Trac issueshttps://gitlab.torproject.org/legacy/trac/-/issues2020-06-13T17:02:08Zhttps://gitlab.torproject.org/legacy/trac/-/issues/34166trac defaced2020-06-13T17:02:08Zcypherpunkstrac defacedplease delete this and protect us trouble. see timeline last hours. at least two ticket&wiki.
i have changed
```
cypherpunks
```
user account password earlier. sorry, for taking this action. but it was my last hope to prevent that pred...please delete this and protect us trouble. see timeline last hours. at least two ticket&wiki.
i have changed
```
cypherpunks
```
user account password earlier. sorry, for taking this action. but it was my last hope to prevent that predictable ongoing abuse.Jens KubiezielJens Kubiezielhttps://gitlab.torproject.org/legacy/trac/-/issues/34165Align members of the nextcloud-admin@ alias with the NC admin group2020-06-13T17:02:07ZLinus Nordberglinus@torproject.orgAlign members of the nextcloud-admin@ alias with the NC admin groupAdjust the nextcloud-admin@ alias to reflect the members of the admin group in nc.tpn.Adjust the nextcloud-admin@ alias to reflect the members of the admin group in nc.tpn.Linus Nordberglinus@torproject.orgLinus Nordberglinus@torproject.orghttps://gitlab.torproject.org/legacy/trac/-/issues/34164Tor Launcher hangs with 33533+5 branch2020-06-13T17:44:26ZAlex CatarineuTor Launcher hangs with 33533+5 branchmcs/brade pointed to me that there seems to be a Tor Launcher deadlock inside a call to writeBytes() for the control port connection, with the latest `33533+5` branch from #33533.
They tested a debug build in macOS, but it also happens ...mcs/brade pointed to me that there seems to be a Tor Launcher deadlock inside a call to writeBytes() for the control port connection, with the latest `33533+5` branch from #33533.
They tested a debug build in macOS, but it also happens to me with a `testbuild-linux-x86_64` build.Kathleen BradeKathleen Bradehttps://gitlab.torproject.org/legacy/trac/-/issues/34163testbuild target is broken for Tor Browser 64 bit (versionCode can't get comp...2020-06-16T01:26:24ZGeorg Koppentestbuild target is broken for Tor Browser 64 bit (versionCode can't get computed){{{
0:03.87 Traceback (most recent call last):
0:03.87 File "/usr/lib/python2.7/runpy.py", line 174, in _run_module_as_main
0:03.88 "__main__", fname, loader, pkg_name)
0:03.88 File "/usr/lib/python2.7/runpy.py", line 72, in _ru...{{{
0:03.87 Traceback (most recent call last):
0:03.87 File "/usr/lib/python2.7/runpy.py", line 174, in _run_module_as_main
0:03.88 "__main__", fname, loader, pkg_name)
0:03.88 File "/usr/lib/python2.7/runpy.py", line 72, in _run_code
0:03.88 exec code in run_globals
0:03.88 File "/var/tmp/build/firefox-4516c5951e84/python/mozbuild/mozbuild/action/file_generate.py", line 120, in <module>
0:03.88 sys.exit(main(sys.argv[1:]))
0:03.88 File "/var/tmp/build/firefox-4516c5951e84/python/mozbuild/mozbuild/action/file_generate.py", line 71, in main
0:03.88 ret = module.__dict__[method](output, *args.additional_arguments, **kwargs)
0:03.88 File "/var/tmp/build/firefox-4516c5951e84/mobile/android/base/generate_build_config.py", line 145, in generate_android_manifest
0:03.88 defines=_defines(),
0:03.88 File "/var/tmp/build/firefox-4516c5951e84/mobile/android/base/generate_build_config.py", line 129, in _defines
0:03.88 max_sdk=max_sdk)
0:03.88 File "/var/tmp/build/firefox-4516c5951e84/python/mozbuild/mozbuild/android_version_code.py", line 140, in android_version_code
0:03.88 return android_version_code_v0(buildid, *args, **kwargs)
0:03.88 File "/var/tmp/build/firefox-4516c5951e84/python/mozbuild/mozbuild/android_version_code.py", line 31, in android_version_code_v0
0:03.88 "for CPU arch %s" % cpu_arch)
0:03.88 ValueError: Don't know how to compute android:versionCode for CPU arch arm64-v8a
}}}
I *think* this will be fixed once we move away from ESR 68 as I've been doing test builds for #33626. Still, even if so, this is a bug in our current setup.https://gitlab.torproject.org/legacy/trac/-/issues/34160Replace obs4 with a better pluggable transport2020-06-13T18:35:44ZcypherpunksReplace obs4 with a better pluggable transportThere have been papers attacking obfs4 and similar pluggable transports such as https://ieeexplore.ieee.org/document/8855280.
The obfs4 maintainer (Yawning) also has said that the protocol is outdated and unmaintained which is not a go...There have been papers attacking obfs4 and similar pluggable transports such as https://ieeexplore.ieee.org/document/8855280.
The obfs4 maintainer (Yawning) also has said that the protocol is outdated and unmaintained which is not a good thing for something that is the primary pluggable transport for the Tor Browser.
The Tor Project should initiate an effort to create a better, secure, more resistant and more up to date pluggable transport to replace obfs4.https://gitlab.torproject.org/legacy/trac/-/issues/34159user ϲypharpunks is removing wiki pages2020-06-13T17:02:07ZTracuser ϲypharpunks is removing wiki pagesThe user ϲypharpunks removed 7 years old wiki pages content by editing it with the defacement
```
Don't use Tor
```
As this user have not made any contribution but only destruction. It seems abusive.
Example:
[org/doc/WeSupportTor?acti...The user ϲypharpunks removed 7 years old wiki pages content by editing it with the defacement
```
Don't use Tor
```
As this user have not made any contribution but only destruction. It seems abusive.
Example:
[org/doc/WeSupportTor?action=diff&version=455](org/doc/WeSupportTor?action=diff&version=455)
[org/doc/ListOfServicesBlockingTor?action=diff&version=614](org/doc/ListOfServicesBlockingTor?action=diff&version=614)
Note, the user named
```
ϲypharpunks
```
not actually ϲyph**e**rpunks
**Trac**:
**Username**: ϲypherpunksJens KubiezielJens Kubiezielhttps://gitlab.torproject.org/legacy/trac/-/issues/34157Backport Patch for Firefox Bug 1511941 - privacy.resistfingerprinting perform...2020-06-16T01:12:58ZTracBackport Patch for Firefox Bug 1511941 - privacy.resistfingerprinting performance API spoofing breaks vimeo.comFirefox bug: https://bugzilla.mozilla.org/show_bug.cgi?id=1511941
I have attached a backported (to ESR68) version of my patch.
**Trac**:
**Username**: sankethFirefox bug: https://bugzilla.mozilla.org/show_bug.cgi?id=1511941
I have attached a backported (to ESR68) version of my patch.
**Trac**:
**Username**: sankethhttps://gitlab.torproject.org/legacy/trac/-/issues/34156Tor browser won't load on Win10.0.183632020-06-16T01:12:57ZTracTor browser won't load on Win10.0.18363Tor unexpectedly exited message.
Attempt to copy log to clipboard results in 0 messages copied to clipboard.
Button to restart Tor presented...hitting it result in same issue again.
Last line of box reports:
For assistance, visit support...Tor unexpectedly exited message.
Attempt to copy log to clipboard results in 0 messages copied to clipboard.
Button to restart Tor presented...hitting it result in same issue again.
Last line of box reports:
For assistance, visit support.torproject.org/#connectingtotor
**Trac**:
**Username**: oldman63https://gitlab.torproject.org/legacy/trac/-/issues/34155Asking to create doc/TheGreatCloudwall2020-06-13T17:37:33ZcypherpunksAsking to create doc/TheGreatCloudwallWhoever created https://trac.torproject.org/projects/tor/wiki/doc/CloudflareSites , can you please create `doc/TheGreatCloudwall` ?
Having that documents here is important to protect Tor users from ongoing threat.Whoever created https://trac.torproject.org/projects/tor/wiki/doc/CloudflareSites , can you please create `doc/TheGreatCloudwall` ?
Having that documents here is important to protect Tor users from ongoing threat.GusGushttps://gitlab.torproject.org/legacy/trac/-/issues/34154Extend BlockedBridges table2020-06-13T18:30:04ZPhilipp Winterphw@torproject.orgExtend BlockedBridges tableBridgeDB has a (currently unused) table in its SQLite database that captures where a bridge is blocked. We are going to use this table as part of our work on #32740. It currently has the following fields:
* ID (primary key)
* hex_key (fi...BridgeDB has a (currently unused) table in its SQLite database that captures where a bridge is blocked. We are going to use this table as part of our work on #32740. It currently has the following fields:
* ID (primary key)
* hex_key (fingerprint)
* blocking_country (country code)
A fingerprint can relate to a bridge's OR port or any of its pluggable transports but these endpoints can be blocked independently. To remove this ambiguity, we should add additional fields for a bridge's IP address, port, and perhaps for an autonomous system because blocking isn't always uniform across a country.https://gitlab.torproject.org/legacy/trac/-/issues/34153Use emma to learn where our bridge distribution mechanisms (don't) work2020-06-13T18:31:28ZPhilipp Winterphw@torproject.orgUse emma to learn where our bridge distribution mechanisms (don't) workWe have [BridgeDB usage metrics](https://collector.torproject.org/archive/bridgedb-metrics/) that allow us to infer where our HTTPS frontend works and probably doesn't work. This is not as easy for email and for moat because we currently...We have [BridgeDB usage metrics](https://collector.torproject.org/archive/bridgedb-metrics/) that allow us to infer where our HTTPS frontend works and probably doesn't work. This is not as easy for email and for moat because we currently don't see the source address of a client (see #32276).
Emma however can tell us if a user can use each of BridgeDB's distribution mechanisms:
1. It checks if the page behind https://bridges.torproject.org contains the string "The Tor Project" (for the HTTPS distributor).
2. It checks if the page behind https://ajax.aspnetcdn.com contains the string "Microsoft Ajax Content Delivery Network" (for the moat distributor).
3. It checks if the page behind https://accounts.google.com/ServiceLogin contains the string "Sign in" (for the email distributor).
4. It checks if the page behind https://mail.riseup.net/rc/ contains the string "Welcome to mail.riseup.net" (also for the email distributor).
What remains is to ask volunteers in different countries to run emma, so we can get a better idea of where our distribution mechanisms (don't) work.https://gitlab.torproject.org/legacy/trac/-/issues/34152Latest Tor Browser download2020-06-13T17:28:48ZTracLatest Tor Browser downloadI've needed to go through the Tor Browser installation process several times, on mostly Ubuntu machines.
Instead of navigating to the website from Firefox, downloading the tarball in /download, and extracting it with the Archive Manager...I've needed to go through the Tor Browser installation process several times, on mostly Ubuntu machines.
Instead of navigating to the website from Firefox, downloading the tarball in /download, and extracting it with the Archive Manager, it would be so much simpler to do something like this from the terminal:
```
wget https://www.torproject.org/dist/torbrowser/latest/tor-browser_en-US.tar.xz -O - | tar xz
```
This is not possible right now, because the URL for the latest Tor Browser on the website is tied to a specific version. If the Tor installation is added to a script, the script will be outdated as soon as a new version comes out.
Could we create a permanent URL for the latest stable version of Tor Browser? Since installing variants of Tor Browser via package managers is discouraged, it would be nice to make a scripted installation process a bit simpler.
**Trac**:
**Username**: robinmetralhttps://gitlab.torproject.org/legacy/trac/-/issues/34151Readme needs update2020-06-13T18:22:07ZHashikDReadme needs updateFor testing, according to ReadMe.md...
''Unit testing with Jasmine are available with: npm install npm test
To run locally, start an HTTP server in build/ and navigate to /embed.html''
_npm run build_ needs to be a prerequisite before...For testing, according to ReadMe.md...
''Unit testing with Jasmine are available with: npm install npm test
To run locally, start an HTTP server in build/ and navigate to /embed.html''
_npm run build_ needs to be a prerequisite before starting the server and navigating to /embed.html.HashikDHashikDhttps://gitlab.torproject.org/legacy/trac/-/issues/34149Revert the "fix" for OpenSSL CVE-2019-15522020-06-16T01:12:57ZcypherpunksRevert the "fix" for OpenSSL CVE-2019-1552If you think you are not vulnerable (ticket:31383#comment:16) and close #31383 again and again. Then revert your still-doesn't-fix-anything patch https://gitweb.torproject.org/builders/tor-browser-build.git/diff/?id=abdfbfdb3f4122300c3f3...If you think you are not vulnerable (ticket:31383#comment:16) and close #31383 again and again. Then revert your still-doesn't-fix-anything patch https://gitweb.torproject.org/builders/tor-browser-build.git/diff/?id=abdfbfdb3f4122300c3f3f5e745af1c74a559102https://gitlab.torproject.org/legacy/trac/-/issues/34148Create a monit configuration file and set up an instance2020-06-13T18:36:28ZPhilipp Winterphw@torproject.orgCreate a monit configuration file and set up an instanceGman999 and I have been talking about setting up a [monit](https://mmonit.com/monit/) instance to replace sysmon. Monit can help us monitor our anti-censorship infrastructure. It's a neat tool because it doesn't require software on the m...Gman999 and I have been talking about setting up a [monit](https://mmonit.com/monit/) instance to replace sysmon. Monit can help us monitor our anti-censorship infrastructure. It's a neat tool because it doesn't require software on the monitored targets, it's lightweight, has a simple configuration format, and can send alerts over email.Philipp Winterphw@torproject.orgPhilipp Winterphw@torproject.orghttps://gitlab.torproject.org/legacy/trac/-/issues/34147Remove redundant languages from snowflake page2020-06-13T18:22:07ZRoger DingledineRemove redundant languages from snowflake pagehttps://snowflake.torproject.org/
offers me en, en_GB, and en_US in the language drop-down menu. We should have one English, not three.
More generally, I bet we have a policy somewhere about which languages we want to be sure to include...https://snowflake.torproject.org/
offers me en, en_GB, and en_US in the language drop-down menu. We should have one English, not three.
More generally, I bet we have a policy somewhere about which languages we want to be sure to include when we have translated something, and we should see if we're missing any of those; and also I hope we have a policy about which languages to *not* include (and ideally we should go back to transifex and remove those from the set that people can translate, to avoid giving people the impression that they will be doing something useful if they e.g. translate en_US to en_GB).
I'm sorry I don't know more -- I bet Emma or Antonela or Gus will know more about whether we have languages policies and habits in place. :)https://gitlab.torproject.org/legacy/trac/-/issues/34146localize screenshots on snowflake page2020-06-13T18:22:06ZRoger Dingledinelocalize screenshots on snowflake pagehttps://snowflake.torproject.org/?lang=zh_CN
scroll down to the picture of Tor Browser's network settings. That's an English Tor Browser. Should the Chinese version of the page be showing people using a Tor Browser in Chinese?https://snowflake.torproject.org/?lang=zh_CN
scroll down to the picture of Tor Browser's network settings. That's an English Tor Browser. Should the Chinese version of the page be showing people using a Tor Browser in Chinese?https://gitlab.torproject.org/legacy/trac/-/issues/34145Investigate fallout from transitioning to 77.0b12020-06-16T01:12:56ZGeorg KoppenInvestigate fallout from transitioning to 77.0b1Compilation is busted with our patches based on 77.0b1. This is the bug to investigate this.Compilation is busted with our patches based on 77.0b1. This is the bug to investigate this.https://gitlab.torproject.org/legacy/trac/-/issues/34144user.js is ignored after Tor (part) starts2020-06-16T01:12:56ZTracuser.js is ignored after Tor (part) startsSteps to reproduce:
1)
create file Browser/TorBrowser/Data/Browser/profile.default/user.js with contents:
// blank 1st line
user_pref("javascript.enabled", false);
user_pref("app.update.auto", false);
2)
Start Tor and wait for Tor con...Steps to reproduce:
1)
create file Browser/TorBrowser/Data/Browser/profile.default/user.js with contents:
// blank 1st line
user_pref("javascript.enabled", false);
user_pref("app.update.auto", false);
2)
Start Tor and wait for Tor connection pop up.
3)
Make sure user.js was included:
$ grep -e app.update.auto -e javascript.enabled Browser/TorBrowser/Data/Browser/profile.default/prefs.js
user_pref("app.update.auto", false);
user_pref("javascript.enabled", false);
4)
Click "Connect" to and wait for browser to start
5)
Check prefs.js again, and javascript.enabled is gone
$ grep -e app.update.auto -e javascript.enabled Browser/TorBrowser/Data/Browser/profile.default/prefs.js
user_pref("app.update.auto", false);
Expected behaviour:
According to Firefox documentation user.js may override any preference. There's a warning that plugins that ignore this won't pass certification.
After Tor has finished playing with the configuration it must apply the user.js again.
With the current setup there doesn't seem to be a way to start the Tor browser with javascript.enabled set to false and allow the user to change it to true if that want.
Background:
We are running Tor inside docker, so constantly downloading updates until we can update the docker image seems like unnecessary waste of precious onion bandwidth.
With app.update.auto set to false, we get a pop up which says there is a new version available so we can update in our own time.
With the current setup there doesn't seem to be a way to start the Tor browser with javascript.enabled set to false and allow the user to change it to true if that want.
**Trac**:
**Username**: davidnewcombhttps://gitlab.torproject.org/legacy/trac/-/issues/34143[RT-admins] Create new users accounts2020-06-13T17:02:06ZGus[RT-admins] Create new users accountsIsa asked to add these members to RT / queues:
Al - press - newsletter - donations
Bekeela - donations
Sue - donations
Erin - donationsIsa asked to add these members to RT / queues:
Al - press - newsletter - donations
Bekeela - donations
Sue - donations
Erin - donationsGusGus