The Tor Project issueshttps://gitlab.torproject.org/groups/tpo/-/issues2020-06-27T14:43:07Zhttps://gitlab.torproject.org/tpo/applications/tor-browser/-/issues/5423No Characters Showing Up On 'Check Page'2020-06-27T14:43:07ZTracNo Characters Showing Up On 'Check Page'This isn't a bug I'm reporting unless it could be one, when I start the Tor Browser bundle in Linux; 2.2.35-9 I noticed on the Check Page, some foreign languages are not showing up, I just get boxes instead.
Please see this attached ima...This isn't a bug I'm reporting unless it could be one, when I start the Tor Browser bundle in Linux; 2.2.35-9 I noticed on the Check Page, some foreign languages are not showing up, I just get boxes instead.
Please see this attached image and if someone can please tell me what languages/fonts I need for those, I'll check...
THANKS
**Trac**:
**Username**: DasFoxhttps://gitlab.torproject.org/tpo/applications/tor-browser/-/issues/5416Tor Browser fails to prevent load of a plugin2020-06-27T14:43:07ZcypherpunksTor Browser fails to prevent load of a pluginIn TBB 2.2.35-8 a plugin is displayed in Add-ons Manager->Plugins. It's a regression - it never appeared in the previous version (2.2.35-7.1). Screen attached.
OS: Windows 7 SP1In TBB 2.2.35-8 a plugin is displayed in Add-ons Manager->Plugins. It's a regression - it never appeared in the previous version (2.2.35-7.1). Screen attached.
OS: Windows 7 SP1https://gitlab.torproject.org/tpo/applications/tor-browser/-/issues/5309New Identity fails to close windows with prompt dialogs2020-06-27T14:43:07ZcypherpunksNew Identity fails to close windows with prompt dialogsSteps to reproduce:
1. open a new tab
2. press CTRL+SHIFT+K to open the console
3. type alert(0) in the command line and press enter
4. press CTRL+SHIFT+K to close the console
5. select New Identity from Torbutton
The tab will fail to ...Steps to reproduce:
1. open a new tab
2. press CTRL+SHIFT+K to open the console
3. type alert(0) in the command line and press enter
4. press CTRL+SHIFT+K to close the console
5. select New Identity from Torbutton
The tab will fail to close. I noticed this on a website that prompts users when it detects a Tor exit node, if you press New Identity without closing the alert dialog then the tab will remain open.https://gitlab.torproject.org/tpo/applications/tor-browser/-/issues/5294Make human summary of Tor Browser design doc2023-01-05T16:50:07ZMike PerryMake human summary of Tor Browser design docWe should create a brief human-readable summary of the privacy properties of TBB, based on the Design Requirements.
We should probably include this in the short user manual, or on the download page, or both.
See also https://lists.torp...We should create a brief human-readable summary of the privacy properties of TBB, based on the Design Requirements.
We should probably include this in the short user manual, or on the download page, or both.
See also https://lists.torproject.org/pipermail/tor-talk/2012-January/022899.html.https://gitlab.torproject.org/tpo/applications/tor-browser/-/issues/5293Neuter fingerprinting with Battery API2020-06-27T14:43:07ZMike PerryNeuter fingerprinting with Battery APIFirefox 10 added a battery API that is off by default:
https://developer.mozilla.org/en/DOM/window.navigator.mozBattery
Battery properties such as exact capacity, charge rate, and drain rate can provide fingerprinting information.
It...Firefox 10 added a battery API that is off by default:
https://developer.mozilla.org/en/DOM/window.navigator.mozBattery
Battery properties such as exact capacity, charge rate, and drain rate can provide fingerprinting information.
It looks like the current API does not provide exact capacity, but charge rate and drain rates can be calculated. Probably not a big deal, but it should be trivial to obfuscate/discretize with Object.defineProperty if we need to.https://gitlab.torproject.org/tpo/applications/tor-browser/-/issues/5288Clickjacking + popups subvert TBB url-bar isolation2023-01-05T16:49:37ZMike PerryClickjacking + popups subvert TBB url-bar isolationRight now, TBB treats popups as top-level content items (ie they are allowed to track you independently of their originating window). I think this is fine, because the Firefox popup blocker prevents popups from opening without an associa...Right now, TBB treats popups as top-level content items (ie they are allowed to track you independently of their originating window). I think this is fine, because the Firefox popup blocker prevents popups from opening without an associated mouse click, and to me, mouse clicks indicate consent to visit a page and to establish a relationship with that page.
However, clickjacking probably ruins that model, in that it can cause popups to launch for tracking content whenever the user clicks *anywhere* on a page.
We include NoScript, which has some clickjacking protection.. But is it enough? Is it still functional if you have Javascript fully enabled? We should spend some time investigating current clickjacking techniques to see what is still possible these days.https://gitlab.torproject.org/tpo/applications/tor-browser/-/issues/5203Setting Tor Browser as default browser does not work in Wndows 72022-07-09T17:44:33ZTracSetting Tor Browser as default browser does not work in Wndows 7For whatever reason, Aurora fails to establish itself as the default browser in Windows 7.
Using Tools -> Options -> Advanced -> General on Aurora 9.0.1, I press the "Check Now" button, which informs me that
"Aurora is not currently ...For whatever reason, Aurora fails to establish itself as the default browser in Windows 7.
Using Tools -> Options -> Advanced -> General on Aurora 9.0.1, I press the "Check Now" button, which informs me that
"Aurora is not currently set as your default browser. Would you like to make it your default browser?"
After pressing "yes", nothing else happens, suggesting success. But there is no success, a second check shows that nothing has changed.
Whatever the reason for the failure, the Tor Browser should at least check this itself, and, in case of a failure, inform about this and suggest additional information.
It seems quite dangerous, because other applications using Tor, like Torchat, refer to the default browser if one clicks on a link. So one may click on a critical link believing that one already has established the Tor browser as the default browser.
**Trac**:
**Username**: Iljahttps://gitlab.torproject.org/tpo/applications/tor-browser/-/issues/5182Spanish TBB-Firefox includes ‘Wikipedia (en)’ search engine, but not ‘Wikiped...2023-01-05T16:42:02ZRobert RansomSpanish TBB-Firefox includes ‘Wikipedia (en)’ search engine, but not ‘Wikipedia (es)’We should probably add a search-engine file for the language-specific version of Wikipedia. We should probably not remove the English Wikipedia search-engine file.We should probably add a search-engine file for the language-specific version of Wikipedia. We should probably not remove the English Wikipedia search-engine file.https://gitlab.torproject.org/tpo/applications/tor-browser/-/issues/5024compile time hardening of TBB (RELRO, canary, PIE)2022-01-11T19:33:57Zcypherpunkscompile time hardening of TBB (RELRO, canary, PIE)Would be nice if TBB (for Linux and OS X at least) would come with gcc hardening features applied.
Output of checksec.sh:
vidalia 3925 No RELRO No canary found NX enabled No PIE
...Would be nice if TBB (for Linux and OS X at least) would come with gcc hardening features applied.
Output of checksec.sh:
vidalia 3925 No RELRO No canary found NX enabled No PIE
tor 3933 No RELRO No canary found NX enabled No PIE
firefox 3935 No RELRO No canary found NX enabled No PIE
compared to bundled Firefox in Ubuntu:
firefox 8779 Full RELRO Canary found NX enabled PIE enabledErinn ClarkErinn Clarkhttps://gitlab.torproject.org/tpo/applications/tor-browser/-/issues/4894TBB permissions problem in multi-user OS X environment2022-01-11T19:33:57ZTracTBB permissions problem in multi-user OS X environmentInstalling a centrally-accessible copy of TBB on OS X results in only the installing user being able to launch the bundle, owing to a permissions issue:
[Warning] ../../Contents/Resources/Data/Tor is not owned by this user (REDACTED, RE...Installing a centrally-accessible copy of TBB on OS X results in only the installing user being able to launch the bundle, owing to a permissions issue:
[Warning] ../../Contents/Resources/Data/Tor is not owned by this user (REDACTED, REDACTED) but by REDACTED (REDACTED). Perhaps you are running Tor as the wrong user?
[Warning] Failed to parse/validate config: Couldn't access/create private data directory "../../Contents/Resources/Data/Tor"
[Error] Reading config failed--see warnings above.
If possible, TBB should be re-made in such a fashion that it can be installed on OS X by one user, yet used successfully by others, without having to manually undertake a permissions-workaround.
Problem encountered with TBB Version 2.2.35-4 - OS X (64-Bit) on OS X 10.6.8.
**Trac**:
**Username**: h8a14i20QHhttps://gitlab.torproject.org/tpo/applications/tor-browser/-/issues/4840The child porn set is rapping about tor on 4chan...2020-06-27T14:43:08ZcypherpunksThe child porn set is rapping about tor on 4chan...http://chanarchive.org/4chan/b/32017/oc-here-ghetto-pedobear-on-the-mic-under-10-is-what-i-like-i-be-on-the-onions-fapping-to-some-youngins-r
Maybe you should do something about it.http://chanarchive.org/4chan/b/32017/oc-here-ghetto-pedobear-on-the-mic-under-10-is-what-i-like-i-be-on-the-onions-fapping-to-some-youngins-r
Maybe you should do something about it.Andrew LewmanAndrew Lewmanhttps://gitlab.torproject.org/tpo/applications/tor-browser/-/issues/4810Weird screen sizes reported by Panopticlick2020-06-27T14:43:08ZTracWeird screen sizes reported by PanopticlickWhen I go to https://panopticlick.eff.org/index.php with TorButton (1.4.5.1) Panopticlick reports (among other things):
```
Screen Size and Color Depth 1150x600x24
bits of identifying information 14.67
one in x brows...When I go to https://panopticlick.eff.org/index.php with TorButton (1.4.5.1) Panopticlick reports (among other things):
```
Screen Size and Color Depth 1150x600x24
bits of identifying information 14.67
one in x browsers have this value 26138.95
```
but if I go without TorButton it reports:
```
Screen Size and Color Depth 1280x800x24
bits of identifying information 3.9
one in x browsers have this value 14.94
```
I would suggest that the default settings for the non TorButton report are far more anonymous than the TorButton report.
I would suggest changing TorButton to use the default screen size and resolution rather than a modified version.
I have already started work on this.
**Trac**:
**Username**: erikdMike PerryMike Perryhttps://gitlab.torproject.org/tpo/applications/tor-browser/-/issues/4794NoScript Is Not Being Used Properly By The Tor Project2020-06-27T14:43:08ZTracNoScript Is Not Being Used Properly By The Tor ProjectHi,
This isn't a bug, but I'm reporting this because this is not being handled correctly.
One of the main points of NoScript is not to allow anything, other than what is in your 'Whitelist', yet the Tor Project has set in the General o...Hi,
This isn't a bug, but I'm reporting this because this is not being handled correctly.
One of the main points of NoScript is not to allow anything, other than what is in your 'Whitelist', yet the Tor Project has set in the General options; 'Scripts globally allowed (dangerous)'
I think someone at Tor has overlooked that 'Dangerous' part, because this is not the correct method in which to use this application. In fact it seems silly the developer even has this option in NoScript.
I do know for a fact when you allow like this, then you let JavaScript leak out, creating more of a risk, so regardless of using Tor or not, this is not a good approach for the Tor Project
to be taking with NoScript and the Tor Browser Bundles should have this unchecked by default to give people the safest configuration possible.
Right now you are teaching people the incorrect way in which to use this and for those people, they are going to possibly look at Tor and mimic what they see for Firefox and make even a greater risk for themselves with Firefox through their ISP,etc...
Granted it doesn't make it the simplest, but people should learn to adjust, because it's the proper way in which you are suppose to be using this addon.
Also the Tor Project will need to change the 'Appearances' section to properly reflect this as well.
I've attached a screen shot how the 'Appearances' section looks in NoScript, of course with the 'Scripts globally allowed (dangerous)' unchecked. :)
THANKS
**Trac**:
**Username**: DasFoxhttps://gitlab.torproject.org/tpo/applications/tor-browser/-/issues/4793BleachBit - Says Can't Clean Firefox Open2020-06-27T14:43:09ZTracBleachBit - Says Can't Clean Firefox OpenI'm running the latest BleachBit in Linux found here;
http://bleachbit.sourceforge.net/
I'm also running the latest Tor Browser Bundle 2.2.35-3
When I had the browser running and Firefox closed, BleachBit said it could not clean beca...I'm running the latest BleachBit in Linux found here;
http://bleachbit.sourceforge.net/
I'm also running the latest Tor Browser Bundle 2.2.35-3
When I had the browser running and Firefox closed, BleachBit said it could not clean because Firefox was open. Not sure why something like this should happen since the Tor Browser Bundle should be it's own self-contained unit that other apps like this should not be seeing it as Firefox.
If this happening in Linux, probably Windows too.
Please see the attached image.
THANKS
**Trac**:
**Username**: DasFoxhttps://gitlab.torproject.org/tpo/applications/tor-browser/-/issues/4763TorBrowser remembers location of last locally-opened file: "File > Open File ...2022-11-30T16:45:12ZcypherpunksTorBrowser remembers location of last locally-opened file: "File > Open File ..."This seems like less-than-ideal behavior.
Ex., TBB is used as the local Tor, Vidalia and browser by Alice, on her computer. However, Bob also has access to Alice's computer because they live together. Alice was looking at a local file ...This seems like less-than-ideal behavior.
Ex., TBB is used as the local Tor, Vidalia and browser by Alice, on her computer. However, Bob also has access to Alice's computer because they live together. Alice was looking at a local file she doesn't want Bob to see, but Bob does see the file when he too uses TBB as the local Tor, Vidalia and browser. Of course, Bob found the local file by mistake when he was trying to open a different local file.https://gitlab.torproject.org/tpo/applications/tor-browser/-/issues/4738browser.startup.homepage_override.buildID;201112150621332020-06-27T14:43:09ZTracbrowser.startup.homepage_override.buildID;20111215062133When I first started the Tor Browser Bundle in Linux version 2.2.35-1 and I looked in about:config the string browser.startup.homepage_override.buildID had a value of 20110325121920 then I changed my home page and it changed, I figured t...When I first started the Tor Browser Bundle in Linux version 2.2.35-1 and I looked in about:config the string browser.startup.homepage_override.buildID had a value of 20110325121920 then I changed my home page and it changed, I figured this was normal, but I since deleted the browser bundle and downloaded it over re ran it and the value is the same.
I don't understand why the first time I ran this I had the value of 20110325121920 which is also what shows in the pref.js but it doesn't reflect this in the about:config?
Also how does the browser.startup.homepage_override.mstone" show this value in the pref.js rv:2.0, but in the about:config 8.0.1?
Are these Tor spoofs from the Tor button creating these indifferences?
THANKS
**Trac**:
**Username**: DasFoxhttps://gitlab.torproject.org/tpo/applications/tor-browser/-/issues/4545torbutton_set_timezone() does not work (properly)2020-06-27T14:43:09ZGeorg Koppentorbutton_set_timezone() does not work (properly)While implementing the normalization of the timezone (thanks for the idea Mike) I figured out that the function is not working (properly) in Torbutton currently. Maybe that is intentionally as I have not looked at the Torbutton code thor...While implementing the normalization of the timezone (thanks for the idea Mike) I figured out that the function is not working (properly) in Torbutton currently. Maybe that is intentionally as I have not looked at the Torbutton code thoroughly. In this case just ignore my comments and close this ticket as invalid (or whatever). There are two points to raise:
1) The original timezone is not saved in the preferences, I get always a UTC+00:00 which could be bad if the user is toggling the anon mode (I know toggling is dead but the option is still available buried in the preferences).
2) The code in the function does not cope with timezones like GMT-3:30 as Math.floor() gives wrong values back (in this case "-6" instead of "-5").https://gitlab.torproject.org/tpo/applications/tor-browser/-/issues/4522Add privilege separation for bundled browser2022-01-11T19:33:57ZTracAdd privilege separation for bundled browserTBB comes with Firefox which runs with full user privileges by default. A single vulnerability for example in its rendering or javascript code can be used to access private data stored on the system or to bypass Tor and reveal IP and loc...TBB comes with Firefox which runs with full user privileges by default. A single vulnerability for example in its rendering or javascript code can be used to access private data stored on the system or to bypass Tor and reveal IP and location.
Modern OSs offer security mechanisms to run 3rd party applications with reduced privileges:
Windows Vista and later have Protected/Low Integrity Mode.
OS X has seatbelt, fully usable at least since Lion.
Linux has several mechanisms, seccomp is in the kernel and should be available on all recent distros, SELinux and Apparmor are more distro specific (Red Hat, Fedora, Ubuntu).
Firefox upstream doesn't make use of any of them yet but that shouldn't stop redistributors with different security requirements...
Firefox is also the only major browser that doesn't have a multi-process architecture to further limit the privileges of code that handles untrusted input. I don't think anything can be done about that short of waiting for Electrolysis making it into Aurora or switching the browser to something else in the meantime which is probably undesirable for many reasons.
However sandboxing the firefox process could be done right now with relatively little difficulty. The heavy-lifting has been done already, Chromium has several sandbox mechanisms to cover all major platforms.
A few links to get started:
For Windows:
a few icacls commands are enough for a basic configuration.
https://wiki.mozilla.org/Mozilla_2/Protected_mode
http://superuser.com/questions/30668/how-to-run-firefox-in-protected-mode-i-e-at-low-integrity-level
For OS X:
http://developer.apple.com/library/mac/#documentation/Security/Conceptual/AppSandboxDesignGuide/AboutAppSandbox/AboutAppSandbox.html
http://dev.chromium.org/developers/design-documents/sandbox/osx-sandboxing-design
For Linux:
http://code.google.com/p/chromium/wiki/LinuxSandboxing
Ubuntu comes with a Firefox Apparmor profile which just needs to be adapted to point at the correct binary.
For *BSD:
jail is available across the board
None of these are designed with the threat model of Tor in mind. Special focus would be needed to protect the IP address from the browser.
Summary:
Outdated security architecture of Firefox together with the javascript heavy web and modern drive by exploits make the current TBB increasingly susceptible to application level attacks.
Similar levels of security and resilience against application vulnerabilities to the "anonymizing middlebox" (transparent proxy in separate computer of VM) can be achieved with privilege separation.
Make it happen before Electrolysis comes out (is it even still on their roadmap?)
**Trac**:
**Username**: kteelhttps://gitlab.torproject.org/tpo/applications/tor-browser/-/issues/4446Twitter timelines sometimes fail to load2020-06-27T14:43:10ZMike PerryTwitter timelines sometimes fail to loadIn legacy/trac#3997, we went through a long litany of tests trying to get to the bottom of some transient twitter failures. In the past couple weeks, they appear to be back. Various queries fail more frequently for Tor, timelines often d...In legacy/trac#3997, we went through a long litany of tests trying to get to the bottom of some transient twitter failures. In the past couple weeks, they appear to be back. Various queries fail more frequently for Tor, timelines often don't appear on first load attempt, etc.
I have tested Tor vs non-Tor in TBB, and the issue does not happen unless Tor is used as a SOCKS proxy.
I have not yet tested SOCKS vs non-SOCKS or high-latency vs low latency.
I should probably also test authenticated vs unauthenticated in Tor, for completeness.
I'm putting this in component Company because I suspect the Tor IPs could be victim to load balancer starvation on Twitter's end... But obviously I need to do a couple more tests first.https://gitlab.torproject.org/tpo/applications/tor-browser/-/issues/4338TBB creates Mozilla folder in user folder2020-06-27T14:43:10ZcypherpunksTBB creates Mozilla folder in user folderThe Tor Browser Bundle creates a Mozilla folder in the C:\Users\[username]\AppData\Roaming folder when the browser starts. The folder does not appear to be used for anything.
It would be better if no such folder were created in the 1st ...The Tor Browser Bundle creates a Mozilla folder in the C:\Users\[username]\AppData\Roaming folder when the browser starts. The folder does not appear to be used for anything.
It would be better if no such folder were created in the 1st place as to leave less trace that tbb has been used on the computer.