Tor Browser issueshttps://gitlab.torproject.org/tpo/applications/tor-browser/-/issues2023-07-28T13:04:27Zhttps://gitlab.torproject.org/tpo/applications/tor-browser/-/issues/41566Migrate maximizing warning panel out of torbutton to base-browser2023-07-28T13:04:27ZrichardMigrate maximizing warning panel out of torbutton to base-browserMigrate this functionality to a separate patch that lives somewhere near the letterboxing improvement patches in the base-browser section.Migrate this functionality to a separate patch that lives somewhere near the letterboxing improvement patches in the base-browser section.https://gitlab.torproject.org/tpo/applications/tor-browser/-/issues/41560Turning letterboxing off results in newtab not rendering2023-01-30T08:35:42ZThorinTurning letterboxing off results in newtab not renderingSTR (using latest alpha)
- TB not connected
- flip LB off
- in a new tab load a file:// scheme
- nothing shows
- toggle LB on, change to test tab, it shows
- now you can use that tab regardless of the LB pref, but new tabs will exhibit t...STR (using latest alpha)
- TB not connected
- flip LB off
- in a new tab load a file:// scheme
- nothing shows
- toggle LB on, change to test tab, it shows
- now you can use that tab regardless of the LB pref, but new tabs will exhibit the issue
Related to newtab window "clamping" _I think_ - I'll let you debug it = @ma1
<details><summary>behold my mighty gif making skills</summary><p>
![filescheme](/uploads/f36de91e40f5ae90a4d647e0091b3bd3/filescheme.gif)
</p></details>ma1ma1https://gitlab.torproject.org/tpo/applications/tor-browser/-/issues/41555HTTPS-only warning page (from Firefox) not suited for tor browser context2024-02-27T19:08:10ZhenryHTTPS-only warning page (from Firefox) not suited for tor browser contextCurrently, if you try and visit a HTTP website, like http.badssl.com, you get a warning page. But the text of the warning page comes from Firefox, and is not really suited for Tor Browser.
![screenshot of HTTPS-Only warning page](/uploa...Currently, if you try and visit a HTTP website, like http.badssl.com, you get a warning page. But the text of the warning page comes from Firefox, and is not really suited for Tor Browser.
![screenshot of HTTPS-Only warning page](/uploads/166669f773488064f40f4b3c3f33f151/Screenshot_from_2023-01-06_15-50-08.png)
Currently it says
> **HTTPS-Only Mode Alert**
>
> **Secure Site Not Available**
>
> You’ve enabled HTTPS-Only Mode for enhanced security, and a HTTPS version of http.badssl.com is not available.
The first part should probably be more like
> HTTPS-Only Mode is enabled in Tor Browser for enhanced security
since it is not a user choice to turn this on. Plus, the second part should probably be
> a HTTPS version of http.badssl.com was not found.
since the HTTPS version could be available on another circuit (or it may have been triggered by a timeout as in https://gitlab.torproject.org/tpo/applications/tor-browser/-/issues/41068).
In addition, the "Learn More…" link takes the user to https://support.mozilla.org/en-US/kb/https-only-prefs which includes a good explanation of HTTP vs HTTPS, but it has no Tor Browser or network context and gives instructions on how to turn on or off https-only mode.
Finally, we should probably let the user know that sometimes reloading the page with a new circuit can establish a HTTPS connection (e.g. if your current exit node is bad), and perhaps give them a button to do so.https://gitlab.torproject.org/tpo/applications/tor-browser/-/issues/41546Connect button fails silently if pressed immediatley after about:connect load2023-07-31T16:27:56ZcypherpunksConnect button fails silently if pressed immediatley after about:connect loadObserved apparently since 12.0 on multiple Windows machines (7, 2x10 at least).
After starting the browser and clicking `Connect` it waits a second as `Connecting` and returns to `Not connected` again. Clicking `Connect` second time work...Observed apparently since 12.0 on multiple Windows machines (7, 2x10 at least).
After starting the browser and clicking `Connect` it waits a second as `Connecting` and returns to `Not connected` again. Clicking `Connect` second time works as expected. Doesn't seem to be faulty mouse, but who knows.https://gitlab.torproject.org/tpo/applications/tor-browser/-/issues/41541Update builtin bridges from Circumvention Settings API2024-03-27T15:25:34Zmeskiomeskio@torproject.orgUpdate builtin bridges from Circumvention Settings APIRight now to update the builtin bridges we need to make a Tor Browser release, it would be nice if TB automatically updates them using [Circumvention Settings API](https://gitlab.torproject.org/tpo/anti-censorship/rdsys/-/blob/main/doc/m...Right now to update the builtin bridges we need to make a Tor Browser release, it would be nice if TB automatically updates them using [Circumvention Settings API](https://gitlab.torproject.org/tpo/anti-censorship/rdsys/-/blob/main/doc/moat.md#circumventionbuiltin).
There are two concerns I have about it:
* Users will not be happy with TB making a call to an external API without giving some consent about it.
* We don't want to make easier for censors to notice you are using Tor because of that.
I think it makes sense to update when we do other connections to moat (Connect Assist, captcha bridges, ...), I assume user has already consent to do a request to the API on those cases and having an extra connection over the domain fronting should not make it more noticeable than it already is. We could store when was the last time we had updated them, and don't update them is they are fresh (maybe 24h is a good freshness).
An extra that would be nice is to ask the user if they want to refresh the builtin bridges when they click on Settings to *Select a Built-In Bridge*. I think we should only ask if bridges hasn't being refreshed for a while (maybe 7days). The confirmation popup could have a check box with 'remember that option' or something like that, so the following times they enable builtin bridges we refresh or not without asking (if the bridges hasn't being refreshed in 7days).Sponsor 96: Rapid Expansion of Access to the Uncensored Internet through Tor in China, Hong Kong, & Tibetma1ma1https://gitlab.torproject.org/tpo/applications/tor-browser/-/issues/41539Crypto warning weaknesses2023-01-30T08:35:42ZhenryCrypto warning weaknessesThe "Bug 40209: Implement Basic Crypto Safety" patch (`73640da2c4e719493b45fb6140f7ad2666326d89`) is trying to prevent users using malicious crypto addresses from HTTP websites. It does this under the following condition
1. The website ...The "Bug 40209: Implement Basic Crypto Safety" patch (`73640da2c4e719493b45fb6140f7ad2666326d89`) is trying to prevent users using malicious crypto addresses from HTTP websites. It does this under the following condition
1. The website is HTTP and not `.onion` (so vulnerable to being spoofed).
2. The user [copies or cuts text](https://gitlab.torproject.org/tpo/applications/tor-browser/-/commit/73640da2c4e719493b45fb6140f7ad2666326d89#17431c47080b50e91d17ade0423f534d7467c15d_0_75)
3. And the copied text [looks like a crypto address](https://gitlab.torproject.org/tpo/applications/tor-browser/-/commit/73640da2c4e719493b45fb6140f7ad2666326d89#17431c47080b50e91d17ade0423f534d7467c15d_0_78)
In this case it shows the user a popup warning them about the potential inserted crypto address.
## Weaknesses
I can think of three weaknesses to this approach.
### White space
Currently, [we only trim the copied text](https://gitlab.torproject.org/tpo/applications/tor-browser/-/commit/73640da2c4e719493b45fb6140f7ad2666326d89#17431c47080b50e91d17ade0423f534d7467c15d_0_77) rather than remove all whitespace within as well. This means that you can just insert some whitespace in the address (they could make it look presentational, or use CSS to hide it) and the user won't get a warning.
It is not that usually for text inputs to consume (some) whitespace. And even if it didn't, a user that has already copied the text will probably just remove the whitespace themselves after pasting.
### Drag and drop
No warning is triggered if the user starts dragging the crypto address. Maybe this doesn't come up much, but the website could try and encourage it by just writing "Drag and drop the address below". Or setting `user-select: none` but making the address draggable.
### Copying the address manually
If you set `user-select: none` on the address then there is no way to copy the text. If the user already trusts the HTTP website, then they may just copy out the address by hand. Maybe they wouldn't bother with the length of some addresses though.
## Risk
I'm not sure how high the risk is since we have HTTPS-always now. But we have decided to still keep the crypto warning in place as a protective measure.henryhenryhttps://gitlab.torproject.org/tpo/applications/tor-browser/-/issues/41516100 pixels is letterboxed from the bottom of the window after clicking "New I...2023-08-22T20:56:51ZGhost User100 pixels is letterboxed from the bottom of the window after clicking "New Identity"### Environment
I'm using Windows 11 22H2 with 200% scaling on a 4K monitor.
### Steps to reproduce:
1. Freshly open Tor Browser
2. Visit a website and there will be no letterboxing and the browser size will be 1000x900.
3. Press the Ne...### Environment
I'm using Windows 11 22H2 with 200% scaling on a 4K monitor.
### Steps to reproduce:
1. Freshly open Tor Browser
2. Visit a website and there will be no letterboxing and the browser size will be 1000x900.
3. Press the New Identity button.
4. Visit a website and the window will look to be the same size as before but 100 "browser pixels" will be letterboxed from the bottom.
### What is the current bug behavior?
The full amount of the default browser window size is not used after pressing New Identity and is letterboxed.
### What is the expected behavior?
The default browser window size after pressing New Identity should be big enough that there is no letterboxing.ma1ma1https://gitlab.torproject.org/tpo/applications/tor-browser/-/issues/41515Letterboxing can change by a few px unnecessarily when opening find bar.2023-01-05T12:16:53ZhenryLetterboxing can change by a few px unnecessarily when opening find bar.## Steps to reproduce
1. Open a web page.
2. Resize the window so you have some significant letterbox padding at the bottom that can fit the find bar.
3. Open and close the find bar with Ctrl+F and Esc respectively.
## Result
The lett...## Steps to reproduce
1. Open a web page.
2. Resize the window so you have some significant letterbox padding at the bottom that can fit the find bar.
3. Open and close the find bar with Ctrl+F and Esc respectively.
## Result
The letterbox padding jumps up and down by a few pixels during the transition. This is measurable by `window.innerHeight`.
## Expect
The letterbox size should remain the same whilst the find bar is being revealed or closed.
## Cause?
I think this may have something to do with the findbar's CSS `transition` properties. During the transition the findbar is changing in size.ma1ma1https://gitlab.torproject.org/tpo/applications/tor-browser/-/issues/41510The "Restore Defaults" doesn't restore the Security Level preferences2023-04-19T11:34:54ZPier Angelo VendrameThe "Restore Defaults" doesn't restore the Security Level preferencesWhile reviewing !464, I've noticed that the "Restore Defaults" link in about:preferences#privacy doesn't do anything (see also https://gitlab.torproject.org/tpo/applications/tor-browser/-/merge_requests/464#note_2860237).
Initially, I t...While reviewing !464, I've noticed that the "Restore Defaults" link in about:preferences#privacy doesn't do anything (see also https://gitlab.torproject.org/tpo/applications/tor-browser/-/merge_requests/464#note_2860237).
Initially, I thought adding an `is="text-link"` was enough, because some telemetry nonsense looks for that attribute, which we're missing and we get an exception that is visible in the console.
However, adding it doesn't seem to be enough, and we might need some additional investigation.
As a workaround, the button in the panel works, so we might release 12.0 with this problem, and add it to known bugs.
/cc @richard @duncanhttps://gitlab.torproject.org/tpo/applications/tor-browser/-/issues/41483Tor Browser says Firefox timed out, confusing users2022-12-07T08:44:31ZHackerNCoderhackerncoder@encryptionin.spaceTor Browser says Firefox timed out, confusing usersIf a connection times out, Tor Browser will display the default Firefox page stating "Firefox can’t establish a connection to the server". At least two people I have talked to have been confused by this, thinking it had something to do w...If a connection times out, Tor Browser will display the default Firefox page stating "Firefox can’t establish a connection to the server". At least two people I have talked to have been confused by this, thinking it had something to do with a separate Firefox installation. Please consider whether to change this.Sponsor 131 - Phase 2 - Privacy Browserhenryhenryhttps://gitlab.torproject.org/tpo/applications/tor-browser/-/issues/41482Bridge cards should inform users when a bridge isn't working2024-01-29T19:06:20ZGusBridge cards should inform users when a bridge isn't workingWhen a user requests a bridge using one of the bridge distributors (moat, telegram, connection assist), some of them may be blocked in their region. Users can see which bridge is failing on their Tor logs. Is it possible to display that ...When a user requests a bridge using one of the bridge distributors (moat, telegram, connection assist), some of them may be blocked in their region. Users can see which bridge is failing on their Tor logs. Is it possible to display that information on the bridge card so they don't need to check the logs?https://gitlab.torproject.org/tpo/applications/tor-browser/-/issues/41479Verify browser.startup.homepage_override.buildID and update mechanisms2023-10-09T17:00:12ZPier Angelo VendrameVerify browser.startup.homepage_override.buildID and update mechanismsWe have a mechanism to make `about:tor` open an update page, with a few preferences involved.
We should review it.
Also, we write `browser.startup.homepage_override.buildID`, and so we could possibly remove it from the profile.We have a mechanism to make `about:tor` open an update page, with a few preferences involved.
We should review it.
Also, we write `browser.startup.homepage_override.buildID`, and so we could possibly remove it from the profile.https://gitlab.torproject.org/tpo/applications/tor-browser/-/issues/41434Letterboxing bypass through secondary tab (popup/popunder...)2022-12-08T17:41:30Zma1Letterboxing bypass through secondary tab (popup/popunder...)We should apply letterboxing to about:blank (we currently do not) because any web page can read the DOM of a new window/tab it creates.
And even if we do, current letterboxing implementation seems to have a race condition allowing the op...We should apply letterboxing to about:blank (we currently do not) because any web page can read the DOM of a new window/tab it creates.
And even if we do, current letterboxing implementation seems to have a race condition allowing the opener to bypass letterboxing.
PoC:
https://people.torproject.org/~ma1/bugs/lb/
@richard , @pierovSponsor 131 - Phase 5 - Ongoing Maintenancema1ma1https://gitlab.torproject.org/tpo/applications/tor-browser/-/issues/41401Missing some mozilla icons because we still loading them from "chrome://brows...2022-10-27T17:56:38ZhenryMissing some mozilla icons because we still loading them from "chrome://browser/skin" rather than "chrome://global/skin/icons"I noticed that the "Onion Services Keys" prefernces dialog is missing its warning icon because it still uses "chrome://browser/skin/warning.svg" rather than "chrome://global/skin/icons/warning.svg". I'm guessing these icon paths were cha...I noticed that the "Onion Services Keys" prefernces dialog is missing its warning icon because it still uses "chrome://browser/skin/warning.svg" rather than "chrome://global/skin/icons/warning.svg". I'm guessing these icon paths were changed in mozilla-central. Some have been converted in our patches, but not all.Sponsor 131 - Phase 3 - Major ESR 102 Migrationhenryhenryhttps://gitlab.torproject.org/tpo/applications/tor-browser/-/issues/41361Integrate the Conjure PT into alpha versions of Tor Browser2023-06-29T17:45:14ZCecylia BocovichIntegrate the Conjure PT into alpha versions of Tor BrowserLooks like it's going to be easily done on all platforms. See https://gitlab.torproject.org/tpo/anti-censorship/pluggable-transports/conjure/-/issues/14Looks like it's going to be easily done on all platforms. See https://gitlab.torproject.org/tpo/anti-censorship/pluggable-transports/conjure/-/issues/14Sponsor 30 - Objective 2.3Cecylia BocovichCecylia Bocovichhttps://gitlab.torproject.org/tpo/applications/tor-browser/-/issues/41350Move the implementation of Bug 19273 out of Torbutton2023-04-18T17:46:38ZPier Angelo VendrameMove the implementation of Bug 19273 out of TorbuttonBug #19273 (e.g., 2cce8efa3cede0324b58e2e9a6b2b40e5a48bb87) has a part in Torbutton.
We should move it outside of it, and possibly move it before other Tor patches.
Uplifting it would be lovely, but very unlikely (since it explicitly s...Bug #19273 (e.g., 2cce8efa3cede0324b58e2e9a6b2b40e5a48bb87) has a part in Torbutton.
We should move it outside of it, and possibly move it before other Tor patches.
Uplifting it would be lovely, but very unlikely (since it explicitly says to use only Tor or Tails).
Finally, the title is a bit misleading, we could reword it to say it's the external app warning dialog, rather than saying "prevent JS from hijacking", even though this was the original reason for that ticket.Sponsor 131 - Phase 2 - Privacy BrowserDan BallardDan Ballardhttps://gitlab.torproject.org/tpo/applications/tor-browser/-/issues/41341Fix style and position of "Always Prioritize Onions" wingpanel2023-11-16T00:29:05ZdonutsFix style and position of "Always Prioritize Onions" wingpanelIt looks like we missed this one during the proton-ification of Tor Browser 11.0:
![always-prioritize-onions](/uploads/09fb1f753433285f88c94e9d7bf758b9/always-prioritize-onions.png)
It's not disastrous, but we should fix the body font ...It looks like we missed this one during the proton-ification of Tor Browser 11.0:
![always-prioritize-onions](/uploads/09fb1f753433285f88c94e9d7bf758b9/always-prioritize-onions.png)
It's not disastrous, but we should fix the body font weight for readability and the alignment of the whole wingpanel with the `.onion available` pill so it's clearer what it's referring to.henryhenryhttps://gitlab.torproject.org/tpo/applications/tor-browser/-/issues/41335Establish a common onboarding template for both browsers2024-02-15T14:50:07ZdonutsEstablish a common onboarding template for both browsersTor Browser's current onboarding template is a port of an older version from Firefox. We should explore alternatives here before deciding on a template, e.g. the practicality of modifying Firefox's current built-in format.Tor Browser's current onboarding template is a port of an older version from Firefox. We should explore alternatives here before deciding on a template, e.g. the practicality of modifying Firefox's current built-in format.Sponsor 131 - Phase 2 - Privacy Browserhttps://gitlab.torproject.org/tpo/applications/tor-browser/-/issues/41317Tor Browser leaks banned ports in network.security.ports.banned2023-02-22T14:54:12Zcypherpunks1Tor Browser leaks banned ports in network.security.ports.bannedIn Tor Browser linux releases, the start-tor-browser script suggests modifying the network.security.ports.banned preference when using a system-installed Tor process.
However, the ports banned using this preference are leaked by the bro...In Tor Browser linux releases, the start-tor-browser script suggests modifying the network.security.ports.banned preference when using a system-installed Tor process.
However, the ports banned using this preference are leaked by the browser and custom preferences can be detected. For example, Tails users can be easily identified due to using a custom preference.
Code to detect banned ports can be found here:
https://pseudo-flaw.net/tor/torbutton/detect-banned-ports.html
https://privacycheck.sec.lrz.de/active/fp_je/fp_js_echo.htmlSponsor 131 - Phase 3 - Major ESR 102 Migrationma1ma1https://gitlab.torproject.org/tpo/applications/tor-browser/-/issues/41219Tor Browser for Android nightly (9/14) does not start: "Cookie Auth file not ...2024-01-18T17:38:54ZGeorg KoppenTor Browser for Android nightly (9/14) does not start: "Cookie Auth file not created"While testing the first nightly on an aarch64 system I did not get very far:
```
09-17 12:05:12.777 29655 29802 I OnionProxyManager: Starting Tor
09-17 12:05:12.778 29655 29802 I OnionProxyManager: Starting process
09-17 12:05:12.790 296...While testing the first nightly on an aarch64 system I did not get very far:
```
09-17 12:05:12.777 29655 29802 I OnionProxyManager: Starting Tor
09-17 12:05:12.778 29655 29802 I OnionProxyManager: Starting process
09-17 12:05:12.790 29655 29802 I OnionProxyManager: Waiting for control port
09-17 12:05:12.812 29655 29821 I OnionProxyManager: Sep 17 12:05:12.804
[notice] Tor 0.4.5.0-alpha-dev (git-1c4b140427aeb36d) running on Linux
with Libevent 2.1.11-stable, OpenSSL 1.1.1g, Zlib 1.2.11, Liblzma N/A,
Libzstd 1.4.4 and Unknown N/A as libc.
09-17 12:05:12.813 29655 29821 I OnionProxyManager: Sep 17 12:05:12.805
[notice] Tor can't help you if you use it wrong! Learn how to be safe at
https://www.torproject.org/download/download#warning
09-17 12:05:12.813 29655 29821 I OnionProxyManager: Sep 17 12:05:12.806
[notice] This version is not a stable Tor release. Expect more bugs than
usual.
09-17 12:05:12.813 29655 29821 I OnionProxyManager: Sep 17 12:05:12.806
[notice] Read configuration file
"/data/user/0/org.torproject.torbrowser_alpha/app_torservice/torrc".
09-17 12:05:12.815 29823 29823 I Tor : Tor 0.4.5.0-alpha-dev
(git-1c4b140427aeb36d) running on Linux with Libevent 2.1.11-stable,
OpenSSL 1.1.1g, Zlib 1.2.11, Liblzma N/A, Libzstd 1.4.4 and Unknown N/A
as libc.
09-17 12:05:12.815 29823 29823 I Tor : Tor 0.4.5.0-alpha-dev
(git-1c4b140427aeb36d) running on Linux with Libevent 2.1.11-stable,
OpenSSL 1.1.1g, Zlib 1.2.11, Liblzma N/A, Libzstd 1.4.4 and Unknown N/A
as libc.
09-17 12:05:12.815 29823 29823 I Tor : Tor can't help you if you use
it wrong! Learn how to be safe at
https://www.torproject.org/download/download#warning
09-17 12:05:12.815 29823 29823 I Tor : Tor can't help you if you use
it wrong! Learn how to be safe at
https://www.torproject.org/download/download#warning
09-17 12:05:12.815 29823 29823 I Tor : This version is not a stable
Tor release. Expect more bugs than usual.
09-17 12:05:12.815 29823 29823 I Tor : This version is not a stable
Tor release. Expect more bugs than usual.
09-17 12:05:12.815 29655 29821 I OnionProxyManager: Sep 17 12:05:12.814
[notice] Opening Control listener on 127.0.0.1:0
09-17 12:05:12.815 29823 29823 I Tor : Read configuration file
"/data/user/0/org.torproject.torbrowser_alpha/app_torservice/torrc".
09-17 12:05:12.815 29823 29823 I Tor : Read configuration file
"/data/user/0/org.torproject.torbrowser_alpha/app_torservice/torrc".
09-17 12:05:12.815 29823 29823 I Tor : Opening Control listener on
127.0.0.1:0
09-17 12:05:12.815 29823 29823 I Tor : Opening Control listener on
127.0.0.1:0
09-17 12:05:12.815 29823 29823 I Tor : Control listener listening on
port 43604.
09-17 12:05:12.815 29655 29821 I OnionProxyManager: Sep 17 12:05:12.814
[notice] Control listener listening on port 43604.
09-17 12:05:12.815 29823 29823 I Tor : Control listener listening on
port 43604.
09-17 12:05:12.815 29823 29823 I Tor : Opened Control listener
connection (ready) on 127.0.0.1:43604
09-17 12:05:12.815 29823 29823 I Tor : Opened Control listener
connection (ready) on 127.0.0.1:43604
09-17 12:05:12.815 29823 29823 I Tor : DisableNetwork is set. Tor
will not make or accept non-control network connections. Shutting down
all existing connections.
09-17 12:05:12.815 29655 29821 I OnionProxyManager: Sep 17 12:05:12.814
[notice] Opened Control listener connection (ready) on 127.0.0.1:43604
09-17 12:05:12.815 29823 29823 I Tor : DisableNetwork is set. Tor
will not make or accept non-control network connections. Shutting down
all existing connections.
09-17 12:05:12.815 29655 29821 I OnionProxyManager: Sep 17 12:05:12.814
[notice] DisableNetwork is set. Tor will not make or accept non-control
network connections. Shutting down all existing connections.
09-17 12:05:12.815 29823 29823 W Tor : Your log may contain
sensitive information - you disabled SafeLogging, and you're logging
more than "notice". Don't log unless it serves an important reason.
Overwrite the log afterwards.
09-17 12:05:12.816 29823 29823 W Tor : Your log may contain
sensitive information - you disabled SafeLogging, and you're logging
more than "notice". Don't log unless it serves an important reason.
Overwrite the log afterwards.
09-17 12:05:12.816 29823 29823 I Tor :
options_commit_listener_transaction: Recomputed OOS thresholds:
ConnLimit 1000, ConnLimit_ 1292, ConnLimit_high_thresh 1228,
ConnLimit_low_thresh 969
09-17 12:05:12.816 29823 29823 I Tor :
options_commit_listener_transaction: Recomputed OOS thresholds:
ConnLimit 1000, ConnLimit_ 1292, ConnLimit_high_thresh 1228,
ConnLimit_low_thresh 969
09-17 12:05:12.816 29823 29823 I Tor : crypto_openssl_late_init: NOT
using OpenSSL engine support.
09-17 12:05:12.816 29823 29823 I Tor : crypto_openssl_late_init: NOT
using OpenSSL engine support.
09-17 12:05:12.816 29823 29823 I Tor : evaluate_evp_for_aes: This
version of OpenSSL has a known-good EVP counter-mode implementation.
Using it.
09-17 12:05:12.816 29823 29823 I Tor : evaluate_evp_for_aes: This
version of OpenSSL has a known-good EVP counter-mode implementation.
Using it.
09-17 12:05:12.816 29823 29823 D Tor : tor_disable_debugger_attach:
Attemping to disable debugger attachment to Tor for unprivileged users.
09-17 12:05:12.816 29823 29823 D Tor : tor_rename: Renaming
/data/user/0/org.torproject.torbrowser_alpha/app_torservice/lib/tor/control.txt.tmp
to
/data/user/0/org.torproject.torbrowser_alpha/app_torservice/lib/tor/control.txt
09-17 12:05:12.817 29823 29823 I Tor : tor_lockfile_lock: Locking
"/data/user/0/org.torproject.torbrowser_alpha/app_torservice/.tor/lock"
09-17 12:05:12.817 29823 29823 I Tor : tor_lockfile_lock: Locking
"/data/user/0/org.torproject.torbrowser_alpha/app_torservice/.tor/lock"
09-17 12:05:12.817 29823 29823 W Tor : It looks like another Tor
process is running with the same data directory. Waiting 5 seconds to
see if it goes away.
09-17 12:05:12.817 29823 29823 W Tor : It looks like another Tor
process is running with the same data directory. Waiting 5 seconds to
see if it goes away.
09-17 12:05:12.817 29655 29802 I OnionProxyManager: Created control port
file: time = 27ms
09-17 12:05:12.821 29655 29802 I OnionProxyManager: Waiting for cookie
auth file
09-17 12:05:17.818 29823 29823 I Tor : tor_lockfile_lock: Locking
"/data/user/0/org.torproject.torbrowser_alpha/app_torservice/.tor/lock"
09-17 12:05:17.818 29823 29823 I Tor : tor_lockfile_lock: Locking
"/data/user/0/org.torproject.torbrowser_alpha/app_torservice/.tor/lock"
09-17 12:05:17.818 29823 29823 E Tor : No, it's still there. Exiting.
09-17 12:05:17.818 29823 29823 E Tor : No, it's still there. Exiting.
09-17 12:05:17.818 29823 29823 E Tor : set_options: Bug: Acting on
config options left us in a broken state. Dying. (on Tor
0.4.5.0-alpha-dev 1c4b140427aeb36d)
09-17 12:05:17.818 29823 29823 E Tor : set_options: Bug: Acting on
config options left us in a broken state. Dying. (on Tor
0.4.5.0-alpha-dev 1c4b140427aeb36d)
09-17 12:05:17.819 29823 29823 E Tor : Reading config failed--see
warnings above.
09-17 12:05:17.819 29823 29823 E Tor : Reading config failed--see
warnings above.
09-17 12:05:17.828 29823 29823 D Tor : channel_tls_free_all:
Shutting down TLS channels...
09-17 12:05:17.828 29823 29823 D Tor : channel_tls_free_all: Done
shutting down TLS channels
09-17 12:05:17.828 29823 29823 D Tor : channel_free_all: Shutting
down channels...
09-17 12:05:17.828 29823 29823 D Tor : channel_free_all: Freeing
channel_identity_map
09-17 12:05:17.828 29823 29823 D Tor : channel_free_all: Freeing
channel_gid_map
09-17 12:05:17.829 29823 29823 D Tor : channel_free_all: Done
cleaning up after channels
09-17 12:05:17.830 29823 29823 D Tor : connection_free_minimal:
closing fd 7.
09-17 12:05:17.830 29823 29823 D Tor : scheduler_free_all: Shutting
down scheduler
09-17 12:05:17.831 29823 29823 D Tor : subsystems_shutdown_downto:
Shutting down dirauth
09-17 12:05:17.832 29823 29823 D Tor : subsystems_shutdown_downto:
Shutting down btrack
09-17 12:05:17.832 29823 29823 D Tor : subsystems_shutdown_downto:
Shutting down relay
09-17 12:05:17.832 29823 29823 D Tor : subsystems_shutdown_downto:
Shutting down or
09-17 12:05:17.832 29823 29823 D Tor : subsystems_shutdown_downto:
Shutting down mainloop
09-17 12:05:17.833 29823 29823 D Tor : subsystems_shutdown_downto:
Shutting down process
09-17 12:05:17.834 29823 29823 D Tor : subsystems_shutdown_downto:
Shutting down evloop
09-17 12:05:17.834 29823 29823 D Tor : subsystems_shutdown_downto:
Shutting down network
09-17 12:05:17.835 29823 29823 D Tor : subsystems_shutdown_downto:
Shutting down crypto
09-17 12:05:17.835 29823 29823 D Tor : subsystems_shutdown_downto:
Shutting down log
09-17 12:05:27.828 29655 29802 E BaseEventBroadcaster: Unable to start
Tor: java.io.IOException: Cookie Auth file not created:
/data/user/0/org.torproject.torbrowser_alpha/app_torservice/lib/tor/control_auth_cookie,
len = 0
09-17 12:05:27.828 29655 29802 E BaseEventBroadcaster:
java.io.IOException: Cookie Auth file not created:
/data/user/0/org.torproject.torbrowser_alpha/app_torservice/lib/tor/control_auth_cookie,
len = 0
09-17 12:05:27.828 29655 29802 E BaseEventBroadcaster: at
com.msopentech.thali.toronionproxy.OnionProxyManager.start(OnionProxyManager.java:47)
09-17 12:05:27.828 29655 29802 E BaseEventBroadcaster: at
com.msopentech.thali.android.toronionproxy.AndroidOnionProxyManager.start(AndroidOnionProxyManager.java:1)
09-17 12:05:27.828 29655 29802 E BaseEventBroadcaster: at
org.torproject.android.service.TorService.startTor(TorService.java:12)
09-17 12:05:27.828 29655 29802 E BaseEventBroadcaster: at
org.torproject.android.service.TorService.access$1000(TorService.java:1)
09-17 12:05:27.828 29655 29802 E BaseEventBroadcaster: at
org.torproject.android.service.TorService$IncomingIntentRouter.run(TorService.java:17)
09-17 12:05:27.828 29655 29802 E BaseEventBroadcaster: at
java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1162)
09-17 12:05:27.828 29655 29802 E BaseEventBroadcaster: at
java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:636)
09-17 12:05:27.828 29655 29802 E BaseEventBroadcaster: at
java.lang.Thread.run(Thread.java:784)
```
There are bunch of things weird here. First of all, I don't have any
other Tor Browser running nor Orbot installed on that tablet. So, it's
not obvious what is interfering with Tor Browser.
Secondly, for some reason two tor's are started (and both are dying
later) which seems wrong to me.