Opened 3 years ago

Closed 21 months ago

#17670 closed defect (fixed)

Mac OSX mistakes Tor as Firefox default browser

Reported by: patrickbateman Owned by: tbb-team
Priority: Immediate Milestone:
Component: Applications/Tor Browser Version:
Severity: Critical Keywords:
Cc: nord-stream@…, mcs, brade, arthuredelstein Actual Points:
Parent ID: Points:
Reviewer: Sponsor:

Description

If you use Mac OS X and have Firefox set as your default browser the OS will mistake Tor as Firefox.

Why this is a problem should probably be obvious but here is an example: Let's say you have Tor open but not Firefox. If you click a link in any program (e-mail, Word Doc, PDF, etc.) outside of the Tor browser your link will open in Tor Browser instead of Firefox.

If you were to click a link in an email from Facebook while you are using Tor you will have just sent a request to Facebook with identifying info about your real identity.

Child Tickets

TicketStatusOwnerSummaryComponent
#20105closedtbb-teamSelecting Open With TorBrowser on a Mac Opens the File in Default Browser InsteadApplications/Tor Browser
#21723closedtbb-teamFix inconsistent generation of MOZ_MACBUNDLE_IDApplications/Tor Browser
#21732closedtbb-teamStop the Meek Tor Browser opening links or documents on macOSApplications/Tor Browser

Change History (14)

comment:1 Changed 3 years ago by teor

Component: - Select a componentTor Browser
Owner: set to tbb-team

This issue also occurs on OS X where:

  • multiple Tor Browser versions are installed, and the default launches either (setting Tor Browser 5.0 as the default browser will lead to 5.5 being opened if it was the last one installed), and
  • some crippled version of Tor Browser, perhaps the meek-proxy one is opened (I have observed links from Adium opening in an atypical Tor Browser environment that has none of the usual menus. I think this is the meek-proxy version, but I'm not sure.)

I think we want to keep the first behaviour (it helps on upgrade, and users with multiple versions can manage the issue themselves); but avoid firefox and meek-proxy getting confused with Tor Browser.

I think the firefox substitution issue can be fixed by:

  • Changing the "Bundle creator OS Type code" in the Tor Browser Info.plist to something other than "MOZB", I suggest "MOZT"

I think the meek-proxy substitution issue can be fixed by:

  • Changing the "Bundle creator OS Type code" in the meek-proxy Info.plist to something other than "MOZB" and the value assigned to Tor Browser, I suggest "MOZM"
  • Changing the "Bundle identifier" in the meek-proxy Info.plist to something other than "org.mozilla.tor browser". I suggest "org.mozilla.tor-browser.meek-proxy" (which is a legal bundle identifier, unlike Tor Browser's - see below).

We might want to check with Mozilla about this. It would be nice to check Apple's database of registered Bundle creator OS Type codes, but it isn't maintained any more:
https://lists.apple.com/archives/cocoa-dev/2014/Sep/msg00255.html

The issue might not be the creator code, it could occur because Tor Browser uses an invalid bundle identifier:

The "Bundle identifier" for Tor Browser contains spaces, but it shouldn't. We should change it to a legal identifier like "org.mozilla.tor-browser", or, if we want to base it on our reversed DNS name, "org.torproject.tor-browser". Similarly, we should change meek-proxy's bundle identifier to a legal one (see above).

"The bundle identifier string identifies your application to the system. This string must be a uniform type identifier (UTI) that contains only alphanumeric (A-Z,a-z,0-9), hyphen (-), and period (.) characters. The string should also be in reverse-DNS format. For example, if your company’s domain is Ajax.com and you create an application named Hello, you could assign the string com.Ajax.Hello as your application’s bundle identifier.


The bundle identifier is used in validating the application signature."

https://developer.apple.com/library/ios/documentation/CoreFoundation/Conceptual/CFBundles/BundleTypes/BundleTypes.html

comment:2 Changed 3 years ago by nord-stream

Cc: nord-stream@… added

comment:3 Changed 2 years ago by teor

Keywords: tbb-usability added

This is still a bug, it was reported again in #20105.

Are we ever going to fix it?

Users mistakenly opening links and documents in Firefox is a potential security risk.

comment:4 in reply to:  3 Changed 2 years ago by gk

Cc: mcs brad and added

Replying to teor:

This is still a bug, it was reported again in #20105.

Are we ever going to fix it?

I hope so. It would go faster if we had a patch we could review.

That said and re-reading this ticket, it seems to me that the issue could be solved by just adding the proper values to our Info.plist files. Is that correct?

comment:5 Changed 2 years ago by gk

Cc: brade added; brad and removed

comment:6 Changed 2 years ago by teor

See #21724 for the CFBundleSignature change from MOZB to MOZT.

See #21723 for a fix to the space in the Tor Browser CFBundleIdentifier.

I don't know how to fix the Meek Tor Browser CFBundleSignature or CFBundleIdentifier. Is the Meek Tor Browser generated by the build scripts?

comment:7 in reply to:  6 ; Changed 2 years ago by mcs

Replying to teor:

I don't know how to fix the Meek Tor Browser CFBundleSignature or CFBundleIdentifier. Is the Meek Tor Browser generated by the build scripts?

The Meek Tor Browser is just another instance of Tor Browser in which the firefox binary is started with a --invisible flag and a different browser profile. Things used to be different though; a symlink'd copy was used in the past. It would be good to know if there is still a way for a "crippled" Tor Browser to be opened via Adium or another application.

comment:8 in reply to:  7 Changed 2 years ago by teor

Replying to mcs:

Replying to teor:

I don't know how to fix the Meek Tor Browser CFBundleSignature or CFBundleIdentifier. Is the Meek Tor Browser generated by the build scripts?

The Meek Tor Browser is just another instance of Tor Browser in which the firefox binary is started with a --invisible flag and a different browser profile. Things used to be different though; a symlink'd copy was used in the past. It would be good to know if there is still a way for a "crippled" Tor Browser to be opened via Adium or another application.

I opened #21732 to track this.

comment:9 Changed 2 years ago by SpH6308

same thing if default *exe for Tor set to Browser\Tor Browser\Tor\tor.exe?

comment:10 Changed 2 years ago by arthuredelstein

Cc: arthuredelstein added

comment:11 Changed 23 months ago by linda

Keywords: tbb-usability removed

We agree that this is a bad problem for usability, and thanks for marking this with the usability keyword. But the UX team triaged the ticket and see that this is not something that needs usability help, but a problem that is owned by the tbb-team and doesn't require design assistance. We are removing the keyword as a part of our triage.

comment:12 Changed 22 months ago by torlongtimeuser

I don't know how fix this bug on tor.

but I know another way:
(if you would create multiple guest virtual machine.)

my network set: #22546

It's mean GuestA(all system application) over GuestB(tor), of course all links you opened won't send info about you real IP.
would like try it?

comment:13 Changed 21 months ago by teor

Opening links and documents with Tor Browser as the default browser works in 7.0.1, probably because #21724 was fixed.

Do you want to close this ticket, mcs or arthuredelstein?

comment:14 in reply to:  13 Changed 21 months ago by mcs

Resolution: fixed
Status: newclosed

Replying to teor:

Do you want to close this ticket, mcs or arthuredelstein?

Yes, I think we are done here.

Note: See TracTickets for help on using tickets.