The Tor Project issueshttps://gitlab.torproject.org/groups/tpo/-/issues2023-03-13T16:31:23Zhttps://gitlab.torproject.org/tpo/applications/tor-browser/-/issues/41334Mockup the browser chrome of the privacy browser2023-03-13T16:31:23ZdonutsMockup the browser chrome of the privacy browserThe browser chrome won't be very different from Tor Browser's, save for the omission of Tor Network-specific elements like the circuit display, onion site icons, ".onion site available" pill, etc. However we should check-in on toolbar ic...The browser chrome won't be very different from Tor Browser's, save for the omission of Tor Network-specific elements like the circuit display, onion site icons, ".onion site available" pill, etc. However we should check-in on toolbar icons (specifically new identity), and any extensions that may be bundled in the final privacy browser.Sponsor 131 - Phase 2 - Privacy Browserdonutsdonutshttps://gitlab.torproject.org/tpo/applications/tor-browser/-/issues/41331Create horizontal logo lockup for the privacy browser2022-12-17T15:22:42ZdonutsCreate horizontal logo lockup for the privacy browserOnce an application icon has been created in https://gitlab.torproject.org/tpo/applications/tor-browser/-/issues/41168, we'll need to add some logotype reading "Mullvad Browser" to create a full logo lockup. The logotype and rough compos...Once an application icon has been created in https://gitlab.torproject.org/tpo/applications/tor-browser/-/issues/41168, we'll need to add some logotype reading "Mullvad Browser" to create a full logo lockup. The logotype and rough composition should match that used by the Mullvad VPN, i.e.:
- [MullvadVPN_logo_Landscape_RGB_BW_positive](/uploads/83dcc140441b04f3f4eef226ae638ee4/MullvadVPN_logo_Landscape_RGB_BW_positive.png)
SVG and EPS formatted versions of the above logo can be found here: https://mullvad.net/en/press/
The full lockup will likely be used on the successor to `about:tor` (pending its design), the Mullvad website, in release posts and social media/promotional posts. However, we'll need separate assets for the `About > Browser` window, i.e.:
- [about-firefox](/uploads/2859ec3739e389bfe01f7a96df2326f8/about-firefox.png)Sponsor 131 - Phase 2 - Privacy Browserhttps://gitlab.torproject.org/tpo/anti-censorship/pluggable-transports/snowflake/-/issues/40203Restore firewall rules on snowflake-01 (minus conntrack)2023-10-06T03:11:45ZDavid Fifielddcf@torproject.orgRestore firewall rules on snowflake-01 (minus conntrack)In tpo/anti-censorship/pluggable-transports/snowflake#40189 we disabled conntrack
by removing the firewall rules.
We should restore a sensible firewall configuration,
minus the conntrack rules,
if it proves not to harm performance.
/cc ...In tpo/anti-censorship/pluggable-transports/snowflake#40189 we disabled conntrack
by removing the firewall rules.
We should restore a sensible firewall configuration,
minus the conntrack rules,
if it proves not to harm performance.
/cc @linusLinus Nordberglinus@torproject.orgLinus Nordberglinus@torproject.orghttps://gitlab.torproject.org/tpo/anti-censorship/pluggable-transports/snowflake-webext/-/issues/59Snowflake is off - Could not connect to the bridge.2023-03-08T12:05:04ZcypherpunksSnowflake is off - Could not connect to the bridge.I am getting the "Snowflake is off - Could not connect to the bridge" message when I use the webextension in Opera, Chrome and the one that I have embedded on my website. I have tried to bin my extension and then download and activate it...I am getting the "Snowflake is off - Could not connect to the bridge" message when I use the webextension in Opera, Chrome and the one that I have embedded on my website. I have tried to bin my extension and then download and activate it again and I still get the same message. It has worked fine for four days before crashing.
What to do and try now?
Best
Ehttps://gitlab.torproject.org/tpo/applications/tor-browser-build/-/issues/40630Update builtin bridges from Circumvention Settings API2022-12-22T11:22:11Zmeskiomeskio@torproject.orgUpdate builtin bridges from Circumvention Settings APIRight now to update the builtin bridges we need to make a Tor Browser release, it would be nice if TB automatically updates them using [Circumvention Settings API](https://gitlab.torproject.org/tpo/anti-censorship/rdsys/-/blob/main/doc/m...Right now to update the builtin bridges we need to make a Tor Browser release, it would be nice if TB automatically updates them using [Circumvention Settings API](https://gitlab.torproject.org/tpo/anti-censorship/rdsys/-/blob/main/doc/moat.md#circumventionbuiltin).
There are two concerns I have about it:
* Users will not be happy with TB making a call to an external API without giving some consent about it.
* We don't want to make easier for censors to notice you are using Tor because of that.
I think it makes sense to update when we do other connections to moat (Connect Assist, captcha bridges, ...), I assume user has already consent to do a request to the API on those cases and having an extra connection over the domain fronting should not make it more noticeable than it already is. We could store when was the last time we had updated them, and don't update them is they are fresh (maybe 24h is a good freshness).
An extra that would be nice is to ask the user if they want to refresh the builtin bridges when they click on Settings to *Select a Built-In Bridge*. I think we should only ask if bridges hasn't being refreshed for a while (maybe 7days). The confirmation popup could have a check box with 'remember that option' or something like that, so the following times they enable builtin bridges we refresh or not without asking (if the bridges hasn't being refreshed in 7days).Sponsor 96: Rapid Expansion of Access to the Uncensored Internet through Tor in China, Hong Kong, & Tibethttps://gitlab.torproject.org/tpo/tpa/team/-/issues/40908reverse DNS broken at cymru2022-10-11T14:13:27Zanarcatreverse DNS broken at cymrui just opened a ticket with cymru named "URGENT: reverse DNS for 38.229.82.0/24 broken", it was assigned the ticket number CST-316.
i noticed this while trying to launch gettor-rdsys (#40789), mails would fail to route to eugeni with:
...i just opened a ticket with cymru named "URGENT: reverse DNS for 38.229.82.0/24 broken", it was assigned the ticket number CST-316.
i noticed this while trying to launch gettor-rdsys (#40789), mails would fail to route to eugeni with:
```
host eugeni.torproject.org[49.12.57.136] said: 450 4.7.25 Client host rejected: cannot find your hostname, [38.229.82.36] (in reply to RCPT TO command)
```
and indeed reverse DNS is broken on that IP... hell, here's a copy of the ticket i sent to cymru:
> ```
> anarcat@curie:~$ host 38.229.82.36
> Host 36.82.229.38.in-addr.arpa. not found: 3(NXDOMAIN)
> anarcat@curie:~[1]$
> ```
>
> It looks like the entire zone delegation was removed:
>
> ```
> anarcat@curie:~$ dig -x 38.229.82.36
>
> ; <<>> DiG 9.16.33-Debian <<>> -x 38.229.82.36
> ;; global options: +cmd
> ;; Got answer:
> ;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 56474
> ;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1
>
> ;; OPT PSEUDOSECTION:
> ; EDNS: version: 0, flags:; udp: 1232
> ;; QUESTION SECTION:
> ;36.82.229.38.in-addr.arpa. IN PTR
>
> ;; AUTHORITY SECTION:
> 82.229.38.in-addr.arpa. 3355 IN SOA ns1.cymru.com. empty.empty. 39 3600 600 1209600 3600
>
> ;; Query time: 52 msec
> ;; SERVER: 1.1.1.1#53(1.1.1.1)
> ;; WHEN: Wed Sep 28 10:24:27 EDT 2022
> ;; MSG SIZE rcvd: 114
> ```
>
> 38.229.82.0/24 used to be delegated to tor's nameservers, which are:
>
> ```
> torproject.org. 86400 IN NS ns1.torproject.org.
> torproject.org. 86400 IN NS ns3.torproject.org.
> torproject.org. 86400 IN NS ns4.torproject.org.
> torproject.org. 86400 IN NS ns5.torproject.org.
> torproject.org. 86400 IN NS nsp.dnsnode.net.
> ```
>
> this is causing an outage on our end as servers in that cluster are
> having trouble delivering mail.anarcatanarcat2022-10-11https://gitlab.torproject.org/tpo/tpa/team/-/issues/40893Set up machine/VM to run Tor Weather on2022-12-21T07:25:43ZGeorg KoppenSet up machine/VM to run Tor Weather onWe just finished the [GSoC project to re-write Tor Weather](https://gitlab.torproject.org/sarthikg/tor-weather) and we would like to deploy the result now with weather.torproject.org as the respective domain.
@sarthikg: could you make a...We just finished the [GSoC project to re-write Tor Weather](https://gitlab.torproject.org/sarthikg/tor-weather) and we would like to deploy the result now with weather.torproject.org as the respective domain.
@sarthikg: could you make a list of things we'd need to have available on a new machine/in a new VM to have Tor Weather running properly? And maybe some spec that VM/machine? Thanks!
/cc @hirohttps://gitlab.torproject.org/tpo/tpa/team/-/issues/40873Sending gitlab comments by emails is not working2022-12-05T15:19:19ZboklmSending gitlab comments by emails is not workingI wrote some comment for tpo/applications/tor-browser-build!509 by answering an email a few days ago (on 2022-08-22), and today answered a comment on #40872 by email, but they did not get posted. So it looks like sending comments by emai...I wrote some comment for tpo/applications/tor-browser-build!509 by answering an email a few days ago (on 2022-08-22), and today answered a comment on #40872 by email, but they did not get posted. So it looks like sending comments by emails is not working anymore.anarcatanarcathttps://gitlab.torproject.org/tpo/tpa/team/-/issues/40851Add dan and ma1 to correct groups2022-08-18T21:33:19ZPier Angelo VendrameAdd dan and ma1 to correct groups@dan and @ma1 need to be on the right groups to access the build servers. Could you add them, please?
The additional groups of my account are:
```
tbb-nightlies tb-tester tb-builder
```
We're not sure about what the first two do, though.@dan and @ma1 need to be on the right groups to access the build servers. Could you add them, please?
The additional groups of my account are:
```
tbb-nightlies tb-tester tb-builder
```
We're not sure about what the first two do, though.anarcatanarcathttps://gitlab.torproject.org/tpo/applications/vpn/-/issues/31Request bridge support2024-01-31T17:36:42Zmicahmicah@torproject.orgRequest bridge supportWhen a user cannot connect to Tor due to censorship and the built-in bridges don’t work, then they should be able to request a bridge as an alternative to the built-in bridges.When a user cannot connect to Tor due to censorship and the built-in bridges don’t work, then they should be able to request a bridge as an alternative to the built-in bridges.VPN pre-alpha 04cybertacybertahttps://gitlab.torproject.org/tpo/ux/research/-/issues/100Users find it difficult to differentiate between Tor Browser's various bridge...2023-05-10T21:46:19ZdonutsUsers find it difficult to differentiate between Tor Browser's various bridge optionsDuring usability testing of Connection Settings conducted in tpo/ux/research#52 & tpo/ux/research#78 participants who elected to select a bridge manually tended to try the various options at random.
For the most part, the options are pl...During usability testing of Connection Settings conducted in tpo/ux/research#52 & tpo/ux/research#78 participants who elected to select a bridge manually tended to try the various options at random.
For the most part, the options are placed in the order it's most useful to try them in:
1. Select a built-in bridge
1. obfs4
2. snowflake
3. meek-azure
2. Request a bridge from torproject.org
3. Provide a bridge manually
However we don't communicate that explicitly to the user.
The redesign conducted in https://gitlab.torproject.org/tpo/applications/tor-browser/-/issues/41080 also attempted to improve the UX by tidying away the inputs into separate dialogues, and by has provided extra space for descriptions to accompany each bridge option within the dialogues themselves. I think it would be worthwhile reviewing the descriptions added for built-in-bridges, looking for potential improvements, and to consider adding similar descriptions to the request a bridge and provide a bridge dialogues.Sponsor 30 - Objective 3.5https://gitlab.torproject.org/tpo/tpa/team/-/issues/40839crm-int-01 disk space issues2022-10-12T22:36:52Zanarcatcrm-int-01 disk space issuescrm-int-01 disk usage has been pretty flaky historically, but we've had especially bad situations recently, where it completely ran out of disk space two weeks ago, leading to a full crash (#34098).
let's fix this situation.
disk usage...crm-int-01 disk usage has been pretty flaky historically, but we've had especially bad situations recently, where it completely ran out of disk space two weeks ago, leading to a full crash (#34098).
let's fix this situation.
disk usage history in the last year of crm-int-01:
![image](/uploads/f58ba5e501f3ed4389d3954da16a6870/image.png)
AKA:
* 20GB was added to /srv in december
* space on / has always been tight
* cleanups were done in october and december, but it's still increasing linearily
* /srv is irregular and unpredictable
conclusion:
* let's double the size of `/` to give us another year or more
* let's take up the available space in the PV for `/srv` and advise with service admin
also, regarding service-specific stuff (AKA /cc @eric), here are the big disk sinks i could find:
- [x] 12GB: mysql watchdog table in the prod database (!): maybe it should be purged regularly?
- [x] 3.6GB: `/srv/crm.torproject.org/htdocs-staging/sites/all/modules/custom/tor_donation/donation_processor.log`: is there a way we could rotate that logfile somehow? do you want me to hook a logrotate in there? what service generates this? it looks like we have records starting from 2021-05-27 in there, more than a year ago!
- [x] 3GB: `/srv/openflows/opt/openflows/ebudsbacks/torcivicrm.torproject.org`
- [x] 1.4GB: `/home/ericg`anarcatanarcathttps://gitlab.torproject.org/tpo/applications/tor-browser/-/issues/41079Remove "make Tor Browser the default browser" from settings2022-07-26T17:38:59ZWofWcawofwca@protonmail.comRemove "make Tor Browser the default browser" from settings![image](/uploads/ff88bc19e120f2aabe6f1a9116bb4cd5/image.png)
A.k.a. "Always check if Tor Browser is your default browser", "Tor Browser is not your default browser", "Make Default..."
From what [I've heard](https://gitlab.torproject.o...![image](/uploads/ff88bc19e120f2aabe6f1a9116bb4cd5/image.png)
A.k.a. "Always check if Tor Browser is your default browser", "Tor Browser is not your default browser", "Make Default..."
From what [I've heard](https://gitlab.torproject.org/tpo/applications/tor-browser/-/issues/40655), it's not possible to make Tor the default browser (sigh), so this thing doesn't do anything and confuses users.
Apparently there is the `HAVE_SHELL_SERVICE` that controls whether it is shown. Maybe we could add a new condition and rename it, or simply set it to `false`, but the latter could break [other stuff](https://gitlab.torproject.org/tpo/applications/tor-browser/-/blob/a9f1b8620a9c5b6b36bdcec3eb75b63e6dce4cb0/browser/base/content/nsContextMenu.js#L607-616)
* https://gitlab.torproject.org/tpo/applications/tor-browser/-/blob/a9f1b8620a9c5b6b36bdcec3eb75b63e6dce4cb0/browser/components/preferences/main.inc.xhtml#L40-61
* https://gitlab.torproject.org/tpo/applications/tor-browser/-/blob/a9f1b8620a9c5b6b36bdcec3eb75b63e6dce4cb0/browser/components/preferences/main.js#L1295-1299https://gitlab.torproject.org/tpo/applications/tor-browser/-/issues/41073Hight CPU usage for View-source URI scheme2022-10-02T20:12:46ZcypherpunksHight CPU usage for View-source URI schemeTorBrowser: 11.5
Security Level: Safest
view-source:https://forum.torproject.net/
CPU usage: 100%TorBrowser: 11.5
Security Level: Safest
view-source:https://forum.torproject.net/
CPU usage: 100%https://gitlab.torproject.org/tpo/applications/tor-browser/-/issues/41064After crashing of single tabs, total crash of tor browser (segmentation fault)2023-01-31T20:32:59ZSamdneyAfter crashing of single tabs, total crash of tor browser (segmentation fault)### Summary
For about two months, several times I encountered the following situation:
At first single tabs crashed, shortly after restoring tab, the same tab crashes again. Also the other tabs tend to start crashing.
After several tabs ...### Summary
For about two months, several times I encountered the following situation:
At first single tabs crashed, shortly after restoring tab, the same tab crashes again. Also the other tabs tend to start crashing.
After several tabs crashings and restoring, finally the whole browser crashes.
Restarting of the browser doesn't work. No GUI appears.
### Steps to reproduce:
That only happens from time to time. Couldn't see anything which triggers this behaviour.
### What is the current bug behavior?
Crashing tabs. Crashing browser. No restart of browser possible.
### What is the expected behavior?
No crashing.
### Environment
Arch linux - up to date. Tor browser download from torproject website.
### Relevant logs and/or screenshots
Verbose output for trying to restart after browser crash. Browser doesn't start again. Final error: Segementation fault (core dumped)
P.S. How can I add line breaks in this markdown code environment, here? My usual method (three empty spaces at the end of the line doesn't seem to work)
<code>
$ ./start-tor-browser.desktop --verbose
Launching './Browser/start-tor-browser --detach --verbose'...
Fontconfig warning: "/XXX/tor-browser-linux64-11.0.14_en-US/tor-browser_en-US/Browser/TorBrowser/Data/fontconfig/fonts.conf", line 37: Use of ambiguous path in <dir> element. please add prefix="cwd" if current behavior is desired.
Fontconfig warning: "/XXX/tor-browser-linux64-11.0.14_en-US/tor-browser_en-US/Browser/TorBrowser/Data/fontconfig/fonts.conf", line 85: unknown element "blank"
Jul 19 19:25:51.972 [notice] Tor 0.4.7.8 (git-7528524aee3ffe3c) running on Linux with Libevent 2.1.12-stable, OpenSSL 1.1.1o, Zlib 1.2.12, Liblzma N/A, Libzstd N/A and Glibc 2.35 as libc.
Jul 19 19:25:51.972 [notice] Tor can't help you if you use it wrong! Learn how to be safe at https://support.torproject.org/faq/staying-anonymous/
Jul 19 19:25:51.973 [notice] Read configuration file "/XXX/tor-browser-linux64-11.0.14_en-US/tor-browser_en-US/Browser/TorBrowser/Data/Tor/torrc-defaults".
Jul 19 19:25:51.973 [notice] Read configuration file "/XXX/tor-browser-linux64-11.0.14_en-US/tor-browser_en-US/Browser/TorBrowser/Data/Tor/torrc".
Jul 19 19:25:51.974 [notice] Opening Control listener on 127.0.0.1:9151
Jul 19 19:25:51.974 [notice] Opened Control listener connection (ready) on 127.0.0.1:9151
Jul 19 19:25:51.974 [notice] DisableNetwork is set. Tor will not make or accept non-control network connections. Shutting down all existing connections.
Jul 19 19:25:51.000 [notice] Parsing GEOIP IPv4 file /XXX/tor-browser-linux64-11.0.14_en-US/tor-browser_en-US/Browser/TorBrowser/Data/Tor/geoip.
Jul 19 19:25:52.000 [notice] Parsing GEOIP IPv6 file /XXX/tor-browser-linux64-11.0.14_en-US/tor-browser_en-US/Browser/TorBrowser/Data/Tor/geoip6.
Jul 19 19:25:52.000 [notice] Bootstrapped 0% (starting): Starting
Jul 19 19:25:52.000 [notice] Delaying directory fetches: DisableNetwork is set.
Jul 19 19:25:52.000 [notice] Starting with guard context "default"
Jul 19 19:25:52.000 [notice] New control connection opened from 127.0.0.1.
Fontconfig warning: "/XXX/tor-browser-linux64-11.0.14_en-US/tor-browser_en-US/Browser/TorBrowser/Data/fontconfig/fonts.conf", line 37: Use of ambiguous path in <dir> element. please add prefix="cwd" if current behavior is desired.
Fontconfig warning: "/XXX/tor-browser-linux64-11.0.14_en-US/tor-browser_en-US/Browser/TorBrowser/Data/fontconfig/fonts.conf", line 85: unknown element "blank"
Jul 19 19:25:53.000 [notice] New control connection opened from 127.0.0.1.
Jul 19 19:25:53.000 [notice] New control connection opened from 127.0.0.1.
Jul 19 19:25:53.000 [notice] New control connection opened from 127.0.0.1.
Fontconfig warning: "/XXX/tor-browser-linux64-11.0.14_en-US/tor-browser_en-US/Browser/TorBrowser/Data/fontconfig/fonts.conf", line 37: Use of ambiguous path in <dir> element. please add prefix="cwd" if current behavior is desired.
Fontconfig warning: "/XXX/tor-browser-linux64-11.0.14_en-US/tor-browser_en-US/Browser/TorBrowser/Data/fontconfig/fonts.conf", line 85: unknown element "blank"
Exiting due to channel error.
Jul 19 19:25:55.000 [notice] Owning controller connection has closed -- exiting now.
Jul 19 19:25:55.000 [notice] Catching signal TERM, exiting cleanly.
Exiting due to channel error.
./Browser/start-tor-browser: Zeile 362: 195555 Speicherzugriffsfehler (Speicherabzug geschrieben) TOR_CONTROL_PASSWD=${TOR_CONTROL_PASSWD} ./firefox --class "Tor Browser" -profile TorBrowser/Data/Browser/profile.default "${@}" < /dev/null
</code>https://gitlab.torproject.org/tpo/applications/tor-browser/-/issues/41061Bridges lost after 11.5 update2022-07-22T15:16:15ZcypherpunksBridges lost after 11.5 updateAfter autoupdating TBB from 11.0 to 11.5 bridges previously configured in it disappeared.After autoupdating TBB from 11.0 to 11.5 bridges previously configured in it disappeared.https://gitlab.torproject.org/tpo/applications/tor-browser/-/issues/41060Figuring out how to connect after configuring a bridge is a pain point2023-05-10T21:45:20ZdonutsFiguring out how to connect after configuring a bridge is a pain pointUsability testing of the Connection settings redesign conducted in https://gitlab.torproject.org/tpo/ux/research/-/issues/52 & https://gitlab.torproject.org/tpo/ux/research/-/issues/78 has highlighted a pain point: some participants foun...Usability testing of the Connection settings redesign conducted in https://gitlab.torproject.org/tpo/ux/research/-/issues/52 & https://gitlab.torproject.org/tpo/ux/research/-/issues/78 has highlighted a pain point: some participants found it difficult to figure out the next step after configuring a bridge. Often they seem to pause after clicking the blue `OK` button, presumably believing that this is enough to connect.
At present, these users need to either:
1. Scroll back up to the purple banner at the top of the page, and click `Connect` – or:
2. Return to `about:torconnect` and click `Connect` there.
However neither of these routes are obvious initially.Sponsor 30 - Objective 3.5NahNahhttps://gitlab.torproject.org/tpo/applications/tor-browser/-/issues/41047Tor Browser Linux - X.org maxing to 100% when Tor Borwser window restored fre...2022-11-08T20:39:13Zmj162Tor Browser Linux - X.org maxing to 100% when Tor Borwser window restored freezing the entire display### Summary
Upon mapping the display after a long time minimised, the entire display freezes and X.org maxes at 100% load.
### Steps to reproduce
1. Step 1. Minimise Tor Browser
2. Step 2. After an extended time e.g 1 day, restore the...### Summary
Upon mapping the display after a long time minimised, the entire display freezes and X.org maxes at 100% load.
### Steps to reproduce
1. Step 1. Minimise Tor Browser
2. Step 2. After an extended time e.g 1 day, restore the browser from the dock/taskbar etc.
### Current behaviour
When restoring Tor Browser from minimised state after the browser has been minimised for many hours (e.g. a day or two), it takes a long time (10s+) for the browser window to be mapped. during which time the X server process (X.org on Ubuntu 16.04 LTS) is CPU bound at 100% for the core, and the display freezes. Other processes continue running, for example if sound is being streamed, e.g., from an internet radio, streaming continues unaffected).
### Expected behaviour
Restoring a window does not lock the display for several seconds with the load meter showing X.org running at 100%.
### Environment
Tor Browser 11.10.14
Linux 16.04 LTS
### Additional
1. As the desktop is flash-based and has no swap file, it seems reasonable to eliminate swapping.
2. As all X fonts available to the X server are local, it also seems reasonable to eliminate xfs.https://gitlab.torproject.org/tpo/network-health/team/-/issues/250Capture telemetry about bootstrapping times by PT configuration in censored r...2022-12-15T11:42:23ZdonutsCapture telemetry about bootstrapping times by PT configuration in censored regionsAs part of the [Sponsor 96 project](https://gitlab.torproject.org/groups/tpo/-/milestones/24) we've implemented a new feature in Tor Browser called Connection Assist (historically referred to as [mostly] automatic censorship detection), ...As part of the [Sponsor 96 project](https://gitlab.torproject.org/groups/tpo/-/milestones/24) we've implemented a new feature in Tor Browser called Connection Assist (historically referred to as [mostly] automatic censorship detection), which gives users the option of trying a second bootstrap after the first fails due to censorship of the Tor Network. During the second bootstrap, Tor Browser looks up the user's location via a new moat API, and returns a short shopping list of bridge configurations to try in order (see [circumvention.json](https://gitlab.torproject.org/tpo/anti-censorship/rdsys-admin/-/blob/main/conf/circumvention.json)), that should circumvent Tor Network blocking in their country.
In addition to Tor Browser, OnionShare will also implement the censorship circumvention API – and other Tor-powered apps will likely follow suit in future too.
However, bootstrapping times in the target regions for S96 (specifically China & Tibet, rather than Hong Kong) remain a source of concern. Long bootsrapping times create uncertainty over whether or not Tor is actually connecting, or is stuck in a state of infinite bootstrapping (which we've observed too, see: https://gitlab.torproject.org/tpo/applications/tor-browser/-/issues/40970).
We're currently considering a number of workarounds to help alleviate these issues, including (for example):
- Displaying contextual hints about bootstrapping times by region and PT to help set user expectations
- Providing encouragement when Tor has been stuck at the same bootstrapping step for X amount of time
- Introducing timeouts which display non-blocking errors, the duration of which will need to be set per-region (thus providing a means to escape from the dreaded infinite bootstrap issue)
Given the above, it would be useful to measure bootstrapping times by PT/bridge configuration in censored regions. OONI already includes this measurement in their Snowflake tests, [see this example](https://explorer.ooni.org/measurement/20220615T081636Z_torsf_CN_9808_n1_kW4lyakvsSN7XhIG) for instance.
In addition, there may be an opportunity to improve how we collect data about working PT/bridge configurations in order to keep the circumvention.json up to date and as effective as possible.
Three options have been proposed so far:
1. Capturing telemetry about bootstrapping at the network level, i.e. on metrics.torproject.org
2. Adding additional tests to vantage points in the target regions
3. Measuring bootstrapping at the application level, e.g. by implementing cleaninsights.org in Tor Browser, OnionShare etc.Sponsor 96: Rapid Expansion of Access to the Uncensored Internet through Tor in China, Hong Kong, & Tibethttps://gitlab.torproject.org/tpo/web/tpo/-/issues/312Update downloads web-page to include 'tor-expert-bundle' for all our platforms2023-01-18T19:09:52ZrichardUpdate downloads web-page to include 'tor-expert-bundle' for all our platformsWe will be closing in on fixing https://gitlab.torproject.org/tpo/applications/tor-browser-build/-/issues/40397 soon which will provide archives containing tor + pluggable transport bins for all of the platforms currently supported by To...We will be closing in on fixing https://gitlab.torproject.org/tpo/applications/tor-browser-build/-/issues/40397 soon which will provide archives containing tor + pluggable transport bins for all of the platforms currently supported by Tor Browser. We will need to update the website to make discovering these packages easy for developers.