Custom Query (4363 matches)

Filters
 
Or
 
  
 
Columns

Show under each result:


Results (901 - 1000 of 4363)

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20
Ticket Summary Status Owner Type Priority Milestone
#10577 TorBrowser Health Report pane is misleading new tbb-team defect Medium
Description

If a user opens the TorBrowser (en-US) preferences and selects Advanced -> Data Choices she is greeted with:

TorBrowser Health Report
  Helps you understand your browser performance and shares data with Tor
  Project about your browser health.

  [ ] Enable TorBrowser Health Report                              Learn More

There are several things wrong with that pane: 1) The Tor Project is not collecting such information even if the Health Report "feature" gets enabled. 2) The link behind "Learn more" is pointing to Mozilla.

So, there is at least some branding wrong. Not sure if we want to be more radical and get e.g. rid of that pane altogether.

#10583 connection_bucket_write_limit reveals used link protocol new defect Medium Tor: unspecified
Description

Plain text of TLS record can't be more than 16384 bytes. Tor before v4 link protocol used 512 bytes cells. connection_bucket_write_limit allows to flush not more than 32 cells. That was 16K limit exactly. With v4 size of cells changed, now it's 514 bytes, and connection_bucket_write_limit allows to flush 32 cells still that in result more than 16Kbytes. Passive adversary can to detect used protocol, and openssl can to create two records per one flush while second record contains not so much actual bytes.

#10586 Login problems in a forum site new tbb-team defect Medium
Description

Tor version: 3.5

Issue: After logging in at https://powdertoy.co.uk/Login.html then going to other pages in site (other than the login page), the online/logged-in status disappears (i.e., essentially not logged in again).

Note: This is unusual as I was able to login at the same site previously when using older versions of Tor (2.x).

#10600 Ruleset - expertflyer.com new pde defect Low
Description

Ruleset breaks certain forms within the website, resulting in a javascript error being thrown.

#10606 about:tor may fetch the "you're using Tor" page from browser cache new erinn defect Medium
Description

Using tor-browser-linux64-3.5_en-US.tar.xz

While doing some tests and having disabled the Tor Launcher browser addon (so the Tor gateway doesn't actually get started with the browser) I noticed:

about:tor

still says

"you're using Tor"

even if the Tor gateway isn't running at all for whatever reason.

If it's possible that about:tor gets fetched from browser cache, this page doesn't prove anything

#10607 Tor Browser Bundle 3.5 holds open files (gvfsd-metadata) new tbb-team defect Medium
Description

gvfsd-met 16712 user mem REG 254,0 32768 1320143 /media/usb/tor-browser_en-US/.local/share/gvfs-metadata/uuid-306b4a6d-65c2-4d17-8696-97cca175bf5d-ffd15c89.log

These file handles persist after closing the browser and trying to eject the removal media causing errors on dismounting because a file is still held open by a process. I think this obviously needs to be fixed as it prevents tbb being "portable" in a sense.

Another related bug is https://trac.torproject.org/projects/tor/ticket/8707 described this issue as a privacy leak when it was being stored in the $HOME directory of users now that it is stored in tors directory it presents a new problem. I had commented on the previous bug about this but decided to move it to a new bug so it could get some attention and it's not exactly the same issue.

#10609 aggregate.py unhappy with input data new aagbsn defect Medium
Description
ERROR[Sat Jan 11 06:40:03 2014]:Exception during aggregate: empty string for float()
Traceback (most recent call last):
  File "/home/bwscanner/torflow/NetworkScanners/BwAuthority/aggregate.py", line 876, in <module>
    main(sys.argv)
  File "/home/bwscanner/torflow/NetworkScanners/BwAuthority/aggregate.py", line 424, in main
    timestamp = float(fp.readline())
ValueError: empty string for float()

Could it be that we have a race here?

$ cat .git/refs/heads/master 
229e5e64680a1a3caf496ce2c1e5d064b5edd080
$ git submodule status
 4fdd2031e6b231ed4bbaa79940f67e9b8f691382 TorCtl (2013-10-16)
#10623 Vidalia standalone is a tarbomb new erinn defect Medium
Description
  1. wget https://people.torproject.org/~erinn/vidalia-standalone-bundles/vidalia-standalone-0.2.21-gnu-linux-x86_64-1-en-US.tar.gz
  2. tar zxvf vidalia-standalone-0.2.21-gnu-linux-x86_64-1-en-US.tar.gz
  3. BOOM

Is this by design? I was not expecting it and it made a mess of my home directory.

Not sure how obscure "tarbomb" is, so: https://en.wikipedia.org/wiki/Tar_%28computing%29#Tarbomb

#10626 onion won't peel needs_information erinn defect Medium
Description

i downloaded and installed TorBrowserBunudle Ver3.5. the very first time i ran it i saw this, (see the 1st attachment).
i clicked connect and saw this (see second attachment). then i was able to connect and surf, (see third attachment).

i then closed the browser and reopen a while latter, this is what i saw.(fourth attachment) entered address and saw this,
(fifth attachment). thought that i might have done something wrong during installation, so i deleted the Tor folder and tried again. got the same thing.

next thing i thought was firewall, i use zonealarm and the router has one.
i checked zonealarm and the only thing that i found in it for Tor was Plugin Hang UI for Tor Browsers. set this to trusted and allow on everything. then i checked the router/gatway. i'm kinda leary of giving out the info on that, but i will if need be.also i will say that my isp is att and it came from them. also i wonder if att might be the source of the problem, they are part of the six strike deal and they have said at the end of last year that they have technology, to track bit torrents and other stuff don't remember extactly right now. i don't know if they block or filter anything.

anyway i checked the firewall settings for the router/gateway, and didn't see anything that pertained to Tor that might stop it.
or at least i think i did, not sure.  

after doing this i reinstalled Tor, did the same thing.the next time i reinstalled, in the Tor Settings box that come up instead of connect, i clicked configure box. first time i did this i didn't know all the answers and just said no, and then it connected again. closed it and got the same as before able to connect first time unable to after closing and reopen.
so uninstall, reinstall again, this time in the i tried to copy firefox's settings. i use firefox 26, thing is that firefox is set for auto detect proxy settings for this network( see the sixth attachment).. so i had no settings to go by and just clicked out no.was able to connect the first time , but not after closing. so in what is suppose to be the Tor browser (seventh attachment), i went to options, set to auto detect proxy host, cleared out  proxy host box, port box and no proxy for box. no joy. does the same thing.( 8th attachment).


i then emailed help@torproject, told them the same thing after about about emails, in which all they said was i had the wrong version or i wasn't starting Tor right. then after i gave them more details of  the steps i did. they said they didn't know and to start a bug trac. so here i 'am. does anyone have any idea what i should do.

i really want to use Tor, but i cant, and uninstall, or should i say extract and deleteing it over and over is not a option.    

#10630 MacOS TBB 3.5 hang (due to popups?) needs_information mikeperry defect Medium
Description

I am on the OS X 10.9 running the New Tor Browser Bundle Firefox ESR 24.2.0 and the browser hanged (frozen state) three times. I could not get an example of the process because of the freezing mode that the Browser was. It seems that when it gets to some sites, the site try to send a pop up window and the browser interface refuses to accept and everything hangs from there.

#10631 LinkedIn page freezes Tor Browser reopened defect Medium
Description

The following page freezes with Tor Browser Bundle 3.5 on Linux:

http://no.linkedin.com/pub/torfinn-ingolfsen/3/6a9/981

It does not freeze for vanilla Firefox 24 ESR. Occurs on two different Linux machines (one 32-bit, one 64-bit).

Aside: There seems to be no Trac milestone, version, or component applicable to TBB. Am I reporting to the correct tracker?

#10637 Apt errors and Warnings with Tor Cloud new defect Medium
Description

Hi,

When doing apt-get update, there are some warnings/errors displayed: sudo apt-get update Get:1 http://us-east-1.ec2.archive.ubuntu.com precise Release.gpg [198 B] Get:2 http://security.ubuntu.com precise-security Release.gpg [198 B] Get:3 http://us-east-1.ec2.archive.ubuntu.com precise-updates Release.gpg [198 B] Get:4 http://security.ubuntu.com precise-security Release [49.6 kB] Hit http://us-east-1.ec2.archive.ubuntu.com precise Release Hit http://us-east-1.ec2.archive.ubuntu.com precise-updates Release Hit http://us-east-1.ec2.archive.ubuntu.com precise/main Sources Get:5 http://us-east-1.ec2.archive.ubuntu.com precise/universe Sources [5,019 kB] Get:6 http://security.ubuntu.com precise-security/main Sources [95.7 kB] Get:7 http://security.ubuntu.com precise-security/universe Sources [30.5 kB] Get:8 http://security.ubuntu.com precise-security/main i386 Packages [375 kB] Get:9 http://security.ubuntu.com precise-security/universe i386 Packages [92.5 kB] Hit http://security.ubuntu.com precise-security/main TranslationIndex Hit http://security.ubuntu.com precise-security/universe TranslationIndex Hit http://security.ubuntu.com precise-security/main Translation-en Hit http://security.ubuntu.com precise-security/universe Translation-en Hit http://deb.torproject.org precise Release.gpg Ign http://deb.torproject.org experimental-precise Release.gpg Hit http://deb.torproject.org precise Release Ign http://deb.torproject.org experimental-precise Release Hit http://deb.torproject.org precise/main i386 Packages Get:10 http://us-east-1.ec2.archive.ubuntu.com precise/main i386 Packages [1,274 kB] Ign http://deb.torproject.org precise/main TranslationIndex Hit http://us-east-1.ec2.archive.ubuntu.com precise/universe i386 Packages Hit http://us-east-1.ec2.archive.ubuntu.com precise/main TranslationIndex Hit http://us-east-1.ec2.archive.ubuntu.com precise/universe TranslationIndex Hit http://us-east-1.ec2.archive.ubuntu.com precise-updates/main Sources Get:11 http://us-east-1.ec2.archive.ubuntu.com precise-updates/universe Sources [101 kB] Hit http://us-east-1.ec2.archive.ubuntu.com precise-updates/main i386 Packages Hit http://us-east-1.ec2.archive.ubuntu.com precise-updates/universe i386 Packages Get:12 http://us-east-1.ec2.archive.ubuntu.com precise-updates/main TranslationIndex [3,564 B] Get:13 http://us-east-1.ec2.archive.ubuntu.com precise-updates/universe TranslationIndex [2,850 B] Hit http://us-east-1.ec2.archive.ubuntu.com precise/main Translation-en Hit http://us-east-1.ec2.archive.ubuntu.com precise/universe Translation-en Hit http://us-east-1.ec2.archive.ubuntu.com precise-updates/main Translation-en Hit http://us-east-1.ec2.archive.ubuntu.com precise-updates/universe Translation-en Ign http://deb.torproject.org experimental-precise/main TranslationIndex Err http://deb.torproject.org experimental-precise/main i386 Packages

404 Not Found [IP: 93.95.227.222 80]

Ign http://deb.torproject.org precise/main Translation-en_US Ign http://deb.torproject.org precise/main Translation-en Ign http://deb.torproject.org experimental-precise/main Translation-en_US Ign http://deb.torproject.org experimental-precise/main Translation-en Fetched 7,045 kB in 5s (1,237 kB/s) N: Ignoring file '10periodic.bkp' in directory '/etc/apt/apt.conf.d/' as it has an invalid filename extension N: Ignoring file '50unattended-upgrades.bkp' in directory '/etc/apt/apt.conf.d/' as it has an invalid filename extension W: Failed to fetch http://deb.torproject.org/torproject.org/dists/experimental-precise/main/binary-i386/Packages 404 Not Found [IP: 93.95.227.222 80]

E: Some index files failed to download. They have been ignored, or old ones used instead.

I use the bidge with obfs proxy.

#10647 Orbot completely broken Android 4.1.2 needs_information n8fr8 defect Medium
Description

I’ve used Orbot in the past on Android with success with different browsers, but the latest version seems to be completely broken as far as I could tell.

  1. No matter what you do no application can see Tor running, so checking the Tor status page shows that Tor is inactive even when it’s running.

The phone is rooted and I set “Transparent proxying to ON”

But not “Tor everything”

I then manually added different browsers in the add app section.

I tried in several different browsers including Orweb (marked as ‘latest’).

One browser seemed to realize it was connected to something but returned the message “There is a problem with the proxy server” and could not connect to anything.

All other browsers I tried simply ignore that Tor is running and connect directly (as seen on inspection of an IP checking site (or in Orweb that Check Tor page))

Currently this implementation of Tor on Android is completely unusable, which is a shame as it used to work great.

#10681 New Identity may temporarily leak state new tbb-team defect Very High
Description

While booking tickets to the dev meeting via https://www.kayak.com, I hit New Identity and went back to the booking site immediately, and my destination city was filled in for me in the departure field. This seems a bit odd, especially since it also did not list my departure city in the destination field, or seem to have any other itinerary information from my previous search. Unfortunately, I don't know which exit I was using, but the site also does not normally fill in the departure field for you. Attempts to reproduce the issue also failed.

I don't believe I ever typed in the destination city in the departure field either, and browser.formfill.enable is still set to false. My TBB was storing history, though.

I did have popup windows open, so this may also be a manifestation of #5309 instead of a race condition. I was unable to get it to happen again with other popups, though. New Identity did take a while to close all of my windows in the case where it happened.

There was also a report via email of a twitter account being linked after New Identity some time back that may have been this same issue, or possibly also #5309. I believe we were unable to reproduce that one as well though.

#10683 Disabling TorBirdy but not restarting is already disabling the extension assigned sukhbir defect High
Description

Torbirdy is already disabled if I only disable it in the extension tab but omit the restart (which as I am told should be necessary to disable Torbirdy entirely) AND the UI still says Torbirdy is active.

#10684 Torbirdy does not remember customized settings after enabling it again assigned sukhbir defect Medium
Description

I usually have my Torbirdy pointed to the ports used by my TBB and it is a bit annoying that I always need to adapt its settings manually after enabling the extension again.

#10688 Assertion evbuffer_get_length(bufferevent_get_input(bufev_in)) == 0 failed new defect Medium Tor: 0.2.???
Description

tor_tls_init_bufferevent(): Bug: tortls.c:2522: tor_tls_init_bufferevent: Assertion evbuffer_get_length(bufferevent_get_input(bufev_in)) == 0 failed; aborting.

Using dev-libs/openssl-1.0.1e-r2 on Gentoo.

#10689 Tor crash needs_information defect Medium Tor: unspecified
Description

Running a Tor relay on Hardened Gentoo. Kernel messages:

localhost kernel: [1398319.423356] PAX: From 86.171.123.14: execution attempt in: (null), 00000000-00000000 00000000 localhost kernel: [1398319.423363] PAX: terminating task: /usr/bin/tor(tor):1626, uid/euid: 111/111, PC: (nil), SP: 000003cf2f0f6fd8 localhost kernel: [1398319.423370] PAX: bytes at PC: ?? ?? ?? ?? ?? ?? ?? ?? ?? ?? ?? ?? ?? ?? ?? ?? ?? ?? ?? ?? localhost kernel: [1398319.423391] PAX: bytes at SP-8: 000000634c8fa660 00000299070afff2 0000006300000c2d 000000634df10790 00000063516a03b0 0000000000000dd0 0000006351c7cb70 350eec57968c4300 000000634e67ec30 350eec57968c4300 0000000000001000 localhost kernel: [1398319.423451] grsec: From 86.171.123.14: bruteforce prevention initiated due to crash of /usr/bin/tor against uid 111, banning suid/sgid execs for 15 minutes. Please investigate the crash report for /usr/bin/tor[tor:1626] uid/euid:111/111 gid/egid:992/992, parent /sbin/init[init:1] uid/euid:0/0 gid/egid:0/0

#10692 GetTor needs official two-factor-enabled dropbox and google accounts new defect High
Description

we need official, and two-factor-enabled dropbox and google accounts in order to finish what we've started on #8542.

we're already using dropbox links in gettor reply message. this dropbox account was not created using a secure email address and is for test purpose only.

This is very important as an attacker may find a way to reset the password of that dropbox account and replace legit bundles with malicious ones.

#10704 TBB 3.5 hangs under OS X on certain sites (possibly a JavaScript problem) needs_information erinn defect Medium
Description

With the default settings, Tor Browser Bundle for Mac 3.5 hangs under OS X on certain sites (e.g., http://www.rp.pl). The hang occurs after page load. Waiting does not help; the app does not recover after one minute of waiting, so I have to kill the Tor Browser process.

When I turn off JavaScript using the NoScript extension, the app does not hang. When the NoScript extension is disabled, it still hangs. So, the problem seems to be related to JavaScript executing on the page.

The same problem occurs on other sites.

#10720 NSIS scripts can request Windows to avoid registry writes? needs_information erinn defect Medium
Description

In https://trac.torproject.org/projects/tor/ticket/7842#comment:20, Runa mentioned that NSIS scripts can request to avoid writing to the Windows registry.

We should figure out how to do this and use those settings in the TBB Windows NSIS scripts (which live at https://github.com/moba/tbb-windows-installer).

#10726 LiveJournal rule breaks account manage & related pages needs_information pde defect Medium
Description

(Using all default settings, latest Firefox, checked for update.)

When you click 'manage account' link on LJ, it redirects to

https://www.livejournal.com/manage/account/

This URL does not work.

#10727 Tor Browser segmentation fault needs_information erinn defect Medium
Description

I had a random segfault in Tor Browser 3.5. Sorry I can't provide more details, as I am in no position to debug Firefox. I thought it might be worth reporting anyway, though.

(firefox:24114): Gtk-WARNING : Attempting to store changes into `$HOME/.tor-browser-en/INSTALL/.local/share/recently-used.xbel', but failed: Failed to create file '$HOME/.tor-browser-en/INSTALL/.local/share/recently-used.xbel.YPXNAX': No such file or directory

(firefox:24114): Gtk-WARNING : Attempting to set the permissions of `$HOME/.tor-browser-en/INSTALL/.local/share/recently-used.xbel', but failed: No such file or directory

(firefox:24114): Gtk-WARNING : Attempting to store changes into `$HOME/.tor-browser-en/INSTALL/.local/share/recently-used.xbel', but failed: Failed to create file '$HOME/.tor-browser-en/INSTALL/.local/share/recently-used.xbel.0YVKAX': No such file or directory

(firefox:24114): Gtk-WARNING : Attempting to set the permissions of `$HOME/.tor-browser-en/INSTALL/.local/share/recently-used.xbel', but failed: No such file or directory .tor-browser-en/INSTALL/start-tor-browser: line 219: 24114 Segmentation fault (core dumped) ./Browser/firefox -no-remote -profile Data/Browser/profile.default Tor Browser exited abnormally. Exit code: 139

From what I can tell, ~/.tor-browser-en/INSTALL/.local does not even exist, much less .local/share/. I'm guessing that's why it failed to create the file, but there's probably a better way to handle the situation than a segfault.

I can't really reproduce it, either. I was just downloading a file and watching a video, nothing out of the ordinary. It's the first time it's happened.

#10733 Standalone Vidalia won't launch on Fedora 19+ new erinn defect Medium
Description

On Fedora 19 and 20, standalone Vidalia won't run:

$ ./start-vidalia 
./App/vidalia: error while loading shared libraries: libssl.so.1.0.0: cannot open shared object file: No such file or directory

Fedora 19/20 ships with libssl.so.1.0.1e, and a symlink to it, libssl.so.10.

Now observe this:

$ LD_LIBRARY_PATH=./Lib ldd App/vidalia | grep ssl
        libssl.so.1.0.0 => not found
$ ldd App/vidalia | grep ssl
        libssl.so.10 => /lib64/libssl.so.10 (0x00000036a2c00000)

Consequently, because I have Qt installed, running the App/vidalia executable directly works.

(I am confused.)

#10736 Live Youtube videos not playing with HTTPS Everywhere 3.4.5 (FireFox) new pde defect Medium
Description

Screenshot: http://i.imgur.com/nN5DkhW.png

Playing a Live Youtube video on Firefox with HTTPS Everywhere caused the player (Flash, not HTML5) to display a "Please stand by" message. Disabling the Youtube ruleset did not fix the issue and only disabling the addon itself allowed live videos to be played. I have encountered this bug on two machines: A Windows machine and a Linux machine both running Firefox. Playing Live Youtube videos on Chrome with HTTPS Everywhere did not cause this issue.

#10752 Missing Tor Onion After Relay Completion new debkdarlin defect High
Description

After booting computer yesterday, I had no Tor Onion in my tray. I didn't know this until after I'd closed Vidalia Control Panel. Thinking it must be a fluke, I rebooted. The same thing happened. Also again this morning, no Onion. This makes it impossible to tell is there's problem on the relay, to pause Tor (when I have to check my bank,) or to shut down the relay, when I'm shutting down computer.

I love that Tor is running all the time, but I must be able to have access to it.

#10756 TowBrowser should zero-out cleared partial downloads or not delete them at all new tbb-team defect High
Description

Normally, when a file is fully downloaded, the option remains to secure delete the file using other tools.

When canceling a download in progress however, TorBrowser appears to simply delete the partial download file, leaving the user with no way to cleanwipe the file.

In the event of inflammatory/seditious/etc material, this may present an unacceptable security risk in certain countries.

IMO, TorBrowser has two possible solutions.

1: Zero (or, better, multi-pass randomize) the partial download file prior to final deletion. 2: Do not remove the partial download file and inform the user where the file is and that they should wipe any potentially incriminating file.

Obviously an option to choose between these two behaviors (as well as normal deletion) would also be acceptable although I believe that option 2 should be the default.

#10760 Integrate TorButton and TorLauncher to TorBrowser core to prevent users from disabling them new tbb-team defect High
Description

I mean integration like this with pdf.js addon, which was simply integrated to Firefox core.

#10762 TorBridy should try both SOCKS port 9050 and 9150 needs_review ioerror defect Medium
Description

TorBridy's SOCKS configuration should try both 9050 and 9150 and use the one that works.

You can crib Torbutton's local tor check here (which requires access to the control port): https://gitweb.torproject.org/torbutton.git/blob/master:/src/chrome/content/torbutton.js#l1701

We wrap that with the option to fall back to the remote check if transproxy is set here: https://gitweb.torproject.org/torbutton.git/blob/master:/src/chrome/content/torbutton.js#l1675

The remote check is here: https://gitweb.torproject.org/torbutton.git/blob/master:/src/chrome/content/torbutton.js#l1770

Unfortunately if you perform any network activity (including a remote tor check) with a socks port set, you may run into #8511, causing any hosts you contact to become unreachable after you change SOCKS settings. I am not sure if that caching behavior is present in Thunderbird too. The local tor check won't be affected by this bug, though.

#10763 Torbrowser does not work on FreeBSD new tbb-team defect Medium
Description

Tor Browser 3.x, 3.5 specifically, no longer works in freebsd 9 and beyond. Even under linux compatibility it fails due to ELF errors.

There's an open request in pcbsd-land to create a port. Will debug

#10772 Torbutton/Noscript plugin settings ambiguous to user new erinn defect Medium
Description

Software: Tor Browser 3.5.1 The recent changes to torbutton/torbrowser leave some confusion to the user. Opening the Noscript Options menu, under embeddings, shows that no embedding type is being blocked (i.e. Flash/silverlight/java/other plugins).

Yet, the torbutton claims in documentation to be blocking all plugins. This may lead the user to conclusions that are false.

https://www.torproject.org/projects/torbrowser/design/#DesignRequirements "Disabling plugins Plugins have the ability to make arbitrary OS system calls and bypass proxy settings. This includes the ability to make UDP sockets and send arbitrary data independent of the browser proxy settings.

Torbutton disables plugins by using the @mozilla.org/plugin/host;1 service to mark the plugin tags as disabled. This block can be undone through both the Torbutton Security UI, and the Firefox Plugin Preferences.

If the user does enable plugins in this way, plugin-handled objects are still restricted from automatic load through Firefox's click-to-play preference plugins.click_to_play.

In addition, to reduce any unproxied activity by arbitrary plugins at load time, and to reduce the fingerprintability of the installed plugin list, we also patch the Firefox source code to prevent the load of any plugins except for Flash and Gnash. "

Essentially, the design document states that the user should only be able to enable flash, and through the torbutton UI. The noscript UI about embeddings is therefore confusing and redundant. This could cause the user to make false conclusions about the behavior of the browser, compromising their anonymity.

This is the basic problem in user interface design of having two places to change a setting, and it usually indicates a defect in design.

#10773 TorBrowser Noscript plugin does not block HTML5 audio/video tags new tbb-team defect Medium
Description

Software: TorBrowser 3.5.1 Relevant to recent bug: https://trac.torproject.org/projects/tor/ticket/8386

The TorBrowser software design document states:

"Plugins must be restricted Even if plugins always properly used the browser proxy settings (which none of them do) and could not be induced to bypass them (which all of them can), the activities of closed-source plugins are very difficult to audit and control. They can obtain and transmit all manner of system information to websites, often have their own identifier storage for tracking users, and also contribute to fingerprinting.

Therefore, if plugins are to be enabled in private browsing modes, they must be restricted from running automatically on every page (via click-to-play placeholders), and/or be sandboxed to restrict the types of system calls they can execute. If the user agent allows the user to craft an exemption to allow a plugin to be used automatically, it must only apply to the top level url bar domain, and not to all sites, to reduce cross-origin fingerprinting linkability. "

What this implies, is that software components to the browser should be under scrutiny from a security standpoint. I hold that the audio/video rendering engine of firefox is such a component.

From the design: "We have verified that these settings and patches properly proxy HTTPS, OCSP, HTTP, FTP, gopher (now defunct), DNS, SafeBrowsing Queries, all javascript activity, including HTML5 audio and video objects..." Also: "The adversary simply renders WebGL, font, and named color data to a Canvas element, extracts the image buffer, and computes a hash of that image data. Subtle differences in the video card, font packs, and even font and graphics library versions allow the adversary to produce a stable, simple, high-entropy fingerprint of a computer." Finally, "At least two HTML5 features have different implementation status across the major OS vendors: the Battery API and the Network Connection API. We disable these APIs through the Firefox preferences dom.battery.enabled and dom.network.enabled. "

So you have determined that the audio and video object are properly proxied, yet the features conflict with the security requirement. Basically, you have blocked WebGL and several HTML5 subcomponents, for reasons of security and fingerprint-ability, but are not blocking the audio/video tag, which likely has the same issues. It appears your study only included audio/video proxying, and not the security, fingerprint-ability, or data retention requirements.

The audio/video tags are HTML5 tags that allow the loading, streaming, storing, proxying, and playing of rich-media content such as audio and videos. This software is built into Firefox. It is a multimedia engine written in C++ for variety of platforms and shipped with the Firefox code. It is not necessary for browsing. Other researchers have deemed there will be trouble here, with flash you have one player, multiple platforms--here, there will be different implementations in every browser--a zero-day paradise.

The rational is simple: Adobe wrote Flash 10 years ago and there are still 130 vulnerabilities EVERY YEAR, for what amounts to simply a vector graphics/video player! And that is from developers that have feedback from millions of systems and specialize in writing that type of code. I hold that the Mozilla developers do not have the same experience as the Flash developers, and hence will have the same, if not more, vulnerabilities in their implementation of these HTML5 tags. Granted this is a "how many piano tuners are in Chicago" analysis, but it may be valid.

Therefore, I conclude, that the audio/video tags are against the design of the tor browser at this point. Even though the code may be open source, it cannot be deemed to be secure, or even more secure than flash. Yet, Flash/Gnash has not been endorsed/recommended. I do not believe the tor project has the bandwidth to ensure these tags will meet the design at this point.

Therefore, I see that having these components ON by default is a defect.

Here is the relevant diff files: https://gitweb.torproject.org/torbrowser.git/commitdiff/db11fa55d2a27a01f766bb0c90858381fd9f0c97 https://gitweb.torproject.org/torbrowser.git/commitdiff/94b632f285c92e57dd88af18ede4448d6e1a901c

#10781 Spreadshirt's force-https-rule break tshirt designer new pde defect Medium
Description

If I load the tshirt designer of spreadshirt.de with defaults of https-everywhere the site is loaded via http and the designer does not work correctly. When I deactivate the "Spreadshirt" rule, everything works nicely.

HTTPS Everywhere 2014.1.3 (version does not exist here) Google Chrome 32.0.1700.102 m Windows 7 SP1

#10786 orbot (13.0.4a) on android 4.3 didn't start - asus me302c tablet new n8fr8 defect High
Description

In the orbot start window I get the following information:

Orbot is starting… Tor binary exists: /data/app-lib/org.torproject.android-2/libtor.so Privoxy binary exists: /data/app-lib/org.torproject.android-2/libprivoxy.so Obfsproxy binary exists: /data/app-lib/org.torproject.android-2/libobfsproxy.so Xtables binary exists: /data/app-lib/org.torproject.android-2/libxtables.so link RM err=0 out: link LN err=0 out: libtor.so: PRE: Is binary exec? true (re)Setting permission on binary: /data/app-lib/org.torproject.android-2/libtor.so libtor.so: POST: Is binary exec? true tor: PRE: Is binary exec? true (re)Setting permission on binary: /data/data/org.torproject.android/app_bin/tor tor: POST: Is binary exec? true libprivoxy.so: PRE: Is binary exec? true (re)Setting permission on binary: /data/app-lib/org.torproject.android-2/libprivoxy.so Orbot is starting… libprivoxy.so: POST: Is binary exec? true libobfsproxy.so: PRE: Is binary exec? true (re)Setting permission on binary: /data/app-lib/org.torproject.android-2/libobfsproxy.so libobfsproxy.so: POST: Is binary exec? true libxtables.so: PRE: Is binary exec? true (re)Setting permission on binary: /data/app-lib/org.torproject.android-2/libxtables.so libxtables.so: POST: Is binary exec? true Orbot is starting… Couldn't start Tor process:

The tablet is unrooted. Tor version v0.2.4.20

#10791 Detect overtuned exit relays new aagbsn defect Medium
Description

Many relays breaks usability for users by trying so small time of syn packet that connection timeout is very low if relay overloaded and syn was lost. Tor client have no ability to retry with another circuit if reason for end cell is timeout or refused. By default Tor can to retry only if no answer for 10 (15) seconds or some end reasons.

Torflow should to test exit relays if they answers timeout faster than after 15 seconds or refuses for known working host.

Relays that overtuned or overfirewalled still usefull as non-exit relays but should be marked as BadExits if stable Tor client version can't to retry.

#10804 Tor Launcher extension hangs periodically when Tor Browser is started new brade defect High
Description

Sometimes i observe that Tor Browser firefox browser window is not coming up after progress dialog completed. The process "firefox.exe" can be found within process list, but it never become visible or exit. Each further launch of Tor Browser creates another firefox.exe, which will never open it's window. If i terminate the hanged firefox processes manually, then next launch of Tor Browser completes successfully. I have did a research and found that the hang happen in Tor Launcher extension in file tl-protocol.js in the call of "readBytes" method. There is also a related comment in source code:

TODO: readBytes() will sometimes hang if the control connection is opened immediately after tor opens its listener socket. Why?

So, i assume, the problem is known to you, but is still not fixed.

Tested OS: WinXP Tor Browser Bundle version: 3.5.1

#10812 CryptReleaseContext missed for windows new defect Medium Tor: 0.2.???
Description

http://msdn.microsoft.com/en-us/library/windows/desktop/aa379886%28v=vs.85%29.aspx

When you have finished using the CSP, release the handle by calling the CryptReleaseContext function.
#10818 Tell users to install M2Crypto new infinity0 defect Very High
Description

No instructions currently tell the user to install M2Crypto, which is needed for appspot and email registration.

This tripped up someone on IRC today.

#10824 Using Firefox UI to remember history disables third party tracking/cookie protection new tbb-team defect Medium
Description

In https://lists.torproject.org/pipermail/tor-talk/2014-February/032049.html the user mentions the following steps to reproduce the problem:

I now tried a clean installation of TBB 3.5.1 win32

I change the option from "Never remember history" to "Remember History".
It requested a restart.
Then I checked and it was "Use custom settings for history".
I looked at the TorButton extension security tab settings and it had
the first and third option UNchecked.
I changed it to "Never remember history", it requested a restart again.
I looked at the TorButton extension security tab settings and it had
the third option UNchecked.
#10839 Block 127.0.0.0/8, RFC1918, and others ranges (for Non-Tor SOCKS proxies) new tbb-team defect Medium
Description

The fix for #10419 was Tor specific. We rely on Tor blocking localhost, RFC1918, and other non-routable addresses to prevent these requests from going anywhere.

This creates problems for people who want to use Tor Browser with non-Tor SOCKS proxies. The browser will now try to proxy localhost, and it will still continue to proxy RFC1918 addresses, as it did before.

This is not a development priority for us, but we will accept a patch that prevents localhsot, RFC1918, and other internal address space from being proxied in the first place.

#10843 HTTPS-Everywhere Causing Flash to Crash new pde defect Medium
Description

I am running HTTPS Everywhere version 2014.1.3 and Chrome version 32.0.1700.107 m on a Windows Vista Home Premium machine.

Since the latest Adobe Flash patch (the emergency zero-day exploit released on 04FEB14), HTTPS-E has been intermittently causing Shockwave Flash to crash. It does not happen on all webpages; for example, YouTube itself does not seem to have the problem, but YouTube videos embedded in other sites do. Disabling HTTPS-E solves the crashing problem, but I would prefer to still be able to use it :).

#10854 Limit IPv4 addresses to dotted-decimal form (as per RFC3986) new tbb-team defect Medium
Description

RFC3986 specifies that host IPv4 addresses must be in dotted-decimal format (xxx.xxx.xxx.xxx) in a URI.

However, on certain platforms (Unices) Firefox also allows alternative formats: octal, base 256, single long int… There is a longstanding ticket to change this behavior, as alternate IP representations nowadays only serve for malicious address obfuscation or filters bypassing.

The Tor browser should stick to the RFC in order to prevent such abuses and present a uniform behavior across platforms.

#10859 compass url not reusable if you don't specify number of results new gsathya defect Medium
Description

Go to https://compass.torproject.org/ and then click submit. You get a list of the top ten relays, and your URL changes to "https://compass.torproject.org/#?exit_filter=all_relays&links&sort=cw&sort_reverse&country=". Great.

Then open a new tab and paste the above long URL into it. No relays listed!

If you type in '10' rather than leaving it to be the default, then you get a URL of "https://compass.torproject.org/#?exit_filter=all_relays&links&sort=cw&sort_reverse&country=&top=10", which does work when you paste it into a new tab.

#10868 HTTPS Everywhere Chrome Extension Conflict with Disconnect new pde defect Medium
Description

I use HTTPS Everywhere and also have Disconnect (jeoacafpbcihiomhlakheieifhpjdfeo) I get the following warning in Chrome:

Warning: This extension failed to redirect a network request to https://facebook.com/favicon.ico because another extension (HTTPS Everywhere) redirected it to https://www.facebook.com/favicon.ico.

#10871 Download more microdescriptors with a shorter request new defect Medium Tor: 0.2.???
Description

In a comment on #9969, karsten said:

""" A few thoughts:

  • Would it help if we implemented /tor/micro/all which is mentioned in dir-spec section 5.2 "Downloading router descriptors or microdescriptors" but which is not implemented yet? Of course, then clients would download the bulk of microdescriptors from a single directory.
  • Do we have to include full digests in requests, or would it be sufficient to ask for the first few digest bytes? Assuming that clients would only accept descriptors matching locally stored full digests. For example, requests could contain only the first 4 (or 8) base64 chars representing the first 3 (or 6) digest bytes. Directories could accept any multiple of 4 base64 chars.
  • Mixing the two ideas, how about we add a way to ask for 1/2, 1/4, etc. of all microdescriptors in a single request? The request could be /tor/micro/all/<base64-prefix>/<bits>, so that /tor/micro/all/A/1 means all digests starting with 0 binary, /tor/micro/all/w/2 means all digests starting with 11 binary, etc. Clients could decide how many requests to send from the number of descriptors they need, which may change over time.

Each of these ideas requires us to upgrade authorities and caches before clients will be able to use them. """

I'm giving this a separate ticket since it's going to need analysis which #9969 won't.

#10874 TorButton won't "blink" for update if using local Tor needs_information mikeperry defect Medium
Description

When using a local Tor and setting TorLauncher not to spawn Tor (about:config, extensions.torlauncher.start_tor is false, as is extensions.torlauncher.prompt_at_startup), the TorButton turns into a big 'X' and doesn't tell me about updates. Even if I had no Tor at all, I still need security updates!

In any case, I still am using Tor. I am using a local system Tor, I do not want to connect twice and I like to manage my bridges and everything else in one place. Thanks!

#10885 Confusing/Conflicting Info Provided About Flash in Tor Browser, Usability Issue new tbb-team defect High
Description

Tor Browser 3.5.1

There is a serious conflict here between documentation for the Tor Browser Bundle, and the interface provided by the Tor Browser. If there is another ticket, this should be grouped in.

Not using the seperate components, noscript, torbutton, as an excuse, the following things are incompatable:

--[1]--Buttons in noscript plugin for flash are now unchecked.(See #10772 https://trac.torproject.org/projects/tor/ticket/10772). These buttons don't do anything--see other ticket. This is misleading to user.

--[2]--Documentation in design document (https://www.torproject.org/projects/torbrowser/design/) says "In addition, to reduce any unproxied activity by arbitrary plugins at load time, and to reduce the fingerprintability of the installed plugin list, we also patch the Firefox source code to prevent the load of any plugins except for Flash and Gnash."

This statement in and of itself may lead a user to believe Flash is now "Tor Safe".

--[3]--The "Disable browser plugins (such as Flash)" checkbox under Torbutton->Preferences->Security Settings does not provide adaquate warning to a naive user. When this is unchecked, and the browser restarted, addons shows the addons-manager set flash to "ask to activate."

--[4]--A rather large pop-up window with generic information about plugins possibly being dangerous shows up. Given the other points here, this message did not seem to state clearly that Flash WILL bypass your proxy.

--[5]--The existance of a project in Tor Project called "FlashProxy". This name is misleading. It should be changed to "FlashRelay."

The combination of all these factors led an expert user to believe that Flash now worked with Tor Browser, had been scrutinized, and would be proxied. Luckily, that user was using TAILS.

But this can result in immediate anonymity loss for someone else. Because once activated, it completely appears that Flash is running in the Tor Browser, and a naive user may think it is being proxied.

I think the Torbutton checkbox needs more information there. Specifically, maybe renaming it to something like "Activate Flash for use with VM Transproxy or TAILS system ONLY. Flash will not be proxied and is not considered Tor Safe."

Simply because a setting is under "Security Settings" does not mean you should be an oracle to know what it does. It should still be documented and have a specific function.

Regarding ticket #10280, https://trac.torproject.org/projects/tor/ticket/10280, this is related. Depending on how that ticket is addressed may affect this, but this is still a different ticket. This ticket is about usability concerns mostly, and also documentation concerns, and wordings.

Again regarding #10772, to many buttons in too many places that don't do what user expects--are not documented (A design document isn't really documentation!)--this is a general problem here with Tor Browser UI design

#10888 Mozilla trademarks still remain in some about: urls new tbb-team defect Medium
Description

Browsing to "about:" or "about:logo" (in Tor Browser 3.5.2) shows a Firefox logo which I believe is not supposed to be there in a rebranded Firefox derivative such as Tor Browser.

#10892 Disabled add-on then reenabled, and all the rules were gone new pde defect Medium
Description

I have been using HTTPS Everywhere 3.4.5 for a few weeks with no dramas, but I found a site (librarything.com) that seemed to be broken (infinite redirect loop between HTTP and HTTPS) and even when I disabled the rule for that site it was still doing it. So I disabled the add-on, and tried again. It was still broken, so I re-enabled HTTPS Everywhere, and bonk! it was kaput-ish. :-(

No rules are listed anymore, and the submenu under Tools is empty (doesn't open when upon it I click).

Thanks for reading!

#10909 Amazon Prime Streaming not work new pde defect Medium
Description

With plugin 'enabled' within Chrome, Amazon Prime streaming fails, even with all rulesets disabled/unchecked. When 'https everywhere' is disabled, Amazon Prime streams fine.

#10915 Tool to find unused functions in Tor new defect Medium Tor: 0.2.???
Description

We should periodically check for dead functions in Tor, and remove them.

We should have a tool to find them for us.

We could use the cruddy approach I used to take, which I can no longer find the perl script that I used to have implement. I'll attach a cruddy implementation of that one.

We could use a tool like http://www.skynet.ie/~caolan/Packages/callcatcher.html , if that actually works, and turns out not to be stupid if I read about it for more than 60 seconds.

Other suggestions welcome, but please think of testing them before recommending them. :)

#10919 TBB 3.x does not show up in Launchpad on MacOS new erinn defect Medium
Description

After unzipping a 3.x (currently 3.5.2) TBB and copying/moving the result to my OSX (10.9 Mavericks) Applications folder, it fails to appear in Launchpad. I have to open the Applications folder and double-click it there to launch it.

This is a new problem in 3.X. The 2.X series had no problem.

#10920 Cloudfront rule breaks ProSieben Connect new pde defect Medium HTTPS-E next Chrome release
Description

The livestream won't start playing on http://connect.prosieben.de/ with the Cloudfront rule enabled. Disabling the rule resolves this issue.

Not sure about the Version, Chrome says 2014.1.3 - I can't find that in the dropdown.

#10922 tor connected to bwauth produces lots of pathbias_count_use_attempt BUG messages needs_information defect Medium Tor: 0.2.???
Description

I'm setting up a new bwauth currently. I'm seeing many (~1000 / hour) BUG messages in its logfile:

[notice] Tor 0.2.4.20 (git-0d50b03673670de6) opening new log file. [notice] pathbias_count_use_attempt(): Bug: Used circuit is in strange path state new. Circuit is a General-purpose client currently open.

The config for the tor process (it is a relay to evade static throttling):

SocksPort 9110
ControlPort 9111
Log notice file ./data/tor/tor.log
DataDirectory ./data/tor
PidFile ./data/tor/tor.pid
CookieAuthentication 1

Nickname gabelmoobwscan

RelayBandwidthRate 20480
RelayBandwidthBurst 20480

OrPort 9999

ContactInfo Sebastian <tor@sebastianhahn.net>

ExitPolicy reject *:*
#10952 Tor Browser leaves developer windows open after New Identity new tbb-team defect Medium
Description

When you open menu entry "View Page Source" from a web page, a new window will open showing the source code. Then, when you select new identity from the onion menu, all tabs are cleared BUT that page/window with source code will stay there, it's not closed.

Tor Browser 3.5.2

#10963 Bypassing proxy settings? assigned mikeperry defect Medium
Description

Post was posted to blog's comments:

One TBB behaviour that continues to trouble me is that Firefox continues to try to connect to the internet. I use standard install on ubuntu with no add-ons (tor-browser-linux32-3.5.2.1_en-US.tar) and with js disabled in both NoScript and about:config.

I see additional changes with each update that improve browser isolation by disabling / blocking more auto-connect threats like blacklist updates, rule-set updates, safebrowsing reporting...etc...etc...

So with every new TBB release, I have renewed hope that Firefox will not go outside of the tor process with an internet connection attempt. Each release I allow tor to access the internet and firefox to access tor via 127.0.0.1. Each release I am either immediately or later disappointed when Firefox attempts its own internet connection.

My concerns...

1) Why does TBB continue to be released with default settings that allow Firefox automatically seek an internet connection? I can not imagine this not being noted in testing. What is trying to connect and what information is trying to be shared?

2) How many people trust any connections from TBB and allow both tor and TBB Firefox connections to outside world? Why is this not a significant security flaw? Tor works fine when I block these Firefox external connection attempts. I run a minimal ubuntu box with standard Forefox gutted to the best of my ability. I have a process connection map running and see that the Firexoz attempting to connect is from the TBB package.

3) If this behaviour is known and accepted, how do we know that connections are not being made and information being sent to unknown locations by Firefox through tor? This is something that I would never catch even with my layers of application and port level firewalls...

Sorry that I do not have Wireshark capabilities, but can not imagine that this behaviour is not seen on all installations.

Thanks for your efforts.

inside

#10969 Set of guard nodes can act as a linkability fingerprint assigned mikeperry defect High Tor: 0.2.???
Description

It's well understood that your set of guard nodes can act as a fingerprint. Some calculations can be found in comment:3:ticket:9273 but it's pretty clear that each 3-subset of guards is rare enough that it's very likely that no other clients have exactly the same.

There are a few proposed ideas on how to reduce the linkability of guard nodes sets. For example, reducing the number of guard nodes to 1 will help against this. Still, as an example, in a city with only 500 Tor users, even if each person has a single guard, there are only going to be a few people with the same guard node (and some of them might always be in the same physical location, so the one who roams is probably the same person).

To further improve on the above, maybe it makes sense to pick N guards but only use 1 of them at a time -- and cycle through the N guards every now and then. Maybe we should cycle everytime we change network (see https://github.com/leewoboo/tordyguards) but how does little-t-tor knows when we changed network? There is some more discussion on this topic here: https://lists.torproject.org/pipermail/tor-dev/2013-September/005424.html

#10972 searching atlas for email addresses fails new phw defect Medium
Description

I'd like to be able to search atlas by email address. Currently, queries with an "@" in them results in

Backend error!

The backend server replied with an error to your query. This probably means that you did not properly format your query. If your query was properly formatted it may mean that there is an issue with your browser/add-ons. Please report which browser/addons/etc. you're using to the bug tracker.

I'm using TBB 3.5.2 with its default set of extensions.

#10990 Shrink the FAQ new mttp defect Medium
Description

The wiki FAQ entries have been transferred to the main website FAQ. Now the page needs to be improved.

  • Add all subheads to the top of the FAQ for easier navigation.
  • Delete entries that are outdated, no longer relevant, or not frequently asked on the help desk.
  • Consolidate Tor Browser and Tor Browser 3 subsections.
  • Move sha256sum verification to the signature verification section.
  • Migrate information on setting up a relay to a dedicated page.
  • Migrate Abuse questions to the Abuse faq and kill the subsection.
  • Dedicated page for Alternate designs we don't do yet.
  • Kill Compilation and installation subsection.
  • Consolidate questions that duplicate answers.
#11007 Add more documentation about EntryGuardAddedBy in the state file new defect Medium Tor: 0.2.???
Description

Document better how EntryGuardAddedBy date is calculated and written in the state file (well, more documentation about all the state file would be also good).

Should we also change the way the date is calculated?

The EntryGuardAddedBy dates in the state file are not sequential because the date is calculated as the real date minus a random date between the real and 30 days before [1].

The reason for this is to avoid revealing the real date the user was online at that date to that entry guard.

The only existent documentation is in doc/state-contents.txt

[1] e->chosen_on_date = time(NULL) - crypto_rand_int(3600*24*30);

#11013 Windows installer's language should default to the bundle's language new erinn defect Medium
Description

When you open a localized torbrowser-installer exe bundle, the installer's language combobox defaults to English, whatever the localization.

#11017 Conflict with Firefox on Mac OS Mavericks: Open new FF window fails new pde defect Medium
Description

Mac OS Mavericks (10.9.1) HTTPS-Everywhere 3.4.5 Firefox 27 and Firefox 28 Beta

If Firefox is open but NO window is displayed and HTTPS-Everywhere is enabled, it is not possible to open a new window by any method.

Workaround: Quit Firefox and relaunch by clicking on a URL icon; Firefox launches and opens a new window. If the window is closed later, ALL methods for opening a new window work until FF is quit.

Disabling HTTP-Everywhere restores normal behaviour to Firefox.

#11044 No consensus results in empty 'GETINFO ns/name/*' responses new defect Low Tor: 0.2.???
Description

Hi Nick, spotted an interesting tor oddity during my flight (due to not having any network connectivity). When calling 'GETINFO ns/name/blarg' without a cached consensus it returns an empty string rather than the expected "Unrecognized key" response.

Repro details...

  1. With a data directory containing a cached consensus things work as expected...
% telnet localhost 9051
Trying 127.0.0.1...
Connected to localhost.
Escape character is '^]'.
AUTHENTICATE
250 OK
GETINFO ns/all
[ ... lots of output... ]
GETINFO ns/name/blarg
552 Unrecognized key "ns/name/blarg"
  1. Blow away your data directory when you lack network connectivity.
% mv ~/.tor ~/.tor_bak
% mkdir ~/.tor
% cp ~/.tor_bak/torrc ~/.tor
% cat ~/.tor/torrc 
ControlPort 9051
% tor -f ~/.tor/torrc
...
  1. Now GETINFO for 'ns/all' and any requrest for a relay returns an empty response.
% telnet localhost 9051
Trying 127.0.0.1...
Connected to localhost.
Escape character is '^]'.
AUTHENTICATE
250 OK
GETINFO ns/all
250-ns/all=
250 OK
GETINFO ns/name/blarg
250-ns/name/blarg=
250 OK

Interestingly this only seems to concern router status entries. Server descriptors and microdescriptors give us a 'Unrecognized key'...

GETINFO desc/name/blarg
552 Unrecognized key "desc/name/blarg"
GETINFO md/name/blarg
552 Unrecognized key "md/name/blarg"

For my part I noticed this because it caused an integ testing failure during my flight...

======================================================================
ERROR: test_get_network_status
----------------------------------------------------------------------
Traceback (most recent call last):
  File "/home/atagar/Desktop/stem/test/integ/control/controller.py", line 977, in test_get_network_status
    self.assertRaises(stem.ControllerError, controller.get_network_status, "blargg")
  File "/usr/lib/python2.7/unittest/case.py", line 471, in assertRaises
    callableObj(*args, **kwargs)
  File "/home/atagar/Desktop/stem/stem/control.py", line 1427, in get_network_status
    raise exc
ValueError: Router status entries (v3) must have a 'r' line:

This doesn't seem like the right tor behavior but if you think it is I can simply have stem check for the empty string. :)

Cheers! -Damian

#11050 pycrypto's AES implementation is not constant time new asn defect Medium
Description

This is a non-issue when AES-NI is supported by the host CPU since a separate code path is taken.

https://github.com/dlitz/pycrypto/blob/master/src/AES.c

It's not too bad in the pluggable transport case since traffic is super-enciphered, the session keys are ephemeral, and actually extracting sufficiently accurate timing information is probably non-trivial, but it probably should be addressed somehow.

#11059 Nodes' country codes should be "definite" and "possible" new defect Medium Tor: unspecified
Description

It would maybe be a good idea if nodes' country codes could have different statues, like "definitely in CC" or "possibly in CC". For example, if a country is "possibly in CC", then "ExcludeNodes {CC}" should exclude it, but "EntryNodes {CC}" should not include it.

This would also let us provide the feature that some operators have asked for of being able to specify their country. (I'd say that if you specify that you are in C1, but geoip says you are in C2, then you should count as "maybe in C1" and "maybe in C2" but not as definitely in either.)

See #11054 for another motivating example.

Is this a good idea?

#11090 torsocks should log errors to stderr and not stdout assigned dgoulet defect Medium
Description

torsocks 2.0.0-rc3

I get stuff like this on stdout:

[Feb 28 14:05:16] WARNING torsocks[22952]: Non TCP inet socket denied. Tor network can't handle it. (in tsocks_socket() at socket.c:40)

Logging to stdout interferes with the output of the underlying program, and is generally a bad idea.

#11093 obfsproxy should use C implementation of UniformDH new asn defect Medium
Description

We are currently using a C implementation of UniformDH that is quite slow (even with gmpy2 for mod exp).

Yawning implemented UniformDH in C using OpenSSL and we should use his library.

He posted an obfsproxy patch in #11015 : https://trac.torproject.org/projects/tor/attachment/ticket/11015/0001-Add-support-for-using-py-uniformdh.patch

And the implementation can be found in: https://github.com/Yawning/py-uniformdh

#11095 allow storing passwords in TorBrowser new tbb-team defect High
Description

The "Remember passwords" option in TorBrowser is greyed out.

In past versions of the TorBrowserBundle there was a setting in TorButton, but in v3.5 it's no longer there. How can I store passwords in TorBrowser?

Its only about storing unimportant passwords. No one can remember a different password for each forum. Copy and paste all time from a while is less safe then storing in TorBrowser. How allow storing passwords in TorBrowser? Any workaround? Can you fix this please?

#11104 Tor-Relay-Server Diskio crash needs_information defect Very High Tor: unspecified
Description

Tor relay server Diskio increasing (tor) over a day ... than tor crashes on Debian.

What can I do?

#11105 Open new tab/window open a firefox tab/window needs_information defect Medium
Description

Instead of obviously a tor tab/window, when right-clicking on the tor browser bundle icon of the task bar, and then selecting new tab/window.

#11107 Firefox extension interferes with other firefox extension new pde defect Medium
Description

The Savefrom.net extension bugs when Https Everywhere changes the url to https. An exception should be added for that site.

#11119 Write a proposal for client-side key pinning needs_information defect Medium Tor: 0.2.???
Description

Proposal 220 suggests that we pin RSA and Ed25519 identity keys to one another authority-side. Roger suggested to me that we also consider doing client-side identity pinning.

#11121 Revocation process for authority keys new defect Medium Tor: 0.2.???
Description

Right now, we don't have a proposal that explains how to do revocation on an authority's signing keys. We should write one, and eventually implement it.

#11123 Setup Nagios probes for the webchat support system accepted phoul defect Medium
Description

The webchat support system needs to be monitored by our Nagios installation.

This will require help from the TSA, but we should tell us exactly what to setup and eventually write complementary probes.

#11125 Videos at PBS do not load new pde defect Medium
Description

http://video.pbs.org/video/2365184276/

For this and all videos I've tried at PBS.org, the video will not load, instead providing an error message "Error loading plugin: plugin file not found"

Disabling HTTPS Everywhere results in desired playback of video. I could not find a PBS site setting in the extension

HTTP-E 3.4.5 Firefox 27.0.1 Mac

#11128 target dkb.de is a redirect page new pde defect Medium
Description

In DKB.de.xml we have the target https://dkb.de/ but dkb.de redirects to www.dkb.de. In the second rule we have a uselessly complex ([^/:@\.]+) match. IMHO rules should not handle usernames and passwords in urls and a simple (.+) should be sufficient.

I attached the updated xml. Also added rules for dkb.mdgms.com (stock ticker) and dkb01.webtrekk.net (tracker).

This applies to stable and HEAD. The currently offered version 3.4.5 is not listed on "Milestone" or "Version".

#11130 Ruleset AliceDSL.xml outdated new pde defect Medium
Description

Alice is part of Telefónica Germany for some time and has now been replaced by its brand O2. Most Alice pages redirect to http://www.o2online.de/ only email is still available. o2online.de rules can be found in O2_online.de.xml. (It might be a good idea to incorporate AliceDSL.xml into O2_online.de.xml.) I attached a updated ruleset. This applies to stable and development branch.

#11131 bookmark star icon does not update when user presses new pde defect Medium
Description

Firefox 27.0.1 with fresh profile and only https everywhere 3.4.5 installed ...

The bookmark star icon does not update when the user presses it ...

Occurs only on ordinary https sites (not for sites with EV certificates) redirected by https everywhere (not if the user typed the URL with "https://").

The bookmark star icon does update after user switches to another tab and back.

The bookmark is in fact added, but the bookmark star icon does not reflect this, and does not allow the user to press it again to change the settings for that bookmark.

Steps to reproduce: 1) Close Firefox and re-open; 2) type domain into location bar (without protocol) and press enter; 3) click the bookmark star icon

Result: bookmark star icon does not update.

Examples that do not work: google.com wikipedia.org

Examples that are not affected (these sites have EV certificates): mozilla.org aa.com

#11133 US Dept of Housing has mis directed rule set? new pde defect Medium
Description

<rule from="https?:(?:www\.)?hud\.gov/"

to="https://portal.hud.gov/portal/page/portal/HUD" />

The resulting https: link generates a 404 error, and a HUD webmaster reports this comment in response to my inquiry:

"The problem I was seeing was that your link https://portal.hud.gov/portal/page/portal/HUDoffices/hsg/comp/refunds/index.cfm combines the portal.hud.gov link and www.hud.gov link. "

#11134 obfsproxy's SOCKS server should send success response post handshake new asn defect Medium
Description

Currently the obfsproxy SOCKS server sends the response back to tor immediately after the TCP/IP connection has been established, instead of after the underlying transport has been fully initialized.

This behavior is incorrect, and should be changed to each of the underlying transports signalling that they are ready to relay data after they manage to handshake.

With the current SOCKSv4Protocol based listener this would require further monkey patching which may be a good argument for defering this till after #9221 or similar gets merged.

#11142 Youtube Livestreams Not loading in HTTPS new pde defect Medium
Description

Hi,

Since a few days that with some rule change i would think, youtube livestreams have stopped working in Google Chrome and firefox with the https everywhere extension installed, regardless of if the rule for youtube is active or not.

Example: if i open a livestream( any really ) like this one randomly picked https://www.youtube.com/watch?v=Y_LFrMcoEm4 it will say "Please stand by" Forever, if i open the same link on Internet explorer (with https) it will work just fine, or in Chrome without the HTTPS everywhere extension installed.

The first thing it does after i uninstall the HTTPS everywhere extension and reload it, is show an Ad, so i would assume the https everywhere is making ads not load correctly and the video doesn't take over correctly. ( this used to happen with adblock plus before oddly enough)

#11145 coverage utility should merge multiple output files assigned defect Very Low Tor: 0.2.???
Description

When multiple gcov invocations generate output for the same file (typically a header), we should combine their results rather than letting the last invocation win.

#11146 cov-diff utility should handle new source files assigned defect Very Low Tor: 0.2.???
Description

Right now, cov-diff doesn't report coverage in source fils that are completely new. We should fix that.

#11151 Drop support for 0.2.2 clients assigned defect Medium Tor: 0.2.???
Description

Once debian Squeeze hits EOL, it will be time to stop supporting 0.2.2 clients entirely.

#11153 Tor Cloud Amazon Imagery Update new defect Medium
Description

Updates Images For Tor CLoud

#11154 Tor TLS and Security Cipher new tbb-team defect Medium
Description

running the how's my ssl check the tor browser rated bad, the reason the tor browser is using old tls settings and old security cipers,

In the next update please set the minimum tls to 2 and the maximum to 3 in about:config for security.tls.version this makes the minimum tls 1.1 and my max tls 1.2.

Also please disable use of insecure cipher suites security.ssl3.rsa_fips_des_ede3_sha in about:config

#11159 Document deploying a scramblesuit bridge on the website. assigned phw defect Medium
Description

https://www.torproject.org/projects/obfsproxy-debian-instructions.html.en https://www.torproject.org/projects/obfsproxy-instructions.html.en

These two pages have instructions for setting up an obfs2/obfs3 bridge. Is changing the ServerTransportPlugin line and adding a note about using tor 0.2.5 enough to introduce bridge operators to scramblesuit? It might make sense for scramblesuit to get its own project page (#5192). Should scramblesuit get it's own installation page too? What other information should be included?

#11180 Improve "Use Bridges" UI based on feedback and testing new brade defect Medium
Description

We're likely to run into a few issues with the "Use Bridges Bridges" UI once users in various localizations try to use it. One issue we've already noticed is that people can become confused by the type selection dropdown, and may think it applies to bridges they enter in the "Enter custom bridges" textbox. We should probably make these radiobuttons behave such that they are more clearly mutually exclusive (ie when one is selected, all children of the other are greyed out).

I've tried to improve the situation a little with basic layout changes, but I am not sure those won't look worse in RTL languages and in very verbose localizaions, so that may be another issue to address: https://people.torproject.org/~mikeperry/images/Settings.jpg

#11190 obfsproxy shebang should point to "python2", not "python" reopened asn defect Medium
Description

It currently points at "python" which is not version specific and will break horribly on systems where the default system python is python3.

This isn't a issue when it is installed with setup.py, but was when I tried a TBB nightly a few days ago. As far as I can tell every system that has python2.x installed with have a "python2" symlink so changing the shebang won't break places where this works now, but will allow it to work on more systems without breaking in horrible unintuitive ways for the user.

#11192 Livestream ruleset breaks site player and chat new pde defect Medium
Description

The Livestream (partial) ruleset breaks crucial site features such as stream player and chat on HTTPS Everywhere version 2014.1.3 for Chrome.

#11195 List all three bandwidth values on Globe's details page assigned cydrobolt defect Medium
Description

On https://globe.torproject.org/#/relay/76B79D109ADABB9B3A9104EB050937954BCC0471 and https://atlas.torproject.org/#details/76B79D109ADABB9B3A9104EB050937954BCC0471 I want to learn what the actual three numbers are on the bandwidth line of the descriptor (since I think they're not listed on either page?)

My current approach is to go to https://metrics.torproject.org/relay-search.html?search=mergesexit1 and click on the descriptor link, which leads me to https://exonerator.torproject.org/serverdesc?desc-id=dad4406d60ad73a5b44b609e851c5c21111caa33

Should that link be on the globe and atlas pages too?

#11197 obfsproxy should provide congestion feedback new asn defect Medium
Description

I went over this in IRC tonight to a poor GSOC student who was thinking about doing a CBR plugin, so I'll file a bug while it's fresh on my mind.

Currently there is nothing in place to prevent unbound buffer growth in obfsproxy. This problem arises when the bottleneck link is extremely narrow.

For example, examine the following network topology:

Client <-> obfsproxy <-> 14.4 kbit modem <-> ISP <-> 100 Mbit <-> obfsproxy <-> Server

The Client opens a connection, and initiates a bulk download from the Server. Since there is no mechanism to indicate congestion, the outgoing buffer in the Server side obfsproxy process will grow because feedback from the Client in the form of the shrinking TCP/IP receive window will not get propagated.

The same thing will happen on the Client side with a bulk upload, because the loopback interface has a gigantic amount of bandwidth compared to the bottleneck link.

Twisted connections have a producer/consumer interface (and can handle stopping reading once the send buffer reaches a certain threshold 'self.bufferSize'), so refactoring the base transport to use this interface to glue the upstream/downstream together would be the "correct" approach to solving this problem.

See https://twistedmatrix.com/documents/current/core/howto/producers.html for more details.

#11206 Regression: Torbutton 1.6.6.0 will not save Exceptions in the Firefox cookie manager new tbb-team defect Medium
Description

Cookie exceptions in Tor Browser Bundle 3.5.2 (Torbutton 1.6.6.0) are not remembered when TBB is restarted.

Orginal bug: https://trac.torproject.org/projects/tor/ticket/4749

#11209 Tor Browser: middlemouse.contentLoadURL should be disabled per default, because it's way too easy to trigger it accidentially new tbb-team defect Medium
Description

I suggest middlemouse.contentLoadURL to be disabled per default, since I *always* accidentially middle mouse click at some point when scrolling, even more so with my trackpoint. In my regular firefox I have disabled this behaviour, but it's all too easy to forget with the tor browser.

Because it can be easily enabled by people that rely on it and because text middle mouse pasting still works as expected when this is disabled, I suggest middlemouse.contentLoadURL is set to false (current default: true) to avoid users accidentially going to URLs which may reveal their identity.

(The problem really isn't the middle mouse pasting by itself, but that firefox/tor browser will also instantly load up the page without any additional confirmation)

#11210 livestream rule broken on http://bigbrothercanada.slice.ca/live new pde defect Medium
Description

This feed is broken by the default on livestream rule.

#11211 Multiple ServerTransportListenAddr entries should be allowed per transport. new defect Medium Tor: 0.2.???
Description

Looking through or/config.c, it is apparent that the ServerTransportListenAddr line only allows one address/port to be specified per transport. This is problematic because there are cases where it is beneficial/required to list more than one.

A simple example of where this would be useful is:

ServerTransportListenAddr obfs3 0.0.0.0:443
ServerTransportListenAddr obfs3 [::]:443

The Pluggable Transport spec doesn't explicitly disallow having multiple bind addresses for TOR_PT_SERVER_BIND_ADDR, but I'm not sure what would happen if more than one is passed with each of the pt config protocol libraries in use.

The keys holding transport names must appear on the same order as they appear on TOR_PT_SERVER_TRANSPORTS.

Currently the particular example I used is probably a moot point because of #7961, but in general I don't see a good reason why each transport should be limited to one bind address.

#11214 Gmail talkgadget/hangouts/chat infinite loop new tbb-team defect Medium
Description

Version: Tor Browser Bundle 3.5.2.1 *please relocate to appropriate thread if incorrect*

Gmail allows for two types of chat: by default, hangouts, and by choice, legacy chat. These operate in a frame on the lower left of Gmail. Legacy chat works, but reverting to legacy chat from hangouts is impossible from Tor Browser Bundle 3.5.2.1, where an infinite loop interferes.

  1. Gmail load attempted with restrictive NoScript settings. Options appear: loosen restrictions, or use HTML only.
  2. mail.google.com is whitelisted in NoScript, as well as (optionally) some of the following domains:
    1. clients6.google.com
    2. plus.google.com
    3. talkgadget.google.com
    4. www.google.com
  3. Page is reloaded. The following error message appears in the lower left chat frame: "Something's not right. We're having trouble connecting to Google. We'll keep trying...\n This may be caused by network or proxy issues. <a href="https://support.google.com/hangouts/?p=not_right_error&hl=en">Learn more</a>.
  4. apis.google.com is whitelisted in NoScript, as recommended on the linked support page. Gmail is refreshed.

Infinite loop:

  1. Hangouts loads, with contact list visible. Within seconds, it disappears and is replaced with a Sign In button.
  2. The Sign In button is clicked. A pop-up appears with a log-in page from domain accounts.google.com. Password is entered; user signs in. Page declares success, instructs user to close pop-up and refresh Gmail.
  3. Go to step 5.

This bug prevents users from being able to use Google chat at all, since reverting to legacy chat requires accessing the main menu in talkgadget/hangouts.

Tried many combinations of NoScript whitelists. None works.

#11222 Inform user if reachable bridges drop below a configurable fraction/number new brade defect High
Description

It would be very useful for a number of reasons if Tor Launcher could pop up some kind of alert if some fraction of their bridges become unusable (ie when less than 50% are reachable, or perhaps less than min(33%,1)).

In that case, it should instruct the user to obtain more bridges, and give them instructions and/or a bridgedb link specific to their PT type (ie https://bridges.torproject.org/bridges?transport=obfs3).

The primary motivation for altering the user is that if bridges either go down or get blocked, it will be far easier for the user to obtain more if the user still has at least one working bridge to work with (to connect to gmail or visit a link).

One way to do this might be to use the control port command 'GETINFO entry-guards" on a timer, but an event-based approach using the "GUARD" event could also work (but would require substantially more bookkeeping and may be error prone in the face of GUARD event state transition oddities).

Tor Launcher probably should also not issue the warning if all bridges become unreachable at once, and/or if Tor detects a cease in network activity (which does not seem to be directly exported to the control port at this point :/). We don't want to alert the user every time they walk out of range from a wifi hotspot or similar situation.

This option also should not be active if the user is not using bridges.

#11233 Bug: We're writing a text string that already contains a CR. needs_information defect Medium Tor: 0.2.???
Description

[Tue Mar 18 04:10:56 2014] Tor Software Error - The Tor software encountered an internal bug. Please report the following error message to the Tor developers at bugs.torproject.org: "write_str_to_file(): Bug: We're writing a text string that already contains a CR. "

#11245 Orbot bootstraped problem new n8fr8 defect Medium
Description

On my un rooted samsung galaxy note 10.1 Orbot only gets to bootstrapped 25%.

My system information: Android version: 4.1.2 Model Number: GT - N8010

Log:

Orbot is starting… Orbot is starting… Tor binary exists: /data/data/org.torproject.android/lib/libtor.so Privoxy binary exists: /data/data/org.torproject.android/lib/libprivoxy.so Obfsproxy binary exists: /data/data/org.torproject.android/lib/libobfsproxy.so Xtables binary exists: /data/data/org.torproject.android/lib/libxtables.so link RM err=0 out: link LN err=0 out: libtor.so: PRE: Is binary exec? true (re)Setting permission on binary: /data/data/org.torproject.android/lib/libtor.so libtor.so: POST: Is binary exec? true tor: PRE: Is binary exec? true (re)Setting permission on binary: /data/data/org.torproject.android/app_bin/tor tor: POST: Is binary exec? true libprivoxy.so: PRE: Is binary exec? true (re)Setting permission on binary: /data/data/org.torproject.android/lib/libprivoxy.so libprivoxy.so: POST: Is binary exec? true libobfsproxy.so: PRE: Is binary exec? true (re)Setting permission on binary: /data/data/org.torproject.android/lib/libobfsproxy.so libobfsproxy.so: POST: Is binary exec? true libxtables.so: PRE: Is binary exec? true (re)Setting permission on binary: /data/data/org.torproject.android/lib/libxtables.so libxtables.so: POST: Is binary exec? true Orbot is starting… got tor proc id: 21351 Tor process id=21351 Connecting to control port: 9051 SUCCESS connected to control port SUCCESS authenticated to control port Starting Tor client… complete. adding control port event handler SUCCESS added control port event handler updating settings in Tor service Starting privoxy process /data/data/org.torproject.android/lib/libprivoxy.so /data/data/org.torproject.android/app_bin/privoxy.config & orConnStatus (madiba): LAUNCHED NOTICE: Bootstrapped 10%: Finishing handshake with directory server. Privoxy is running on port:8118 Privoxy process id=21371

NOTICE: Bootstrapped 15%: Establishing an encrypted directory connection. orConnStatus (itpol2): CONNECTED

orConnStatus (madiba): CONNECTED

NOTICE: Bootstrapped 20%: Asking for networkstatus consensus. Circuit (1) BUILT: itpol2

NOTICE: I learned some more directory information, but not enough to build a circuit: We have no recent usable consensus.

Circuit (2) BUILT: madiba

NOTICE: Bootstrapped 25%: Loading networkstatus consensus.

Circuit (2) CLOSED: madiba

NOTICE: I learned some more directory information, but not enough to build a circuit: We have no recent usable consensus.

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20
Note: See TracQuery for help on using queries.