR codes in connection settings aren't recognized by some readers in dark theme2022-07-27T15:30:51ZWofWcawofwca@protonmail.comQR codes in connection settings aren't recognized by some readers in dark themeSome readers don't recognize QR codes with inverted colors. You may call it a "you" problem, but still.
Here's the responsible code:
* https://gitlab.torproject.org/tpo/applications/tor-browser/-/blob/b2ffba38205d148463a9471e866e5e9dc8...Some readers don't recognize QR codes with inverted colors. You may call it a "you" problem, but still.
Here's the responsible code:
* https://gitlab.torproject.org/tpo/applications/tor-browser/-/blob/b2ffba38205d148463a9471e866e5e9dc8d37673/browser/components/torpreferences/content/bridgeQrDialog.jsm#L30-31
* https://gitlab.torproject.org/tpo/applications/tor-browser/-/blob/b2ffba38205d148463a9471e866e5e9dc8d37673/browser/components/torpreferences/content/connectionPane.js#L605-606
Simply hard-coding black and white (or keeping the default ones) regardless of theme wouldn't help because the image is drawn directly on top of dark/light background, depending on color theme, which makes it unreadable if the background is dark. Although we could add a padding element with white background.
Or we could just wait until all readers start recognizing inverted QRs.
Similar issue in another project: https://github.com/bennyguitar/BTCDonationViewController/issues/1#issuecomment-39025558
If you agree that we should hard-code black and white, then I'd like to implement it.Tor Browser 12.0WofWcawofwca@protonmail.comWofWcawofwca@protonmail.com