The Tor Project issueshttps://gitlab.torproject.org/groups/tpo/-/issues2023-04-03T16:39:16Zhttps://gitlab.torproject.org/tpo/core/tor/-/issues/26646add support for multiple OutboundBindAddressExit IP(ranges)2023-04-03T16:39:16Znusenuadd support for multiple OutboundBindAddressExit IP(ranges)tor has support for dedicated outbound IP addresses
for on exit relays via OutboundBindAddressExit.
This parameter supports only a single IPv4 and a single IPv6 address.
I propose to add an extension of this feature to support IPv4 and ...tor has support for dedicated outbound IP addresses
for on exit relays via OutboundBindAddressExit.
This parameter supports only a single IPv4 and a single IPv6 address.
I propose to add an extension of this feature to support IPv4 and IPv6
ranges/prefixes.
The idea is to assign an IP address to each tor circuit. The exit IP
address must never change during the lifetime of the circuit.
Exit IP addresses would be randomly assigned to circuits. Once
the exit runs out of IPs it cycles through his pool of IPs again.
With IPv6 address space availability this can take a long time
with IPv4 it will be limited.
This aims to reduce the negative impact of few "bad" users on many "good"
users since they will not share the same IP address on the exit.
This might also have some negative? side effect since
it demultiplexes tor clients to multiple source IPs on the exit
and an external observer (not running the exit itself)
can tell clients apart by looking at source IPs.
Instead of doing it on the circuit level you could do it
based on time. Change the exit IP every 5 minutes (but
do _not_ change the exit IPs for _existing_ circuits even if they
live longer than 5 minutes).
https://lists.torproject.org/pipermail/tor-dev/2018-March/013036.htmlTor: 0.4.8.x-freezeAlexander Færøyahf@torproject.orgAlexander Færøyahf@torproject.orghttps://gitlab.torproject.org/tpo/core/torspec/-/issues/190Add congestion control related consensus paramenters to params-spec.txt2023-04-12T14:45:57ZGeorg KoppenAdd congestion control related consensus paramenters to params-spec.txtWhile going over some recent sbws MR I was trying to figure out what actually the `bwscanner_cc` consensus param means and it turns out that's not that easy to determine. We should therefore add that one and other congestion control rela...While going over some recent sbws MR I was trying to figure out what actually the `bwscanner_cc` consensus param means and it turns out that's not that easy to determine. We should therefore add that one and other congestion control related consensus parameters to our respective params spec.Sponsor 61 - Making the Tor network faster & more reliable for users in Internet-repressive placeshttps://gitlab.torproject.org/tpo/applications/tor-browser/-/issues/41491WebRTC: Multiple peer connections fails2023-08-26T01:48:53ZMarco SimonelliWebRTC: Multiple peer connections failsExpected results (macOS 11.2 M1, firefox 107.0):
![image](/uploads/ad3a350bf0e718617f3836113b4f5ef6/image.png)
Actual output (Windows 10, built from https://gitlab.torproject.org/msimonelli/tor-browser/-/tree/bug-41459):
![image](/upl...Expected results (macOS 11.2 M1, firefox 107.0):
![image](/uploads/ad3a350bf0e718617f3836113b4f5ef6/image.png)
Actual output (Windows 10, built from https://gitlab.torproject.org/msimonelli/tor-browser/-/tree/bug-41459):
![image](/uploads/cd9be5d10b21ca192279bdca8b8f6966/image.png)
From what I can tell, peer connections just aren't working at all, possibly linked to #41490Sponsor 131 - Phase 2 - Privacy BrowserMarco SimonelliMarco Simonellihttps://gitlab.torproject.org/tpo/applications/tor-browser/-/issues/41490Canvas capture stream to peerConnection incorrect behaviour2023-08-26T01:48:32ZMarco SimonelliCanvas capture stream to peerConnection incorrect behaviourThe failing test is available at https://webrtc.github.io/test-pages/src/canvas-capture/
Expected result is (Firefox 107.0 Ubuntu 22.04):
![image](/uploads/61d7afc46a3276417791df40c2aab3f4/image.png)
Actual result (on Windows, built f...The failing test is available at https://webrtc.github.io/test-pages/src/canvas-capture/
Expected result is (Firefox 107.0 Ubuntu 22.04):
![image](/uploads/61d7afc46a3276417791df40c2aab3f4/image.png)
Actual result (on Windows, built from https://gitlab.torproject.org/msimonelli/tor-browser/-/tree/bug-41459) is:
![image](/uploads/7339fa90bbdad5e2823c4cd966090c8d/image.png)
TOOD: build https://gitlab.torproject.org/msimonelli/tor-browser/-/tree/bug-41459 and test other platforms, which should hopefully workSponsor 131 - Phase 2 - Privacy BrowserMarco SimonelliMarco Simonellihttps://gitlab.torproject.org/tpo/applications/tor-browser/-/issues/41489Failing tests at webrtc.github.io/test-pages2023-08-26T01:48:58ZMarco SimonelliFailing tests at webrtc.github.io/test-pagesSub-issue of #41486
Tracks failing tests available at https://webrtc.github.io/test-pages/
These should all be resolved before attempting to get samples working
- [x] Audio and Video Streams
- [ ] Peer connection from canvas capture s...Sub-issue of #41486
Tracks failing tests available at https://webrtc.github.io/test-pages/
These should all be resolved before attempting to get samples working
- [x] Audio and Video Streams
- [ ] Peer connection from canvas capture stream (#41490)
- [ ] Iframe apprtc (deprecated, does any test replace this?)
- [x] Iframe video
- [ ] Multiple audio streams (maybe passing? TODO: what's the passing condition here?)
- [ ] Multiple peer connections (#41491)
- [x] Multiple video streams
- [ ] Multiple video devices (TODO: I don't own any external video devices, so I can't test this at the moment)
- [ ] Randomly pause and play (assumed to fail, but need confirmation)
- [ ] Peer2peer (TODO: set up a peerconnection_server to run this test)
- [ ] Peer2peer iframe (same as Peer2peer)
- [ ] Peer2peer from video (this page doesn't even load)
- [x] Single audio stream
- [x] Single video streamSponsor 131 - Phase 2 - Privacy Browserhttps://gitlab.torproject.org/tpo/applications/tor-browser/-/issues/41486WebRTC bugs/issues/broken features2023-06-01T17:13:52ZMarco SimonelliWebRTC bugs/issues/broken featuresMain ticket to track issues with WebRTC functionality/testsMain ticket to track issues with WebRTC functionality/testsSponsor 131 - Phase 2 - Privacy Browserhttps://gitlab.torproject.org/tpo/applications/tor-browser/-/issues/41484Should generic monospace font be before script-specific ones?2024-03-06T08:59:46ZPier Angelo VendrameShould generic monospace font be before script-specific ones?In the long issue about fixing scripts, we set sans-serif script-specific fonts before the generic `monospace` fonts in `font.name-list.monospace.*`.
The reasoning behind this was that we didn't add script-specific `monospace` fonts any...In the long issue about fixing scripts, we set sans-serif script-specific fonts before the generic `monospace` fonts in `font.name-list.monospace.*`.
The reasoning behind this was that we didn't add script-specific `monospace` fonts anyway, so Firefox would fall back to Noto Sans in any case (and for consistency, we told it to jump to Noto Sans rather than Noto Serif).
This would guarantee a better consistency when the lang is set, but it will never display monospace characters, even when covered by a monospace font.
Should we change the priority, and use the generic `monospace` fonts (Cousine, Courier, Menlo, etc) before the script-specific Noto Sans?Sponsor 131 - Phase 2 - Privacy Browserhttps://gitlab.torproject.org/tpo/applications/tor-browser/-/issues/41469Remove security level preference migration code2022-12-23T23:11:56ZPier Angelo VendrameRemove security level preference migration codeIn #41460 we renamed preferences for security level and for new identity.
We forced users to go through 11.5.8, but we added the migration code also to 12.0 for alpha users.
However, we can remove whenever we feel we are ready to (e.g....In #41460 we renamed preferences for security level and for new identity.
We forced users to go through 11.5.8, but we added the migration code also to 12.0 for alpha users.
However, we can remove whenever we feel we are ready to (e.g., 12.5a1).Sponsor 131 - Phase 2 - Privacy Browserhttps://gitlab.torproject.org/tpo/applications/tor-browser/-/issues/41464[win] Investigate TSF / TIP (IME)2022-11-29T12:34:56ZThorin[win] Investigate TSF / TIP (IME)From FF107+ [1774317](https://bugzilla.mozilla.org/show_bug.cgi?id=1774317) [TSF] Support `GUID_PROP_URL`
> Although I feel it has some concerns about privacy. However, TIP (IME) can access other private things.
Note: The prefs are
- `p...From FF107+ [1774317](https://bugzilla.mozilla.org/show_bug.cgi?id=1774317) [TSF] Support `GUID_PROP_URL`
> Although I feel it has some concerns about privacy. However, TIP (IME) can access other private things.
Note: The prefs are
- `pref("intl.tsf.expose_url.allowed", true)`; // maybe not goof for Privacy Browser
- `pref("intl.tsf.expose_url_in_private_browsing.allowed", false)`; // good for PB Mode and TB in future
Is this TSF, or just TIP or just TIP (IME) that has privacy concerns. Someone with some knowledge of these things should investigate.
Also an accessibility issue?
> TSF is used in various scenarios to enable intelligent services, such as autocorrection, text suggestions as you type, shapewriting etc. The URL GUID will be used by accessibility via TSF services in the OS. For example, accessibility experiences can be optimized for specific URLs, such as a screen reader reading "microsoft.com" or "YouTube at google.com".
labels please @ triage ownerSponsor 131 - Phase 2 - Privacy Browserhttps://gitlab.torproject.org/tpo/applications/tor-browser/-/issues/41440Remove unneeded migration code2023-01-05T15:35:29ZPier Angelo VendrameRemove unneeded migration codeWe have some migration code that could be removed (e.g., from the updater patch for TBB 5.5 in `browser/components/BrowserContentHandler.jsm`, or the meek profiles in tor-launcher).
We should delete them whenever we are sure that these ...We have some migration code that could be removed (e.g., from the updater patch for TBB 5.5 in `browser/components/BrowserContentHandler.jsm`, or the meek profiles in tor-launcher).
We should delete them whenever we are sure that these features aren't needed anymore because we've used cut-off/watershed releases (e.g., pre 8.0, and maybe 11.5.8).Sponsor 131 - Phase 2 - Privacy Browserhttps://gitlab.torproject.org/tpo/applications/tor-browser/-/issues/41431Document all of the things that are enabled by privacy.resistFingerprinting pref2023-08-22T19:17:11ZrichardDocument all of the things that are enabled by privacy.resistFingerprinting prefOver time many of our patches have been uplifted or reimplemented in Firefox and enabled by the catch-all `privacy.resistFingerprinting` pref. We should maintain a doc outlining all of these changes so we don't lose our memory of these c...Over time many of our patches have been uplifted or reimplemented in Firefox and enabled by the catch-all `privacy.resistFingerprinting` pref. We should maintain a doc outlining all of these changes so we don't lose our memory of these changes.Sponsor 131 - Phase 2 - Privacy Browserhttps://gitlab.torproject.org/tpo/applications/tor-browser/-/issues/41430Document prefs in 000-tor-browser.js and 001-base-profile.js2023-08-22T19:17:18ZrichardDocument prefs in 000-tor-browser.js and 001-base-profile.jsMullvad are going to want to communicate with their users the difference between Firefox ESR 102 and Privacy Browser. To start with, we should ( after https://gitlab.torproject.org/tpo/applications/tor-browser/-/issues/40783 and https://...Mullvad are going to want to communicate with their users the difference between Firefox ESR 102 and Privacy Browser. To start with, we should ( after https://gitlab.torproject.org/tpo/applications/tor-browser/-/issues/40783 and https://gitlab.torproject.org/tpo/applications/tor-browser/-/issues/40014 ) ensure each pref (or batch of prefs) are associated with a gitlab ticket and have a description of what pref does and why we set it.Sponsor 131 - Phase 2 - Privacy Browserhttps://gitlab.torproject.org/tpo/applications/tor-browser/-/issues/41403Some visited addresses are stored inside notificationstore.json in the profil...2023-01-05T18:05:48Zcypherpunks1Some visited addresses are stored inside notificationstore.json in the profile folderMight be related: https://bugzilla.mozilla.org/show_bug.cgi?id=1095073
The file persists after closing the browser.
Visiting the following address can create one if it doesn't exist:
https://privacycheck.sec.lrz.de/active/fp_fd/fp_fea...Might be related: https://bugzilla.mozilla.org/show_bug.cgi?id=1095073
The file persists after closing the browser.
Visiting the following address can create one if it doesn't exist:
https://privacycheck.sec.lrz.de/active/fp_fd/fp_feature_detection.html
The file will get bigger after each visit. That doesn't seem secure.Sponsor 131 - Phase 2 - Privacy Browserhttps://gitlab.torproject.org/tpo/applications/tor-browser/-/issues/41397Re-enable tab unloading for private browsing tabs2023-01-05T16:17:30ZrichardRe-enable tab unloading for private browsing tabsThe tab unloading feature was disabled in Firefox because it caused forced restarts after updates ( https://bugzilla.mozilla.org/show_bug.cgi?id=1751366 ). We only updates after Tor Browser is restarted by the user, so we may not be affe...The tab unloading feature was disabled in Firefox because it caused forced restarts after updates ( https://bugzilla.mozilla.org/show_bug.cgi?id=1751366 ). We only updates after Tor Browser is restarted by the user, so we may not be affected by this bug and may benefit from the perf improvements when Tor Browser is under memory pressure.
In 12.5 alpha series we should try reverting this patch and enabling tab unloading and see if this breaks anything.Sponsor 131 - Phase 2 - Privacy Browserhttps://gitlab.torproject.org/tpo/applications/tor-browser/-/issues/41396Empty formAutofillGroupBox not hidden in Privacy preferences2022-11-30T16:11:12ZhenryEmpty formAutofillGroupBox not hidden in Privacy preferencesThe `#formAutofillGroupBox` groupbox in the Privacy pane is not hidden, even though it has no children.
I noticed this when going through with a screen reader (Orca) the empty groupbox was announced as "blank". From a visual perspective...The `#formAutofillGroupBox` groupbox in the Privacy pane is not hidden, even though it has no children.
I noticed this when going through with a screen reader (Orca) the empty groupbox was announced as "blank". From a visual perspective, this creates an extra space after our "Onion Services Authentication" preferences:
![Screenshot of highlighted extra space after Onion Services Authentication preferences](/uploads/d22215319a394553339966edcf6d1407/Screenshot_from_2022-10-25_16-09-50.png)Sponsor 131 - Phase 2 - Privacy Browserhenryhenryhttps://gitlab.torproject.org/tpo/applications/tor-browser/-/issues/41347Variable font support can be used to fingerprint OS versions2023-01-05T15:25:52Zcypherpunks1Variable font support can be used to fingerprint OS versionsIn Tor Browser, the value of the `layout.css.font-variations.enabled` preference changes depending on the operating system version. For example, it is enabled on Windows 10 and disabled on Windows 7 and this can be detected with javascri...In Tor Browser, the value of the `layout.css.font-variations.enabled` preference changes depending on the operating system version. For example, it is enabled on Windows 10 and disabled on Windows 7 and this can be detected with javascript.
It can be tested here:
https://privacycheck.sec.lrz.de/active/fp_je/fp_js_echo.html
When the preference is enabled, the `font-optical-sizing` and `font-variation-settings` properties will appear under HTML Elements.Sponsor 131 - Phase 2 - Privacy Browserhttps://gitlab.torproject.org/tpo/applications/tor-browser/-/issues/41336"Tor exited during startup" on fresh install2023-02-06T13:35:51Zkms2db0f6f"Tor exited during startup" on fresh install### Summary
I encounter "Tor exited during startup" error even on a fresh install of Tor Browser and profile.
### Steps to reproduce:
1. Clean all existing installs and profiles of Tor Browser
2. Download the latest stable version of To...### Summary
I encounter "Tor exited during startup" error even on a fresh install of Tor Browser and profile.
### Steps to reproduce:
1. Clean all existing installs and profiles of Tor Browser
2. Download the latest stable version of Tor Browser
3. Run `start-tor-browser`
### What is the current bug behavior?
The following message is displayed, and Tor Browser cannot open webpages:
> Tor exited during startup. This might be due to an error in your torrc file, a bug in Tor or another program on your system, or faulty hardware. Until you fix the underlying problem and restart Tor, Tor Browser will not start.
### What is the expected behavior?
Tor should not crash.
### Environment
* OS: Arch Linux x86_64
* Tor Browser version: Both 11.5.2 (stable) and 12.0a3 (alpha) do not work.
* Installation method: Running directly from torproject.org's binary tarball, installing [tor-browser AUR package](https://aur.archlinux.org/packages/tor-browser), and using [torbrowser-launcher](https://archlinux.org/packages/community/any/torbrowser-launcher/) all do not work.
### Relevant logs and/or screenshots
I have checked the "View the Tor logs" in Tor Browser and the console, but there is no log.
### Additional context
Yesterday I can still use Tor Browser without any problem, and Tor Browser is connected to Tor network directly (no bridge is used, ISP is not censoring Tor).
However, today Tor Browser suddenly cannot start Tor (even though I haven't updated any packages). I tried using bridges, using Tor Browser over VPN, and running a fresh install of Tor Browser, but it is still not working.
Running `./tor` in the tarball returns `./tor: symbol lookup error: ./tor: undefined symbol: evutil_secure_rng_add_bytes`.
If I follow the "Using a system-installed Tor process with Tor Browser" section in the `start-tor-browser` script, then Tor Browser can open webpages.Sponsor 131 - Phase 2 - Privacy Browserhttps://gitlab.torproject.org/tpo/applications/tor-browser/-/issues/41335Establish a common onboarding template for both browsers2024-02-15T14:50:07ZdonutsEstablish a common onboarding template for both browsersTor Browser's current onboarding template is a port of an older version from Firefox. We should explore alternatives here before deciding on a template, e.g. the practicality of modifying Firefox's current built-in format.Tor Browser's current onboarding template is a port of an older version from Firefox. We should explore alternatives here before deciding on a template, e.g. the practicality of modifying Firefox's current built-in format.Sponsor 131 - Phase 2 - Privacy Browserhttps://gitlab.torproject.org/tpo/applications/tor-browser/-/issues/41298Expose SafeLogging in UI2023-01-05T16:10:59ZcypherpunksExpose SafeLogging in UIAdd some checkbox or about:config entry to temporarily disable SafeLogging - it sometimes makes troubleshooting annoying. Of course, write **BIG FAT WARNING** when clicking it and possibly remind when restarted.Add some checkbox or about:config entry to temporarily disable SafeLogging - it sometimes makes troubleshooting annoying. Of course, write **BIG FAT WARNING** when clicking it and possibly remind when restarted.Sponsor 131 - Phase 2 - Privacy Browserhttps://gitlab.torproject.org/tpo/applications/tor-browser/-/issues/41100Add unsupported OS warning UX when tor-browser upgrade cannot happen due to u...2024-03-11T14:40:50ZrichardAdd unsupported OS warning UX when tor-browser upgrade cannot happen due to user's device no longer meeting min-specWe have logic in UpdateService.jsm that detects when the user's OS version is incompatible with a pending update, but we don't have any UX to tell the user about it.
As part of this we should also add a debug pref for exercising this co...We have logic in UpdateService.jsm that detects when the user's OS version is incompatible with a pending update, but we don't have any UX to tell the user about it.
As part of this we should also add a debug pref for exercising this code path (similar to how we use `torbrowser.debug.censorship_level` in TorConnect.jsm)Sponsor 131 - Phase 2 - Privacy Browser