Anonymous Ticket Portal issueshttps://gitlab.torproject.org/tpo/tpa/anon_ticket/-/issues2024-03-11T12:19:32Zhttps://gitlab.torproject.org/tpo/tpa/anon_ticket/-/issues/65Add an admin-only "notes" field to requests2024-03-11T12:19:32ZNick MathewsonAdd an admin-only "notes" field to requestsRight now if we want to make notes on a request we need to edit the request. That's error-prone and eventually will create problems.
Instead, each request should have a separate "notes" field. Only admins should be able to review and ...Right now if we want to make notes on a request we need to edit the request. That's error-prone and eventually will create problems.
Instead, each request should have a separate "notes" field. Only admins should be able to review and edit this field.jugajugahttps://gitlab.torproject.org/tpo/tpa/anon_ticket/-/issues/62Add tpo/applications/torbrowser-launcher to anon_ticket2024-03-05T10:05:20ZboklmAdd tpo/applications/torbrowser-launcher to anon_ticketI would like https://gitlab.torproject.org/tpo/applications/torbrowser-launcher to be added to anon_ticket, so that torbrowser-launcher tickets can be added/commented by @cypherpunks.
Thanks!I would like https://gitlab.torproject.org/tpo/applications/torbrowser-launcher to be added to anon_ticket, so that torbrowser-launcher tickets can be added/commented by @cypherpunks.
Thanks!Alexander Færøyahf@torproject.orgAlexander Færøyahf@torproject.orghttps://gitlab.torproject.org/tpo/tpa/anon_ticket/-/issues/59What is the markdown code can post multiple-line code in this website?2023-03-20T14:13:28ZcypherpunksWhat is the markdown code can post multiple-line code in this website?For example:
```
[NOTICE] New control connection opened from 127.0.0.1.
[NOTICE] Closing no-longer-configured Socks listener on 127.0.0.1:9150
[NOTICE] DisableNetwork is set. Tor will not make or accept non-control network connections...For example:
```
[NOTICE] New control connection opened from 127.0.0.1.
[NOTICE] Closing no-longer-configured Socks listener on 127.0.0.1:9150
[NOTICE] DisableNetwork is set. Tor will not make or accept non-control network connections. Shutting down all existing connections.
[WARN] Pluggable Transport process terminated with status code 13
[WARN] Pluggable Transport process terminated with status code 13
[WARN] Pluggable Transport process terminated with status code 13
[NOTICE] Opening Socks listener on 127.0.0.1:9150
[NOTICE] Opened Socks listener connection (ready) on 127.0.0.1:9150
[NOTICE] Bootstrapped 1% (conn_pt): Connecting to pluggable transport
[NOTICE] Bootstrapped 2% (conn_done_pt): Connected to pluggable transport
[NOTICE] Bootstrapped 10% (conn_done): Connected to a relay
[NOTICE] New control connection opened from 127.0.0.1.
[NOTICE] New control connection opened from 127.0.0.1.
[WARN] Problem bootstrapping. Stuck at 10% (conn_done): Connected to a relay. (DONE; DONE; count 1; recommendation warn; host 0000000000000000000000000000000000000000 at 143.110.214.222:80)
[WARN] 1 connections have failed:
[WARN] 1 connections died in state handshaking (TLS) with SSL state SSLv3/TLS write client hello in HANDSHAKE
[NOTICE] Closing no-longer-configured Socks listener on 127.0.0.1:9150
[NOTICE] DisableNetwork is set. Tor will not make or accept non-control network connections. Shutting down all existing connections.
[WARN] Pluggable Transport process terminated with status code 0
[NOTICE] New control connection opened from 127.0.0.1.
```https://gitlab.torproject.org/tpo/tpa/anon_ticket/-/issues/58Connection decreasing2023-01-17T22:36:06ZcypherpunksConnection decreasingHello!
Over the last few weeks, I have seen the number of connections I have keep decreasing throughout the day- unsure if this is just because the world is fucked up and limited internet access is available or if I have a bug or somet...Hello!
Over the last few weeks, I have seen the number of connections I have keep decreasing throughout the day- unsure if this is just because the world is fucked up and limited internet access is available or if I have a bug or something!
-Japneethttps://gitlab.torproject.org/tpo/tpa/anon_ticket/-/issues/57Unable to file arti bugs2023-01-09T20:05:06ZcypherpunksUnable to file arti bugsThere's no way to file a bug against arti on this anonymous ticket portal.There's no way to file a bug against arti on this anonymous ticket portal.Alexander Færøyahf@torproject.orgAlexander Færøyahf@torproject.orghttps://gitlab.torproject.org/tpo/tpa/anon_ticket/-/issues/54Link to The Tor Project / Core / Tor gives Server Error (500)2023-12-07T14:05:10ZcypherpunksLink to The Tor Project / Core / Tor gives Server Error (500)It's currently not possible to write a bug report in `The Tor Project / Core / Tor` because it gives `Server Error (500)`.\
I didn't checked if other projects are affected too.It's currently not possible to write a bug report in `The Tor Project / Core / Tor` because it gives `Server Error (500)`.\
I didn't checked if other projects are affected too.https://gitlab.torproject.org/tpo/tpa/anon_ticket/-/issues/52Can access all notes and corresponding UIDs2022-10-02T20:12:45ZcypherpunksCan access all notes and corresponding UIDsBy going to an URL like
https://anonticket.onionize.space/user/(any-valid-user-id)/projects/(any-valid-project)/issues/(any-issue-num)/notes/(note-num)/
(Example: https://anonticket.onionize.space/user/freely-reason-scurvy-coeditor-anoin...By going to an URL like
https://anonticket.onionize.space/user/(any-valid-user-id)/projects/(any-valid-project)/issues/(any-issue-num)/notes/(note-num)/
(Example: https://anonticket.onionize.space/user/freely-reason-scurvy-coeditor-anointer-jolly/projects/tor/issues/1/notes/33/)
it is possible to:
1) Easily get all cypherpunks' notes in order of creation, including unmoderated ones
2) Know which user created which note
3) Get User-Identifiers of all users, who created at least one note (and I think they are supposed to be kept secret)Alexander Færøyahf@torproject.orgAlexander Færøyahf@torproject.orghttps://gitlab.torproject.org/tpo/tpa/anon_ticket/-/issues/51"Generate identifier" "Create identifier"2023-12-07T14:54:45Zcypherpunks"Generate identifier" "Create identifier"A detail of user interface:
When I first landed on the anonymous ticket site, it offered "Create identifier" and "Login with identifier". However the Main Links bar on the left has "Generate identifier". Probably the result is the same, ...A detail of user interface:
When I first landed on the anonymous ticket site, it offered "Create identifier" and "Login with identifier". However the Main Links bar on the left has "Generate identifier". Probably the result is the same, but labeling the link differently makes it not obvious.https://gitlab.torproject.org/tpo/tpa/anon_ticket/-/issues/48Tor Browser 10.5 broke multiple homepages at start of the browser2021-07-19T18:42:13ZcypherpunksTor Browser 10.5 broke multiple homepages at start of the browserTor Browser 10.5 broke multiple homepages at start of the browser. Only one, the first one, opening after autoconnect. If you use "home page" button, still all of them opening in tabs thankfully.Tor Browser 10.5 broke multiple homepages at start of the browser. Only one, the first one, opening after autoconnect. If you use "home page" button, still all of them opening in tabs thankfully.https://gitlab.torproject.org/tpo/tpa/anon_ticket/-/issues/47Spyware and lazy staff2021-07-12T19:00:55ZcypherpunksSpyware and lazy staffYou know that your Android app is full of trackers and stupidly needless permissions like camera and microphone. We know you didn't put them there through choice but you DID leave them there through choice. Your snowflake survey reported...You know that your Android app is full of trackers and stupidly needless permissions like camera and microphone. We know you didn't put them there through choice but you DID leave them there through choice. Your snowflake survey reported 70% of feedback came from Android users yet you just knock us down with worse functionality and security in every update. Updates USED to fix issues with Tor, now they patch known issues whilst the patch creates another flaw in itself. People in humanitarian warzones aren't sat quietly with a laptop using tails, they are running around the middle of heat ridden nowhere using a cheap smartphone and prepaid data. Support the people who actually need it, not the floppy haired New Yorkers who use it for MDMA.https://gitlab.torproject.org/tpo/tpa/anon_ticket/-/issues/42Support merge requests, or at least some encouraged way to upload patches.2024-03-11T12:18:37ZNick MathewsonSupport merge requests, or at least some encouraged way to upload patches.It would be great to have full MR support, but until that can be done it would be great to have a recommended way to take patches from people. We should make it as easy as possible, including recommended git commands and all that.It would be great to have full MR support, but until that can be done it would be great to have a recommended way to take patches from people. We should make it as easy as possible, including recommended git commands and all that.jugajugahttps://gitlab.torproject.org/tpo/tpa/anon_ticket/-/issues/40Investigate python-gitlab2021-05-19T18:44:56ZMariaVInvestigate python-gitlabSponsor 102 Outreachy Project: Anonymous Ticket HandlingMariaVMariaVhttps://gitlab.torproject.org/tpo/tpa/anon_ticket/-/issues/39Research Secure Drop Interface2021-05-19T18:49:41ZMariaVResearch Secure Drop InterfaceLook at the secure drop interface for UX.Look at the secure drop interface for UX.Sponsor 102 Outreachy Project: Anonymous Ticket HandlingMariaVMariaVhttps://gitlab.torproject.org/tpo/tpa/anon_ticket/-/issues/38Confidential gitlab tickets for security issues?2024-03-11T12:18:13ZMike PerryConfidential gitlab tickets for security issues?We sometimes have anonymous people who find security issues in Tor and want to report them. Gitlab supports "confidential" tickets for this, but it would be nice if the reporter can flag an issue as potentially confidential, and/or the m...We sometimes have anonymous people who find security issues in Tor and want to report them. Gitlab supports "confidential" tickets for this, but it would be nice if the reporter can flag an issue as potentially confidential, and/or the moderator could mark the resulting gitlab ticket confidential. This is useful in case the bug report is an exploitable vulnerability that requires time to evaluate and produce a patch before someone else makes an exploit.
(This is for anonticket specifically: I would like both bug reporters and moderators to flag an issue on gitlab.)jugajugahttps://gitlab.torproject.org/tpo/tpa/anon_ticket/-/issues/37Test during all hands2021-04-07T16:39:42ZcypherpunksTest during all handsMade during callMade during callhttps://gitlab.torproject.org/tpo/tpa/anon_ticket/-/issues/35Set "Pending Review" filter by default2021-03-26T14:08:30ZboklmSet "Pending Review" filter by defaultOn the Issues and Notes admin pages, the default filter is "All" which includes already approved/rejected issues/notes. As the most common task is reviewing new issues/notes, maybe the "Pending Review" filter can be the default?On the Issues and Notes admin pages, the default filter is "All" which includes already approved/rejected issues/notes. As the most common task is reviewing new issues/notes, maybe the "Pending Review" filter can be the default?https://gitlab.torproject.org/tpo/tpa/anon_ticket/-/issues/34All created issues disappeared from landing page2021-04-22T16:43:07ZcypherpunksAll created issues disappeared from landing pageI'm a cypherpunk. I bookmarked my landing page. I made some issues. Today, when I opened my landing page, none of the issues I created were on the page. Notes are still there but not issues. "You have not created any issues." They were t...I'm a cypherpunk. I bookmarked my landing page. I made some issues. Today, when I opened my landing page, none of the issues I created were on the page. Notes are still there but not issues. "You have not created any issues." They were there a couple days ago.https://gitlab.torproject.org/tpo/tpa/anon_ticket/-/issues/33consider hostile markdown code as a threat model2021-04-22T16:43:41Zanarcatconsider hostile markdown code as a threat modelA [recent GitLab release](https://about.gitlab.com/releases/2021/03/17/security-release-gitlab-13-9-4-released/) patched an undisclosed "*Remote code execution via unsafe user-controlled markdown rendering options*" which allows "*unauth...A [recent GitLab release](https://about.gitlab.com/releases/2021/03/17/security-release-gitlab-13-9-4-released/) patched an undisclosed "*Remote code execution via unsafe user-controlled markdown rendering options*" which allows "*unauthorised authenticated users to execute arbitrary code on the server*".
This is particularly bad for us because the Anonymous Ticket Portal allows users to submit such Markdown code into the sytem. It's not clear to me how it could be done, but we might want to be more careful about the data we feed into GitLab, considering we are basically doing a privilege escalation here, by allowing multiple users to impersonate a single one here...
Also related to tpo/tpa/gitlab#81https://gitlab.torproject.org/tpo/tpa/anon_ticket/-/issues/32Add tpo/applications/tor-browser-build, tpo/applications/rbm, tpo/application...2021-04-12T16:57:36ZboklmAdd tpo/applications/tor-browser-build, tpo/applications/rbm, tpo/applications/tor-browser-bundle-testsuite to the list of projectsCan we add the following repos to the list of projects on https://anonticket.onionize.space/?
* https://gitlab.torproject.org/tpo/applications/tor-browser-build/
* https://gitlab.torproject.org/tpo/applications/rbm/
* https://gitlab.tor...Can we add the following repos to the list of projects on https://anonticket.onionize.space/?
* https://gitlab.torproject.org/tpo/applications/tor-browser-build/
* https://gitlab.torproject.org/tpo/applications/rbm/
* https://gitlab.torproject.org/tpo/applications/tor-browser-bundle-testsuite/
I can also help moderating tickets in those projects.
* email address: boklm@torproject.org
* preferred username: boklm
/cc @sysrqb @gk @richardGabagaba@torproject.orgGabagaba@torproject.orghttps://gitlab.torproject.org/tpo/tpa/anon_ticket/-/issues/27Can't see captcha and visit GitHub website using Linux desktop Tor Browser2021-02-26T16:35:34Zuser444Can't see captcha and visit GitHub website using Linux desktop Tor BrowserHello!
I can't see Google captcha using Tor Browser.
For example, screenshot: https://ibb.co/SN23Gxc
But I can't see Google captcha on any site.
I also can't access to GitHub's website: https://ibb.co/1b9Sqm7
I have no problems if I use ...Hello!
I can't see Google captcha using Tor Browser.
For example, screenshot: https://ibb.co/SN23Gxc
But I can't see Google captcha on any site.
I also can't access to GitHub's website: https://ibb.co/1b9Sqm7
I have no problems if I use Mozilla browser with Tor proxy or when I use Tor browser on Android.
I use Manjaro Linux and the latest version of Tor Browser in its community repositories (0.3.3-1).
Also, I use standard security level.
Hope for your help!