Trac issueshttps://gitlab.torproject.org/legacy/trac/-/issues2024-01-18T14:51:32Zhttps://gitlab.torproject.org/legacy/trac/-/issues/24234Setting your security slider to "high" breaks Twitter2024-01-18T14:51:32ZNima FatemiSetting your security slider to "high" breaks TwitterI just realized twitter doesn't load properly when the security slider is set to "high". I was trying to figure out what triggers this but I also realized there's no apparent way to find out what things were blocked by the security slide...I just realized twitter doesn't load properly when the security slider is set to "high". I was trying to figure out what triggers this but I also realized there's no apparent way to find out what things were blocked by the security slider. Addons like NoScript, Privacy Badger or any ad blocker basically have this option where they show you what elements were blocked so you could investigate if there's a problem and manually whitelist them, but I find out it's not as easy with the security slider.
Attached is a screenshot of how it looks.
The workaround is to lower the security to medium.
![#24234:high-security-twitter.png, 700px](uploads/#24234:high-security-twitter.png, 700px)https://gitlab.torproject.org/legacy/trac/-/issues/26184Think about using `const` as much as possible in Torbutton code2023-01-05T18:15:01ZGeorg KoppenThink about using `const` as much as possible in Torbutton codeWhile working on #24309, the idea got brought up to use `const` as much as possible in Torbutton code (see: https://github.com/arthuredelstein/torbutton/commit/3a1aa3ff006b3f2d2e49931c71f9ec2661143192 for an actual patch for the circuit ...While working on #24309, the idea got brought up to use `const` as much as possible in Torbutton code (see: https://github.com/arthuredelstein/torbutton/commit/3a1aa3ff006b3f2d2e49931c71f9ec2661143192 for an actual patch for the circuit display).
We should summarize the pros and cons for this idea and then make a decision on what to do and do it.https://gitlab.torproject.org/legacy/trac/-/issues/9623Referers being sent from hidden service websites2022-12-08T13:13:59ZcypherpunksReferers being sent from hidden service websitesCurrently, when browsing on a hidden service website, when you click on a clearnet/hidden service link it sends the current address as referer.
I think Tor Browser should behave for websites on .onion addresses the same as https:// webs...Currently, when browsing on a hidden service website, when you click on a clearnet/hidden service link it sends the current address as referer.
I think Tor Browser should behave for websites on .onion addresses the same as https:// websites on clearnet in certain cases.
Normally, when you click on a http link from a https website, it doesn't send any referer.
Tor Browser should at least use this same behavior of https for http hidden services (both are encrypted right?). No referers should be sent to clearnet or to other hidden services, this is unacceptable. I believe it shouldn't send referers for https links as well, so send nothing at all.
Other than a partial solution, I still believe using the [smart referer](https://addons.mozilla.org/en-us/firefox/addon/smart-referer/) is a better solution overall.https://gitlab.torproject.org/legacy/trac/-/issues/19316Make sure our updates are dealing with SSE requirement properly2022-11-09T10:08:30ZGeorg KoppenMake sure our updates are dealing with SSE requirement properlyhttps://bugzilla.mozilla.org/show_bug.cgi?id=1271761 landed on ESR45 and it is very likely that Firefox won't work on machines without SSE support anymore in the next ESR (52). We should make sure we handle this properly with our updater...https://bugzilla.mozilla.org/show_bug.cgi?id=1271761 landed on ESR45 and it is very likely that Firefox won't work on machines without SSE support anymore in the next ESR (52). We should make sure we handle this properly with our updater. We want to be sure users without SSE support won't get an update then, for instance.https://gitlab.torproject.org/legacy/trac/-/issues/32993Package Tor With Tor Android Service Project2022-09-01T23:00:13ZShane IsbellPackage Tor With Tor Android Service ProjectCurrently tor-android-service uses pre-built tor library. Start using the tor library that is part of the build.Currently tor-android-service uses pre-built tor library. Start using the tor library that is part of the build.https://gitlab.torproject.org/legacy/trac/-/issues/28005Officially support onions in HTTPS-Everywhere2022-09-01T22:43:24ZGeorge KadianakisOfficially support onions in HTTPS-EverywhereThe plan:
A major UX issue for onion services is their huge addresses. We want to fix this issue because an address with 56 random characters confuses people, it makes it harder to pass the address around, and it also makes it much hard...The plan:
A major UX issue for onion services is their huge addresses. We want to fix this issue because an address with 56 random characters confuses people, it makes it harder to pass the address around, and it also makes it much harder to verify it.
There is a field of literature called "secure name systems" but none of the candidates are good enough for us right now. Hence, we present a hotfix that might offer a situational relief for users for the medium-term future, until we come up with something better, or while we experiment with more solutions. I suggest we keep this ticket focused to this idea, instead of debating why this and not that since we've already been doing this for far too long.
The plan is to use the HTTPS-Everywhere extension that we already have in Tor Browser, and encourage people to write their own rulesets for onions. We are talking about community-maintained rulesets and nothing that is officially maintained by The Tor Project or by HTTPS-Everywhere. This ticket is about making it easier for people to create, import and use this rulesets. We are talking about UI/UX improvements, writing blog posts and doing Q&A.
Here are some example of community rulesets we can imagine:
* The SecureDrop ruleset: where securedrop makes a ruleset with their whole directory. People can download that to quickly visit securedrop destinations, by going to securedrop-nyt.tor.onion .
* The Torproject ruleset: where torproject makes a ruleset with all their onions. We developers can use that to quickly visit Tor sites over onion, by going to tor-trac.tor.onion instead of remembering the onion.
* The Bitcoin ruleset: where a "trusted" bitcoin entity publishes a ruleset with various cryptocurrency-related rules that allow people to quickly visit them.
This approach has both positives and negatives (I assure you this is the case with every "secure naming" project out there):
* Positives: Good security if the ruleset is taken from a trusted source. No state keeping. Reachable engineering effort. No global names, hence no fear of name squatting. Easy to understand tradeoffs.
* Negatives: Terrible security if the ruleset is evil. No global names: If you want people to use your shorten onion name, you need to persuade them to use your ruleset.
Here are some HTTPS-Everywhere issues we need to solve based on my Mexico notes:
* Be able to stop update channels per-channel.
* Need good UI to easily look and understand rules.
* Need to implement file extension to install ruleset with one-click from web button.
Here are some issues we need to think about:
* We need good user text to make sure that people don't shoot themselves in the foot too often by installing bad rulesets and whatnot (they already do it daily when they open onions from "search enginers" or reddit).
* Which tld to use? If we use .tor we open ourselves to DNS leaks in normal browsers. If we use .tor.onion that might be confusing to people.
* Are there any issues with SSL?
More resources:
https://trac.torproject.org/projects/tor/wiki/org/meetings/2018MexicoCity/Notes/OnionV3ux
https://trac.torproject.org/projects/tor/wiki/org/meetings/2018MexicoCity/Notes/HTTPSEverywhereNotes
https://blog.torproject.org/cooking-onions-names-your-onionshttps://gitlab.torproject.org/legacy/trac/-/issues/28800Implement New Identity functionality for Tor Browser on Android2022-09-01T22:43:11ZGeorg KoppenImplement New Identity functionality for Tor Browser on AndroidWe want to have an easy to use New Identity functionality for Tor Browser for Android. Currently there is some New Identity-like functionality provided by Orbot but a) that's only responsible for circuit-switching and b) it is not clear ...We want to have an easy to use New Identity functionality for Tor Browser for Android. Currently there is some New Identity-like functionality provided by Orbot but a) that's only responsible for circuit-switching and b) it is not clear whether we stick to Orbot in our grand scheme of things.https://gitlab.torproject.org/legacy/trac/-/issues/33660[S58] O2.3: Update existing QA and regression test infrastructure for Fenix.2022-09-01T22:28:48ZPili Guerra[S58] O2.3: Update existing QA and regression test infrastructure for Fenix.- Add support for Fenix into existing Tor Browser regression and integration tests.
- Fix any Fenix-specific test failures.
- Write new integration tests for Tor Browser based on Fenix based on O1.2.- Add support for Fenix into existing Tor Browser regression and integration tests.
- Fix any Fenix-specific test failures.
- Write new integration tests for Tor Browser based on Fenix based on O1.2.https://gitlab.torproject.org/legacy/trac/-/issues/13469Windows 32bit installer is missing many languages from the NSIS file2022-08-15T21:54:17ZDavid Fifielddcf@torproject.orgWindows 32bit installer is missing many languages from the NSIS fileThe installer file lists 56 languages,
* https://github.com/MarkCSmith/tbb-windows-installer/blob/00133b8741eb8ca34fc8153d344c7c54a5e3fae9/torbrowser.nsi#L51
but the installer only shows 26.
It looks like these are the 30 languages tha...The installer file lists 56 languages,
* https://github.com/MarkCSmith/tbb-windows-installer/blob/00133b8741eb8ca34fc8153d344c7c54a5e3fae9/torbrowser.nsi#L51
but the installer only shows 26.
It looks like these are the 30 languages that are missing, notably including TBB official languages Arabic, Farsi, Korean, Polish, Russian, Turkish, and Chinese.
```
!insertmacro MUI_LANGUAGE "SimpChinese"
!insertmacro MUI_LANGUAGE "TradChinese"
!insertmacro MUI_LANGUAGE "Japanese"
!insertmacro MUI_LANGUAGE "Korean"
!insertmacro MUI_LANGUAGE "Greek"
!insertmacro MUI_LANGUAGE "Russian"
!insertmacro MUI_LANGUAGE "Polish"
!insertmacro MUI_LANGUAGE "Ukrainian"
!insertmacro MUI_LANGUAGE "Czech"
!insertmacro MUI_LANGUAGE "Slovak"
!insertmacro MUI_LANGUAGE "Croatian"
!insertmacro MUI_LANGUAGE "Bulgarian"
!insertmacro MUI_LANGUAGE "Hungarian"
!insertmacro MUI_LANGUAGE "Thai"
!insertmacro MUI_LANGUAGE "Romanian"
!insertmacro MUI_LANGUAGE "Latvian"
!insertmacro MUI_LANGUAGE "Macedonian"
!insertmacro MUI_LANGUAGE "Estonian"
!insertmacro MUI_LANGUAGE "Turkish"
!insertmacro MUI_LANGUAGE "Lithuanian"
!insertmacro MUI_LANGUAGE "Slovenian"
!insertmacro MUI_LANGUAGE "Serbian"
!insertmacro MUI_LANGUAGE "SerbianLatin"
!insertmacro MUI_LANGUAGE "Arabic"
!insertmacro MUI_LANGUAGE "Farsi"
!insertmacro MUI_LANGUAGE "Hebrew"
!insertmacro MUI_LANGUAGE "Mongolian"
!insertmacro MUI_LANGUAGE "Albanian"
!insertmacro MUI_LANGUAGE "Belarusian"
!insertmacro MUI_LANGUAGE "Bosnian"
```https://gitlab.torproject.org/legacy/trac/-/issues/28238Use mingw-w64/clang toolchain to build Firefox2022-08-08T09:57:14ZGeorg KoppenUse mingw-w64/clang toolchain to build FirefoxWe want to use the clang-based mingw-w64 toolchain to build Firefox to be finally able to enabled Stylo on Windows as well. This is the ticket tracking the implementation workWe want to use the clang-based mingw-w64 toolchain to build Firefox to be finally able to enabled Stylo on Windows as well. This is the ticket tracking the implementation workhttps://gitlab.torproject.org/legacy/trac/-/issues/20842Proposal: Improve Tor Browser font whitelist / bundled fonts2022-07-22T21:41:20ZArthur EdelsteinProposal: Improve Tor Browser font whitelist / bundled fonts**Background:**
In #13313 we introduced a new font whitelisting mechanism. Tor Browser only allows certain fonts to be used in the browser, in order to prevent bad people from trying to identify you by detecting what fonts are installed...**Background:**
In #13313 we introduced a new font whitelisting mechanism. Tor Browser only allows certain fonts to be used in the browser, in order to prevent bad people from trying to identify you by detecting what fonts are installed on your computer. Font whitelisting is also available in Firefox, off by default. (The whitelisting is controlled by a pref, "font.system.whitelist", which contains a comma-separated list of allowed font names. You can edit this pref by opening a tab and browsing to `about:config`.)
On Window and Mac, we mostly whitelist certain system fonts that are bundled with the operating system by default. We bundle a few [Google Noto fonts](https://www.google.com/get/noto/) as well for languages that don't have a built-in platform font.
On Linux, we bundle a large number of Google Noto fonts, plus Arimo, Cousine, and Tinos. We don't expose any system fonts, because these aren't consistent across Linux flavors.
My strategy for choosing fonts for the whitelist was to try to cover all possible languages with at least one font, and get the work done as efficiently as possible. I whitelisted Mac and Windows fonts that have been available for a long time and should be on essentially all systems. Bundling fonts from the Noto collection was a quick and dirty method for covering any missing fonts for different languages.
But there are probably more appealing fonts for some languages that we could use, especially on Linux. For example, in #20820 we are considering switching Linux from Noto Japanese to mona.ttf because the latter looks better (according to Yawning) and because mona.ttf can be used in the ancient Japanese art of ascii calligraphy. I also heard from someone who knows that the Tamil font on Windows is not too beautiful.
**Proposed project:**
So it would be a useful project to go through each of the fonts on each platform and see if there are better fonts that could be used instead. Important considerations would include:
* Aesthetics
* Character coverage
* Printability
* Font licensing
* Font file size
This would require asking the opinions of native speakers of various languages.
Ideally, we could come up with a new font whitelist and bundling list for Mac, Windows and Linux, where the fonts are beautiful and users are happy.https://gitlab.torproject.org/legacy/trac/-/issues/18364Tor Browser in Gnu+Linux doesn't support Dingbats properly2022-07-22T21:41:20ZTracTor Browser in Gnu+Linux doesn't support Dingbats properlySee http://danshort.com/HTMLentities/index.php?w=dingb
For example, ✗ (Ballot X) is not supported. Other browsers I use support all characters from that page.
**Trac**:
**Username**: erchewinSee http://danshort.com/HTMLentities/index.php?w=dingb
For example, ✗ (Ballot X) is not supported. Other browsers I use support all characters from that page.
**Trac**:
**Username**: erchewinhttps://gitlab.torproject.org/legacy/trac/-/issues/23839Testing Framework for Censorship Circumvention2022-07-20T21:00:54ZArthur EdelsteinTesting Framework for Censorship Circumvention[[the Montreal meeting](https://trac.torproject.org/projects/tor/wiki/org/meetings/2017Montreal/Notes/OONI-TorBrowserCollaboration|At)], we discussed the possibility of creating an opt-in, embedded testing/telemetry module for Tor Browse...[[the Montreal meeting](https://trac.torproject.org/projects/tor/wiki/org/meetings/2017Montreal/Notes/OONI-TorBrowserCollaboration|At)], we discussed the possibility of creating an opt-in, embedded testing/telemetry module for Tor Browser that would allow collection of data on connectivity for Tor and for different bridges and pluggable transports. OONI could collate and analyze this data to give a better picture of the per-country bridge connectivity situation. That data could be used to improve Tor Launcher's connection UX, and also help compare different censorship circumvention tools.
This can be a parent ticket for designing and developing such a module.https://gitlab.torproject.org/legacy/trac/-/issues/16910Tor Browser app bundle has wrong copyright year (Mac OS)2022-07-09T22:20:07ZMark SmithTor Browser app bundle has wrong copyright year (Mac OS)When doing some quick "sanity check" testing of the TB 5.0.2 candidate builds, I noticed that "Get Info" on Mac OS still shows 2014 as the copyright year. This is because the year is hardcoded inside gitian/build-helpers/fix-info-plist....When doing some quick "sanity check" testing of the TB 5.0.2 candidate builds, I noticed that "Get Info" on Mac OS still shows 2014 as the copyright year. This is because the year is hardcoded inside gitian/build-helpers/fix-info-plist.py within the tor-browser-bundle repo.
Should we just change the YEAR value to "2015" in that file or should we use a command like date '+%Y' to automatically use the current year? I guess a similar problem does not exist on Windows because no year is included in the firefox.exe copyright (see browser/app/module.ver within the tor-browser repo).https://gitlab.torproject.org/legacy/trac/-/issues/33772Include NSS license in Nightly builds2022-07-08T20:55:02ZMatthew FinkelInclude NSS license in Nightly buildsTor Browser does not currently include NSS' license in the Nightly builds.
We can easily include it in all builds for simplicity.Tor Browser does not currently include NSS' license in the Nightly builds.
We can easily include it in all builds for simplicity.https://gitlab.torproject.org/legacy/trac/-/issues/33771Missing LibEvent License2022-07-08T20:55:01ZMatthew FinkelMissing LibEvent LicenseUnless I missed the license somewhere, we are not distributing libevent (in binary form) along with its license. We should correct this.Unless I missed the license somewhere, we are not distributing libevent (in binary form) along with its license. We should correct this.https://gitlab.torproject.org/legacy/trac/-/issues/30126Make Tor Browser on macOS compatible with Apple's notarization2022-07-08T20:12:42ZGeorg KoppenMake Tor Browser on macOS compatible with Apple's notarizationNotarization is a technique by Apple to make apps on macOS more secure to run. There a numerous parts to this and one can find more details about that on:
https://developer.apple.com/documentation/security/notarizing_your_app_before_dis...Notarization is a technique by Apple to make apps on macOS more secure to run. There a numerous parts to this and one can find more details about that on:
https://developer.apple.com/documentation/security/notarizing_your_app_before_distribution
Mozilla is tracking the work in:
https://bugzilla.mozilla.org/show_bug.cgi?id=1470607
and there are a bunch of large pieces that still need to get solved on their side, like enabling the Hardened Runtime and building with the 10.14 SDK.
However, at some point in the future apps won't run without that anymore and the potential changes we need to made are probably considerable. Thus, we should keep an eye on that and start thinking about which pieces of our signing infrastructure need to get adapted. Questions could be:
1) Is it still enough to sign the builds on a 10.9 machine?
2) How do we integrate sending the apps to Apple to get their blessing into our release process?
3) How does that system work with our plan to get rid of the Apple signing machine and do the signing on Linux? (see: #29815)
I don't see this being relevant for ESR 68 but it might become so during the transition to the ESR after that one (or for the regular release train in case we'll start following that one instead).https://gitlab.torproject.org/legacy/trac/-/issues/29031Tor Browser for Android (Alpha) does not accept Torrc Custom Config lines2022-07-08T19:06:39ZTracTor Browser for Android (Alpha) does not accept Torrc Custom Config linesAs of version 60.4.0, users of Tor Browser for Android (Alpha) can no longer use a custom Torrc. This is related to the fact that Tor Browser for Android (Alpha) no longer depends upon Orbot, which as of version 16.0.5-RC-2-tor-0.3.4.9 ...As of version 60.4.0, users of Tor Browser for Android (Alpha) can no longer use a custom Torrc. This is related to the fact that Tor Browser for Android (Alpha) no longer depends upon Orbot, which as of version 16.0.5-RC-2-tor-0.3.4.9 continues to support this feature faithfully.
Tor Browser for Android (Alpha) has a new startup screen that resembles Orbot. On this screen, there is a "hamburger" menu in the top right corner that has a dropdown menu containing an option "Settings" which, just like Orbot, contains an option called "Torrc Custom Config". However, unlike Orbot, lines entered herein are not copied to `app_bin/torrc.custom` and (presumably thus) have no effect.
**TO REPLICATE**
1. Install both Orbot 16.0.5-RC-2-tor-0.3.4.9 and Tor Browser for Android (Alpha) 60.4.0 side by side.
2. Start Orbot; from the hamburger menu choose Settings; then choose Torrc Custom Config. Enter some valid line (such as `ControlPort 9051`)).
3. Open a terminal on your android device and run:
```
# cat /data/data/org.torproject.android/app_bin/torrc.custom
```
4. Verify that your custom line appeared successfully.
5. Now start Tor Browser for Android (Alpha); from the hamburger menu choose Settings; then choose Torrc Custom Config. Enter some valid line (such as `ControlPort 9151`)).
6. Open a terminal on your android device and run:
```
# cat /data/data/org.torproject.torbrowser_alpha/app_bin/torrc.custom
```
7. Verify that your custom line did **NOT** appear.
**Trac**:
**Username**: cypherpunks8https://gitlab.torproject.org/legacy/trac/-/issues/30371Don't change the content provider name2022-07-06T22:10:18ZMatthew FinkelDon't change the content provider nameAs an immediate fix for the bug mentioned in ticket:29757#comment:2, we should delete the `tor-android-service` patch. This allows installing multiple versions of the app side-by-side.As an immediate fix for the bug mentioned in ticket:29757#comment:2, we should delete the `tor-android-service` patch. This allows installing multiple versions of the app side-by-side.https://gitlab.torproject.org/legacy/trac/-/issues/26216Fix broken MAR file generation ( `(( count++ ))` breaks now)2022-06-23T22:17:52ZGeorg KoppenFix broken MAR file generation ( `(( count++ ))` breaks now)While preparing nightly builds in #26073 we realized that MAR file generation is broken now. For some reason `(( count++ ))` in `common.sh` does not work anymore and breaks the build. We worked around that for the full MAR file generatio...While preparing nightly builds in #26073 we realized that MAR file generation is broken now. For some reason `(( count++ ))` in `common.sh` does not work anymore and breaks the build. We worked around that for the full MAR file generation in commit b135c59f65dba827b61379a4945251e148c43291 on `tor-browser-60.0.1esr-8.0-1` but should create a proper patch and figure out what's actually going on.