The Tor Project issueshttps://gitlab.torproject.org/groups/tpo/-/issues2020-06-27T14:43:10Zhttps://gitlab.torproject.org/tpo/applications/tor-browser/-/issues/4338TBB creates Mozilla folder in user folder2020-06-27T14:43:10ZcypherpunksTBB creates Mozilla folder in user folderThe Tor Browser Bundle creates a Mozilla folder in the C:\Users\[username]\AppData\Roaming folder when the browser starts. The folder does not appear to be used for anything.
It would be better if no such folder were created in the 1st ...The Tor Browser Bundle creates a Mozilla folder in the C:\Users\[username]\AppData\Roaming folder when the browser starts. The folder does not appear to be used for anything.
It would be better if no such folder were created in the 1st place as to leave less trace that tbb has been used on the computer.https://gitlab.torproject.org/tpo/applications/tor-browser/-/issues/4335Per-urlbar domain plugin control2022-01-11T19:33:57ZTracPer-urlbar domain plugin controlHow about instead of completely having to dis/enable all plug-ins when using Tor, you allow site-exceptions (like youtube for flashplayer) as well as a possibility to select which plug-ins to disable and which not (i personally only have...How about instead of completely having to dis/enable all plug-ins when using Tor, you allow site-exceptions (like youtube for flashplayer) as well as a possibility to select which plug-ins to disable and which not (i personally only have 2 plug-ins: shockwave flash & adobe acrobat, and i dont think the risks that apply to flash also apply to acrobat (if i should be mistaken, please correct me).
**Trac**:
**Username**: trallalahttps://gitlab.torproject.org/tpo/applications/tor-browser/-/issues/4280build changes for TBB2022-01-11T19:33:57ZJacob Appelbaumbuild changes for TBBre legacy/trac#2176 - I came up with a list of things I think we should disable or change in TBB's build process.
I noticed that as it stands, we don't disable stuff like JSctypes. Which, well, if it's anything like python ctypes, holy ...re legacy/trac#2176 - I came up with a list of things I think we should disable or change in TBB's build process.
I noticed that as it stands, we don't disable stuff like JSctypes. Which, well, if it's anything like python ctypes, holy moley!
```
diff --git a/build-scripts/config/dot_mozconfig b/build-scripts/config/dot_mozconfig
index 9333a6f..227bd01 100755
--- a/build-scripts/config/dot_mozconfig
+++ b/build-scripts/config/dot_mozconfig
@@ -5,5 +5,16 @@ mk_add_options MOZ_APP_DISPLAYNAME=TorBrowser
ac_add_options --enable-optimize
ac_add_options --enable-strip
+ac_add_options --enable-install-strip
ac_add_options --disable-tests
ac_add_options --disable-debug
+ac_add_options --disable-ctypes
+ac_add_options --disable-necko-disk-cache
+ac_add_options --disable-necko-wifio
+ac_add_options --disable-installer
+ac_add_options --disable-updater
+ac_add_options --disable-parental-controls
+
+
+# Linux options
+ac_add_options --disable-dbus
```https://gitlab.torproject.org/tpo/applications/tor-browser/-/issues/4152Implement Bottom Up Randomization (Windows platform)2023-04-25T16:58:34ZbastikImplement Bottom Up Randomization (Windows platform)To improve ASLR efficiency you could add Bottom Up Randomization.
Matt Miller told Didier Stevens how he did. So I know that too.
“It works by reserving a random number (between [0,256]) of 64K regions via VirtualAlloc. This has the ef...To improve ASLR efficiency you could add Bottom Up Randomization.
Matt Miller told Didier Stevens how he did. So I know that too.
“It works by reserving a random number (between [0,256]) of 64K regions via VirtualAlloc. This has the effect of consuming a small portion of the bottom part of the address space. Since the Windows kernel assigns base addresses for collided DLLs by searching for a free region starting at the bottom of the address space, bottom up randomization ensures that a random base address will be assigned. Without bottom up randomization the bottom part of the address space remains fairly static (with some exceptions, such as due to heap, stack, and EXE randomization).”
Code
"int iIter;
int iRand;
srand(time(NULL));
iRand = rand() % 256 + 1;
for (iIter = 0; iIter < iRand; iIter++)
VirtualAlloc(NULL, 64*1024, MEM_COMMIT | MEM_RESERVE, PAGE_NOACCESS);"
"In stead of 15 base addresses, with the most frequent address being using 30% of the time, my Bottom Up Randomization implementation gives me more than 300 addresses after 150.000 runs. And there’s no single address being used more than 0,5% of the time."
An comment adds that only MEM_RESERVE should be used for VirtualAlloc, because MEM_COMMIT would require more memory. Didier Stevens replies that this is possible although the additional memory wouldn't be much.
Here's the link: http://blog.didierstevens.com/2011/09/29/add-bottom-up-randomization-to-your-own-source-code/
BTW: It's impossible to chose an component, because all binaries (Tor/Vidalia at least) should make use of it.https://gitlab.torproject.org/tpo/applications/tor-browser/-/issues/4132Email Cookie Monster author about better 3rd party support2020-06-27T14:43:11ZMike PerryEmail Cookie Monster author about better 3rd party supportThe Cookie Monster addon could be used as a stop-gap until we have legacy/trac#3246 working, except for the fact that it's 3rd party cookie support is still not great. For example, it doesn't detect the 3rd party test cookie that DisQus ...The Cookie Monster addon could be used as a stop-gap until we have legacy/trac#3246 working, except for the fact that it's 3rd party cookie support is still not great. For example, it doesn't detect the 3rd party test cookie that DisQus attempts to set via JS, and so you can't easily get DisQus to work for it.
https://addons.mozilla.org/firefox/addon/4703
http://forum.addonsmirror.net/index.php?showtopic=6599https://gitlab.torproject.org/tpo/applications/tor-browser/-/issues/3994Get TorBrowser in Debian2022-12-08T15:15:26ZLunarGet TorBrowser in DebianTorbutton as pure Firefox extension is now deprecated. The project now advocates to use TorBrowserBundle instead.
For users of Debian (and its derivative, Tails being one of them), it would probably be good to offer a more streamlined e...Torbutton as pure Firefox extension is now deprecated. The project now advocates to use TorBrowserBundle instead.
For users of Debian (and its derivative, Tails being one of them), it would probably be good to offer a more streamlined experience and ship TorBrowser as a Debian package.
In order to preserve the anonymity set, this browser should work as close as possible to the one shipped in the TorBrowserBundle.
The Debian policy states that a package should not contain any embedded code copy. So simply shipping the result of TorBrowserBundle build is not an option.
Mike Hommey (maintainer of Iceweasel) and Moritz Muehlenhoff (from the security team) are both ok to create a `iceweasel-src` package that would contain the source files needed to build a patched Firefox. A Debian package could apply specific Tor patches on top of that to build something close to core TorBrowser.
The rest of the features are provided through Firefox extensions. TBB is currently shipped HTTPS-Everywhere, NoScript and Torbutton. All of these extensions are already in Debian.
Having TorBrowser installed system-wide do open a new class of problems, though:
* Profiles should probably be saved in a different directory in user $HOME than Iceweasel or official Firefox.
* The ideal way to deal with system-wide extensions would probably be that: a new profile would start with all system extensions disabled except for the one shipped in TBB. By going through the Add-ons panel, user could re-enable more of them (even those that could lead to anonymity breaches).
Once a tor-browser binary package is in Debian, we can also have it depend on Vidalia and have a TorBrowser icon start the later, like TBB does.
I hope I have not overlooked anything on the various issues involved…https://gitlab.torproject.org/tpo/applications/tor-browser/-/issues/3978Better TBB about:config settings(?); re: browsing and loading speed, etc.2020-06-27T14:43:11ZTracBetter TBB about:config settings(?); re: browsing and loading speed, etc.Hello,
I have been testing the following !about:config settings (specific to Firefox 6) for a couple of weeks. I have used very similar settings for TBB since Firefox v3.x.x. These settings do seem to (very noticeably) speed up browsing...Hello,
I have been testing the following !about:config settings (specific to Firefox 6) for a couple of weeks. I have used very similar settings for TBB since Firefox v3.x.x. These settings do seem to (very noticeably) speed up browsing, maybe some of these can be migrated into official TBB releases?
The only setting I think may do well with a bit of tweaking is nglayout.initialpaint.delay, I doubled the Firefox defualt of 250 ms. Doing so seems to (noticeably) increase total page load time, while (unnoticeably) reducing time to first load on page.
I tried to test these settings in TBB vs. vanilla TBB but I don't know how to configure Tor to use the same circuit for all speed tests.
Relevant links:
1. [How To Speed Up Firefox 6 Tweaking Guide](http://techlogon.com/2011/09/06/how-to-speed-up-firefox-6-tweaking-guide/)
1. [Hacking Firefox for Maximum Performance with Tor](https://trac.torproject.org/projects/tor/wiki/doc/FireFoxTorPerf) (some settings are outdated and some settings are missing)
**user.js** (placed in _...\Tor Browser\FirefoxPortable\Data\Profile_)
// Spell check works with all fields
user_pref("layout.spellcheckDefault", 2);
// default is 250 ms, longer wait time means faster total page load time, but slower initial page loading.
user_pref("nglayout.initialpaint.delay", 500);
// Stops the display of placeholders while images are loading to speed up the page. Default is True
user_pref("browser.display.show_image_placeholders", false);
// Sets the maximum number of times the content will do timer-based reflows to 5. After this, the page will only reflow once it is finished downloading. This is a new value. Default is -1 (no limit)
user_pref("content.notify.backoffcount", 5);
// Sets the minimum amount of time to wait between periodic reflowing of the page to 0.12 seconds – stops Firefox becoming slow by reflowing too frequently. This is a new value. Default is 120000
user_pref("content.notify.interval", 120000);
// Sets the maximum amount of time Firefox will be unresponsive while rendering pages – set to 3 times the content.notify.interval above. This is a new value. Default is 360000
user_pref("content.max.tokenizing.time", 360000);
// Ensures Firefox does not reflow pages at an interval any higher than that specified by content.notify.interval above. This is a new value. Default is True
user_pref("content.notify.ontimer", true);
// Sets Firefox to interrupt parsing a page to respond to UI (user interface) events to prevent it becoming unresponsive until parsing is complete. This is a new value. Default is True
user_pref("content.interrupt.parsing", true);
// Sets the number of microseconds of inactivity that puts Firefox into low frequency interrupt mode. This is a new value. Default is 750000
user_pref("content.switch.threshold", 750000);
// Disables IPv6 DNS lookups to prevent a significant delay with poorly configured IPv6 servers.
user_pref("network.dns.disableIPv6", true);
// This preference takes values between 1 and 255 inclusive, directly corresponding to the maximum number of HTTP keep-alive connections the application can have open at once to the proxy server. Default is 8.
user_pref("network.http.max-persistent-connections-per-proxy", 16);
// Increases the maximum number of persistent connections per server which can help speed up loading of multimedia rich sites. This settings must be equal to, or greater than, "Network.http.max-persistent-connections-per-proxy". Default is 15.
user_pref("network.http.max-connections-per-server", 16);
// Amount of time in seconds to keep keep-alive connections alive. Default is 115 seconds.
user_pref("network.http.keep-alive.timeout", 600);
// [! Not needed: TorBrowser already has correct configuration] Use keep-alive connections whenever possible.
//user_pref("network.http.proxy.keep-alive", true);
// [! Not needed: TorBrowser already has correct configuration] Stops Firefox automatically prefetching (loading) the contents of pages linked to by the page you are viewing – in most cases you will never visit those links so this time is wasted and it is a security risk because you are unwittingly downloading (possible virus/adult) content only linked to by the current page but which you have not chosen to load. Default is True.
//user_pref("network.prefetch-next", false);
// [! Not needed: TorBrowser already has correct configuration] Can send multiple requests to a server together in order to speed up loading of webpages. This is not supported by ALL servers – some servers may even behave incorrectly if they receive pipelined requests. Default is False
//user_pref("network.http.pipelining", true);
// [! Not needed: TorBrowser already has correct configuration] Can send multiple requests to a server together in order to speed up loading of webpages. This is not supported by ALL servers – some servers may even behave incorrectly if they receive pipelined requests. Default is False
//user_pref("network.http.pipelining.ssl", true);
// [! Not needed: TorBrowser already has correct configuration] Can send multiple requests to a server together in order to speed up loading of webpages. This is not supported by ALL servers – some servers may even behave incorrectly if they receive pipelined requests. Default is False
//user_pref("network.http.proxy.pipelining", true);
// [! Not needed: TorBrowser already has correct configuration] Sets a maximum number of multiple requests that can be pipelined to prevent overloading the server. Higher values will cause a delay before the first request completes but will make the last request complete sooner. Higher values will also cause more of a delay if a connection fails. Default is 4.
//user_pref("network.http.pipelining.maxrequests", 10);
**Trac**:
**Username**: joytonhttps://gitlab.torproject.org/tpo/applications/tor-browser/-/issues/3974Disable flash's "allow cookies" pref somehow2020-06-27T14:43:11ZErinn ClarkDisable flash's "allow cookies" pref somehowThis is more of an exploratory topic than a demand.
Mike and I have been investigating the safeness of using flash on various platforms for TBB and during the tests on Windows found out that all of the Flash LSOs (i.e., supercookies) ar...This is more of an exploratory topic than a demand.
Mike and I have been investigating the safeness of using flash on various platforms for TBB and during the tests on Windows found out that all of the Flash LSOs (i.e., supercookies) are stored in %APPDATA%\Macromedia\Flash Player\macromedia.com\support\flashplayer\sys\ on Windows and ~/.macromedia/Flash_Player/macromedia.com/support/flashplayer/sys/ on Linux.
In the testing on Linux, we discovered that it was possible to create an opt-out LSO called settings.sol which would prevent the creation of other Flash cookies (you can recreate one yourself by going to http://www.macromedia.com/support/documentation/en/flashplayer/help/settings_manager03.html). It's easy to put this on Linux since we reset $HOME in the Linux TBB, and it is probably also easy to do it for OSX since we do the same thing there.
Mike wrote a patch for the Windows TBB launcher (see here: https://gitweb.torproject.org/mikeperry/torbrowser.git/shortlog/refs/heads/appdata-haxx).
However, in my investigations, I also discovered some Qt functionality that might do what we want in a saner cross-platform way:
http://doc.trolltech.com/4.6/qsettings.html#setPath
http://doc.trolltech.com/4.6/qdesktopservices.html#storageLocation
Would it be crazy to try resetting this? If it works it would prevent all sorts of data from being written to the wrong place. Is it already in use? I looked through MainWindow.cpp a bit, but not extensively, so this may be redundant.https://gitlab.torproject.org/tpo/applications/tor-browser/-/issues/3890Applications should start using optimistic data2020-06-27T14:43:12ZNick MathewsonApplications should start using optimistic dataIf we've got any applications that speak a protocol where latency matters, and where connections typically start out with the client sending data, then we should look into making them support optimistic data. (This means that the client...If we've got any applications that speak a protocol where latency matters, and where connections typically start out with the client sending data, then we should look into making them support optimistic data. (This means that the client sends data before hearing about whether the socks connection is successful.)
I'm calling this "bundles", but it should mostly focus on application-specific subtickets.https://gitlab.torproject.org/tpo/applications/tor-browser/-/issues/3837Better dialog for 3rd party auth2020-06-27T14:43:12ZMike PerryBetter dialog for 3rd party authThe mechanism used in legacy/trac#3748 to disable 3rd party auth currently will cause the browser to repeatedly throw http auth prompts at the user if a site attempts to use auth.
My view is that while this is confusing, at least it is ...The mechanism used in legacy/trac#3748 to disable 3rd party auth currently will cause the browser to repeatedly throw http auth prompts at the user if a site attempts to use auth.
My view is that while this is confusing, at least it is better than sites silently failing. At least it might clue users into filing bugs.
We should try to find a way to replace/augment this dialog for the 3rd party case though.https://gitlab.torproject.org/tpo/applications/tor-browser/-/issues/3667Toolbar icons non-deterministic?2020-06-27T14:43:12ZMike PerryToolbar icons non-deterministic?There appears to be something strange going on with the toolbar buttons in TBB still. I think it may be related to either updates or intitialization errors. It seems like sometimes you can install a fresh TBB and just get either no toolb...There appears to be something strange going on with the toolbar buttons in TBB still. I think it may be related to either updates or intitialization errors. It seems like sometimes you can install a fresh TBB and just get either no toolbar buttons or just a subset. Whatever you get after the first run seems to become stable thereafter.
We need to investigate more. This probably means launching and them rm'ing TBB multiple times and watching the error console, Torbutton logs, and other logs.. Fun.https://gitlab.torproject.org/tpo/applications/tor-browser/-/issues/3555Pin *.torproject.org's certs in TBB2020-06-27T14:43:12ZtagnaqPin *.torproject.org's certs in TBBTBB should do a hardcoded check for the *.tpo certificate to prevent MITM attacks.
Mozilla does the same for their update mechanism (addons and browser).
https://lists.torproject.org/pipermail/tor-talk/2011-July/020784.htmlTBB should do a hardcoded check for the *.tpo certificate to prevent MITM attacks.
Mozilla does the same for their update mechanism (addons and browser).
https://lists.torproject.org/pipermail/tor-talk/2011-July/020784.htmlhttps://gitlab.torproject.org/tpo/applications/tor-browser/-/issues/3546Disabling Third party cookies breaks some REcaptcha-using sites2020-06-27T14:43:13ZMike PerryDisabling Third party cookies breaks some REcaptcha-using sitesWe've had several anecdotal reports that our TBB default of disabling 3rd party cookies breaks REcaptcha on some sites.
It turns out there is a way to do REcaptcha without 3rd party cookies, but it is not the default mode. For example, ...We've had several anecdotal reports that our TBB default of disabling 3rd party cookies breaks REcaptcha on some sites.
It turns out there is a way to do REcaptcha without 3rd party cookies, but it is not the default mode. For example, drupal pre-6.x uses the 3rd-party cookie mechanism: http://drupal.org/node/1168740
So, do we give up? Do we enable third party cookies? I think so, but perhaps we can convince Mozilla to update the patch for legacy/trac#3246 for us first, so we can try it out.
If nothing happens on the Mozilla front, we should re-enable 3rd party cookies completely for TBB 2.2.x-stable and just rely on legacy/trac#523.https://gitlab.torproject.org/tpo/applications/tor-browser/-/issues/3544Provide Linux users with help for getting Tor Browser icon added to menu2022-11-30T16:45:07ZAndrew LewmanProvide Linux users with help for getting Tor Browser icon added to menuIn a survey of the three people who've called me in the past week, all have said they don't use TBB because it doesn't appear in their application menu; whether this is the start menu in windows, gnome/kde/xfce menu.
If there was an o...In a survey of the three people who've called me in the past week, all have said they don't use TBB because it doesn't appear in their application menu; whether this is the start menu in windows, gnome/kde/xfce menu.
If there was an option to let the user put a link to 'start tor browser' on their desktop or in their menu, that would make these people happy.
I suspect this desire is more common than not, but so far 3 out of 3 people that have called me, wanted it.https://gitlab.torproject.org/tpo/applications/tor-browser/-/issues/3509Torbutton won't display as a text box in the add-on bar.2020-06-27T14:43:13ZTracTorbutton won't display as a text box in the add-on bar.Torbutton displays as an icon in the add-on bar even when it's configured to display as text. I'm using g5153669 with Firefox 5.0 on Ubuntu 11.04.
**Trac**:
**Username**: katmagicTorbutton displays as an icon in the add-on bar even when it's configured to display as text. I'm using g5153669 with Firefox 5.0 on Ubuntu 11.04.
**Trac**:
**Username**: katmagichttps://gitlab.torproject.org/tpo/applications/tor-browser/-/issues/3452firefox 5, window gets bigger on every restart of firefox2020-06-27T14:43:13ZTracfirefox 5, window gets bigger on every restart of firefoxif torbutton is enabled. by 50 pixels.
torbutton 1.3.3-alpha on xubuntu 11.04
**Trac**:
**Username**: kebif torbutton is enabled. by 50 pixels.
torbutton 1.3.3-alpha on xubuntu 11.04
**Trac**:
**Username**: kebMike PerryMike Perryhttps://gitlab.torproject.org/tpo/applications/tor-browser/-/issues/3246Isolate HTTP cookies according to first and third party domain contexts2022-01-11T19:33:57ZMike PerryIsolate HTTP cookies according to first and third party domain contextsRight now, we've set Tor Browser to block third party cookies. This will probably break some sites. There is a less intrusive option described at https://wiki.mozilla.org/Thirdparty that we should use.
**Rebase** and test existing patch...Right now, we've set Tor Browser to block third party cookies. This will probably break some sites. There is a less intrusive option described at https://wiki.mozilla.org/Thirdparty that we should use.
**Rebase** and test existing patches (originating from https://bugzilla.mozilla.org/show_bug.cgi?id=565965)
**Revise requirements** according to preliminary tests and devise a broad test plan.
**Reimplement and retest** to guarantee proper isolation without severely impeding cookie dependent applications.
**Document** the implementation and optionally a contrast of browser cookie handling.
Pave the way towards a **improved privacy panel** including a new cookie inspector and API supporting such UI.
----
**Note:** This is a metaticket composed of work items in child tickets.https://gitlab.torproject.org/tpo/applications/tor-browser/-/issues/3010Torbutton should disable link prefetching2020-06-27T14:43:14ZTracTorbutton should disable link prefetchingTorButton 1.3.2 alpha rightly disables DNS prefetching, yet it does not disable link prefetching. I believe TorButton should disable link prefetching to increase privacy and reduce load on Tor network (re unnecessary traffic); see: http...TorButton 1.3.2 alpha rightly disables DNS prefetching, yet it does not disable link prefetching. I believe TorButton should disable link prefetching to increase privacy and reduce load on Tor network (re unnecessary traffic); see: https://developer.mozilla.org/en/Link_prefetching_FAQ
I use the following setting in user.js:
```
user_pref("network.prefetch-next", false);
```
**Trac**:
**Username**: HG2Ghttps://gitlab.torproject.org/tpo/applications/tor-browser/-/issues/2949Make Intermediate Cert Store Memory-Only for TorBrowser2020-06-27T14:43:14ZMike PerryMake Intermediate Cert Store Memory-Only for TorBrowserUser stored certs as well as the intermediate certificate store should be memory-only by default in TorBrowser. This should be easy for user certs. No so sure about intermediate ones. Need to review the relevant code first.User stored certs as well as the intermediate certificate store should be memory-only by default in TorBrowser. This should be easy for user certs. No so sure about intermediate ones. Need to review the relevant code first.Mike PerryMike Perryhttps://gitlab.torproject.org/tpo/applications/tor-browser/-/issues/2926Update Tor Browser Bundle documentation2020-06-27T14:43:14ZcypherpunksUpdate Tor Browser Bundle documentationKnowledgeable people should go through it and make corrections where things have changed since it was written. It looks like it's been about four years.Knowledgeable people should go through it and make corrections where things have changed since it was written. It looks like it's been about four years.