The Tor Project issueshttps://gitlab.torproject.org/groups/tpo/-/issues2020-10-26T18:06:14Zhttps://gitlab.torproject.org/tpo/ux/research/-/issues/14Include an instant feedback link in RT responses2020-10-26T18:06:14ZAntonelaantonela@torproject.orgInclude an instant feedback link in RT responsesWe want to understand why users are not replying back our RT responses related with bridges. This can be extended to any other responses eg. installing Tor Browser.We want to understand why users are not replying back our RT responses related with bridges. This can be extended to any other responses eg. installing Tor Browser.Sponsor 30 - Objective 3.2Antonelaantonela@torproject.orgAntonelaantonela@torproject.orghttps://gitlab.torproject.org/tpo/applications/tor-browser/-/issues/28556Detect other installed circumvention tools and offer them as transports2022-07-09T19:01:37ZRoger DingledineDetect other installed circumvention tools and offer them as transportsIf the Tor Browser user has Lantern installed on the system too, and direct Tor traffic is blocked, wouldn't it be cool to offer the user the option to send their Tor traffic via Lantern into the Tor network?
More broadly, many tools f...If the Tor Browser user has Lantern installed on the system too, and direct Tor traffic is blocked, wouldn't it be cool to offer the user the option to send their Tor traffic via Lantern into the Tor network?
More broadly, many tools focus on "access" rather than Tor's more comprehensive goal of "safe access", and while each of them offers tradeoffs around performance, reliability, and safety, it seems like a net win to make it straightforward for Tor Browser (via the pluggable transport selection menu) to route through them if they're present.
One stumbling block: some of these access tools try to make it hard for other processes on the system to notice that they're present. I hear Lantern is one of those -- it uses simple techniques like randomizing its proxy port, but it doesn't currently use more sophisticated approaches like changing its process name. But "detecting apps that don't want to be detected" doesn't seem like a fun arms race for Tor Browser to get into.
Another stumbling block: some of these access tools are centralized, which makes it sketchier to route traffic through them. But we already accept exactly this tradeoff in the case of meek, so I'm ok with this angle.
So, to make this ticket more concrete:
* Let's make a list of other "access" tools in our space that we'd like to play well with.
* Then let's ask each of them if they'd like to offer some API for us to detect their presence and learn how exactly to use them (similar to Tor's "ControlPortWriteToFile" config option, which writes out a file with parameters on how to interact with the running Tor).
* Assuming the resulting set isn't empty, let's teach Tor Launcher how to configure Tor to use them, and add the option(s) to Tor Browser's pluggable transport menu.
(The VPN interfaces are I think different from this idea, since in that world they already have the notion of either selecting what apps to capture traffic from, or they just ask to capture all traffic. So there's nothing the Tor Browser needs to do for those cases. Unless I'm wrong?)Sponsor 30 - Objective 3.2https://gitlab.torproject.org/tpo/applications/tor-browser/-/issues/14638Make it easier to add a bridge in network settings2022-07-09T19:10:31ZNima FatemiMake it easier to add a bridge in network settingssee this mockup: https://people.torproject.org/~nima/ux/network-settings-bridges.jpg
few ideas to do this:
- have a drop down menu for different types of bridges.
- auto validate the format of the bridge
- find a way to check if the ty...see this mockup: https://people.torproject.org/~nima/ux/network-settings-bridges.jpg
few ideas to do this:
- have a drop down menu for different types of bridges.
- auto validate the format of the bridge
- find a way to check if the type of the bridge matches the ip:port and let the user know if they've done something wrong.
- confirm that the settings have been applied and Tor browser is in fact going to try to connect through the entered bridges.
- dont put the previously entered bridges in an (or same) input text; allow them to only remove them.
- perhaps add a date stamp of when they added the bridge? sometimes users add a bridge and they forget about it, till the bridge stops working and their connection is broken and they dont know why.Sponsor 30 - Objective 3.2