Trac issueshttps://gitlab.torproject.org/legacy/trac/-/issues2020-06-13T02:05:21Zhttps://gitlab.torproject.org/legacy/trac/-/issues/8270Exempt @font-face fonts from font limits; prefer them over local fonts2020-06-13T02:05:21ZMike PerryExempt @font-face fonts from font limits; prefer them over local fontsOur font limiting patch currently applies its limits to both local and remote fonts. Before #7937, this was fine, because we blocked remote fonts. However, now that we've decided to lift that block, we should exempt @font-face fonts from...Our font limiting patch currently applies its limits to both local and remote fonts. Before #7937, this was fine, because we blocked remote fonts. However, now that we've decided to lift that block, we should exempt @font-face fonts from our limits, since they don't contribute to fingerprinting. Additionally, if they are present in a font rule that also contains local fonts, they should be used instead of local fonts.Mike PerryMike Perryhttps://gitlab.torproject.org/legacy/trac/-/issues/8219Create a branding extension for browserconfig.properties and region.properties2020-06-13T02:00:39ZMike PerryCreate a branding extension for browserconfig.properties and region.propertiesIn #3944, we went with a super-hacky way of updating omni.ja and the language packs to set our homepage and omnibox values.
It turns out you can do this same stuff from a branding extension. Tails has one here: http://git.immerda.ch/?p=...In #3944, we went with a super-hacky way of updating omni.ja and the language packs to set our homepage and omnibox values.
It turns out you can do this same stuff from a branding extension. Tails has one here: http://git.immerda.ch/?p=amnesia.git;a=tree;f=config/chroot_local-includes/etc/iceweasel/profile/extensions/branding@amnesia.boum.org;h=0cf86e91aff4be8c98841e250d3eb9c943560257;hb=HEAD
We should switch to this as some point and remove all the crazy sed and re-zipping cruft from our TBB makefiles.Mike PerryMike Perryhttps://gitlab.torproject.org/legacy/trac/-/issues/7937Remove NoScript blocks of WebFonts2020-06-13T01:59:51ZMike PerryRemove NoScript blocks of WebFontsDuring my audit of Firefox 17-ESR, I should look over the font parsing code and make sure they included Google's "Font Condom". If it's included and enabled, I think we can allow WebFonts by default.During my audit of Firefox 17-ESR, I should look over the font parsing code and make sure they included Google's "Font Condom". If it's included and enabled, I think we can allow WebFonts by default.Mike PerryMike Perryhttps://gitlab.torproject.org/legacy/trac/-/issues/6422Remove Do Not Track option from Tor Browser privacy preferences2020-06-13T01:52:48ZMike PerryRemove Do Not Track option from Tor Browser privacy preferencesGlobal privacy options such as Do Not Track are fingerprinting vectors. In #5273, we discussed an alternate privacy UI for useful privacy options. A mockup of such UI will be added to the Tor Browser design doc. Given enough development ...Global privacy options such as Do Not Track are fingerprinting vectors. In #5273, we discussed an alternate privacy UI for useful privacy options. A mockup of such UI will be added to the Tor Browser design doc. Given enough development resources, we should be able to migrate useful, yet fingerprintable browser behavior items from the current Firefox Privacy UI into that UI, and silo them on a per-site basis.
We came to the conclusion that the Do Not Track header is not a useful privacy option for Tor Browser, though. Given our threat model and privacy properties (https://www.torproject.org/projects/torbrowser/design/#privacy), it is only a vector for fingerprinting.
We can thus remove it at our earliest convenience.Mike PerryMike Perryhttps://gitlab.torproject.org/legacy/trac/-/issues/7495Create browser-based update notification mechanism2020-06-13T01:48:06ZMike PerryCreate browser-based update notification mechanismThe check.torproject.org update notification has several problems. It's web-based, overloaded, and unmaintained.
From a usability standpoint, I think I like the idea of an ever-present notification ribbon/toolbar thing on *all* windows ...The check.torproject.org update notification has several problems. It's web-based, overloaded, and unmaintained.
From a usability standpoint, I think I like the idea of an ever-present notification ribbon/toolbar thing on *all* windows rather than a popup that appears only when the check interval expires, so long as it can't be confused with something from the content window.
Note, we'll also want to make sure that such a ribbon does not change the size of the resolution values from your CSS + window.screen patches... This might actually be fairly tricky in practice, due to there not being a lot of slack in the current window sizing code in Torbutton ( https://gitweb.torproject.org/torbutton.git/blob/master:/src/chrome/content/torbutton.js#l4358). See also #6146, for example... We could handle this issue by simply giving a larger buffer for maxHeight in that function, though.
Another option could be some sort of icon hint in the Toolbar (for example, Google Chrome places red up arrow over it's 'menu vent'), but that is even more likely to get ignored.
In either case, the notification should provide a link to the TBB download page, and should pass the OS and architecture to this page in the form of an anchor/fragment (see #4238).Mike PerryMike Perryhttps://gitlab.torproject.org/legacy/trac/-/issues/7248Review+Audit Firefox 16 and 17 for next FF ESR release2020-06-13T01:46:57ZMike PerryReview+Audit Firefox 16 and 17 for next FF ESR releaseWe're going to need to start shipping FF17-ESR 'qualify' releases likely starting in December. We will need to switch over to FF17-ESR from FF10-ESR in mid-February or early March.
Here's the schedule:
https://www.mozilla.org/en-US/fire...We're going to need to start shipping FF17-ESR 'qualify' releases likely starting in December. We will need to switch over to FF17-ESR from FF10-ESR in mid-February or early March.
Here's the schedule:
https://www.mozilla.org/en-US/firefox/organizations/faq/
Here's the developer urls:
https://developer.mozilla.org/en/Firefox_16_for_developers
https://developer.mozilla.org/en/Firefox_17_for_developers
In addition, I want to review the all FF17-ESR network glue code for changes to the proxy and DNS behavior, especially with respect to new HTML5 features.Mike PerryMike Perryhttps://gitlab.torproject.org/legacy/trac/-/issues/7084‘Canvas image extraction prompt’ displays useless message2020-06-13T01:41:12ZRobert Ransom‘Canvas image extraction prompt’ displays useless messageFrom `0021-Add-canvas-image-extraction-prompt.patch`:
```
+canvas.siteprompt=This website (%S) attempted to access image data on a canvas. Blank (white) image data was returned this time.
```
Why should I care? (OK, _I_ know this is a...From `0021-Add-canvas-image-extraction-prompt.patch`:
```
+canvas.siteprompt=This website (%S) attempted to access image data on a canvas. Blank (white) image data was returned this time.
```
Why should I care? (OK, _I_ know this is a fingerprinting risk, but please explain that to the user you just popped up a message box at.)Mike PerryMike Perryhttps://gitlab.torproject.org/legacy/trac/-/issues/6661Unable to open Google specific links in TBB2020-06-13T01:33:23ZcypherpunksUnable to open Google specific links in TBBSimilar to #6191 I'm unable to create a google docs spreadsheet.
Steps to reproduce:
1. login
2. click on "create"
3. select "spreadsheet" in the drop down menu that appears
4. a new tab opens (white page no content)Similar to #6191 I'm unable to create a google docs spreadsheet.
Steps to reproduce:
1. login
2. click on "create"
3. select "spreadsheet" in the drop down menu that appears
4. a new tab opens (white page no content)Mike PerryMike Perryhttps://gitlab.torproject.org/legacy/trac/-/issues/6720Review and support Firefox 152020-06-13T01:28:49ZMike PerryReview and support Firefox 15https://developer.mozilla.org/en/Firefox_15_for_developers
http://beta.elchi3.de/doctracker/#list=fx&version=15.0
From the dev doc, my major concern at a glance is the high resolution timers. WebSMS also looks bad for mobile. I have not...https://developer.mozilla.org/en/Firefox_15_for_developers
http://beta.elchi3.de/doctracker/#list=fx&version=15.0
From the dev doc, my major concern at a glance is the high resolution timers. WebSMS also looks bad for mobile. I have not yet gone through the undocumented bugs.
Also, lots of patch conflicts this time: 8, 10, 11, 14, and 17-21.Mike PerryMike Perryhttps://gitlab.torproject.org/legacy/trac/-/issues/6191unable to open gmail's "Change password recovery options" page with TBB2020-06-13T01:27:35Zcypherpunksunable to open gmail's "Change password recovery options" page with TBBSteps to reproduce:
1. create a gmail account or use an existing
2. login to your gmail account
3. go to settings
4. select 'Accounts and Import'
5. click on 'Change password recovery options'
-> new tab without content opens
The webpa...Steps to reproduce:
1. create a gmail account or use an existing
2. login to your gmail account
3. go to settings
4. select 'Accounts and Import'
5. click on 'Change password recovery options'
-> new tab without content opens
The webpage opens normally with other browsers.
Are you able to reproduce this?Mike PerryMike Perryhttps://gitlab.torproject.org/legacy/trac/-/issues/5925Going to an address with a space results in a Google query2020-06-13T01:24:30ZRoger DingledineGoing to an address with a space results in a Google queryType in "foo bar" on your address bar, and your Tor Browser will launch a google query.
It defaults to google and does not change to whatever search engine is selected in the search box.
Reported at https://blog.torproject.org/blog/new...Type in "foo bar" on your address bar, and your Tor Browser will launch a google query.
It defaults to google and does not change to whatever search engine is selected in the search box.
Reported at https://blog.torproject.org/blog/new-tor-browser-bundles-17#comment-15623Mike PerryMike Perryhttps://gitlab.torproject.org/legacy/trac/-/issues/6487TBB-alpha-2.3.19-1 crashes often2020-06-13T01:24:17ZShondoit WalkerTBB-alpha-2.3.19-1 crashes oftenThe latest TBB Alpha has a high tendency to crash.
This is easily reproduced by going to news.bbc.co.uk or torrentfreak.com and clicking a link.
I built a tbb-alpha with and without patches, and the problem does not occur without patch...The latest TBB Alpha has a high tendency to crash.
This is easily reproduced by going to news.bbc.co.uk or torrentfreak.com and clicking a link.
I built a tbb-alpha with and without patches, and the problem does not occur without patches.
I'm currently pinpointing which patch is the culprit.
This seems to happen for all OSes.
Without extensions enabled this still occurs.Mike PerryMike Perryhttps://gitlab.torproject.org/legacy/trac/-/issues/6095Monitor Firefox release url for changes2020-06-13T01:22:48ZMike PerryMonitor Firefox release url for changeshttps://ftp.mozilla.org/pub/mozilla.org/firefox/releases/ has consistently been updated with source tarballs 5 days before the binaries are announced and released to the public.
We should monitor this url for changes with nagios or som...https://ftp.mozilla.org/pub/mozilla.org/firefox/releases/ has consistently been updated with source tarballs 5 days before the binaries are announced and released to the public.
We should monitor this url for changes with nagios or some other mechanism. Those 5 days would be extremely useful to have for our own QA+rebasing efforts.Mike PerryMike Perryhttps://gitlab.torproject.org/legacy/trac/-/issues/4797Deploy Camilo's Generic Font Limiting Patch2020-06-13T01:08:27ZMike PerryDeploy Camilo's Generic Font Limiting PatchWe need to find some font snobs to sniff out minimum acceptable values for the #2872 patch that don't make the web look like shit.We need to find some font snobs to sniff out minimum acceptable values for the #2872 patch that don't make the web look like shit.Mike PerryMike Perryhttps://gitlab.torproject.org/legacy/trac/-/issues/4902Change the default search engine in TBB2020-06-13T01:08:05ZAndrew LewmanChange the default search engine in TBBSome users are concerned that the default search engine in TBB is Google. While we do rewrite the parameters sent to Google, the fact that google can see a large percent of the tor user search queries (as a whole community) may be reduci...Some users are concerned that the default search engine in TBB is Google. While we do rewrite the parameters sent to Google, the fact that google can see a large percent of the tor user search queries (as a whole community) may be reducing their anonymity set. The power of defaults means many users, perhaps the majority, will not change their behavior.
Alternatives to google by default are ixquick and duckduckgo. My vote is for ddg. They run a hidden service, exit enclave, and in general seem to support Tor. ixquick has refused to work with us in the past.TorBrowserBundle 2.3.x-stableMike PerryMike Perryhttps://gitlab.torproject.org/legacy/trac/-/issues/5710Fix/Report SessionStore leakage2020-06-13T01:07:49ZMike PerryFix/Report SessionStore leakageIn #4430, Some Guy is quite insistent that the session store still leaks in Windows, and has a repro case.
S/he claims that all you have to do is close Tor Browser with a tab open, and it will write the title of that tab to sessionstore...In #4430, Some Guy is quite insistent that the session store still leaks in Windows, and has a repro case.
S/he claims that all you have to do is close Tor Browser with a tab open, and it will write the title of that tab to sessionstore.js
I think this is a Firefox bug. I wonder if it happens in Private Browsing Mode. I guess I need to unmothball my Windows VM and see if I can repro, too.Mike PerryMike Perryhttps://gitlab.torproject.org/legacy/trac/-/issues/5412There is a security update available for the Tor Browser Bundle.2020-06-13T01:01:09ZTracThere is a security update available for the Tor Browser Bundle.I just installed the latest browser bundle for Linux today;
tor-browser-gnu-linux-i686-2.2.35-8-dev-en-US.tar.gz
And when I started it, to my surprise it's telling me there's an update;
There is a security update available for the Tor...I just installed the latest browser bundle for Linux today;
tor-browser-gnu-linux-i686-2.2.35-8-dev-en-US.tar.gz
And when I started it, to my surprise it's telling me there's an update;
There is a security update available for the Tor Browser Bundle
**Trac**:
**Username**: DasFoxMike PerryMike Perryhttps://gitlab.torproject.org/legacy/trac/-/issues/3914Experimental website traffic fingerprinting defense2020-06-13T00:58:32ZMike PerryExperimental website traffic fingerprinting defenseFor grins, I decided to make an experimental fingerprinting defense to defend against http://lorre.uni.lu/~andriy/papers/acmccs-wpes11-fingerprinting.pdf.
Basically the defense is to enable HTTP pipelining and to randomize the size and ...For grins, I decided to make an experimental fingerprinting defense to defend against http://lorre.uni.lu/~andriy/papers/acmccs-wpes11-fingerprinting.pdf.
Basically the defense is to enable HTTP pipelining and to randomize the size and the order of the pipeline queue for each connection. It's easy to do and doesn't cost us any overhead.
I think we should ask the researchers to test it out for us or give us their source code.TorBrowserBundle 2.2.x-stableMike PerryMike Perryhttps://gitlab.torproject.org/legacy/trac/-/issues/4517drag-n-drop bypasses tor on Unity2020-06-13T00:46:46Zcypherpunksdrag-n-drop bypasses tor on UnityRequests for drag-and-drop thumbnails in Tor Browser is not sent through the Tor network, but instead plain-text HTTP request.
How to reproduce:
- Download and start Tor Browser Bundle version 2.2.34-2 (current, this one)
- Start up Wir...Requests for drag-and-drop thumbnails in Tor Browser is not sent through the Tor network, but instead plain-text HTTP request.
How to reproduce:
- Download and start Tor Browser Bundle version 2.2.34-2 (current, this one)
- Start up Wireshark and start logging your network interactively
- Using the Tor Browser, visit "www.gnome.org" (or any other HTTP site)
- See Wireshark sending all traffic encrypted to various Tor nodes
- When the site have loaded, drag the big image on the site
- See Wireshark logging a DNS request for "www.gnome.org" with reply
- See Wireshark logging a HTTP HEAD request for
"/wp-content/uploads/2011/09/gnome-3.2.png" on host "www.gnome.org",
sending this directly unencrypted to the IP returned from the DNS request.Mike PerryMike Perryhttps://gitlab.torproject.org/legacy/trac/-/issues/3812Create a Tor Browser Design Doc Draft2020-06-13T00:33:12ZMike PerryCreate a Tor Browser Design Doc DraftWe need to document the new behaviors, design decisions and security properties of TBB. We should also justify the addon choices for TBB.
This document should replace the Torbutton design doc.We need to document the new behaviors, design decisions and security properties of TBB. We should also justify the addon choices for TBB.
This document should replace the Torbutton design doc.TorBrowserBundle 2.2.x-stableMike PerryMike Perry