permission to install Tor Browser by default in Whonix

Do you mind Tor Browser binaries being shipped in Whonix by default?

Do you think the Tor trademark is concerned?

At the moment it is not installed by default, which cannot be a trademark violation. However, it gets downloaded by tb-updater most likely after installation of Whonix by the user. So it is rather useless and user experience degrading to not ship it by default.

Could you grant permission please for shipping Tor Browser by default in Whonix?

A short answer "You may do so." would be very much appreciated!

added component::applications/tor browser owner::tbb-team priority::medium resolution::fixed severity::normal status::closed type::task labels

1. Is the Tor Browser that Whonix wants to ship modified in any way from the Tor Browser that you get from the Tor website? For example, does it add Flash support to Tor Browser?

2. Is the Tor Browser in Whonix used in a different way or different context than Tor Browser usually is? For example, does it maintain the "stream isolation by tab" feature?

I ask because we want to make sure people don't call stuff "Tor" if they then use it in a context where you don't get the properties that Tor + Tor Browser provide.

(For example, imagine somebody wanted to grab Tor Browser, and remove Tor from it, and still call it Tor Browser. That would be bad. But it doesn't look like this is that situation.)

(To be clearer, I think we should try to say yes here -- or, if needed, we should fix things until we can say yes.)

Replying to arma:

For example, does it add Flash support to Tor Browser?

No such grave modifications.

1. Is the Tor Browser that Whonix wants to ship modified in any way from the Tor Browser that you get from the Tor website?

No modifications to any files in the Tor Browser folder.

There are environment variables modifications.

## Deactivate tor-launcher,
## a Vidalia replacement as browser extension,
## to prevent running Tor over Tor.
## https://trac.torproject.org/projects/tor/ticket/6009
## https://gitweb.torproject.org/tor-launcher.git
export TOR_SKIP_LAUNCH=1

## environment variable to skip TorButton control port verification
## https://trac.torproject.org/projects/tor/ticket/13079
export TOR_SKIP_CONTROLPORTTEST=1

## Environment variable to disable the "TorButton" ->
## "Open Network Settings..." menu item. It is not useful and confusing to have
## on a workstation, because Tor must be configured on the gateway, which is
## for security reasons forbidden from the gateway.
## https://trac.torproject.org/projects/tor/ticket/14100
export TOR_NO_DISPLAY_NETWORK_SETTINGS=1

---

   export TOR_CONTROL_HOST="127.0.0.1"

   export TOR_CONTROL_PORT="9151"

   ## this is to satisfy Tor Button just filled up with anything
   export TOR_CONTROL_PASSWD='"password"'

---

TOR_DEFAULT_HOMEPAGE=/usr/share/homepage/whonix-welcome-page/whonix.html

Whonix Welcome Page

• https://github.com/Whonix/whonix-welcome-page
• (older screenshot [now search box removed])

---

Tor Browser connects to localhost. From there we are using rinetd (Whonix 13) or socat (Whonix 14 and above) to redirect 127.0.0.1:9150 to Whonix-Gateway. (Same for Tor ControlPort.)

---

We have optional AppArmor support but the user has to learn it through the whonix.org website and self install the apparmor-profile-torbrowser package.

• https://www.whonix.org/wiki/AppArmor
• https://github.com/Whonix/apparmor-profile-torbrowser

2. Is the Tor Browser in Whonix used in a different way or different context than Tor Browser usually is?

Apart from above environment variables changes and port redirection, there is no difference.

Deliberately the changes are as minimal as possible and only for distribution integration reasons.

For example, does it maintain the "stream isolation by tab" feature?

Yes.

I ask because we want to make sure people don't call stuff "Tor" if they then use it in a context where you don't get the properties that Tor + Tor Browser provide.

(For example, imagine somebody wanted to grab Tor Browser, and remove Tor from it, and still call it Tor Browser. That would be bad. But it doesn't look like this is that situation.)

Right.

Replying to arma:

(To be clearer, I think we should try to say yes here -- or, if needed, we should fix things until we can say yes.)

Yes. That is great!

Unsupported Tor Browser Features in Whonix

• Tor Circuit View

We do not want Whonix-Workstation to have access to the information, which Tor middle relay or Tor entry guard [or bridge] are being used. [Tor Browser cannot use that feature because it gets filtered by control-port-filter-proxy-python.]

• Tor Button's -> Open Network Settings

(Explained in above post, see TOR_NO_DISPLAY_NETWORK_SETTINGS.)

I actually really like the current Tor Browser setup on Whonix, where it asks to install and gives you a choice of stable, alpha, or alpha-hardened... Really it's not much more mouse clicks than starting a built in Tor Browser that needs to update (which would probably happen a lot anyway if people are using not quite up to date workstation images).

Replying to cypherpunks:

I actually really like the current Tor Browser setup on Whonix, where it asks to install and gives you a choice of stable, alpha, or alpha-hardened... Really it's not much more mouse clicks than starting a built in Tor Browser that needs to update (which would probably happen a lot anyway if people are using not quite up to date workstation images).

Do you also get a choice of language? Whonix appears to be English only...? Or maybe there's an option upon install/config.

The choice of bundle seems.... nice. UX-wise it's another click for a user which is bad, so I'd probably choose to relegate it to a 'Manual Setup' type choice the user can make. Downloading the bundle is also bad UX - I now have to wait even longer to start doing the thing I wanted to do?

Is bundling all three an option? =P

This is not the right place to discuss Whonix UX. Welcome elsewhere such as in Whonix forums.

This is an inquiry of the Whonix project to The Tor Project if we may be granted permission to install Tor Browser by default in Whonix.

So, we discussed this yesterday. We re fine with Tor Browser binaries just being shipped in ​Whonix by default given the modifications you outlined in the ticket. If you want to do more like bragging in your documentation that it's Tor based and gives users privacy etc. it might be good to come back to us make you an official licensee and put you on https://www.torproject.org/docs/trademark-faq.html.en#licensee.

Trac:
Resolution: N/A to fixed
Status: new to closed

This is awesome! Thank you very much!

(I'll create a new ticket for becoming a licensee.)

Whonix project official licensee of The trademarks: #19911 (moved)

closed

mentioned in issue #19911 (moved)

mentioned in issue #25391 (moved)

mentioned in issue #31094 (moved)

mentioned in issue tpo/community/trac#19911 (closed)

moved to tpo/applications/tor-browser#19652 (closed)