Trac issueshttps://gitlab.torproject.org/legacy/trac/-/issues2020-01-07T10:11:55Zhttps://gitlab.torproject.org/legacy/trac/-/issues/32844Please update torbirdy to support new versions of firefox2020-01-07T10:11:55ZTracPlease update torbirdy to support new versions of firefox
**Trac**:
**Username**: wschmidt22
**Trac**:
**Username**: wschmidt22Sukhbir SinghSukhbir Singhhttps://gitlab.torproject.org/legacy/trac/-/issues/31773update torbirdy compatibility to work with Thunderbird 68.1.02019-10-20T12:30:27Zcypherpunksupdate torbirdy compatibility to work with Thunderbird 68.1.0
After upgrading Thunderbird to 68.1.0
torbirdy no longer shows as compatible
After upgrading Thunderbird to 68.1.0
torbirdy no longer shows as compatibleSukhbir SinghSukhbir Singhhttps://gitlab.torproject.org/legacy/trac/-/issues/31341TorBirdy does not support Thunderbird 682020-06-13T10:24:49ZTracTorBirdy does not support Thunderbird 68TorBirdy 0.2.6 could not be installed because it is not compatible with Thunderbird 68. I tested this with Thunderbird 68.0b5.
**Trac**:
**Username**: ozozozTorBirdy 0.2.6 could not be installed because it is not compatible with Thunderbird 68. I tested this with Thunderbird 68.0b5.
**Trac**:
**Username**: ozozozSukhbir SinghSukhbir Singhhttps://gitlab.torproject.org/legacy/trac/-/issues/30982Torbirdy preset keyserver2020-06-13T09:46:36ZcypherpunksTorbirdy preset keyserverThe preset keyserver must be removed. Nowhere can keys be manipulated more easy than on a key server. Through the preset the contact to a distinct keyserver is mandatory, which leads to identification of Torbirdy users, see Fingerprint, ...The preset keyserver must be removed. Nowhere can keys be manipulated more easy than on a key server. Through the preset the contact to a distinct keyserver is mandatory, which leads to identification of Torbirdy users, see Fingerprint, #30981, and a single point of attack.Sukhbir SinghSukhbir Singhhttps://gitlab.torproject.org/legacy/trac/-/issues/30981Torbrowser/Torbirdy insecure settings2020-06-13T09:46:35ZcypherpunksTorbrowser/Torbirdy insecure settingsDescribed for Torbirdy, applicable in the same way to Torbrowser.
security.OCSP.enabled must be 0, after program restart 1
Leak of used https-certificates, also leak of certificates used to check signatures of e-mails, thus history of u...Described for Torbirdy, applicable in the same way to Torbrowser.
security.OCSP.enabled must be 0, after program restart 1
Leak of used https-certificates, also leak of certificates used to check signatures of e-mails, thus history of used certificates (i.e. website, signatures, keys, if tied to a certificate).
furthermore leak of fingerprint (in case of Torbirdy, should be secured with Torbrowser)
Accept:
Accept-Language:
Accept-Encoding:
...Sukhbir SinghSukhbir Singhhttps://gitlab.torproject.org/legacy/trac/-/issues/30980Torbirdy changes config settings to insecure values2020-06-13T09:46:35ZcypherpunksTorbirdy changes config settings to insecure valuesnetwork.http.sendRefererHeader should be 0, after progam restart 2
permissions.default.image should be 2, after program restart 3
network.cookie.cookieBehavior; should be 2, according to torbirdy restore setting (extensions.torbirdy.re...network.http.sendRefererHeader should be 0, after progam restart 2
permissions.default.image should be 2, after program restart 3
network.cookie.cookieBehavior; should be 2, according to torbirdy restore setting (extensions.torbirdy.restore.network.cookie.cookieBehavior;2), after program restart 1Sukhbir SinghSukhbir Singhhttps://gitlab.torproject.org/legacy/trac/-/issues/30534Torbirdy: While TorBirdy running cannot seem to get any Add-ons from the Add-...2019-09-16T12:00:16ZTracTorbirdy: While TorBirdy running cannot seem to get any Add-ons from the Add-on ManagerSteps
- TorBirdy running (and afraid to turn it off, lest it de-anonymises me)
- Click the 'Add-on Manager' tab
- Scroll down to Enigmail and click it.
- A blue and white page flickers onto the screen momentarily before. A message he...Steps
- TorBirdy running (and afraid to turn it off, lest it de-anonymises me)
- Click the 'Add-on Manager' tab
- Scroll down to Enigmail and click it.
- A blue and white page flickers onto the screen momentarily before. A message heading appears, "What are addons". The second paragraph of the body says, "When you're connected to the internet, this pane will feature..." etc etc
Tried also
- search 'enigmail' in the Add-on Manager I get a tab titled "Oops". Page has heading "Oops! We had an error" Body text says "We'll get to fixing that soon." etc etc
**Trac**:
**Username**: torloveSukhbir SinghSukhbir Singhhttps://gitlab.torproject.org/legacy/trac/-/issues/302482 Bugs (possibly related) - Mozilla addon Search & Cardbook CardDav-server co...2020-06-13T09:30:58ZTrac2 Bugs (possibly related) - Mozilla addon Search & Cardbook CardDav-server connection issueWhen torbirdy is active and working, for the first time if you try and connect Cardbook to a carddav server - it fails with "validation failed"
If you disable torbirdy - the connection to a carddav server from Cardbook works perfectly an...When torbirdy is active and working, for the first time if you try and connect Cardbook to a carddav server - it fails with "validation failed"
If you disable torbirdy - the connection to a carddav server from Cardbook works perfectly and connects successfully.
Looking at the logs of Cardbook, i have filed a similar bug on Cardbook issue tracker.
Please see here: https://gitlab.com/CardBook/CardBook/issues/573
It seems as if there is a secure connection issue "Connection status : Failed : SecurityUnsupportedTLSVersionError"
There is also a second bug that COULD be related to the carddav server bug.
When attempting to search in the addons search for any addon such as "Cardbook", it returns an error on Mozilla page with "Oops! We had an error. We'll get to fixing that soon." Now you would think this is a Mozilla issue, but its not. If you disable torbirdy it then returns search results successfully. This issue has been on-going for about 4 months now
PLEASE can you fix these two issues, especially the carddav secure connection issue.
I also tried contacting you on @tor but you were not available.
**Trac**:
**Username**: jovi234Sukhbir SinghSukhbir Singhhttps://gitlab.torproject.org/legacy/trac/-/issues/29829Torbirdy is not updated for Thunderbird 60.5.x2020-06-13T09:22:39ZanonymTorbirdy is not updated for Thunderbird 60.5.xThunderbird 60.5.0 introduces a huge change to the automatic account configuration code. One of the XUL element id:s that Torbirdy references has changed, leading to breakage if you enable the automatic account configuration wizard, like...Thunderbird 60.5.0 introduces a huge change to the automatic account configuration code. One of the XUL element id:s that Torbirdy references has changed, leading to breakage if you enable the automatic account configuration wizard, like in Tails: https://redmine.tails.boum.org/code/issues/16573Sukhbir SinghSukhbir Singhhttps://gitlab.torproject.org/legacy/trac/-/issues/29155TorBirdy privacy-friendly automatic refresh2020-06-13T09:08:43ZTracTorBirdy privacy-friendly automatic refreshIt would be nice if TorBirdy let you select which email accounts you want TorBirdy to refresh automatically, and then having TorBirdy refreshing them one-by-one separated at randomized intervals and being each account refreshed over a un...It would be nice if TorBirdy let you select which email accounts you want TorBirdy to refresh automatically, and then having TorBirdy refreshing them one-by-one separated at randomized intervals and being each account refreshed over a unique Tor circuit.
**Trac**:
**Username**: MaruSukhbir SinghSukhbir Singhhttps://gitlab.torproject.org/legacy/trac/-/issues/28493Stop forcibly enabling protected headers (aka. Memory Hole) by default2020-06-13T08:30:26ZintrigeriStop forcibly enabling protected headers (aka. Memory Hole) by defaultLet's move the discussion from https://github.com/ioerror/torbirdy/issues/33 here.
I have three new arguments in favour of not Torbirdy not touching this pref anymore:
1. Enigmail now makes this feature visible to users in a better pla...Let's move the discussion from https://github.com/ioerror/torbirdy/issues/33 here.
I have three new arguments in favour of not Torbirdy not touching this pref anymore:
1. Enigmail now makes this feature visible to users in a better place
My understanding is that when #21880 was implemented, this feature was hidden behind a hidden pref so from the Torbirdy PoV, the simplest way to make it available to the masses was to do add UI in the Torbirdy prefs, but since most users won't go in the prefs to enable it, it was decided to enable it by default. Nowadays, things are very different: Enigmail itself prompts the user wrt. whether this pref should be enabled, so they get to choose; and it has UI to toggle it on/off. So it seems to me that the main reason that justifies why Torbirdy took ownership of this pref is gone.
Besides, having to go to the Torbirdy settings to change this pref is confusing: protected headers only make sense with encrypted email, so it makes sense that they're configurable via the Enigmail settings. Adding one more layer of indirection is bound to cause user confusion, and indeed, since 1+ year I've seen lots of Enigmail+Torbirdy users wondering why protected headers come back enabled after they've disabled it in the Enigmail prefs.
2. The corresponding code in Torbirdy seems to be unmaintained
The corresponding pref was renamed in Enigmail and its type changed in Enigmail 2.0. It seems that Torbirdy was not updated accordingly.
3. The strategy and timeline for protected headers adoption is unclear
Protected headers are currently a big pain for every email recipient, unless they use Thunderbird + Enigmail or K9. At Tails we would like to enable protected headers ASAP so our plan was to do some social media propaganda, announcing we would enable it at $DATE, and encouraging email client authors to support protected headers. But the Memory Hole spec is currently not good enough for us to point software developers to, and the timeline for updating it is unclear. For details, see https://redmine.tails.boum.org/code/issues/13649 and the email discussions linked from there. I also hope that at some point, the critical mass of users who send email with protected headers encourages email client authors to add such support, but this has not happened yet and I don't see it happening any time soon.
So all in all, my current position is that Torbirdy should stop interfering: it should let Enigmail do its thing (which it does pretty nicely) wrt. communicating to the user that this feature exists, and providing UI to toggle it on/off as desired.Sukhbir SinghSukhbir Singhhttps://gitlab.torproject.org/legacy/trac/-/issues/28214TOR DOESNT WORK2019-11-17T19:37:19ZTracTOR DOESNT WORKI CANT GET TOR UP AND RUNNING. I SPEND HOURS TRYING
**Trac**:
**Username**: Sparky1959I CANT GET TOR UP AND RUNNING. I SPEND HOURS TRYING
**Trac**:
**Username**: Sparky1959Sukhbir SinghSukhbir Singhhttps://gitlab.torproject.org/legacy/trac/-/issues/27950Thunderbird updated to 60.2.1 on Oct. 2, TorBirdy breaks.2018-10-06T15:37:08ZTracThunderbird updated to 60.2.1 on Oct. 2, TorBirdy breaks.Mozilla Thunderbird has been updated to 60.2.1 on Oct. 2, 2018. (https://www.thunderbird.net/en-US/thunderbird/60.2.1/releasenotes/)
TorBirdy fails when update is applied.
**Trac**:
**Username**: thwrthrtfMozilla Thunderbird has been updated to 60.2.1 on Oct. 2, 2018. (https://www.thunderbird.net/en-US/thunderbird/60.2.1/releasenotes/)
TorBirdy fails when update is applied.
**Trac**:
**Username**: thwrthrtfSukhbir SinghSukhbir Singhhttps://gitlab.torproject.org/legacy/trac/-/issues/27596Disable Submitting Crash to Mozilla by Default2020-06-13T08:12:42ZTracDisable Submitting Crash to Mozilla by DefaultThis should be disabled as we are using ThunderBird for anonymous usage outside of mozila development. and TBB disabled as well the browser feedback even to Torproject itself. so for security/anonymity sake its better to disable it.
*...This should be disabled as we are using ThunderBird for anonymous usage outside of mozila development. and TBB disabled as well the browser feedback even to Torproject itself. so for security/anonymity sake its better to disable it.
**Trac**:
**Username**: bo0odSukhbir SinghSukhbir Singhhttps://gitlab.torproject.org/legacy/trac/-/issues/27570Stop ThunderBird Chat feature2020-06-13T08:12:18ZTracStop ThunderBird Chat featureIRC its better to be used with hexchat and gajim for jabber and tbb for any website. using ThunderBird not really recommended as there is no hardened version for its features.
![https://forums.whonix.org/uploads/default/optimized/2X/3/3...IRC its better to be used with hexchat and gajim for jabber and tbb for any website. using ThunderBird not really recommended as there is no hardened version for its features.
![https://forums.whonix.org/uploads/default/optimized/2X/3/35c8000187f253fb2dcd7f7fe371a695d4d55e8e_1_690x454.png](https://forums.whonix.org/uploads/default/optimized/2X/3/35c8000187f253fb2dcd7f7fe371a695d4d55e8e_1_690x454.png)
**Trac**:
**Username**: bo0odSukhbir SinghSukhbir Singhhttps://gitlab.torproject.org/legacy/trac/-/issues/27569Stop bad feature of ThunderBird - Built-in browser2020-06-13T08:12:18ZTracStop bad feature of ThunderBird - Built-in browserThunderBird has a feature but its not for anonymity. it has built-in browser (as it seems) which makes requests that might cause a potential harmful action on user privacy. TBB handle that very well so need a built-in one.
steps to prod...ThunderBird has a feature but its not for anonymity. it has built-in browser (as it seems) which makes requests that might cause a potential harmful action on user privacy. TBB handle that very well so need a built-in one.
steps to produce:
* open thunderbird and make new email then follow the images
![https://forums.whonix.org/uploads/default/original/2X/d/d1bea8f9dc70ee16fc701440de923216a21c8465.png](https://forums.whonix.org/uploads/default/original/2X/d/d1bea8f9dc70ee16fc701440de923216a21c8465.png)
![https://forums.whonix.org/uploads/default/optimized/2X/3/36496c3c9b48f948d3074d6be0e56a0acb35b3be_1_690x363.png](https://forums.whonix.org/uploads/default/optimized/2X/3/36496c3c9b48f948d3074d6be0e56a0acb35b3be_1_690x363.png)
**Trac**:
**Username**: bo0odSukhbir SinghSukhbir Singhhttps://gitlab.torproject.org/legacy/trac/-/issues/27092Torbirdy Disabled Still Needs Tor to Fetch Emails in Thunderbird 60+2020-06-13T08:01:57ZTracTorbirdy Disabled Still Needs Tor to Fetch Emails in Thunderbird 60+Just installed Thunderbird 60.0b10 and re-installed Torbirdy. After disabling it and shutting down Tor browser (OSX) I noticed that TB was not fetching any emails. Verified that Torbirdy was in fact disabled in add-ons. When I re-started...Just installed Thunderbird 60.0b10 and re-installed Torbirdy. After disabling it and shutting down Tor browser (OSX) I noticed that TB was not fetching any emails. Verified that Torbirdy was in fact disabled in add-ons. When I re-started Tor browser and tried again, it then fetched emails as normal. Restarted all applications and Mac, but problem persists.
**Trac**:
**Username**: Luigi-BSukhbir SinghSukhbir Singhhttps://gitlab.torproject.org/legacy/trac/-/issues/26215Add an option to Proxy tab: "Do nothing"2020-06-13T07:45:36ZcypherpunksAdd an option to Proxy tab: "Do nothing"I need to use custom proxy, and your add-on change proxy settings
every time I launch Thunderbird.
Can you add an option "(O) Do nothing" to proxy tab, to force TorBirdy
not to mess up my proxy settings?
I really need it, and I'm think...I need to use custom proxy, and your add-on change proxy settings
every time I launch Thunderbird.
Can you add an option "(O) Do nothing" to proxy tab, to force TorBirdy
not to mess up my proxy settings?
I really need it, and I'm thinking about removing your add-on.Sukhbir SinghSukhbir Singhhttps://gitlab.torproject.org/legacy/trac/-/issues/25129Can you stop enabling ocsp each time on startup?2018-03-26T20:14:54ZcypherpunksCan you stop enabling ocsp each time on startup?Your addon enable ocsp automaticallyYour addon enable ocsp automaticallySukhbir SinghSukhbir Singhhttps://gitlab.torproject.org/legacy/trac/-/issues/24984Torbirdy changes SMTP security setting from STARTTLS to SSL/TLS2018-03-26T18:38:06ZTracTorbirdy changes SMTP security setting from STARTTLS to SSL/TLSIf I set up an SMTP server in thunderbird to use STARTTLS, it works fine until I install torbirdy (0.2.3) at which point the setting is changed to SSL/TLS. If I manually change it back to STARTTLS it works fine, until I disable and re-en...If I set up an SMTP server in thunderbird to use STARTTLS, it works fine until I install torbirdy (0.2.3) at which point the setting is changed to SSL/TLS. If I manually change it back to STARTTLS it works fine, until I disable and re-enable torbirdy, which causes the server security setting to switch back to SSL/TLS again.
**Trac**:
**Username**: markrSukhbir SinghSukhbir Singh