Trac issueshttps://gitlab.torproject.org/legacy/trac/-/issues2020-06-13T06:10:20Zhttps://gitlab.torproject.org/legacy/trac/-/issues/21815Add a profile to switch wifi/mobile network.2020-06-13T06:10:20ZcypherpunksAdd a profile to switch wifi/mobile network.When I enable Wifi, I want Orbot to:
use HTTPS proxy
no bridge
But if there's no Wifi but mobile network,
don't try HTTPS proxy
use bridge
Can't this be possible?When I enable Wifi, I want Orbot to:
use HTTPS proxy
no bridge
But if there's no Wifi but mobile network,
don't try HTTPS proxy
use bridge
Can't this be possible?Nathan FreitasNathan Freitashttps://gitlab.torproject.org/legacy/trac/-/issues/18714Add an option to connect to network Tor relay.2020-06-13T05:06:22ZTracAdd an option to connect to network Tor relay.https://github.com/n8fr8/orbot/issues/36
192.168.100.1:9150/tcp Tor Network server
Other clients use it for browsing.
Now here's the thing - I don't want Orbot to make a connection to :9150/tcp;
Android's Orbot ---socks--> 192.168.1...https://github.com/n8fr8/orbot/issues/36
192.168.100.1:9150/tcp Tor Network server
Other clients use it for browsing.
Now here's the thing - I don't want Orbot to make a connection to :9150/tcp;
Android's Orbot ---socks--> 192.168.100.1:9150 ---> Tor request (double tor won't work because of official core limit)
So,
Android's Orbot ---socks TEST--> 192.168.100.1:9150
Android's Orbot "Looks like your proxy is Tor itself; using that"
**Trac**:
**Username**: ikurua22Nathan FreitasNathan Freitashttps://gitlab.torproject.org/legacy/trac/-/issues/26215Add an option to Proxy tab: "Do nothing"2020-06-13T07:45:36ZcypherpunksAdd an option to Proxy tab: "Do nothing"I need to use custom proxy, and your add-on change proxy settings
every time I launch Thunderbird.
Can you add an option "(O) Do nothing" to proxy tab, to force TorBirdy
not to mess up my proxy settings?
I really need it, and I'm think...I need to use custom proxy, and your add-on change proxy settings
every time I launch Thunderbird.
Can you add an option "(O) Do nothing" to proxy tab, to force TorBirdy
not to mess up my proxy settings?
I really need it, and I'm thinking about removing your add-on.Sukhbir SinghSukhbir Singhhttps://gitlab.torproject.org/legacy/trac/-/issues/29282Assess leekspin2020-06-13T09:11:47ZAlexander Færøyahf@torproject.orgAssess leekspinWe should figure out if leekspin is still a thing? Is it something we need? Is it something that needs some developer time?We should figure out if leekspin is still a thing? Is it something we need? Is it something that needs some developer time?https://gitlab.torproject.org/legacy/trac/-/issues/19031Audit Thunderbird's RSS support2020-06-13T05:13:32ZSukhbir SinghAudit Thunderbird's RSS supportAudit Thunderbird's RSS feed reader. Some tasks to start with:
- Is automatic fetching disabled?
- Is HTML disabled?
- Is JavaScript disabled?
- Are proxy settings respected?
Are there other anonymity implications?Audit Thunderbird's RSS feed reader. Some tasks to start with:
- Is automatic fetching disabled?
- Is HTML disabled?
- Is JavaScript disabled?
- Are proxy settings respected?
Are there other anonymity implications?Sukhbir SinghSukhbir Singhhttps://gitlab.torproject.org/legacy/trac/-/issues/2671Better communication for authority operators, core developers in emergency si...2020-06-13T00:06:37ZNick MathewsonBetter communication for authority operators, core developers in emergency situations When in danger or in doubt,
run in circles, scream and shout!
- traditional motto, possibly naval.
When the bug behind #2664 happened, it took us a few hours to notice. That was bad, and #2666 is about trying to notice such si... When in danger or in doubt,
run in circles, scream and shout!
- traditional motto, possibly naval.
When the bug behind #2664 happened, it took us a few hours to notice. That was bad, and #2666 is about trying to notice such situations faster. But another problem is that even after we noticed, it still took a while to sort out who knew how best to contact which operators. Probably developers should get contacted too, so they can be available to deal with bad/urgent bugs.
We should figure out, for each authority operator and core developer[*], the best two or three ways to contact them in the case of an emergency. If these ways are not something we want to publish (e.g., phone numbers), a few people should know them, and all Tor people should know who those people are and how to contact them in a hurry.
We should have some emergency-response mechanisms in place. If communications are security-sensitive, we should have a way to deal with it in place, rather than the current approach of "send gpg-encrypted email to those people whose keys you happen to have" or "immediately go dark, use OTR to talk pairwise to people you know". Those approaches scale badly; we can probably do better.
We should also have planned responses for emergency events like "A key server looks like it might have been compromised"; "somebody has reported a vulnerability"; "somebody has disclosed a vulnerability"; "one or more authorities have gone down strangely;" "looks like the network is crashing;" and so on.
[*] "core developer" is here defined as "a developer who is likely to needed urgently when something breaks."https://gitlab.torproject.org/legacy/trac/-/issues/23880Build tor with --enable-rust in Orbot and OnionBrowser2020-06-13T06:55:00ZIsis LovecruftBuild tor with --enable-rust in Orbot and OnionBrowserHello! During our Rust discussions at the Montréal meeting, we discussed that it would be extremely useful to know — before we enable Rust by default — if doing so will cause issues for our packagers and downstreams, particularly on mobi...Hello! During our Rust discussions at the Montréal meeting, we discussed that it would be extremely useful to know — before we enable Rust by default — if doing so will cause issues for our packagers and downstreams, particularly on mobile. Would it be possible, please, for someone to create an experimental build of Orbot (and OnionBrowser!) building with `./configure --enable-rust [--enable-cargo-online-mode]`, and let us know any issues you encounter here?Nathan FreitasNathan Freitashttps://gitlab.torproject.org/legacy/trac/-/issues/22184Clarify bittorrent advice re: smaller files (Zeronet)2020-06-13T06:18:44ZTracClarify bittorrent advice re: smaller files (Zeronet)The [Zeronet](https://zeronet.io/) project serves web pages via Bittorrent, meaning that users are torrenting relatively small files (typically <10 MB). The default client offers optional Tor integration.
This seems to bypass the two pr...The [Zeronet](https://zeronet.io/) project serves web pages via Bittorrent, meaning that users are torrenting relatively small files (typically <10 MB). The default client offers optional Tor integration.
This seems to bypass the two primary reasons for not using Tor with Bittorrent: (1) the client software is specifically designed to work with Tor, reducing the risk of leaking one's IP address (the torrent peers appear to be .onion addresses rather than IP addresses); and (2) the amount of data being transferred is more comparable to ordinary web browsing than to the multi-gigabyte files typical of Bittorrent usage, reducing the burden imposed on the network.
It therefore _seems_ from a lay perspective as though this is an exception to the usual principle against using Bittorrent with Tor, but there may be further issues that are not immediately apparent. It would be much appreciated if someone with relevant expertise could weigh in.
**Trac**:
**Username**: torezenhttps://gitlab.torproject.org/legacy/trac/-/issues/10134Create bananaphone transport for obfsproxy2020-06-13T02:39:45ZGeorge KadianakisCreate bananaphone transport for obfsproxydavid415 has started writing an obfsproxy module for bananaphone.
Code can be found here:
https://github.com/david415/obfsproxy
Discussion thread:
https://lists.torproject.org/pipermail/tor-dev/2013-November/005737.htmldavid415 has started writing an obfsproxy module for bananaphone.
Code can be found here:
https://github.com/david415/obfsproxy
Discussion thread:
https://lists.torproject.org/pipermail/tor-dev/2013-November/005737.htmlhttps://gitlab.torproject.org/legacy/trac/-/issues/13040Get bananaphone merged in obfsproxy2020-06-13T03:28:36ZGeorge KadianakisGet bananaphone merged in obfsproxyLet's get this PT merged upstream!
David has already done most of the job:
https://bananaphone.readthedocs.org/en/latest/Let's get this PT merged upstream!
David has already done most of the job:
https://bananaphone.readthedocs.org/en/latest/https://gitlab.torproject.org/legacy/trac/-/issues/32990Idk if my phones tracked2020-06-13T10:27:16ZTracIdk if my phones tracked
**Trac**:
**Username**: meldb76
**Trac**:
**Username**: meldb76https://gitlab.torproject.org/legacy/trac/-/issues/10782Improve the spec of UniformDH2020-06-13T02:52:23ZGeorge KadianakisImprove the spec of UniformDHUniformDH is used by obfs3 and scramblesuit currently, and it might get used by more projects in the future. Yawning suggested to improve its spec to make its adoption easier.
Yawning suggested adding test vectors. We can look at test v...UniformDH is used by obfs3 and scramblesuit currently, and it might get used by more projects in the future. Yawning suggested to improve its spec to make its adoption easier.
Yawning suggested adding test vectors. We can look at test vectors of other key exchange protocols to see how they should look like. Example:
https://tools.ietf.org/html/rfc6932#appendix-A.1
Some more suggestions:
```
14:54 < Yawning> *looks at the list of gotchas*
14:54 < Yawning> spec should clarify that 0s are inserted if the public key is shorter than 1536 bits (probably obvious)
14:55 < Yawning> Should clarify that abs(p - X) is sent (99% sure that's what happens)
14:55 < Yawning> spec says to simply raise the public key, when it's another mod exp operation
14:56 < Yawning> apart from "wtb test vectors" those where the things i found
15:00 < Yawning> I also was sort of sad that MAX_PADDING isn't a power of 2, but probably too late to change that and that might have been deliberate
```https://gitlab.torproject.org/legacy/trac/-/issues/11354Make obfsproxy more fork-friendly2020-06-13T03:07:31ZGeorge KadianakisMake obfsproxy more fork-friendlyPTs need to support a few PT interfaces. For example:
a) The managed-mode PT configuration protocol
b) SOCKS support (also support for proposal229)
c) Extended ORPort (and eventually TransportControlPort)
d) Proxy support to connect to p...PTs need to support a few PT interfaces. For example:
a) The managed-mode PT configuration protocol
b) SOCKS support (also support for proposal229)
c) Extended ORPort (and eventually TransportControlPort)
d) Proxy support to connect to proxies
pyptlib can help with (a), but does nothing about the other points (e.g. check #7903).
It has been suggested that instead of trying to fit those features in pyptlib, we instead implement them in obfsproxy, and suggest to people to use obfsproxy to developer their PTs.
However, it is the case that obfsproxy is optimized for the "app that supports multiple PTs" use case, and not for the "app that can be forked to support your PT".
If we get more people interested in writing PTs, it might make sense to start designing/fork obfsproxy with that use case in mind.https://gitlab.torproject.org/legacy/trac/-/issues/20787Orbot failed to connect if I use bridges with proxy.2020-06-13T05:49:05ZcypherpunksOrbot failed to connect if I use bridges with proxy.Orbot > Settings > Use Proxy
I set HTTPS proxy(Polopo).
Orbot > Proxy > Tor Network: work!
But, if I select "Bridges", Orbot stuck with "Starting".
Expected result:
If I enable "Bridges" AND I'm using a proxy, Orbot should use proxy t...Orbot > Settings > Use Proxy
I set HTTPS proxy(Polopo).
Orbot > Proxy > Tor Network: work!
But, if I select "Bridges", Orbot stuck with "Starting".
Expected result:
If I enable "Bridges" AND I'm using a proxy, Orbot should use proxy to connect to the "Bridge".Nathan FreitasNathan Freitashttps://gitlab.torproject.org/legacy/trac/-/issues/18713Please include app control on VPN mode.2020-06-13T05:06:22ZTracPlease include app control on VPN mode.https://github.com/n8fr8/orbot/issues/35
Orbot's VPN mode is great.
However, I am using NoRoot Data Firewall, which use VPN API to filter which apps to connect.
Try out https://apkpure.com/noroot-data-firewall/com.jianjia.firewall , ...https://github.com/n8fr8/orbot/issues/35
Orbot's VPN mode is great.
However, I am using NoRoot Data Firewall, which use VPN API to filter which apps to connect.
Try out https://apkpure.com/noroot-data-firewall/com.jianjia.firewall , and please include their
filtering to Orbot itself, so I could delete it and use Orbot natively.
I don't want other apps to connect to the Internet, even they routed by Tor.
My phone can't be rooted because there's no guide to do this.
**Trac**:
**Username**: ikurua22Nathan FreitasNathan Freitashttps://gitlab.torproject.org/legacy/trac/-/issues/11355Provide obfsproxy nightlies in our debian repositories2020-06-13T03:03:10ZGeorge KadianakisProvide obfsproxy nightlies in our debian repositoriesPeople are asking for obfsproxy nightlies (#10954). It would be brilliant if people could add our debian repo, and get the latest obfsproxy master through it.
How can I help you do this?
No hurry on this one. I mainly made this ticket ...People are asking for obfsproxy nightlies (#10954). It would be brilliant if people could add our debian repo, and get the latest obfsproxy master through it.
How can I help you do this?
No hurry on this one. I mainly made this ticket because #10954 was not very specific.
Thanks!LunarLunarhttps://gitlab.torproject.org/legacy/trac/-/issues/27699Release teams: please verify the website lists the correct key2020-06-13T17:27:04ZtraumschuleRelease teams: please verify the website lists the correct keyWith #22637 we generate https://www.torproject.org/docs/verifying-signatures.html from https://www.torproject.org/include/keys.txt.
Please confirm, that the correct key is listed.With #22637 we generate https://www.torproject.org/docs/verifying-signatures.html from https://www.torproject.org/include/keys.txt.
Please confirm, that the correct key is listed.https://gitlab.torproject.org/legacy/trac/-/issues/19796Samsung Galaxy Ace 3 - Tor not starting2020-06-13T05:27:42ZTracSamsung Galaxy Ace 3 - Tor not startingHi:
Loading Tor on my Samsung Galaxy Ace 3 (A3LGTS7275T) for the 1st time and Tor for Android does not start. Have error message -
Unable to start Tor: java.lang.exception:
Can not kill: /dat/data/org.torproject.android/app_bin/polipo
...Hi:
Loading Tor on my Samsung Galaxy Ace 3 (A3LGTS7275T) for the 1st time and Tor for Android does not start. Have error message -
Unable to start Tor: java.lang.exception:
Can not kill: /dat/data/org.torproject.android/app_bin/polipo
Any suggestion as to what I might be doing incorrectly?
TY in advance..
**Trac**:
**Username**: DkeeperNathan FreitasNathan Freitashttps://gitlab.torproject.org/legacy/trac/-/issues/18751Serious mistake in Settings - Outbound Network Proxy Type2020-06-13T05:07:03ZTracSerious mistake in Settings - Outbound Network Proxy TypeProxy Type;
If I input "HTTP" (no ") for HTTP Proxy, Orbot fails to connect it.
If I input "HTTPS", Orbot connect to (tor node IP):443 via proxy, as expected.
Conclusion:
Just remove "HTTP". Or, make a radio selection menu, like
(_) No...Proxy Type;
If I input "HTTP" (no ") for HTTP Proxy, Orbot fails to connect it.
If I input "HTTPS", Orbot connect to (tor node IP):443 via proxy, as expected.
Conclusion:
Just remove "HTTP". Or, make a radio selection menu, like
(_) None
(O) HTTPS
(_) SOCKS4
(_) SOCKS5
**Trac**:
**Username**: ikurua22Nathan FreitasNathan Freitashttps://gitlab.torproject.org/legacy/trac/-/issues/21803Stop making multiple connection.2020-06-13T06:10:09ZcypherpunksStop making multiple connection.Bandwidth cost $. Can't I limit to 1 tor node?
before:
(*)->(*)->(*)
after
(1)->(*)->(*)Bandwidth cost $. Can't I limit to 1 tor node?
before:
(*)->(*)->(*)
after
(1)->(*)->(*)Nathan FreitasNathan Freitas