Custom Query (3987 matches)

Filters
 
Or
 
  
 
Columns

Show under each result:


Results (901 - 1000 of 3987)

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20
Ticket Summary Status Owner Type Priority Milestone
#9789 TorFlow BandwidthAuthority sleep schedule new aagbsn defect normal
Description

# Check local time. Do not scan between 01:30 and 05:30 local time

Weasel points out that we use lt = time.localtime(). If the Tor network is lightly loaded during some time interval, we should figure out what that interval is in UTC.

But also, is this still a good idea?

#9790 The Torbutton startup observer component is sometimes not initialized new tbb-team defect critical
Description

The symptoms of the problem is the info message: "While creating services from category 'profile-after-change', could not create service for entry 'StartupObserver', contract ID '@…/startup-observer;1'" It is quite difficult to reproduce. But the best step I have found so far is clicking on New Identity while loading a page (sounds strange, I know). Then even after closing and restarting Tor Browser the component is not initialized. One can "reset" that behavior surprisingly if one updates an extension (at least updating Torbutton solved the problem for me).

#9800 tor browser still an option of default browser even after removal new tbb-team defect normal
Description

I removed the TorBrowser by deleting the app, but couldn't find the Library neither the Vidalia folder to delete. Not sure if this is the cause, but Tor is still an option for Default Browser under Safari Preferences. I'm using OS X 10.8.5 on a MacBook Pro.

#9814 Atlas should make clear when relay details come from outdated consensus reopened phw defect normal
Description

This is relevant to both Atlas and Globe, as far as I gather. Wasn't entirely sure whom to CC, sorry if too many recipients.

Two very much related things:

  1. Onionoo-using tools should make clear to the user when relay flags come from an outdated consensus.
  1. Onionoo-using tools should be careful using the keyword uptime, especially when relay is not running (not present in the last consensus).

Example: relay 0FB356FB... on Atlas (if the relay gets included in the newest consensus, see attached image (atlas_details_relay_running.png)). Here the problem is that Atlas (and Globe as well) may show the Running flag to be present, but show the overall relay as not running (running: false).

The latter is because the relay wasn't featured in the last consensus (as reported by Onionoo); the former is because Onionoo is returning the last known flags (from the last consensus where the relay was featured in) for this relay, among which the Running flag is present.

As Karsten said,

The flags thing is a presentation problem, not a data problem. Onionoo should include the latest flags, but Atlas (and Globe?) should present them in a non-confusing way. Atlas (and Globe) can learn from last_seen when these flags were contained in a consensus.

Flags could either get some simple indication of being old / 'not fresh' (simply when running: false), and/or there could be a small field indicating where these flags are coming from ("reported by last available consensus" in green, vs. "reported by authorities at <Onionoo:last_seen> (outdated by <in_hours(Onionoo:relays_published - Onionoo:last_seen)> hours)", or somesuch.)

Likewise with the uptime keyword: I suppose that either the name for that field (which is derived from Onionoo's last_restarted) should be changed (I guess last restarted doesn't sound intuitive? It would actually make sense to me at least / would be more honest), or it should be removed when running: false.

Re: fixing this:

  • re: 1., depends on decision, but should be similarly simple.
  • haven't looked at Globe's code
#9822 obfsproxy: Don't read authcookie file for every new connection new asn defect minor
Description

Currently, obfsproxy opens the authcookie file for each new incoming connection: https://gitweb.torproject.org/pluggable-transports/obfsproxy.git/blob/HEAD:/obfsproxy/network/extended_orport.py#l250

This is suboptimal, and we can just read the file on startup and keep the authcookie value around during runtime.

#9825 -v returns 'unknown' for Obfsproxy.exe from '2.4.17-beta-2-pt3' new asn defect minor
Description

obfsproxy.exe -v

prints out

unknown

It was included in 'tor-pluggable-transports-browser-2.4.17-beta-2-pt3_en-US.exe' and its (obfsproxy.exe) checksums are:

SHA-1: 8690778C86542ABC3596C65EF42903E943C843A9
SHA-256: F75A997308B689335AEA9705BF7DF57EEA0636CB7C2EB7D75BCAC41389F0F84F
SHA-512: 89459D5189C2490C22FA63AC8509AEF8B7902B38174C73BB2902C57F73DFAFC4EC42B1C361ADDBEB019D7709882589594D94FD264FD20A2712592326596B1107
#9840 formstack.com not all content ssl-available new pde defect normal
Description

I just tried to fill this form: http://support.jimdo.com/contact/inappropriate-content/

It forwards to a form processing script at www.formstack.com. That automatically gets ssl-redirected by https everywhere.

However, then I get an error here: https://www.formstack.com/forms/index.php which says: "ERROR: SSL is not enabled for this form, but your browser submitted the data over SSL. Please try again. "

So it seems not all data on www.formstack.com is https-able, so it probably should be removed from https everywhere.

#9855 Certain pages on Kohl's return 'Bad Request' errors new pde defect normal
Description

HTTPS-Everywhere 3.4.1 on FF 24 (tested on Mac and Linux).

Navigating to certain Kohl's websites will return 'Bad Request' pages. Some pages will load, some won't. Here's an example that does not load properly:

http://www.kohls.com/catalog/womens-wallets-accessories-accessories.jsp?CN=4294720878+4294719442+4294719516+4294717956

Disabling HTTPS-Everywhere solves the issue and the page loads properly.

#9860 junk log messages every time SETCONF changes the set of ORPorts needs_revision defect trivial Tor: 0.2.???
Description

Every time you use SETCONF (from a controller) to change the set of ORPorts, Tor emits log messages like this:

Sep 30 23:45:59.000 [notice] Opening OR listener on 0.0.0.0:9022
Sep 30 23:45:59.000 [notice] Tor 0.2.4.17-rc-dev (git-00fb525+ace95c5+0e691f1) opening log file.
Sep 30 23:46:00.000 [notice] Your Tor server's identity key fingerprint is 'tbbscraperentry 73EFD4FE8D5D2466ECBDCFAC11894A72A322FD3C'
Sep 30 23:47:42.000 [notice] Opening OR listener on 0.0.0.0:9023
Sep 30 23:47:42.000 [notice] Tor 0.2.4.17-rc-dev (git-00fb525+ace95c5+0e691f1) opening log file.
Sep 30 23:47:42.000 [notice] Your Tor server's identity key fingerprint is 'tbbscraperentry 73EFD4FE8D5D2466ECBDCFAC11894A72A322FD3C'
Sep 30 23:50:40.000 [notice] Closing no-longer-configured OR listener on 0.0.0.0:9008
Sep 30 23:50:40.000 [notice] Tor 0.2.4.17-rc-dev (git-00fb525+ace95c5+0e691f1) opening log file.
Sep 30 23:50:40.000 [notice] Closing old OR listener on 0.0.0.0:9008
Sep 30 23:50:40.000 [notice] Your Tor server's identity key fingerprint is 'tbbscraperentry 73EFD4FE8D5D2466ECBDCFAC11894A72A322FD3C'
Sep 30 23:50:45.000 [notice] Closing no-longer-configured OR listener on 0.0.0.0:9012
Sep 30 23:50:45.000 [notice] Tor 0.2.4.17-rc-dev (git-00fb525+ace95c5+0e691f1) opening log file.
Sep 30 23:50:45.000 [notice] Closing old OR listener on 0.0.0.0:9012
Sep 30 23:50:45.000 [notice] Your Tor server's identity key fingerprint is 'tbbscraperentry 73EFD4FE8D5D2466ECBDCFAC11894A72A322FD3C'

The "opening log file" and "Your Tor server's identity key fingerprint is" lines should not be printed for every configuration change. And I'm not sure why it tells me it's closing a listener twice.

#9861 Orbot: enter multiple bridges, but it only uses one new n8fr8 defect normal
Description

This is Orbot 12.0.5 on Android 2.3.x.

  • use bridges is checked
  • obfuscated bridges is checked
  • bridge addresses are 1 per line, IP:port
  • I know >1 of these work as I operate some of them for testing

I see a LAUNCHED for every bridge when I start up Orbot connecting, but, circuits are only ever built through the second bridge on the list, for whatever reason. I never see log messages about the others other than LAUNCHED at startup.

Please let me know if there is a better place to submit this bug - I can't find it with The Guardian Project.

#9882 New ruleset new pde defect normal
Description

http://www.cubiksonline.com -> https://www.cubiksonline.com/

#9894 Sandbox doesn't work with obfsproxy new defect normal Tor: 0.2.???
Description

When running tor [0.2.5.1-alpha-dev (git-a6b4934037d1308e)] with sandbox enabled and using obfsproxy [0.2.4] I get the following error:

(Sandbox) Caught a bad syscall attempt (syscall 0x2A)

after which tor terminates.

#9899 Revisit decision to disable rendering acceleration for everyone new tbb-team defect normal
Description

#9438 disables rendering acceleration for all users due to issues on some Windows computers. It is probably safe to enable the rendering acceleration at least for Linux and Mac users.

#9902 need separate Obfsproxy Windows binary new asn defect normal
Description

I am using Tor Expert Bundle in Windows. Adding obfs2/obfs3 bridges to torrc always get warnings like this:

[warn] We were supposed to connect to bridge 'xxx.xxx.xxx.xxx:xxxxx' using pluggable transport 'obfs2', but we can't find a pluggable transport proxy supporting 'obfs2'. This can happen if you haven't provided a ClientTransportPlugin line, or if your pluggable transport proxy stopped running.

Tor Expert Bundle does not include any pluggable, and as far as I know, obfsproxy does not provide separate binary neither, except the the whole big Tor Browser bundle. I would like keeping use "lightweight" Tor Expert Bundle with obfs support. Could you please provide separate Obfsproxy for Windows?

Thanks.

#9907 Viewing websites without Tor with TBB new tbb-team defect normal
Description

I use TBB for my daily work. It works pretty well so far. One feature I am missing is to be able to switch off the usage of the tor network for specific websites.

Example A: I am in a local intranet with a couple of webservers I have to use frequently. In order to access these webservers I have to use beside TBB a second Firefox browser to access the local intranet, because traffic routed through the tor network does not find is way back to my intranet.

Example B: I need to access websites with an IP filter, that allows only traffic from specific IP addresses.

It would be very handy to have the ability to switch TBB to a non-tor mode. There are different ways to do this:

  • setting the domain of my local intranet in TBB so traffic to any site with the local domain would not go trough the Tor notwork
  • defining a list of websites I want to view without tor. Perhaps by adding a specific keyword like "non-tor" to a link in my bookmarks, that switches the tor mode off.

It would be great to have such functionality.

Thanks & regards, Torland

#9915 Please provide a way to be notified about all new TBB releases new tbb-team defect normal
Description

I just discovered by chance that a couple of new TBB releases are available; the onion icon in the Tor Browser didn't notify me about the new release(s) because the release I am running is still listed in https://check.torproject.org/RecommendedTBBVersions (right?)

I think there should be a way to be notified of _every_ new TBB release (even if the old releases are still deemed safe to use), for people who want to always run the latest release. I found no page or RSS feed about that on the website (have I missed anything?).

The tor-announce mailing list seems to be the obvious solution: currently it only has announcements about the tor package, please announce also TBB releases there.

#9916 Gradually increasing memory usage on relay needs_information defect normal Tor: unspecified
Description

Running tor 0.2.3.25 (installed from the tor apt repo) as a relay on a debian squeeze VPS, and I notice a pattern of continuously increasing memory usage until it eats up all available ram and my VPS gets auto-rebooted by the host's maintenance scripts. Seems like there's a memory leak somewhere.

The VPS has 300MB of allocated ram. It takes roughly 3-5 days between reboots.

The relay is set with RelayBandwidthRate 150 KB, and RelayBandwidthBurst 300 KB. 

I'd be happy to provide any other details necessary to help fix this problem.

#9917 Linux Firefox ESR 17.0.9 appers to spin-wait rather than block-wait on SOCKS new tbb-team defect normal
Description

Per the summary, Linux Firefox 17.0.9 as include in TBB x86_64 2.3.25-13 appears to poll-wait rather than block-wait on SOCKS requests. Observed this when attempting to access an unresponsive site, in this case core.onion.

The spin caused the VM to largely lock-up, badly enough that the kernel reported 120 second non-responsive "hung-tasks" on several threads including 'tor'. However this particular aspect may be largely a result of running in a single VCPU KVM instance.

See Firefox using all CPU in 'top' when this happens. Behaves a little better when 'renice -n10' is used to lower FF's priority.

Seems to me the behavior should be to block-wait and that other Firefox windows should remain responsive while one window is blocked waiting for a reply that will never arrive.

Have set 'tor' threads to run realtime priority, RR class at -27 per 'top', which might affect the behavior here, though it really shouldn't matter.

#9924 Firefox queries the A record of the hostname of the machine it is running on. new tbb-team defect normal
Description

When Firefox starts, it does a DNS query for the A record of the hostname of the machine it is running on.

If that hostname resolves to a public IP address, then Firefox will have information that could be used to deanonymize the user, and it is unclear what Firefox is doing with that information or why it needs to collect it.

This query is not done via Tor, it uses the system resolver, even when using TBB. This was discovered by configuring BIND to log queries and running tail -f on the query log while starting TBB Firefox and regular Firefox, which each exhibit this behavior shortly after starting.

Some quick google searching seems to indicate that I am not the only person who has noticed this. Many people seem to have trouble getting Firefox to start if their machine's hostname does not resolve. I found one bug in the Mozilla bug tracker (sorry, I can't find it back again to note the number), where someone was complaining of exactly this, but the response was a denial that the behavior was happening.

This should be looked into and it should be confirmed that nothing nefarious or negligent is being done with the result of that DNS query.

#9925 Directory Authorities can crash client/relay needs_revision defect normal Tor: 0.2.8.x-final
Description

A malicious/misbehaving set of directory authorities can cause a client to fail an assertion if they create a consensus that swaps descriptor digests between router entries and a client already has the descriptors for those routers.

in update_consensus_router_descriptor_downloads()

  SMARTLIST_FOREACH_BEGIN(consensus->routerstatus_list, void *, rsp) {
      routerstatus_t *rs =
        is_vote ? &(((vote_routerstatus_t *)rsp)->status) : rsp;
      signed_descriptor_t *sd;
      if ((sd = router_get_by_descriptor_digest(rs->descriptor_digest))) {
        const routerinfo_t *ri;
        ++n_have;
        if (!(ri = router_get_by_id_digest(rs->identity_digest)) ||
            tor_memneq(ri->cache_info.signed_descriptor_digest,
                   sd->signed_descriptor_digest, DIGEST_LEN)) {

If rs && sd && ri && the descriptor digests are not equal, then

in routerlist_remove_old()

  tor_assert(0 <= idx && idx < smartlist_len(rl->old_routers));
  /* XXXX edmanm's bridge relay triggered the following assert while
   * running 0.2.0.12-alpha.  If anybody triggers this again, see if we
   * can get a backtrace. */
  tor_assert(smartlist_get(rl->old_routers, idx) == sd);

Both assertions are triggerable because sd is assumed to be in old_routers. If the consensus specifies a valid but wrong descriptor digest for a router (i.e. they swap two of them), then the client will compare that new digest to the one it already has in the routerinfo. They will be different, so the client will assume it already has a new descriptor and that it previously moved the old descriptor into rl->old_routers (despite the fact that clients don't cache them and old_routers is empty). When we try to retrieve the cached descriptor, we assert.

If we're a relay, then we probably have descriptors in old_routers but not the one we're looking for. Therefore, these assumption are false, because we're comparing two different routers, thus resulting in the crash.

Brought to you by your friendly neighborhood cat.

#9929 compass doesn't display more than 10 relays in a given AS new gsathya defect normal
Description

this occurs with the -1 option set and when the number to display is manually changed to a number greater than 10

replicated across browser configs, inside and outside of tor, etc.

#9935 Vidalia trashes 'tor' different host config if 'vidalia.conf' not preserved in TBB update new chiiph defect normal
Description

If one configures 'tor' on a different host but uses TBB+Vidalia to monitor 'tor' and browse, forgetting to preserve the 'vidalia.conf' file when updating TBB results in Vidalia trashing the 'tor' relay configuration. Thankfully I had a backup.

Vidalia should first attempt to download the existing config when the IP of an remote system 'tor' is entered.

This is true for

tor-browser-gnu-linux-x86_64-2.3.25-13-dev-en-US

and

tor-browser-gnu-linux-x86_64-2.4.17-beta-2-dev-en-US

#9936 TBB TorButton 'New Identity' with remote 'tor' says "It does not have access to the Tor Control Port." new tbb-team defect normal
Description

Full message is

Torbutton cannot safely give you a new identity. It does not have access to the Tor Control Port. Are you running Tor Browser Bundle?

version 1.5.2

Looked at code and wrote this script:

#!/bin/bash
export TOR_CONTROL_HOST="10.29.88.1"
export TOR_CONTROL_PORT="9151"
export TOR_CONTROL_PASSWD="xxx"

nc ${TOR_CONTROL_HOST:?} ${TOR_CONTROL_PORT:?} <<EOF
AUTHENTICATE "${TOR_CONTROL_PASSWD:?}"
SIGNAL NEWNYM
QUIT
EOF

cd /home/tor/tor-browser_en-US
/home/tor/tor-browser_en-US/App/Firefox/firefox -no-remote -profile /home/tor/tor-browser_en-US/Data/profile

Which clearly demonstrates the values are correct and the "SIGNAL NEWNYM" command works as it should and that Firefox ESR 17.0.9 with TorButton 1.5.2 fails here.

See changes, perhaps fixes, have been made to the related logic but the newer code is not yet in either the stable or development release and I could not easily test it. The related Vidalia code in src/chrome/content/torbutton.js looks ok. Thought it might be hex-encoding the password and tried that but it made no difference.

Tried with

tor-browser-gnu-linux-x86_64-2.3.25-13-dev-en-US

and

tor-browser-gnu-linux-x86_64-2.4.17-beta-2-dev-en-US

#9945 Disable download manager alert on complete new tbb-team defect minor
Description

Can we get this preference on Tor Browser?

pref("browser.download.manager.showAlertOnComplete", false);

1- It is annoying

2- Don't know if it leaks any information to disk or registry (maybe the times when files were downloaded?)

But tested TBB 3.0 on KDE and it flooded the notification system after every single file.

#9953 Unique Browser Fingerprint, Even After Fresh Install new defect minor
Description

How is it possible that I have a unique user agent after a completely fresh install of the latest Tor Browser Bundle? I even deleted the old preferences file associated with the TBB. I'm running the 64 bit version on a mac, and have the screen maximized to the size of a 13" display. I can't see how I've done anything identifying.

#9954 Replace broadcast voting protocol with something more robust new defect normal Tor: unspecified
Description

While discussing #8244, Aniket Kate had some comments about our voting protocol:

The only modification I would like to suggest is to replace your broadcast protocol in the voting round. It is not secure against what is called "dangerous chain of failures" in distributed computing research ; i.e., if one authority crash in per sub-phase (1A, 1B, ...), then at least one working (or correct) authority might have more votes than others.

To explain it, I am attaching Lorenzo Alvisi's (UT-Austin) notes along with email. I thought those will be easy to understand than a research paper. In these notes,

  • Dangerous chain is explained on page 7
  • Two protocols that overcome this (possibly extremely unlikely situation) problem are available on page 12
  • I would encourage you to incorporate the early stopping protocol as, in absence of any failure, it completes in the exactly same manner as your current protocol. I think it will not add too much to your current broadcast code, but at the same time take care of gradual failures of directory authorities.
  • The protocol description does not mention signatures as they are defined for non-malicious setting. Nevertheless, it will be easy for me to include signatures to the description at appropriate places if you choose to use it.

I replied with:

I'll check this out, but I'm not sure whether the change is worth it in this case. If I understand correctly, the failure mode here is no consensus is generated if crashes happen at exactly the wrong times, or sends votes to others at exactly the wrong times. But our protocol can tolerate up to 24/48 hours worth of non-generated consensuses. (Our usual approach when this happens has been "Just debug it".)

I'll check out the complexity of the stepping protocol, though.

Still, more minds should think on this.

I'm investigating whether I have permission to post Lorenzo Alvisi's slies, or whether they're already online.

#9957 Tor should consider stderr output of transport proxies assigned yawning defect trivial Tor: 0.2.8.x-final
Description

Currently, Tor cares about what transport proxies (e.g. obfsproxy) say over stdout (it echoes stdout in its log, etc.) Not so with stderr, the reason being, as far as I can tell, the presumed/standard signaling channel for transport proxies to communicate with Tor is their standard output stream, as per design.

It so happens that as of now, obfsproxy may complain about some things (e.g. it not being able to write to its own log file) over stderr. If one runs obfsproxy as intended (using the ServerTransportPlugin directive in torrc), obfsproxy may exit (Tor will report this, of course) without any verbal explanation.

Using the "run a transport proxy manually (without Tor) to figure out what's wrong" method (which some bridge operators have (had) to resort to (that is, at least me and someone else who talked with asn)) in order to debug things seems suboptimal.

Three ways out, as I see it:

  1. Make sure all transport proxies adhere to the "use stdout to complain about things" protocol.
  1. Have Tor treat both stdout and stderr streams of transport proxies as meaningful, and include their contents in log. This requires changing the design in regards to transport proxy <-> Tor signaling channels.
  1. Care about stderr instead of stdout (most easy in terms of code changes, I think; not sure if makes much sense / is elegant, though.)

Are there any specific design-level nuances that block option 2?

For option 2, the tor_get_lines_from_handle() function seems to be overall more or less handle-type-agnostic; it uses variable names like "stdout_buf", but it all really depends on what's passed via "handle", which could be any kind of stream.

configure_proxy() in or/transports.c is what would need changing. Depending on design changes, the streams would have to be combined, or (simply) stderr would have to be used instead of stdout (so to remain clean, there'd need to be a tor_process_get_stderr_pipe(), which would simply return process_handle->stderr_pipe).

#9964 client registrations should expire new dcf defect normal
Description

Currently client registrations are kept forever. It would be better to expire them automatically after some time.

For example, if I try to run flashproxy-client then obfs-flash-client on the same port a few hours later, it doesn't work because the facilitator still has the old client registration.

#9970 HTTPS preventing Firefox to opene new windows needs_information pde defect normal
Description

I was troubleshooting a problem I had with opening new windows in Firefox. I disabled add=ons and found that disabling HTTPS everywhere fixes the problem.

#9971 for_discovery option in add_an_entry_guard() is confusingly named needs_revision defect trivial Tor: 0.2.8.x-final
Description

In #9946 I added a new argument "for_discovery" to add_an_entry_guard(). Nick prefers "provisional" or "probationary".

In parallel, I think we should probably rename the made_contact field in entry guard t, to be *why* we're remembering that we've made contact, rather than simply that we have.

And lastly, we should do something about the godawful number of int arguments that add_an_entry_guard() now takes.

#9972 Failed to find node for hop 0 of our path. Discarding this circuit. needs_revision nickm defect normal Tor: 0.2.???
Description

When I introduce EntryNodes restrictions in my torrc file (also having StrictNodes 1) and then start tor, I get the following rather bizarre sequence going:

[notice] {DIR} We now have enough directory information to build circuits. [notice] {CONTROL} Bootstrapped 80%: Connecting to the Tor network. [warn] {CIRC} Failed to find node for hop 0 of our path. Discarding this circuit. [...ad nauseum...]

If, at this point, I shut down tor and then start it again, without changing anything at all, the bootstrap completes (100% done) and I have no further problems.

My EntryNodes statement isn't very restrictive (something like {DE},{SE},{AT},{EU}), but even if it is, I don't think it should prevent tor from bootstrapping properly.

#9976 flashproxy-client needs to pass args to reg-methods new dcf defect normal
Description

At the moment it's not possible to (e.g.) give an email address to flashproxy-client for use in reg-email.

One possibility is to have args like --reg-email-arg=x --reg-email-arg=y then [x, y] gets passed as args to reg-email. This is similar to what I have implemented in obfs-flash, where --fp-arg=x gets passed to flashproxy-client.

#9981 Google APIs rule breaks a tool for a python class new pde defect normal
Description

This website has a browser-based python interpreter for a Coursera python class:

http://www.codeskulptor.org/#examples-hello_world.py

The Google APIs rule causes an error where "Unable to load file: examples-hello_world.py" is alerted. Disabling the rule fixes it.

#9982 Use a better password-based KDF for controller passwords, authority identity key encryption, and more new defect normal Tor: 0.2.???
Description

With the ed25519 key transition, we'll want to start bringing offline identity keys to regular relay operators (and ideally hidden service operators too somehow, if we can figure out a non-stupid way for it to interact with #8106).

As we do this, we'll want a better password-based KDF. Right now we have the very silly "NID_pbe_WithSHA1And3_Key_TripleDES_CBC" for protecting authority keys, and the very silly OpenPGP KDF for hashing controller passwords. Let's do something from the 21st century.

This is a bikeshed discussion. I nominate: "Derive keys with scrypt-jane, with salsa20/8 and SHA512."

#9986 Circuit completed hop while network was not live needs_information defect minor Tor: unspecified
Description

After re-starting Tor from the Vidalia Control Panel for my Vidalia relay bundle, I received the following message in the message log:

[Wed Oct 16 19:01:32 2013] Tor Software Error - The Tor software encountered an internal bug. Please report the following error message to the Tor developers at bugs.torproject.org: "circuit_build_times_network_close(): Bug: Circuit somehow completed a hop while the network was not live. Network was last live at 2013-10-16 19:00:58, but circuit launched at 2013-10-16 19:00:59. It's now 2013-10-16 19:01:32."

I received a second, almost identical message right after, the only differences are the timestamps:

[Wed Oct 16 19:02:33 2013] Tor Software Error - The Tor software encountered an internal bug. Please report the following error message to the Tor developers at bugs.torproject.org: "circuit_build_times_network_close(): Bug: Circuit somehow completed a hop while the network was not live. Network was last live at 2013-10-16 19:01:59, but circuit launched at 2013-10-16 19:02:00. It's now 2013-10-16 19:02:33."

Note: this didn't seem to affect relay performance, it continued to work properly, and I got no further messages, I just figured I'd send the information along.

#9989 Orbot stucks on 25% new n8fr8 defect major
Description

Im trying to start orbot on my samsung galaxy note 2 but it stucks on 25%

im using android 4.1.1, here are logs

Orbot is starting… Orbot is starting… (re)Setting permission on Tor binary (re)Setting permission on Privoxy binary (re)Setting permission on Obfsproxy binary Orbot is starting… got tor proc id: 3317 Tor process id=3317 Connecting to control port: 9051 SUCCESS connected to control port SUCCESS authenticated to control port Starting Tor client… complete. adding control port event handler SUCCESS added control port event handler NOTICE: Bootstrapped 10%: Finishing handshake with directory server. NOTICE: We weren't able to find support for all of the TLS ciphersuites that we wanted to advertise. This won't hurt security, but it might make your Tor (if run as a client) more easy for censors to block. NOTICE: To correct this, use a more recent OpenSSL, built without disabling any secure ciphers or features. Starting privoxy process /data/data/org.torproject.android/app_bin/privoxy /data/data/org.torproject.android/app_bin/privoxy.config & Privoxy is running on port:8118 Privoxy process id=3370 NOTICE: Bootstrapped 15%: Establishing an encrypted directory connection. orConnStatus (wau): CONNECTED

NOTICE: Bootstrapped 20%: Asking for networkstatus consensus. Circuit (1) BUILT: wau NOTICE: Bootstrapped 25%: Loading networkstatus consensus.

#9990 Internal error new chiiph defect normal
Description

Error message: "set_options(): Bug: Acting on config options left us in a broken state. Dying."

Using tor browser bundle on 32-bit Linux Mint 13 Maya. Tor v0.2.3.25 (git-17c24b3118224d65) running on Linux.

I was trying to relay traffic internally (non-exit node). Contact Info was blank. Tor browser was still open at the time.

Vidalia Message Log:

Oct 17 04:04:38.325 [Notice] Your ContactInfo config option is not set. Please consider setting it, so we can contact you if your server is misconfigured or something else goes wrong. Oct 17 04:04:38.325 [Notice] Opening Directory listener on 0.0.0.0:9030 Oct 17 04:04:38.326 [Notice] Opening OR listener on 0.0.0.0:9001 Oct 17 04:04:38.326 [Notice] Your Tor server's identity key fingerprint is 'Tortuga BFC0F3F7182593053E4981E3A581D7F38D8F39FB' Oct 17 04:04:38.347 [Notice] Now checking whether ORPort <redacted>:9001 and DirPort <redacted>:9030 are reachable... (this may take up to 20 minutes -- look for log messages indicating success) Oct 17 04:04:38.348 [Warning] Unable to stat resolver configuration in '/etc/resolv.conf': No such file or directory Oct 17 04:04:38.403 [Error] set_options(): Bug: Acting on config options left us in a broken state. Dying.

#9995 keyboard doesn't work when vidalia/tor loads new chiiph defect major
Description

everything worked perfectly prior to running vidalia/tor. if I exit from vidalia /tor everything works fine.

#10001 Unable to bookmark / reload a resultpage new gsathya defect normal
Description

Probably caused by putting all parameters in the anchor; when bookmarking or reloading a result-page; you end up on the default form with no results.

It would be nice if the parameters would be put in the form and results were shown.

A (obvious) non-working example is https://compass.torproject.org/#?exit_filter=all_relays&links&sort=cw&sort_reverse&country=AF

#10014 tor browser relies on external glib/dbus installation new tbb-team defect normal
Description

using latest stable tor from today: Error loading shared library libdbus-glib-1.so.2: No such file or directory (needed by ./App/Firefox/libxul.so)

dbus is not a hard requirement for a fully working linux desktop, so it is highly undesirable to make tbb dependant on it.

according to http://www.linuxfromscratch.org/blfs/view/svn/xsoft/firefox.html the dependancy can easily be removed by adding ac_add_options --disable-dbus to mozconfig file.

#10025 TBB 3.x's ChangeLog pretends the world started at TBB 3.0a1 assigned mikeperry defect normal
Description

Docs/ChangeLog.txt in tbb 3.0a4 has only four entries in it.

If our goal is to replace TBB 2.x, we will at some point want to import its whole changelog.

(A changelog is used a) for learning what changed in the newest version, and b) for answering questions like "when did tbb change feature x?")

#10027 Tor Windows service should be installed with the NetworkService account new defect normal Tor: 0.2.???
Description
<GITNE> nickm: I have checked running Tor under the NetworkService account.
Works fine. The problem I had the last time was a missing write permission on
the log file.
<GITNE> nickm: So it should probably be safe to change GENSRV_USERACCT to "NT
AUTHORITY\NetworkService"
> gitne: was that because the log file was trying to go somewhere it
shouldn't? or what
> gitne: also, does that change work for every windows, or only some of them?
<GITNE> armadev: those three predefinded accounts LocalSystem, LocalService,
and NetworkService are available since Windows 2000 so Tor should be safe
with that.
#10029 Icon for HTTPS-Everywhere can't be added to Add-on Toolbar new pde defect normal
Description

HTTPS-Everywhere 3.4.2 Firefox ESR 17.0.9 Slackware64 14.0

To reproduce:

  • right click on the add-on toolbar to open the popup menu
  • click Customize
  • a window will open, containing icons related to misc Firefox actions or to Firefox add-ons
  • there's no icon for HTTPS-Everywhere

Note: when HTTPS-Everywhere gets installed - it adds an icon to the Navigation Toolbar only. This is inconvenient for me because my Navigation Toolbar is always hidden (I am using the Pentadactyl addon). Being able to have a HTTPS-Everywhere icon in the Add-ons Toolbar would be very handy.

#10034 TB breaks if control settings are changed needs_information erinn defect normal
Description

In Vidalia -> settings -> advanced there is the possibility to change the 'tor control' settings. This might be done to connect using the Stem library. Changing any of these settings breaks the tb, and gives the message "The proxy server is refusing connections - Firefox is configured to use a proxy server that is refusing connections." Although tb can not connect, it is possible to connect to tor using the Stem library. Restart of the tb doesn't help. Quit the tb before changing the settings doesn't help. Changing the settings back to their original value doesn't help. TBB has to be removed and another has to be downloaded.

I'm using Tor Browser Bundle for 64-Bit Mac Version 2.3.25-13 - OS X (64-Bit) (10.6+) running on osx 10.7.5

#10035 Infomaniak-Network: video from rtbf.be are not available needs_information pde defect normal
Description

Hello,

First, thank you for developing this project!

When using HTTPS EveryWhere (3.4.2) with Firefox (24), videos from rtbf.be are not available. It seems that it's due to the rules linked to 'Infomaniak-Network'.

How to reproduce this bug

With Firefox and HTTPS EveryWhere plugin:

Now disable 'Infomaniak-Network' rules and we can see the video.

#10037 binary packages for 0.2.4.17-rc1 oneiric missing from repo new defect normal
Description

At least tor itself, and possibly others, are not packaged for the 'oneiric' distro properly - the .deb is missing from pool.

Please see https://lists.torproject.org/pipermail/tor-relays/2013-October/003145.html for context.

#10040 Cannot Edit LinkedIn Profile With HTTPS Everywhere Enabled In Chrome new pde defect normal
Description

Even after turning off the default rulesets triggered for a LinkedIn profile page, clicking on the "edit profile" button only spins, not allowing the user to actually enter profile editing mode.

Only disabling HTTPS Everywhere completely re-enables profile editing.

Chrome 30.0.1599.101 on Win 7 x64. Extension is up to date.

#10053 vidalia-0.2.20: 2 * bad if test ? new chiiph defect normal
Description

I just compiled vidalia-0.2.20 with extra gcc compiler flag -Wlogical-op

It said

1.

vidalia-0.2.20/src/torcontrol/Circuit.cpp:82:17: warning: logical 'and' of mutually exclusive tests is always false [-Wlogical-op]

Source code is

if (c < '0' && c > '9' && c < 'A' && c > 'Z' && c < 'a' && c > 'z')

Suggest swap && for

2.

vidalia-0.2.20/src/torcontrol/Stream.cpp:92:17: warning: logical 'and' of mutually exclusive tests is always false [-Wlogical-op]

Duplicate.

#10059 capture tor log messages before control connection is opened new nickm defect normal Tor: 0.2.???
Description

While working on ticket #9675, Kathy Brade and I discovered that the tor log warnings regarding clock skew are sometimes generated very early as tor starts up. Unfortunately, there is a known problem in Tor Launcher where tor log messages are not captured until Tor Launcher is able to connect to the control port and issue a SETEVENTS command (the Mozilla process control APIs do not provide a way to capture stdout or stderr).

One solution is for tor to provide a way to retrieve old log messages (e.g., a new getinfo command) or otherwise provide a way to capture messages that are generated before a control connection is opened. Another option for this specific scenario would be to modify tor to ensure that clock skew is always reported via the status/bootstrap-phase mechanism.

#10062 Spamming history with "http" urls, maybe performance/security issue new pde defect normal
Description

Hi! I've had this problem ever since I started using this addon. When I click a link or press enter in the url-bar before the page is loaded in HTTPS the HTTP url is stored in the history. Which is of curse a problem because it has a negative effect on performance, increases the database size, and makes searching more difficult. Couldn't this be prevented?

Also, if the http urls get in the history doesn't it mean that a http connection is established first. Isn't that a security/performance issue?

#10068 TBB shows HTTPS Everywhere popup new tbb-team defect major
Description

When you start TBB for the first time, you'll get a fade-in popup up below the url bar. Saying:

HTTPS Everywhere is now active. You can toggle it on a site-by-site basis by clicking the icon in the address bar.

And when you close it, it opens https://www.eff.org/https-everywhere/faq.

This might be ok for users who installed HTTPS Everywhere manually into Firefox, but when it comes bundled with TBB, this message is confusing.

Please disable this fade-in popup by default. You did a similar thing in #5300 already.

#10073 Update signature verification page assigned erinn defect normal
Description

The signature verification page at https://www.torproject.org/docs/verifying-signatures.html.en needs some work. A number of users have written the help desk to say they found the instructions confusing. The bash commands can be simplified, for example, by removing the full filepath in front of gpg.exe (since GnuPG's filepath gets added to your PATH variable anyway upon installation). The screenshots Sherief made for https://trac.torproject.org/projects/tor/ticket/9843 could also be added.

#10074 Make presentation slides on using Tails new runa defect normal
Description

We have some public-facing information on how to use Tor Browser Bundle. There is much less public-facing information on how to use Tails. We need good Tails-related resources available for trainings and cryptoparties. Besides being useful for Tor Project outreach, the Tails website indicates that Tails folks would also benefit from having something like this. https://tails.boum.org/contribute/how/promote/

#10084 Secure Connection Failure new tbb-team defect normal
Description

On every https: site I have tried so far, with the latest version of the TBB (Linux, 64-bit) I receive the following error message:

Secure Connection Failed An error occurred during a connection to www.torproject.org.

SSL peer reports incorrect Message Authentication Code.

(Error code: ssl_error_bad_mac_alert)

The page you are trying to view cannot be shown because the authenticity of the received data could not be verified.

Please contact the website owners to inform them of this problem. Alternatively, use the command found in the help menu to report this broken site.

#10093 network map not working on 0.2.4.17rc - geoip new chiiph defect normal
Description

vidalia-relay-bundle-0.2.4.17-rc-0.2.21.exe on XP

on Tor Network Map:

No connections show in the panel under the map no points or routes show on the map The country flag column is all "?"

#10097 flashproxy-reg-appspot should support custom domains new dcf defect normal
Description

At the moment, the main facilitator is hardcoded. Should be pretty simple to have this as a CLI option.

#10105 start-tor-browser reports an error on start new tbb-team defect normal
Description

"start-tor-browser: 122: [: -ne: argument expected"

tor browser starts as expected.

This is debian 64-bit.

#10114 tbb-firefox.exe crashes on startup needs_information erinn defect normal TorBrowserBundle 2.3.x-stable
Description

Whenever I start tbb-firefox.exe (whether through Vidalia or the .exe itself), it instantly crashes and prompts me with "tbb-firefox.exe has stopped working". This didn't happen in previous releases.

AppName: tbb-firefox.exe AppVer: 17.0.10.5051 ModName: nspr4.dll ModVer: 4.9.5.0 Offset: 000012b2

I'm running on a WinXP and can give more information (e.g. DxDiag) if necessary.

#10117 issuu.com documents do not load new pde defect normal
Description

In firefox issuu.com documents will not display. It gives a "document not found" error. If I disable Amazon Web Services in the https-everywhere menu then the page will load properly. I have also reported this with issuu.com.

#10118 cant conect to the internet new tbb-team defect minor
Description

my torbrowser says it is:

"Unable to find the proxy server

Firefox is configured to use a proxy server that can't be found.

Check the proxy settings to make sure that they are correct. Check to make sure your computer has a working network connection. If your computer or network is protected by a firewall or proxy, make sure

that TorBrowser is permitted to access the Web."

What does this mean and how do i fix it?

#10137 ESR24 won't work without ctypes being enabled new tbb-team defect normal
Description

While trying to get a working cross-compiler for ESR24 on Mac OS X we found that Firefox is either crashing right after start-up or highly unusable if it is built with --disable-ctypes (see: comment 69ff. in #9829). Other platforms were not tested, so it might be an OSX only problem although I doubt that.

#10144 TOR 2.3.25-14: "Attempted to access image data on a canvas ..." ID security breach enabled in release -14 needs_information mikeperry defect major
Description

Dear Tor Developer, I've visited "Jesse's Cafe Americain" using Tor browser at this address http://jessescrossroadscafe.blogspot.com/ for several years and always get the warning from Tor that this website "attempted to access image data on a canvas" (an ID security breach). At the bottom of the warning box there is a selection button allowing me to choose to "allow" this behavior or to "never allow" this behavior. I always choose "never allow" and that has always worked until my recent upgrade to Tor 2.3.25-14. Now, the warning still appears, the selection box still appears with both options, but the "never allow" option can't actually be activated. When I click "never allow" the "allow" default doesn't change and the warning box disappears with the "allow" option unchanged. As part of the fix, I suggest you change the warning box option to default on "never allow" and force users to select "allow" at their own risk. Thank you for all you do,

  • L. H. Melvin
#10165 Torbrowser surf localhost through Tor new tbb-team defect normal TorBrowserBundle 2.3.x-stable
Description

Hi!

I have a big problem. Yesterday I installed a program called xampp. I typed in the address bar of the TOR browser https://127.0.0.1 and it's working. However, I would need the localhost is reached, but this does not work. Why? Someone can help me?

#10167 Uploading files to direct to S3 from another site using CORS failes if HTTPS Everywhere is installed new pde defect normal
Description

Version: 3.4.2 on Firefox 25

Many sites have a file upload feature that uses AWS S3's ability upload files directly to S3 using CORS. There is a jquery library that makes this easy.

http://blueimp.github.io/jQuery-File-Upload/

If HTTPS everywhere is installed on Firefox 25 the OPTION request is never made. If HTTPS Everywhere is disabled and firefox is restarted the upload will work.

#10180 Vidalia connects to Tor, but doesn't launch Firefox new tbb-team defect normal TorBrowserBundle 2.3.x-stable
Description

I'm running the spanish Version 2.3.25-14 - Linux, Unix, BSD I start Vidalia and everything is fine, it connects to Tor network and then the only step left is to launch firefox, but that never happens. The record of messages doesn't show anything wrong. And i don't know what to do for vidalia launch the browser.

#10184 Atlas should validate search input assigned phw defect minor
Description

If I search for "sysdev {at} leap {dot} se" (which is an invalid search term to Onionoo), Atlas tells me there's a backend error with this search. Onionoo returns a 400 error, so Atlas shouldn't blame Onionoo. Or Atlas could validate search input before sending it to Onionoo. Reported in #10128.

#10187 Cannot upload photos to Facebook new pde defect normal
Description

With default HTTPS Everywhere settings, one cannot upload photos via Facebook's new interface. Clicking the "Add photos" button does nothing. Disabling HTTPS Everywhere allows this functionality to work.

HTTPS Everywhere 3.4.2 (This isn't in the dropdown?) Firefox 25.0

#10214 HTTPS Everywhere Breaks Amazon mp3 Previews new pde defect normal
Description

Sweet, this has been puzzling me for a while...

Repro Steps:

Platform: Firefox 25.0.1, Ubuntu Ubuntu 12.04.3 LTS with HTTPS Everywhere enabled

  1. Go to any amazon mp3 page, for instance this.
  2. Click either 'Preview all songs' or the play icon next to any song.

Expected:

Sample preview.

Actual:

Fails with 'Error 3'.

This issue is related to the CloudFront rule (disabling that makes the page work).

Cheers! -Damian

PS. On a side note we should rename the HTTPS Everywhere components to be consistent. We have both 'EFF-HTTPS Everywhere' and 'HTTPS Everywhere: Chrome'. They're sorted alphabetically so they should start with the same prefix.

#10247 on first launch, when i choose 'connect', the old window is still there but unusable new defect minor
Description

Download TBB 3.0rc1. In my case it was 32-bit linux English. Unpack it, run it.

You'll get the "connect" or "configure" dialog page.

Choose 'connect'. A new page will pop up, which is the "bootstrapping Tor status bar" page.

But the old 'connect or configure' page remains open too, and there's a "quit" option still visible. If I click it, it doesn't quit. Eventually my Tor bootstraps, and then both windows *do* vanish ("ok, I guess it did quit"), but then a Tor Browser appears.

Seems like the smarter thing to do for usability would be to vanish the 'connect or configure' page once they've picked one and it's no longer needed.

#10250 Disable RC4 in TBB Firefox new tbb-team defect normal
Description

Attacks against RC4 have recently been reported as plausible, and Microsoft, among other groups, have recommended avoiding RC4 for symmetric-key encryption. I would recommend blacklisting cipher suites that rely upon RC4 so that other stronger algorithms, such as AES, will be preferred instead, so as to avoid these attacks. For example, I have disabled 0x9c, 0x35, 0x5, 0x4, 0x2f, and 0xa in Chromium because they do not provide perfect forward secrecy, and 0xc007, 0xc011, and 0x66 because they rely on RC4 but do provide perfect forward secrecy.

#10254 Tor-Browser Crashes Regularly needs_information tbb-team defect major TorBrowserBundle 2.3.x-stable
Description

The 2.3.25-15 and its predecessors often crash on Windows XP. I can't reproduce it perfectly. It can involve lists and scrolling during page-loading, though. It happens on Amazon, sometimes, too.

Even with un-commenting in torrc, the logs don't work, so no logs available.

#10255 about:tor page in torbrowser features futile link to "run a Tor relay node" new defect trivial
Description

It seemingly is not possible to do this in 3.0, or at least not in the way the linked tutorial page describes. Potentially confusing and frustrating for newbies.

#10257 Enabling Amazon Web Services causing Issuu publications to break new defect normal
Description

I'm not very familiar with this project, but just thought I'd report an error I noticed: The site issuu.com is a digital publishing platform, and I noticed all publications break when the rule for Amazon Web Services is enabled. If you disable the Amazon Web Services rule, the site's publications will work as normal. I've attached two screenshots in case it's helpful.

#10282 Free tier for Amazon EC2 exceeded because of outdated instructions on Torcloud setup page new defect normal
Description

According to the instructions at https://cloud.torproject.org/#get_started there is no change necessary in the size of the storage used for the Tor cloud instance. If following the current instructions, Amazon creates an EC2 instance with 1 TBit storage which by far exceeds the maximum free tier storage. The default 1 TBit storage is billed at 36 USD per month, even though the torcloud instance only requires 615 MB according to the current (outdated) screenshots on the Tor cloud setup page.

I suggest someone updates the screenshots to make clear what the correct storage volume size of the tor cloud instance should be in order to remain within the free tier.

#10286 Touch events leak absolute screen coordinates assigned tbb-team defect major
Description

In Firefox 24esr, Touch events are now available: https://developer.mozilla.org/en-US/docs/DOM/Touch_events. Unfortunately, these events contain absolute screen coodinates for touch event positions. We should report content-window relative coordinates for these fields.

#10290 Tor Browser History settings broken! new tbb-team defect normal TorBrowserBundle 2.3.x-stable
Description

I'm on latest 2.3.25-16 Linux 64-bit version...

Every time I go the preferences and switch History settings from "Use Custom Settings" to "Never Remember History", it doesn't seem to be saving the change.

After closing the preferences window and opening it up again, settings are still on "Use Custom Settings".

That's somewhat an important problem. Privacy of many users can have been compromised by this bug.

#10292 Vidalia shows tor is down after the control port is closed new defect normal
Description

I noticed this several times: when underlying network interface is reset (down/up or 'netif restart'), vidalia shows that tor isn't running (crossed over icon). But tor itself recovers from network loss fine and keeps running in such case. Restart of vidalia brings it to connected state.

Vidalia's connection to tor control socket shouldn't die when network goes down and up.

tor-0.2.3.25_1 vidalia-0.2.21 FreeBSD 9.2

#10295 Images and photos not loading in Tor needs_information defect normal
Description

I have been using Tor for several months now with few problems. Suddenly I have had trouble with Tor loading and usually have to do so in safe mode. Also starting today, whenever I open a page with links to images, they do not load and when I click on the image link it takes me to an error message page that says the image is not found.

I deleted and reinstalled the Tor bundle but am still having the same issues.

Can you please give me an idea of what might be wrong or where I can go for help?

Thank you. Frank

#10304 libevent2 detection fails on FreeBSD 9.2 needs_information defect normal Tor: 0.2.???
Description

./configure --with-libevent-dir=/usr/local/lib/event2 ends with

checking for libevent directory... configure: WARNING: We found the libraries for libevent, but we could not find the C header files. You may need to install a devel package.

In freebsd libevent2 .so files are in /usr/local/lib/event2 and headers are in /usr/local/include/event2

There needs to be command line switch for setting libevent2 include path as well.

#10305 https everywhere slows down google translate in Chrome browser new defect normal
Description

visiting http://translate.google.com/

and using it is much slower than new Chrome incognito window (which does not use any extensions), sometimes translation seems to hang forever

I think what might cause this is "experimental rules > Google Services"

#10318 Tor Cloud instances default to 1024 GB of storage space new defect normal
Description

A user on the tor-relays list reported that his Tor Cloud instance had defaulted to 1024 GB of storage space, which resulted in a $120 bill at the end of the month. It seems AWS has set the default storage space value for our t1.micro instances to 1024 GB in the following regions: us-west-1, us-west-2, ap-northeast-1, ap-southeast-1, sa-east-1, ap-southeast-2, eu-west-1.

I have pinged @AWSSupport on Twitter. It would be good to update the Tor Cloud website with new screenshots of the setup process and a warning informing users to change this value to 4 GB (which is the default for us-east-1).

#10334 Multiple problems with TBB3.0rc1 new tbb-team defect normal
Description

I did few testing with TBB 3.0rc1 on windows XP and discovered following problems. Sadly i was not able to find reliable way to reproduce problem 1.

  1. error message that tor exited unexpectedly
  2. error message that firefox is already running but not responding. i needed to kill FF from task list. This often happens when you close TBB and want to start it again but not in all cases, reproducibility is about 20%
#10337 I'm not sure what the error is here new n8fr8 defect normal
Description
Orbot is starting?

Orbot is starting?

(re)Setting permission on Tor binary

(re)Setting permission on Privoxy binary

(re)Setting permission on Obfsproxy binary

Orbot is starting?

got tor proc id: 18511

Tor process id=18511

Connecting to control port: 9051

SUCCESS connected to control port

SUCCESS authenticated to control port

Starting Tor client? complete.

adding control port event handler

SUCCESS added control port event handler

Starting privoxy process

/data/data/org.torproject.android/app_bin/privoxy /data/data/org.torproject.android/app_bin/privoxy.config &

orConnStatus (CaptainPicard2): LAUNCHED

NOTICE: Bootstrapped 85%: Finishing handshake with first hop. 

NOTICE: We weren't able to find support for all of the TLS ciphersuites that we wanted to advertise. This won't hurt security, but it might make your Tor (if run as a client) more easy for censors to block. 

NOTICE: To correct this, use a more recent OpenSSL, built without disabling any secure ciphers or features. 

Privoxy is running on port:8118

Privoxy process id=18521

Transparent Proxying: enabling...

enabling transproxy for app: com.forshared(10142)

enabling transproxy for app: mgeek.dolphin.browser:10114(10114)

enabling transproxy for app: com.humblebundle.library(10107)

enabling transproxy for app: com.opera.browser(10138)

enabling transproxy for app: com.silvermoon.client(10099)

enabling transproxy for app: com.cloudmosa.puffin(10116)

enabling transproxy for app: com.valvesoftware.android.steam.community(10102)

enabling transproxy for app: com.google.android.youtube(10091)

/data/data/org.torproject.android/app_bin/iptables -t nat -A OUTPUT -p tcp ! -d 127.0.0.1 -m owner --uid-owner 10142 -m tcp --syn -j REDIRECT --to-ports 9040 || exit

/data/data/org.torproject.android/app_bin/iptables -t nat -A OUTPUT -p udp -m owner --uid-owner 10142 -m udp --dport 53 -j REDIRECT --to-ports 5400 || exit

/data/data/org.torproject.android/app_bin/iptables -t filter -A OUTPUT -m owner --uid-owner 10142 -p tcp -d 127.0.0.1 --dport 5400 -j ACCEPT || exit

/data/data/org.torproject.android/app_bin/iptables -t filter -A OUTPUT -m owner --uid-owner 10142 -p tcp -d 127.0.0.1 --dport 9040 -j ACCEPT || exit

/data/data/org.torproject.android/app_bin/iptables -t filter -A OUTPUT -m owner --uid-owner 10142 -p tcp -d 127.0.0.1 --dport 9050 -j ACCEPT || exit

/data/data/org.torproject.android/app_bin/iptables -t filter -A OUTPUT -m owner --uid-owner 10142 -p tcp -d 127.0.0.1 --dport 8118 -j ACCEPT || exit

/data/data/org.torproject.android/app_bin/iptables -t filter -A OUTPUT -m owner --uid-owner 10142 -p tcp -o lo -j ACCEPT || exit

/data/data/org.torproject.android/app_bin/iptables -t filter -A OUTPUT -m owner --uid-owner 10142 -p tcp ! -d 127.0.0.1 -j REJECT || exit

/data/data/org.torproject.android/app_bin/iptables -t filter -A OUTPUT -m owner --uid-owner 10142 -p udp ! -d 127.0.0.1 -j REJECT || exit

/data/data/org.torproject.android/app_bin/iptables -t nat -A OUTPUT -p tcp ! -d 127.0.0.1 -m owner --uid-owner 10067 -m tcp --syn -j REDIRECT --to-ports 9040 || exit

/data/data/org.torproject.android/app_bin/iptables -t nat -A OUTPUT -p udp -m owner --uid-owner 10067 -m udp --dport 53 -j REDIRECT --to-ports 5400 || exit

/data/data/org.torproject.android/app_bin/iptables -t filter -A OUTPUT -m owner --uid-owner 10067 -p tcp -d 127.0.0.1 --dport 5400 -j ACCEPT || exit

/data/data/org.torproject.android/app_bin/iptables -t filter -A OUTPUT -m owner --uid-owner 10067 -p tcp -d 127.0.0.1 --dport 9040 -j ACCEPT || exit

/data/data/org.torproject.android/app_bin/iptables -t filter -A OUTPUT -m owner --uid-owner 10067 -p tcp -d 127.0.0.1 --dport 9050 -j ACCEPT || exit

/data/data/org.torproject.android/app_bin/iptables -t filter -A OUTPUT -m owner --uid-owner 10067 -p tcp -d 127.0.0.1 --dport 8118 -j ACCEPT || exit

/data/data/org.torproject.android/app_bin/iptables -t filter -A OUTPUT -m owner --uid-owner 10067 -p tcp -o lo -j ACCEPT || exit

/data/data/org.torproject.android/app_bin/iptables -t filter -A OUTPUT -m owner --uid-owner 10067 -p tcp ! -d 127.0.0.1 -j REJECT || exit

/data/data/org.torproject.android/app_bin/iptables -t filter -A OUTPUT -m owner --uid-owner 10067 -p udp ! -d 127.0.0.1 -j REJECT || exit

/data/data/org.torproject.android/app_bin/iptables -t nat -A OUTPUT -p tcp ! -d 127.0.0.1 -m owner --uid-owner 10114 -m tcp --syn -j REDIRECT --to-ports 9040 || exit

/data/data/org.torproject.android/app_bin/iptables -t nat -A OUTPUT -p udp -m owner --uid-owner 10114 -m udp --dport 53 -j REDIRECT --to-ports 5400 || exit

/data/data/org.torproject.android/app_bin/iptables -t filter -A OUTPUT -m owner --uid-owner 10114 -p tcp -d 127.0.0.1 --dport 5400 -j ACCEPT || exit

/data/data/org.torproject.android/app_bin/iptables -t filter -A OUTPUT -m owner --uid-owner 10114 -p tcp -d 127.0.0.1 --dport 9040 -j ACCEPT || exit

/data/data/org.torproject.android/app_bin/iptables -t filter -A OUTPUT -m owner --uid-owner 10114 -p tcp -d 127.0.0.1 --dport 9050 -j ACCEPT || exit

/data/data/org.torproject.android/app_bin/iptables -t filter -A OUTPUT -m owner --uid-owner 10114 -p tcp -d 127.0.0.1 --dport 8118 -j ACCEPT || exit

/data/data/org.torproject.android/app_bin/iptables -t filter -A OUTPUT -m owner --uid-owner 10114 -p tcp -o lo -j ACCEPT || exit

/data/data/org.torproject.android/app_bin/iptables -t filter -A OUTPUT -m owner --uid-owner 10114 -p tcp ! -d 127.0.0.1 -j REJECT || exit

/data/data/org.torproject.android/app_bin/iptables -t filter -A OUTPUT -m owner --uid-owner 10114 -p udp ! -d 127.0.0.1 -j REJECT || exit

/data/data/org.torproject.android/app_bin/iptables -t nat -A OUTPUT -p tcp ! -d 127.0.0.1 -m owner --uid-owner 10107 -m tcp --syn -j REDIRECT --to-ports 9040 || exit

/data/data/org.torproject.android/app_bin/iptables -t nat -A OUTPUT -p udp -m owner --uid-owner 10107 -m udp --dport 53 -j REDIRECT --to-ports 5400 || exit

/data/data/org.torproject.android/app_bin/iptables -t filter -A OUTPUT -m owner --uid-owner 10107 -p tcp -d 127.0.0.1 --dport 5400 -j ACCEPT || exit

/data/data/org.torproject.android/app_bin/iptables -t filter -A OUTPUT -m owner --uid-owner 10107 -p tcp -d 127.0.0.1 --dport 9040 -j ACCEPT || exit

/data/data/org.torproject.android/app_bin/iptables -t filter -A OUTPUT -m owner --uid-owner 10107 -p tcp -d 127.0.0.1 --dport 9050 -j ACCEPT || exit

/data/data/org.torproject.android/app_bin/iptables -t filter -A OUTPUT -m owner --uid-owner 10107 -p tcp -d 127.0.0.1 --dport 8118 -j ACCEPT || exit

/data/data/org.torproject.android/app_bin/iptables -t filter -A OUTPUT -m owner --uid-owner 10107 -p tcp -o lo -j ACCEPT || exit

/data/data/org.torproject.android/app_bin/iptables -t filter -A OUTPUT -m owner --uid-owner 10107 -p tcp ! -d 127.0.0.1 -j REJECT || exit

/data/data/org.torproject.android/app_bin/iptables -t filter -A OUTPUT -m owner --uid-owner 10107 -p udp ! -d 127.0.0.1 -j REJECT || exit

/data/data/org.torproject.android/app_bin/iptables -t nat -A OUTPUT -p tcp ! -d 127.0.0.1 -m owner --uid-owner 10138 -m tcp --syn -j REDIRECT --to-ports 9040 || exit

/data/data/org.torproject.android/app_bin/iptables -t nat -A OUTPUT -p udp -m owner --uid-owner 10138 -m udp --dport 53 -j REDIRECT --to-ports 5400 || exit

/data/data/org.torproject.android/app_bin/iptables -t filter -A OUTPUT -m owner --uid-owner 10138 -p tcp -d 127.0.0.1 --dport 5400 -j ACCEPT || exit

/data/data/org.torproject.android/app_bin/iptables -t filter -A OUTPUT -m owner --uid-owner 10138 -p tcp -d 127.0.0.1 --dport 9040 -j ACCEPT || exit

/data/data/org.torproject.android/app_bin/iptables -t filter -A OUTPUT -m owner --uid-owner 10138 -p tcp -d 127.0.0.1 --dport 9050 -j ACCEPT || exit

/data/data/org.torproject.android/app_bin/iptables -t filter -A OUTPUT -m owner --uid-owner 10138 -p tcp -d 127.0.0.1 --dport 8118 -j ACCEPT || exit

/data/data/org.torproject.android/app_bin/iptables -t filter -A OUTPUT -m owner --uid-owner 10138 -p tcp -o lo -j ACCEPT || exit

/data/data/org.torproject.android/app_bin/iptables -t filter -A OUTPUT -m owner --uid-owner 10138 -p tcp ! -d 127.0.0.1 -j REJECT || exit

/data/data/org.torproject.android/app_bin/iptables -t filter -A OUTPUT -m owner --uid-owner 10138 -p udp ! -d 127.0.0.1 -j REJECT || exit

/data/data/org.torproject.android/app_bin/iptables -t nat -A OUTPUT -p tcp ! -d 127.0.0.1 -m owner --uid-owner 10099 -m tcp --syn -j REDIRECT --to-ports 9040 || exit

/data/data/org.torproject.android/app_bin/iptables -t nat -A OUTPUT -p udp -m owner --uid-owner 10099 -m udp --dport 53 -j REDIRECT --to-ports 5400 || exit

/data/data/org.torproject.android/app_bin/iptables -t filter -A OUTPUT -m owner --uid-owner 10099 -p tcp -d 127.0.0.1 --dport 5400 -j ACCEPT || exit

/data/data/org.torproject.android/app_bin/iptables -t filter -A OUTPUT -m owner --uid-owner 10099 -p tcp -d 127.0.0.1 --dport 9040 -j ACCEPT || exit

/data/data/org.torproject.android/app_bin/iptables -t filter -A OUTPUT -m owner --uid-owner 10099 -p tcp -d 127.0.0.1 --dport 9050 -j ACCEPT || exit

/data/data/org.torproject.android/app_bin/iptables -t filter -A OUTPUT -m owner --uid-owner 10099 -p tcp -d 127.0.0.1 --dport 8118 -j ACCEPT || exit

/data/data/org.torproject.android/app_bin/iptables -t filter -A OUTPUT -m owner --uid-owner 10099 -p tcp -o lo -j ACCEPT || exit

/data/data/org.torproject.android/app_bin/iptables -t filter -A OUTPUT -m owner --uid-owner 10099 -p tcp ! -d 127.0.0.1 -j REJECT || exit

/data/data/org.torproject.android/app_bin/iptables -t filter -A OUTPUT -m owner --uid-owner 10099 -p udp ! -d 127.0.0.1 -j REJECT || exit

/data/data/org.torproject.android/app_bin/iptables -t nat -A OUTPUT -p tcp ! -d 127.0.0.1 -m owner --uid-owner 10116 -m tcp --syn -j REDIRECT --to-ports 9040 || exit

/data/data/org.torproject.android/app_bin/iptables -t nat -A OUTPUT -p udp -m owner --uid-owner 10116 -m udp --dport 53 -j REDIRECT --to-ports 5400 || exit

/data/data/org.torproject.android/app_bin/iptables -t filter -A OUTPUT -m owner --uid-owner 10116 -p tcp -d 127.0.0.1 --dport 5400 -j ACCEPT || exit

/data/data/org.torproject.android/app_bin/iptables -t filter -A OUTPUT -m owner --uid-owner 10116 -p tcp -d 127.0.0.1 --dport 9040 -j ACCEPT || exit

/data/data/org.torproject.android/app_bin/iptables -t filter -A OUTPUT -m owner --uid-owner 10116 -p tcp -d 127.0.0.1 --dport 9050 -j ACCEPT || exit

/data/data/org.torproject.android/app_bin/iptables -t filter -A OUTPUT -m owner --uid-owner 10116 -p tcp -d 127.0.0.1 --dport 8118 -j ACCEPT || exit

/data/data/org.torproject.android/app_bin/iptables -t filter -A OUTPUT -m owner --uid-owner 10116 -p tcp -o lo -j ACCEPT || exit

/data/data/org.torproject.android/app_bin/iptables -t filter -A OUTPUT -m owner --uid-owner 10116 -p tcp ! -d 127.0.0.1 -j REJECT || exit

/data/data/org.torproject.android/app_bin/iptables -t filter -A OUTPUT -m owner --uid-owner 10116 -p udp ! -d 127.0.0.1 -j REJECT || exit

/data/data/org.torproject.android/app_bin/iptables -t nat -A OUTPUT -p tcp ! -d 127.0.0.1 -m owner --uid-owner 10102 -m tcp --syn -j REDIRECT --to-ports 9040 || exit

/data/data/org.torproject.android/app_bin/iptables -t nat -A OUTPUT -p udp -m owner --uid-owner 10102 -m udp --dport 53 -j REDIRECT --to-ports 5400 || exit

/data/data/org.torproject.android/app_bin/iptables -t filter -A OUTPUT -m owner --uid-owner 10102 -p tcp -d 127.0.0.1 --dport 5400 -j ACCEPT || exit

/data/data/org.torproject.android/app_bin/iptables -t filter -A OUTPUT -m owner --uid-owner 10102 -p tcp -d 127.0.0.1 --dport 9040 -j ACCEPT || exit

/data/data/org.torproject.android/app_bin/iptables -t filter -A OUTPUT -m owner --uid-owner 10102 -p tcp -d 127.0.0.1 --dport 9050 -j ACCEPT || exit

/data/data/org.torproject.android/app_bin/iptables -t filter -A OUTPUT -m owner --uid-owner 10102 -p tcp -d 127.0.0.1 --dport 8118 -j ACCEPT || exit

/data/data/org.torproject.android/app_bin/iptables -t filter -A OUTPUT -m owner --uid-owner 10102 -p tcp -o lo -j ACCEPT || exit

/data/data/org.torproject.android/app_bin/iptables -t filter -A OUTPUT -m owner --uid-owner 10102 -p tcp ! -d 127.0.0.1 -j REJECT || exit

/data/data/org.torproject.android/app_bin/iptables -t filter -A OUTPUT -m owner --uid-owner 10102 -p udp ! -d 127.0.0.1 -j REJECT || exit

/data/data/org.torproject.android/app_bin/iptables -t nat -A OUTPUT -p tcp ! -d 127.0.0.1 -m owner --uid-owner 10091 -m tcp --syn -j REDIRECT --to-ports 9040 || exit

/data/data/org.torproject.android/app_bin/iptables -t nat -A OUTPUT -p udp -m owner --uid-owner 10091 -m udp --dport 53 -j REDIRECT --to-ports 5400 || exit

/data/data/org.torproject.android/app_bin/iptables -t filter -A OUTPUT -m owner --uid-owner 10091 -p tcp -d 127.0.0.1 --dport 5400 -j ACCEPT || exit

/data/data/org.torproject.android/app_bin/iptables -t filter -A OUTPUT -m owner --uid-owner 10091 -p tcp -d 127.0.0.1 --dport 9040 -j ACCEPT || exit

/data/data/org.torproject.android/app_bin/iptables -t filter -A OUTPUT -m owner --uid-owner 10091 -p tcp -d 127.0.0.1 --dport 9050 -j ACCEPT || exit

/data/data/org.torproject.android/app_bin/iptables -t filter -A OUTPUT -m owner --uid-owner 10091 -p tcp -d 127.0.0.1 --dport 8118 -j ACCEPT || exit

/data/data/org.torproject.android/app_bin/iptables -t filter -A OUTPUT -m owner --uid-owner 10091 -p tcp -o lo -j ACCEPT || exit

/data/data/org.torproject.android/app_bin/iptables -t filter -A OUTPUT -m owner --uid-owner 10091 -p tcp ! -d 127.0.0.1 -j REJECT || exit

/data/data/org.torproject.android/app_bin/iptables -t filter -A OUTPUT -m owner --uid-owner 10091 -p udp ! -d 127.0.0.1 -j REJECT || exit

;errCode=0;resp=FIX ME! implement getprotobyname() bionic/libc/bionic/stubs.c:478

FIX ME! implement getprotobyname() bionic/libc/bionic/stubs.c:478

FIX ME! implement getprotobyname() bionic/libc/bionic/stubs.c:478

FIX ME! implement getprotobyname() bionic/libc/bionic/stubs.c:478

FIX ME! implement getprotobyname() bionic/libc/bionic/stubs.c:478

FIX ME! implement getprotobyname() bionic/libc/bionic/stubs.c:478

FIX ME! implement getprotobyname() bionic/libc/bionic/stubs.c:478

FIX ME! implement getprotobyname() bionic/libc/bionic/stubs.c:478

FIX ME! implement getprotobyname() bionic/libc/bionic/stubs.c:478

FIX ME! implement getprotobyname() bionic/libc/bionic/stubs.c:478

FIX ME! implement getprotobyname() bionic/libc/bionic/stubs.c:478

FIX ME! implement getprotobyname() bionic/libc/bionic/stubs.c:478

FIX ME! implement getprotobyname() bionic/libc/bionic/stubs.c:478

FIX ME! implement getprotobyname() bionic/libc/bionic/stubs.c:478

FIX ME! implement getprotobyname() bionic/libc/bionic/stubs.c:478

FIX ME! implement getprotobyname() bionic/libc/bionic/stubs.c:478

FIX ME! implement getprotobyname() bionic/libc/bionic/stubs.c:478

FIX ME! implement getprotobyname() bionic/libc/bionic/stubs.c:478

FIX ME! implement getprotobyname() bionic/libc/bionic/stubs.c:478

FIX ME! implement getprotobyname() bionic/libc/bionic/stubs.c:478

FIX ME! implement getprotobyname() bionic/libc/bionic/stubs.c:478

FIX ME! implement getprotobyname() bionic/libc/bionic/stubs.c:478

FIX ME! implement getprotobyname() bionic/libc/bionic/stubs.c:478

FIX ME! implement getprotobyname() bionic/libc/bionic/stubs.c:478

FIX ME! implement getprotobyname() bionic/libc/bionic/stubs.c:478

FIX ME! implement getprotobyname() bionic/libc/bionic/stubs.c:478

FIX ME! implement getprotobyname() bionic/libc/bionic/stubs.c:478

FIX ME! implement getprotobyname() bionic/libc/bionic/stubs.c:478

FIX ME! implement getprotobyname() bionic/libc/bionic/stubs.c:478

FIX ME! implement getprotobyname() bionic/libc/bionic/stubs.c:478

FIX ME! implement getprotobyname() bionic/libc/bionic/stubs.c:478

FIX ME! implement getprotobyname() bionic/libc/bionic/stubs.c:478

FIX ME! implement getprotobyname() bionic/libc/bionic/stubs.c:478

FIX ME! implement getprotobyname() bionic/libc/bionic/stubs.c:478

FIX ME! implement getprotobyname() bionic/libc/bionic/stubs.c:478

FIX ME! implement getprotobyname() bionic/libc/bionic/stubs.c:478

FIX ME! implement getprotobyname() bionic/libc/bionic/stubs.c:478

FIX ME! implement getprotobyname() bionic/libc/bionic/stubs.c:478

FIX ME! implement getprotobyname() bionic/libc/bionic/stubs.c:478

FIX ME! implement getprotobyname() bionic/libc/bionic/stubs.c:478

FIX ME! implement getprotobyname() bionic/libc/bionic/stubs.c:478

FIX ME! implement getprotobyname() bionic/libc/bionic/stubs.c:478

FIX ME! implement getprotobyname() bionic/libc/bionic/stubs.c:478

FIX ME! implement getprotobyname() bionic/libc/bionic/stubs.c:478

FIX ME! implement getprotobyname() bionic/libc/bionic/stubs.c:478

FIX ME! implement getprotobyname() bionic/libc/bionic/stubs.c:478

FIX ME! implement getprotobyname() bionic/libc/bionic/stubs.c:478

FIX ME! implement getprotobyname() bionic/libc/bionic/stubs.c:478

FIX ME! implement getprotobyname() bionic/libc/bionic/stubs.c:478

FIX ME! implement getprotobyname() bionic/libc/bionic/stubs.c:478

FIX ME! implement getprotobyname() bionic/libc/bionic/stubs.c:478

FIX ME! implement getprotobyname() bionic/libc/bionic/stubs.c:478

FIX ME! implement getprotobyname() bionic/libc/bionic/stubs.c:478

FIX ME! implement getprotobyname() bionic/libc/bionic/stubs.c:478

FIX ME! implement getprotobyname() bionic/libc/bionic/stubs.c:478

FIX ME! implement getprotobyname() bionic/libc/bionic/stubs.c:478

FIX ME! implement getprotobyname() bionic/libc/bionic/stubs.c:478

FIX ME! implement getprotobyname() bionic/libc/bionic/stubs.c:478

FIX ME! implement getprotobyname() bionic/libc/bionic/stubs.c:478

FIX ME! implement getprotobyname() bionic/libc/bionic/stubs.c:478

FIX ME! implement getprotobyname() bionic/libc/bionic/stubs.c:478

FIX ME! implement getprotobyname() bionic/libc/bionic/stubs.c:478

FIX ME! implement getprotobyname() bionic/libc/bionic/stubs.c:478

FIX ME! implement getprotobyname() bionic/libc/bionic/stubs.c:478

FIX ME! implement getprotobyname() bionic/libc/bionic/stubs.c:478

FIX ME! implement getprotobyname() bionic/libc/bionic/stubs.c:478

FIX ME! implement getprotobyname() bionic/libc/bionic/stubs.c:478

FIX ME! implement getprotobyname() bionic/libc/bionic/stubs.c:478

FIX ME! implement getprotobyname() bionic/libc/bionic/stubs.c:478

FIX ME! implement getprotobyname() bionic/libc/bionic/stubs.c:478

FIX ME! implement getprotobyname() bionic/libc/bionic/stubs.c:478

FIX ME! implement getprotobyname() bionic/libc/bionic/stubs.c:478

FIX ME! implement getprotobyname() bionic/libc/bionic/stubs.c:478

FIX ME! implement getprotobyname() bionic/libc/bionic/stubs.c:478

FIX ME! implement getprotobyname() bionic/libc/bionic/stubs.c:478

FIX ME! implement getprotobyname() bionic/libc/bionic/stubs.c:478

FIX ME! implement getprotobyname() bionic/libc/bionic/stubs.c:478

FIX ME! implement getprotobyname() bionic/libc/bionic/stubs.c:478

FIX ME! implement getprotobyname() bionic/libc/bionic/stubs.c:478

FIX ME! implement getprotobyname() bionic/libc/bionic/stubs.c:478

FIX ME! implement getprotobyname() bionic/libc/bionic/stubs.c:478



TorTransProxy resp code: 0

It stops at 85% and it doesnt go on to a green onion.

#10353 Cookie Protection dialog is empty in FF24 new defect major
Description

The nsCookieService does not seem to expose the Private Browsing Mode cookie database to extensions in any substantial way. Unless I missed something, there does not appear to be a way to enumerate these cookies directly. This means that the Cookie Protections Dialog (and Firefox's own Cookie Dialog) are always empty in the default TBB configuration, unless the user selects to enable history.

We should either create APIs to export and manipulate the private cookie store, or alter the cookie protections dialog to inform the user that cookie protection and manipulation is only available if they are storing disk activity.

#10355 Pipeline defense interferes with twitter and flickr photostreams needs_information defect major
Description

The Pipelining defense appears to damage flickr photostreams and twitter media streams. In both cases, these sites experience page load issues and dead images.

In brief ad-hoc testing, reducing network.http.pipelining.max-optimistic-requests to 10 seems to allow all images to load, but more testing is needed.

#10360 Offline cache prompt shown; Allow button does not dismiss. new defect normal
Description

Testing the TBB 3.5 rc1 build 3 on MacOS 10.9, we saw that an offline data prompt is displayed but clicking "Allow" does not dismiss the prompt.

Steps to reproduce: 1) Open http://stevesouders.com/tests/clearbrowser/save.php 2) Click "Allow" in the "This website is asking to store data for offline use" prompt. 3) Notice that the prompt is not dismissed.

The following message is shown on the Error Console: NS_ERROR_NOT_AVAILABLE: Component returned failure code: 0x80040111 (NS_ERROR_NOT_AVAILABLE) [nsIOfflineCacheUpdateService.scheduleUpdate] @ chrome://browser/content/browser.js:14006

#10367 Don't advertize Mozilla Sync or healthreport to TBB users needs_information defect major
Description

It turns out that even if you disable healthreport service, it will still give you a prompt about the service unless you disable two other prefs.

Similarly, there are advertisements for Mozilla Sync after you install addons, store passwords, or make a bookmark. We should also disable these until we can audit Sync more thoroughly.

#10369 Building the Tor component in OS X TBBs is broken with the new cross-compiler assigned gk defect major
Description

At least in order to ship 64bit OS X bundles we need to switch the compiler on OS X to our new cross-compiler. Moreover, as we do not ship the old one users can't build the OS X bundles themselves out-of-the-box anymore currently.

#10371 Obfsproxy memory leak needs_information defect normal
Description

Hi everyone,

I have installed Obfsproxy from Tor project Debian and Python repositories (one v0.2.3 and the other v0.2.4) on my Ubuntu 12.04 LTS. Unfortunately both of them has memory leak problem and if too many users start using the server, it makes the RAM full and crashes by itself. How can I generate a full report from this memory leak and place it here to help developers fix the issue?

Thanks.

#10386 Move flashproxy.git to under pluggable-transports new infinity0 defect minor
Description

I am a sucker for consistency.

First, I need to find all the places on the internets which have the old address, and document them. For starters, this includes:

  • stuff on crypto.stanford.edu
  • documentation inside the repo itself
  • documentation on trac and other Tor websites
  • github
  • anything else, Google search it.
#10388 TBB should disable "New Private Window" menu option if disk history is disabled new tbb-team defect major
Description

Because we use browser.privatebrowsing.autostart as defense in depth against disk leaks, "New Private Window" is equivalent to "New Window". This can be confusing to users who will expect their "New Private Windows" to be isolated from their normal TBB state, especially since the UI hints are different for these windows.

We should probably patch Firefox to hide this menu option if browser.privatebrowsing.autostart is set. This seems like something Mozilla should be interested in picking up.

#10407 check tells people about javascript but points them to atlas new arlolra defect normal
Description

At the bottom of check.tp.o we tell them whether they're running javascript, and point them at the faq that tells them they're welcome to turn javascript off if they feel safer.

And then if check thinks they're using Tor, it invites them to go to atlas to learn more about their exit relay.

And atlas basically doesn't work with javascript off. Neither does globe.

I wonder if there's a fix? Seems like a messy tradeoff all around.

#10408 version information reopened tbb-team defect normal
Description

Assuming I have an unpacked tbb tree, there doesn't seem to be an obvious way to learn its version. Maybe there should be a VERSION file next to the start-tor-browser script?

Emphasis is on obvious -- I now know the information is hidden away in Docs/sources/versions.

#10416 Tor won't start on Windows when path contains non-ascii characters assigned defect major Tor: 0.2.???
Description

When trying to start the TBB from the following path:

C:\Users\kuncaŭščyna\Downloads\Tor Browser\

got the following error:

Vidalia detected that the Tor software exited unexpectedly. Please check the message log for recent warning or error messages.

Here's the log:

Dez 16 18:27:21.431 [Hinweis] Tor v0.2.3.25 (git-17c24b3118224d65) running on Windows 7. Dez 16 18:27:21.431 [Hinweis] Tor can't help you if you use it wrong! Learn how to be safe at https://www.torproject.org/download/download#warning Dez 16 18:27:21.431 [Warnung] Unable to open configuration file "C:\Users\kuncauscyna\Downloads\Tor Browser\Data\Tor\torrc". Dez 16 18:27:21.431 [Fehler] Reading config failed--see warnings above.

Diacritics were obviously "simplified" which created inexisting path.

I know Windows is not recommened for anonymity. But some people use TBB on Win only for censorship circumvention. The easiest solution is simply to add a message to log like:

Unable to open configuration file "C:\Users\kuncauscyna\Downloads\Tor Browser\Data\Tor\torrc". Please check that the path contains only ascii symbols.

But much better would be to fix it to process correctly path in unicode.

#10426 "new identity" button causes in-progress downloads to be aborted new tbb-team defect normal
Description

I recently upgraded my Tor Browser Bundle from the previous stable 2.5.x series to 3.5 rc1.

It seems the behavior of the Torbutton menu "new identity" command has change. Previously, if a download was in progress (using the Firefox download manager), it continued unaffected (using the old circuit, presumably) after "new identity" had been clicked.

In 3.5 rc1, any in-progress downloads are aborted if you click "new identity".

I preferred the old behavior. In the new version, the user is forced to wait until any downloads have completed before switching to a new identity. Users may be tempted to continue using an old identity in situations where this might compromise their anonymity, so as to allow a download to complete.

#10428 Visiting http://awards.tweakers.net logs you out on tweakers.net new pde defect normal
Description

The ruleset for *.tweakers.net doesn't enforce https for the subdomain awards.tweakers.net. Combined with the securecookie rule this causes the session-id cookie to be overwritten with a new one for a not-logged-in session.

It probably is best to just be less specific wrt subdomains:

<rule from="http://([a-z]+\.)?tweakers\.net/"

to="https://$1tweakers.net/" />

Also the exclusion rule for crossdomain.xml might not be necessary anymore, but I haven't checked that yet.

#10432 Sudden spike in memory consumption needs_information defect normal Tor: 0.2.???
Description

I see a directory authority dying on out-of-memory. It's running 0.2.4.18-rc. This happened after it had been running for about a week. It died shortly after publishing a consensus, at hh:01:40 with a 'Out of memory on malloc(). Dying.'

Plotting RSS every 10 minutes the last couple of hours shows this:

https://people.torproject.org/~linus/volatile/maatuska-rss.0.pdf

I'll collect more data and also try to get date and time of the data points.

#10434 Segmentation fault when Tor Browser 3.5 has a ton of state. needs_information mikeperry defect normal
Description

To reproduce this bug, spend all day on Twitter clicking a bunch of links and never get a new identity. This is the only way I have been able to consistently get enough state in my browser to trigger the crash. I have a core file, but I would prefer to send it to interested developers over PGP because I have no idea how much information it contains. This is the TBB version I used: https://lists.torproject.org/pipermail/tor-qa/2013-December/000283.html

#10440 Cross Site Scripting at TorProject Blog new defect major
Description

GET parameter incorrectly filter GET query which allows attackers to execute JavaScript code which is called Cross Site Scripting.

https://blog.torproject.org/archive/1%3Cbody%20onload=alert%28666%29%3E/2013/11/,

#10451 Allow me to have a short HeartBeatPeriod new defect normal Tor: 0.2.???
Description
Dec 20 20:07:47.000 [warn] HeartbeatPeriod option is too short; raising to 1800 seconds.
HeartbeatPeriod 5 minutes
Tor version 0.2.4.19 (git-9a83ee5e4d3cece4).

Please let me have a short HeartbeatPeriod! It'd be appreciated. Sometimes, I can't run tor-arm but I want frequent status updates.

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20
Note: See TracQuery for help on using queries.