Trac issueshttps://gitlab.torproject.org/legacy/trac/-/issues2020-06-13T03:37:22Zhttps://gitlab.torproject.org/legacy/trac/-/issues/13453circular link, outdated info on orbot info page2020-06-13T03:37:22ZTraccircular link, outdated info on orbot info pagepage I'm referencing is: https://guardianproject.info/apps/orbot/
fixes should be made in the 4th paragraph, the section outlining features after the screenshot:
> ★ PRIVATE CHAT MESSAGING: Use Gibberbot with Orbot to chat confidentia...page I'm referencing is: https://guardianproject.info/apps/orbot/
fixes should be made in the 4th paragraph, the section outlining features after the screenshot:
> ★ PRIVATE CHAT MESSAGING: Use Gibberbot with Orbot to chat confidentially with anyone, anywhere for free. Get Gibberbot:
> !https://goo.gl/O3FfS!
__'been awhile since it was called gibberbot, hasn't it? should probably change that to chatsecure
__'
> ★ PRIVACY FOR APPS: Any installed app can use Tor if it has a proxy feature, using the settings found here:
> https://goo.gl/2OA1y
**_The short url unmasks to the exact page it's on. Seeing as there are multiple possibilities (localhost: 9050, localhost 9040, localhost 8118, and http/https/socks4/socks4a/socks5) and no real explanation of the proper proxy configuration, there should be at least a section with that info and how they are connected to each other, because sending everything through tor doesn't work, and there is a bug in the individual apps selection I will detsail in a separate ticket if it hasn't yet been reported that makes the option virtually unusable.**_
**Trac**:
**Username**: vvnNathan FreitasNathan Freitashttps://gitlab.torproject.org/legacy/trac/-/issues/13333Android users visiting sites using Tor leave all kinds of incriminating evide...2020-06-13T03:34:46ZcypherpunksAndroid users visiting sites using Tor leave all kinds of incriminating evidence in the logsPeople using Tor on Android use User-Agents with all kinds of incriminating evidence such as:
"Mozilla/5.0 (Linux; Android 4.1; Nexus 7 Build/JRN84D)
AppleWebKit/535.19 (KHTML, like Gecko) Chrome/18.0.1025.166
Safari/535.19"
"Mozill...People using Tor on Android use User-Agents with all kinds of incriminating evidence such as:
"Mozilla/5.0 (Linux; Android 4.1; Nexus 7 Build/JRN84D)
AppleWebKit/535.19 (KHTML, like Gecko) Chrome/18.0.1025.166
Safari/535.19"
"Mozilla/5.0 (Linux; U; Android 4.2.2; es-us; HUAWEI Y320-U151
Build/HUAWEIY320-U151) AppleWebKit/534.30 (KHTML, like Gecko)
Version/4.0 Mobile Safari/534.30"
"Mozilla/5.0 (Linux; U; Android 2.3; en-us; GT-I9100 Build/GRH78)
AppleWebKit/533.1 (KHTML, like Gecko) Version/4.0 Mobile Safari/533.1"
These are examples with the least personal information in them and they may or may not be from a popular hidden service.
I am not sure who's software or project is responsible for this but it does not exactly make these people "blend in"Nathan FreitasNathan Freitashttps://gitlab.torproject.org/legacy/trac/-/issues/13185Orbot still accesses the public Tor network with bridges configured2020-06-13T03:31:47ZMike PerryOrbot still accesses the public Tor network with bridges configuredI configured Orbot 14.0.8.1 to use bridges, and then set up my upstream firewall to block all connection attempts except to that bridge, yet Orbot still seems to try to connect to many other nodes in the public directory.
Note I have th...I configured Orbot 14.0.8.1 to use bridges, and then set up my upstream firewall to block all connection attempts except to that bridge, yet Orbot still seems to try to connect to many other nodes in the public directory.
Note I have the same configuration on my laptop, and tor does not do this. If bridges are configured, Tor only connects to those IPs.
It should also be possible to observe by inspecting Orbot's connections on your Android device in OS Monitor app's "Connections" tab:
https://play.google.com/store/apps/details?id=com.eolwral.osmonitor&hl=en
https://f-droid.org/repository/browse/?fdid=com.eolwral.osmonitorNathan FreitasNathan Freitashttps://gitlab.torproject.org/legacy/trac/-/issues/13121App Conflict2020-06-13T03:30:27ZTracApp ConflictPlease disable this app in Android: -> settings-> Apps if you are having problems with Orbot: com.sec.msc.nts.android.proxy
**Trac**:
**Username**: dlmrPlease disable this app in Android: -> settings-> Apps if you are having problems with Orbot: com.sec.msc.nts.android.proxy
**Trac**:
**Username**: dlmrNathan FreitasNathan Freitashttps://gitlab.torproject.org/legacy/trac/-/issues/13007orbot and orweb2016-04-08T08:16:43ZTracorbot and orwebKeep getting "incorrect captcha entered" messages when trying to register in different marketplaces. Even after multiple tries. Using orbot with orweb on Android device. Is there something im doing wrong?
**Trac**:
**Username**: jacka...Keep getting "incorrect captcha entered" messages when trying to register in different marketplaces. Even after multiple tries. Using orbot with orweb on Android device. Is there something im doing wrong?
**Trac**:
**Username**: jackandjill828Nathan FreitasNathan Freitashttps://gitlab.torproject.org/legacy/trac/-/issues/12976Orbot's new identity feature is not mentioned anywhere in app or documentation2020-06-13T03:27:14ZcypherpunksOrbot's new identity feature is not mentioned anywhere in app or documentationNowhere in the app UI, wizard or websites can I find any mention of the Orbot's new identity feature. I only discovered it by accident and I'm sure other users will be in a similar position. I thought I'd seen a bug of someone actually r...Nowhere in the app UI, wizard or websites can I find any mention of the Orbot's new identity feature. I only discovered it by accident and I'm sure other users will be in a similar position. I thought I'd seen a bug of someone actually requesting for a new identity feature to be added because they didn't know it already existed, but I can't seem to find it now.
I think a simple mention in the UI would be enough. Just like we already have _Orbot is deactivated - long press to start -_, we could simply change the string _Connected to the Tor network_ to something like _Connected to the Tor network - Swipe for new circuit -_. A mention in the in-app wizard and/or in the interactive how-to on the Guardian Project website also wouldn't go a miss.Nathan FreitasNathan Freitashttps://gitlab.torproject.org/legacy/trac/-/issues/12815Changes is build not reflected in BUILD docs2014-08-14T04:51:37ZTracChanges is build not reflected in BUILD docsI'd like to get involved with Orbot development, but Tor's dependencies don't seem to be bundled with the repository.
I first did a `git clone` of [https://gitweb.torproject.org/orbot.git](http://www.google.com/url?q=https://gitweb.torp...I'd like to get involved with Orbot development, but Tor's dependencies don't seem to be bundled with the repository.
I first did a `git clone` of [https://gitweb.torproject.org/orbot.git](http://www.google.com/url?q=https://gitweb.torproject.org/orbot.git&sa=D&usg=AFQjCNEpj_yHjh9MXieeSi2hbbd5o0P_5Q)
In order to build orbot, I follow the instructions in the `BUILD` readme. This is what happens (`orbot/$` means the shell in the orbot git repo). I already have Android NDK installed and the path stored in the `NDK_BASE` environment variable.
```
orbot/$ git submodule init
Submodule 'external/ActionBarSherlock' (https://github.com/JakeWharton/ActionBarSherlock.git) registered for path 'external/ActionBarSherlock'
Submodule 'external/iptables' (git://git.netfilter.org/iptables) registered for path 'external/iptables'
Submodule 'external/jtorctl' (https://github.com/guardianproject/jtorctl) registered for path 'external/jtorctl'
Submodule 'external/liballium' (https://git.torproject.org/user/yawning/liballium.git) registered for path 'external/liballium'
Submodule 'external/libevent' (https://github.com/libevent/libevent.git) registered for path 'external/libevent'
Submodule 'external/obfsclient' (https://git.torproject.org/user/yawning/obfsclient.git) registered for path 'external/obfsclient'
Submodule 'external/openssl' (git://git.openssl.org/openssl) registered for path 'external/openssl'
Submodule 'external/polipo' (https://github.com/jech/polipo.git) registered for path 'external/polipo'
Submodule 'external/superuser-commands' (https://github.com/dschuermann/superuser-commands.git) registered for path 'external/superuser-commands'
Submodule 'external/tor' (https://git.torproject.org/git/tor.git) registered for path 'external/tor'
```
```
orbot/$ git submodule update
Submodule path 'external/ActionBarSherlock': checked out 'c0d437ce4c47cb344e5d96414ffbf5f1a85c26d0'
Submodule path 'external/iptables': checked out '99b85b7837707bd6c6d578c9328e1321fceb8082'
Submodule path 'external/jtorctl': checked out '319377b33117035155715b9207a7b41cbacef3a7'
Submodule path 'external/liballium': checked out '5272de7361897ee6b5c969fd1eec6609d64ac13a'
Submodule path 'external/libevent': checked out '64177777165d9684bafbfa946abd126f7ebff11f'
Submodule path 'external/obfsclient': checked out '9c164b2afb666d0bcd26ba3eeb6da07a9fff551c'
Submodule path 'external/openssl': checked out '6b72417a00b803680edc9be214c1b3dd9dae203d'
Submodule path 'external/polipo': checked out 'f690e763257ba05513b0bf0bd8a99554a0719201'
Submodule path 'external/superuser-commands': checked out 'be997be8fff6dc00cd249fdfd128d6820461db99'
Submodule path 'external/tor': checked out 'fcbb21b414947d8ad7e4298d3952b84d8005dabc'
orbot/$ make -C external
make: Entering directory `$ORBOT_SOURCE/external'
cd openssl && \
./Configure android -DL_ENDIAN && \
make CC="$NDK_BASE/toolchains/arm-linux-androideabi-4.8/prebuilt/linux-x86_64/bin/arm-linux-androideabi-gcc --sysroot=$NDK_BASE/platforms/android-9/arch-arm" ANDROID_DEV=$NDK_BASE/platforms/android-9/arch-arm/usr build_libs
Configuring for android
no-ec_nistp_64_gcc_128 [default] OPENSSL_NO_EC_NISTP_64_GCC_128 (skip dir)
no-gmp [default] OPENSSL_NO_GMP (skip dir)
no-jpake [experimental] OPENSSL_NO_JPAKE (skip dir)
no-krb5 [krb5-flavor not specified] OPENSSL_NO_KRB5
no-md2 [default] OPENSSL_NO_MD2 (skip dir)
no-rc5 [default] OPENSSL_NO_RC5 (skip dir)
no-rfc3779 [default] OPENSSL_NO_RFC3779 (skip dir)
no-sctp [default] OPENSSL_NO_SCTP (skip dir)
no-shared [default]
no-store [experimental] OPENSSL_NO_STORE (skip dir)
no-zlib [default]
no-zlib-dynamic [default]
....
```
Okay, so far, so good. This is where I notice things aren't going as the way is described in `BUILD`:
```
orbot/$ file res/raw/tor
res/raw/tor: ERROR: cannot open `res/raw/tor' (No such file or directory)
orbot/$ file res/raw/privoxy
res/raw/privoxy: ERROR: cannot open `res/raw/privoxy' (No such file or directory)
```
However, I did find the tor binary in `external/bin/tor`. Can't say the same for privoxy, though. Running `find -iname '*privoxy*'` came up completely empty.
I've attached the full output of `make -c external `in case anyone sees anything.
As an aside question, how do I make contributions to the gitweb? I saw no "registration" or "sign up" links. Thanks.
**Trac**:
**Username**: o'darnhttps://gitlab.torproject.org/legacy/trac/-/issues/12810proxy settings in Orbot2016-04-07T11:02:02ZTracproxy settings in OrbotI am using my office wifi to access internet. We need to use proxy address to access internet on computer. i have configured proxy address in wifi settings of office router in my mobile and websites are opening but when i start "orbot", ...I am using my office wifi to access internet. We need to use proxy address to access internet on computer. i have configured proxy address in wifi settings of office router in my mobile and websites are opening but when i start "orbot", it stucks on bootsrapped 5%. Kindly clear that should i have to input proxy settings in orbot as well and if so then in which option of orbot, i have to enter proxy server address of my network.
**Trac**:
**Username**: shani851Nathan FreitasNathan Freitashttps://gitlab.torproject.org/legacy/trac/-/issues/12765Tor fails on rooted GS4 running 4.4.22020-06-13T03:23:13ZTracTor fails on rooted GS4 running 4.4.2Orbot is starting…
tor: PRE: Is binary exec? true
polipo: PRE: Is binary exec? true
obfsclient: PRE: Is binary exec? true
xtables: PRE: Is binary exec? true
updating torrc custom configuration...
success.
Orbot is starting…
Control Port ...Orbot is starting…
tor: PRE: Is binary exec? true
polipo: PRE: Is binary exec? true
obfsclient: PRE: Is binary exec? true
xtables: PRE: Is binary exec? true
updating torrc custom configuration...
success.
Orbot is starting…
Control Port config file does not yet exist (waiting for tor): /data/data/org.torproject.android/app_bin/control.txt
waiting...
Control Port config file does not yet exist (waiting for tor): /data/data/org.torproject.android/app_bin/control.txt
waiting...
Control Port config file does not yet exist (waiting for tor): /data/data/org.torproject.android/app_bin/control.txt
Connecting to control port: 9051
Error connecting to Tor local control port: failed to connect to /127.0.0.1 (port 9051): connect failed: ECONNREFUSED (Connection refused)
waiting...
Couldn't start Tor process:; exit=0:
Tor exit code: 0
Couldn't start Tor process:
**Trac**:
**Username**: Wally44Nathan FreitasNathan Freitashttps://gitlab.torproject.org/legacy/trac/-/issues/12762Orbot 14.0.5 causes LED to flash while it is running2020-06-13T03:23:11ZTracOrbot 14.0.5 causes LED to flash while it is runningSamsung Galaxy S4 / Cyanogenmod 11 M8
Orbot 14.0.5.
Problem:
After upgrading to the latest version of Orbot (14.0.5) any time the screen goes to sleep and Orbot is running, the LED on the phone will flash. This draws attention to the p...Samsung Galaxy S4 / Cyanogenmod 11 M8
Orbot 14.0.5.
Problem:
After upgrading to the latest version of Orbot (14.0.5) any time the screen goes to sleep and Orbot is running, the LED on the phone will flash. This draws attention to the phone due to the brightness of LED. Previous versions of Orbot did not display this behavior
Reproduce:
- Install Orbot
- Run Orbot
- Let screen go to sleep or manually put it to sleep
- LED starts to flash
- Wake screen and unlock, LED stops flashing
Expected outocme:
- With orbot running if screen goes to sleep, LED should not flash
**Trac**:
**Username**: torieNathan FreitasNathan Freitashttps://gitlab.torproject.org/legacy/trac/-/issues/12663Orbot, libevent and BSD sed ( includes patch )2020-06-13T03:21:28ZcypherpunksOrbot, libevent and BSD sed ( includes patch )Compilation of Orbot stops at libevent if using BSD sed rather than GNU sed.
The error is :
sed -i 's@\(SUBDIRS = . include\) sample test@\1@' libevent/Makefile.am
sed: 1: "libevent/Makefile.am": extra characters at the end of l comman...Compilation of Orbot stops at libevent if using BSD sed rather than GNU sed.
The error is :
sed -i 's@\(SUBDIRS = . include\) sample test@\1@' libevent/Makefile.am
sed: 1: "libevent/Makefile.am": extra characters at the end of l command
I have traced the problem to Orbot's external/Makefile.
There is a difference between BSD and GNU sed with regards to the inplace -i flag, both accept an argument for a file extension to backup to, if no extension is provided no backup is made, however BSD sed requires an argument even if it is empty, whereas GNU sed ignores it.
The attached patch adds an extension rather than provide an empty argument, this *should* work with both GNU and BSD sed, though I haven't tried it with the former.Nathan FreitasNathan Freitashttps://gitlab.torproject.org/legacy/trac/-/issues/12413Orbot doesn't use separate torrcs, and overrides & overwrites user-set torrcs2020-06-13T03:16:33ZIsis LovecruftOrbot doesn't use separate torrcs, and overrides & overwrites user-set torrcsYou _can_ use multiple `torrc` files simultaneously. [RTFM](https://gitweb.torproject.org/tor.git/blob/HEAD:/doc/tor.1.txt#l52)You _can_ use multiple `torrc` files simultaneously. [RTFM](https://gitweb.torproject.org/tor.git/blob/HEAD:/doc/tor.1.txt#l52)Nathan FreitasNathan Freitashttps://gitlab.torproject.org/legacy/trac/-/issues/12412Orbot broke using TransPort2020-06-13T03:16:32ZIsis LovecruftOrbot broke using TransPortOrbot (as of 14.0.3.1 and later) [sets `TransPort 0`](https://gitweb.torproject.org/orbot.git/commitdiff/2ce9ea92f14f7b5c04798809f0c262475766977e), which disables tor's `TransPort` entirely. This means that people who use iptables script...Orbot (as of 14.0.3.1 and later) [sets `TransPort 0`](https://gitweb.torproject.org/orbot.git/commitdiff/2ce9ea92f14f7b5c04798809f0c262475766977e), which disables tor's `TransPort` entirely. This means that people who use iptables scripts outside of Orbot (as described in [Mike Perry's recent blog post](https://blog.torproject.org/blog/mission-impossible-hardening-android-security-and-privacy)) to redirect TCP traffic to the `TransPort` cannot do so.
Related, see #12411.
>
> Leaks are not the problem; they are the symptom. --Heather Brooke
>Nathan FreitasNathan Freitashttps://gitlab.torproject.org/legacy/trac/-/issues/12411Orbot broke using DNSPort2020-06-13T03:16:31ZIsis LovecruftOrbot broke using DNSPortOrbot 14.0.3.1 completely breaks networking, if you have firewall scripts which don't allow leaks.
**THIS MEANS THAT ORBOT IS LEAKING LIKE THE FUCKING PENTAGON PAPERS, EXCEPT NOT IN A GOOD WAY.**
This is because Orbot (as of 14.0.3.1 ...Orbot 14.0.3.1 completely breaks networking, if you have firewall scripts which don't allow leaks.
**THIS MEANS THAT ORBOT IS LEAKING LIKE THE FUCKING PENTAGON PAPERS, EXCEPT NOT IN A GOOD WAY.**
This is because Orbot (as of 14.0.3.1 and later) [sets `DNSPort 0`](https://gitweb.torproject.org/orbot.git/commitdiff/2ce9ea92f14f7b5c04798809f0c262475766977e), which disables tor's `DNSPort` entirely. This means that people who use iptables scripts outside of Orbot (as described in [Mike Perry's recent blog post](https://blog.torproject.org/blog/mission-impossible-hardening-android-security-and-privacy)) to redirect UDP DNS traffic to the `DNSPort` cannot do so. It also means that _every other application will leak traffic all over the place_.
Currently, the only way to fix this mess is to force stop and uninstall Orbot, download an older (14.0.1) .apk onto another device, and copy it over manually to the broken one to reinstall it. This is ridiculous. You're practically bricking people's devices, and you're forcing them to jump through extreme hoops to preserve their anonymity.Nathan FreitasNathan Freitashttps://gitlab.torproject.org/legacy/trac/-/issues/12036Different port for hidden services on ORBot2016-04-07T11:25:40ZTracDifferent port for hidden services on ORBotThere is no way to enter settings like:
HiddenServicePort 80 8080
Also settings like these are impossible:
ORPort 93.95.227.222:443 NoListen
ORPort 192.168.100.10:9443 NoAdvertise
**Trac**:
**Username**: tedjonesomc@gmail.comThere is no way to enter settings like:
HiddenServicePort 80 8080
Also settings like these are impossible:
ORPort 93.95.227.222:443 NoListen
ORPort 192.168.100.10:9443 NoAdvertise
**Trac**:
**Username**: tedjonesomc@gmail.comNathan FreitasNathan Freitashttps://gitlab.torproject.org/legacy/trac/-/issues/11560Orbot-v13.0.7-BETA-1: "Tor Tethering" > Warnings about Listeners on 0.0.0.02020-06-13T14:30:21ZcypherpunksOrbot-v13.0.7-BETA-1: "Tor Tethering" > Warnings about Listeners on 0.0.0.0
"
WARN: You specified a public address '0.0.0.0:9050' for SocksPort. Other people on the Internet might find your computer and use it as an open proxy. Please don't allow this unless you have a good reason.
WARN: You specified a public ...
"
WARN: You specified a public address '0.0.0.0:9050' for SocksPort. Other people on the Internet might find your computer and use it as an open proxy. Please don't allow this unless you have a good reason.
WARN: You specified a public address '0.0.0.0:5400' for DNSPort. Other people...
WARN: You specified a public address '0.0.0.0:9040' for TransPort. Other people...
WARN: You have a ControlPort set to accept connections from a non-local address. This means that programs not running on you computer can reconfigure you Tor. That's pretty bad, since the controller protocol isn't encrypted! Maybe you should ...
"
I assume these listeners are there due to the enabled "Tor Tethering", but wouldn't it be possible to bind these listeners to the WIFI interface only (I assume they are only needed there)?Nathan FreitasNathan Freitashttps://gitlab.torproject.org/legacy/trac/-/issues/11559Orbot-v13.0.7-BETA-1: "Tor Tethering" not working2020-06-13T03:06:29ZcypherpunksOrbot-v13.0.7-BETA-1: "Tor Tethering" not workingHi,
I'm running the latest Orbot version [1] on a rooted Android 4.0.4 and enabled
"Tor Tethering" while enabling Internet via 3G, but the devices connecting to the hotspot are not routed over Tor (tested via checkip.dyndns.org).
Sho...Hi,
I'm running the latest Orbot version [1] on a rooted Android 4.0.4 and enabled
"Tor Tethering" while enabling Internet via 3G, but the devices connecting to the hotspot are not routed over Tor (tested via checkip.dyndns.org).
Should this work or is this a experimental feature anyway?
How can I help to debug this?
https://guardianproject.info/releases/Orbot-v13.0.7-BETA-1.apkNathan FreitasNathan Freitashttps://gitlab.torproject.org/legacy/trac/-/issues/11489obfsclient integration for orbot2014-04-24T13:42:31ZYawning Angelobfsclient integration for orbotIn order to support more than obfs2, orbot should switch to using obfsclient from obfsproxy. I have attached a preliminary set of patches that accomplish this, based off `8d73be655e84879e56369546cdefa7c8d84fa4ac`.
To be done:
* obfspr...In order to support more than obfs2, orbot should switch to using obfsclient from obfsproxy. I have attached a preliminary set of patches that accomplish this, based off `8d73be655e84879e56369546cdefa7c8d84fa4ac`.
To be done:
* obfsproxy is still build and included as an asset.
* The obfsclient binary built with debugging information is gigantic, stripping after build is recommended.
* UI work for pluggable transport protocol selection.
Please let me know if there are any questions.Nathan FreitasNathan Freitashttps://gitlab.torproject.org/legacy/trac/-/issues/11415jtorctl: Throw checked exceptions instead of unchecked exceptions2014-08-11T20:35:07ZTracjtorctl: Throw checked exceptions instead of unchecked exceptionsjtorctl throws unchecked RuntimeExceptions if it receives an error response or malformed response from Tor - users of the library have to catch these without being warned by the API. This patch converts jtorctl's RuntimeException subclas...jtorctl throws unchecked RuntimeExceptions if it receives an error response or malformed response from Tor - users of the library have to catch these without being warned by the API. This patch converts jtorctl's RuntimeException subclasses into IOException subclasses. This is safer for users of the library and better conveys what's happened (an IO error).
**Trac**:
**Username**: akwizgranNathan FreitasNathan Freitashttps://gitlab.torproject.org/legacy/trac/-/issues/11414jtorctl: Make TorControlConnection thread-safe2014-08-11T20:35:30ZTracjtorctl: Make TorControlConnection thread-safeThis patch makes TorControlConnection thread-safe. In particular it prevents concurrent calls to sendAndWaitForResponse() from leaking threads.
**Trac**:
**Username**: akwizgranThis patch makes TorControlConnection thread-safe. In particular it prevents concurrent calls to sendAndWaitForResponse() from leaking threads.
**Trac**:
**Username**: akwizgranNathan FreitasNathan Freitas