Opened 10 months ago

Closed 10 months ago

Last modified 8 months ago

#25333 closed defect (not a bug)

NOT SECURE CONECTION please help

Reported by: kiokawasaki1998 Owned by:
Priority: Medium Milestone:
Component: Applications/Tor Browser Version:
Severity: Normal Keywords:
Cc: mario, ATOMShadow, Toruser85, mcs, brade, phshirk Actual Points:
Parent ID: Points:
Reviewer: Sponsor:

Description

2/22/2018 8:47:13 AM.900 [NOTICE] Disablenetwork is set.Tor will not make or accept non-control network conections.shutting down all exosting connections.
2/22/2018 8:47:13 AM.900 [NOTICE] Opening Socks listener on 127.0.0.1:9150
2/22/2018 8:47:13 AM.300 [NOTICE] bootsraped 80% conecting to the Tor network
2/22/2018 8:47:13 AM.300 [NOTICE] bootsraped 85% finishing handshake with first hop
2/22/2018 8:47:13 AM.300 [NOTICE] Bridge 'nx01' has both an IPV6 adress.will prefer using its IPV4 addreses(85.17.30.79:443) based in configured Bridge address.
2/22/2018 8:47:13 AM.400 [WARN] Proxy Client:unable to connect to 2001:470:b381:bfff:216:3eff:fe23:d6c3:443 (general socks server failure)
2/22/2018 8:47:13 AM.200 [WARN] Proxy Client:unable to connect to 2001:470:b381:bfff:216:3eff:fe23:d6c3:443 (general socks server failure)
2/22/2018 8:47:13 AM.300 [NOTICE] Bootsrapped 90:Establishing a Tor circuit
2/22/2018 8:47:13 AM.500 [NOTICE]new bridge descriptor 'dragon' (fresh)$D9A82D2F9C2F65A18407B1D2B76F130847F8B5D-dragon at 37.218.245.14
2/22/2018 8:47:13 AM.600 [NOTICE]new bridge descriptor 'ndnop5' (fresh) : $BBB28DF0F201E706BE564EFE690FE9577DD836D-ndnop5 at 109.105.109.147

Child Tickets

Change History (44)

comment:1 Changed 10 months ago by teor

Component: - Select a componentCore Tor/Tor
Status: newneeds_information

Hi, can you help us understand what the problem is?

comment:2 in reply to:  1 Changed 10 months ago by kiokawasaki1998

the problem os unsecure conection when i opern tor browser start page where i can check my conection page doesnt load

comment:3 Changed 10 months ago by kiokawasaki1998

i try to uninstal browser and download new one but doesnt work

comment:4 Changed 10 months ago by kiokawasaki1998

i cant conect to duckduck i cant make nothing

comment:5 Changed 10 months ago by kiokawasaki1998

tor writes that conection isnt secure

comment:6 Changed 10 months ago by kiokawasaki1998

please help

comment:7 Changed 10 months ago by kiokawasaki1998

browser writes secure conection failed

comment:8 Changed 10 months ago by kiokawasaki1998

tor browser 7.5

comment:9 Changed 10 months ago by kiokawasaki1998

thanks for support

comment:10 in reply to:  7 Changed 10 months ago by cypherpunks

Replying to kiokawasaki1998:

browser writes secure conection failed

Does that happen on every single webpage that you're trying to access? Also are you on a network that tries to block Tor?

comment:11 Changed 10 months ago by teor

Have you tried using bridges?
Try these instructions:
https://www.torproject.org/docs/bridges#AddTorNotWorks

comment:12 Changed 10 months ago by Dude_Virus

I seem to be having the same issue. Any website that I try in the TOR browser fails to load with the message Connection Not Secure. Even cant check for the TOR browser update as it reports no data received.

I suspect this issue to be with the HTTPS Everywhere plugin which is there along with the TOR browser.

I have Orbot and Orfox on my phone and there the TOR works fine because the sites are not being forced HTTPS. I used the wifi connection which my desktop PC uses hence TOR is not blocked on the connection. Not sure what is going on.

I have tried uninstalling TOR and reinstalling. Will try the bridges and report.

comment:13 Changed 10 months ago by Dude_Virus

TOR connection works but then it shows the below.

2/22/2018 11:57:38 AM.900 [NOTICE] Bootstrapped 90%: Establishing a Tor circuit
2/22/2018 11:57:39 AM.700 [NOTICE] Tor has successfully opened a circuit. Looks like client functionality is working.
2/22/2018 11:57:39 AM.700 [NOTICE] Bootstrapped 100%: Done
2/22/2018 11:57:41 AM.200 [NOTICE] New control connection opened from 127.0.0.1.
2/22/2018 11:57:41 AM.300 [NOTICE] New control connection opened from 127.0.0.1.
2/22/2018 11:57:57 AM.000 [WARN] Proxy Client: unable to connect to 169.229.59.74:31493 ("general SOCKS server failure")

I have tried configuring a bridge obfs3 / obfs4 but no luck.

comment:14 in reply to:  12 ; Changed 10 months ago by cypherpunks

Replying to Dude_Virus:

I suspect this issue to be with the HTTPS Everywhere plugin which is there along with the TOR browser.

If it's due to HTTPS-E addon then Which specific site do you have issues with?

comment:15 in reply to:  14 Changed 10 months ago by Dude_Virus

Replying to cypherpunks:

Replying to Dude_Virus:

I suspect this issue to be with the HTTPS Everywhere plugin which is there along with the TOR browser.

If it's due to HTTPS-E addon then Which specific site do you have issues with?

All the sites are having issues on the TOR browser. Even the torproject site doesnt open. Even when i do test tor network settings its just show connection not secured.

Last edited 10 months ago by Dude_Virus (previous) (diff)

comment:16 Changed 10 months ago by Dude_Virus

There definitely seems to be some issue with the desktop version of the browser. I just installed TOR browser on a newly formatted laptop and it gives the same issue. But if I use Orbot and Orfox browser on my android phone then TOR is working. Unable to figure out what is the issue.

comment:17 in reply to:  16 ; Changed 10 months ago by cypherpunks

Replying to Dude_Virus:

There definitely seems to be some issue with the desktop version of the browser. I just installed TOR browser on a newly formatted laptop and it gives the same issue. But if I use Orbot and Orfox browser on my android phone then TOR is working. Unable to figure out what is the issue.

Are you using bridges on Orbot'n'Orfox? Are you using bridges on the desktop version?

(I'm on a desktop but can't reproduce the issue.)

Last edited 10 months ago by cypherpunks (previous) (diff)

comment:18 in reply to:  17 Changed 10 months ago by Dude_Virus

Replying to cypherpunks:

Replying to Dude_Virus:

There definitely seems to be some issue with the desktop version of the browser. I just installed TOR browser on a newly formatted laptop and it gives the same issue. But if I use Orbot and Orfox browser on my android phone then TOR is working. Unable to figure out what is the issue.

Are you using bridges on Orbot'n'Orfox? Are you using bridges on the desktop version?

(I'm on a desktop but can't reproduce the issue.)

No I am no using bridges anywhere BUT I have tried configuring bridges on my desktop however no luck.

comment:19 Changed 10 months ago by Jaruga

Possibly related solution: https://trac.torproject.org/projects/tor/ticket/9413

Firstly, I cannot replicate this bug. I would assume it's due to your local configuration to some capacity.

It would help if you supplied more information with your initial ticket, the issue could be anything from firewalls to buggy add-ons. It's unlikely to be HTTPS-E, however testing it is as simple as turning off HTTPS-Everywhere and attempting to load Google or similar. If the problem persists then you can rule that out.

comment:20 Changed 10 months ago by gk

Cc: mario added
Component: Core Tor/TorApplications/Tor Browser

#25337 is a duplicate.

comment:21 Changed 10 months ago by gk

Cc: ATOMShadow added

Resolved #25325 as duplicate

comment:22 Changed 10 months ago by gk

Cc: Toruser85 added

#25326 is a duplicate.

comment:23 Changed 10 months ago by gk

Cc: mcs brade added

comment:24 Changed 10 months ago by gk

So, we have a bunch of similar looking reports in our bug tracker and on our mailing list. I already asked on the latter (https://lists.torproject.org/pipermail/tor-talk/2018-February/044017.html) whether the reporter might have an antivirus/firewall tool that could be interfering with TLS traffic. If that's true for you, could any of you please uninstall it and report back whether that solved your problem?

There has not been a Tor Browser or Tor release in the last couple of weeks that could cause this. HTTPS Everywhere got updated last time on Jan 29 which is a while back as well and disabling it does not seem to solve the problem.

Thus, I suspect something on your local computer is messing with Tor Browser's TLS traffic.

Last edited 10 months ago by gk (previous) (diff)

comment:25 Changed 10 months ago by Nemo

Similar situation here.
Dell E6330; Windows 7 Pro; Relatively new Samsung EVO HD; fresh load of V7.5; Current Firefox; DuckDuck Go for Tor
Shut down Kaspersky and the result is the same - "Secure Connection Failed" with and without HTTPS Everywhere enabled.
I can copy and paste the debug info if that would be helpful but there is quite a bit and I don't want to fill up space here unless you want me to. If there is a specific section of the debug you'd like to see, let me know.
Thank you for your attention to this and your help trying to resolve it.

Last edited 10 months ago by Nemo (previous) (diff)

comment:26 in reply to:  25 ; Changed 10 months ago by cypherpunks

Replying to Nemo:

Similar situation here.
Dell E6330; Windows 7 Pro; Relatively new Samsung EVO HD; fresh load of V7.5; Current Firefox; DuckDuck Go for Tor
Shut down Kaspersky and the result is the same - "Secure Connection Failed" with and without HTTPS Everywhere enabled.
I can copy and paste the debug info if that would be helpful but there is quite a bit and I don't want to fill up space here unless you want me to. If there is a specific section of the debug you'd like to see, let me know.
Thank you for your attention to this and your help trying to resolve it.

Try to use the meek-amazon pluggable transport (Click on the Torbutton (that green onion on your toolbar) > Tor Network Settings... > Select a built-in bridge > meek-amazon). Does it work then?

Kaspersky has a reputation for doing full TLS decryption since Mr. Eugene is a smart puppet.

Last edited 10 months ago by cypherpunks (previous) (diff)

comment:27 in reply to:  26 ; Changed 10 months ago by Nemo

I'm afraid not.Replying to cypherpunks:

Replying to Nemo:

Similar situation here.
Dell E6330; Windows 7 Pro; Relatively new Samsung EVO HD; fresh load of V7.5; Current Firefox; DuckDuck Go for Tor
Shut down Kaspersky and the result is the same - "Secure Connection Failed" with and without HTTPS Everywhere enabled.
I can copy and paste the debug info if that would be helpful but there is quite a bit and I don't want to fill up space here unless you want me to. If there is a specific section of the debug you'd like to see, let me know.
Thank you for your attention to this and your help trying to resolve it.

Try to use the meek-amazon pluggable transport (Click on the Torbutton (that green onion on your toolbar) > Tor Network Settings... > Select a built-in bridge > meek-amazon). Does it work then?

Kaspersky has a reputation for doing full TLS decryption since Mr. Eugene is a smart puppet.

comment:28 Changed 10 months ago by cypherpunks

Do you have Kaspersky Anti-Virus or Kaspersky Internet Security?

comment:29 in reply to:  27 ; Changed 10 months ago by Nemo

Internet Security - Current version - defs up to date.
Replying to Nemo:

I'm afraid not.Replying to cypherpunks:

Replying to Nemo:

Similar situation here.
Dell E6330; Windows 7 Pro; Relatively new Samsung EVO HD; fresh load of V7.5; Current Firefox; DuckDuck Go for Tor
Shut down Kaspersky and the result is the same - "Secure Connection Failed" with and without HTTPS Everywhere enabled.
I can copy and paste the debug info if that would be helpful but there is quite a bit and I don't want to fill up space here unless you want me to. If there is a specific section of the debug you'd like to see, let me know.
Thank you for your attention to this and your help trying to resolve it.

Try to use the meek-amazon pluggable transport (Click on the Torbutton (that green onion on your toolbar) > Tor Network Settings... > Select a built-in bridge > meek-amazon). Does it work then?

Kaspersky has a reputation for doing full TLS decryption since Mr. Eugene is a smart puppet.

Last edited 10 months ago by Nemo (previous) (diff)

comment:30 in reply to:  29 ; Changed 10 months ago by mario

Replying to Nemo:

Internet Security - Current version - defs up to date.
Replying to Nemo:

I'm afraid not.Replying to cypherpunks:

Replying to Nemo:

Similar situation here.
Dell E6330; Windows 7 Pro; Relatively new Samsung EVO HD; fresh load of V7.5; Current Firefox; DuckDuck Go for Tor
Shut down Kaspersky and the result is the same - "Secure Connection Failed" with and without HTTPS Everywhere enabled.
I can copy and paste the debug info if that would be helpful but there is quite a bit and I don't want to fill up space here unless you want me to. If there is a specific section of the debug you'd like to see, let me know.
Thank you for your attention to this and your help trying to resolve it.

Try to use the meek-amazon pluggable transport (Click on the Torbutton (that green onion on your toolbar) > Tor Network Settings... > Select a built-in bridge > meek-amazon). Does it work then?

Kaspersky has a reputation for doing full TLS decryption since Mr. Eugene is a smart puppet.

Dear all,
I'm using Kaspersky (free edition) too, and I solved the problem as following:
1-TOR settings (default )
2- open kaspersky settings -> additional -> Network-> Encrypt connection settings -> CHECK the do not scan encrypted connection

done
thanks for your precious contribute

comment:31 in reply to:  24 Changed 10 months ago by mario

Replying to gk:

So, we have a bunch of similar looking reports in our bug tracker and on our mailing list. I already asked on the latter (https://lists.torproject.org/pipermail/tor-talk/2018-February/044017.html) whether the reporter might have an antivirus/firewall tool that could be interfering with TLS traffic. If that's true for you, could any of you please uninstall it and report back whether that solved your problem?

There has not been a Tor Browser or Tor release in the last couple of weeks that could cause this. HTTPS Everywhere got updated last time on Jan 29 which is a while back as well and disabling it does not seem to solve the problem.

Thus, I suspect something on your local computer is messing with Tor Browser's TLS traffic.

Dear all,

I'm using Kaspersky (free edition) too, and I solved the problem as following:
1 - TOR settings (default )
2 - open kaspersky settings -> additional -> Network-> Encrypt connection settings -> CHECK the do not scan encrypted connection

done
thanks for your precious contribute

comment:32 Changed 10 months ago by Nemo

All,
Before making that change PLEASE BE AWARE: According to Kaspersky "Scanning of encrypted connections is required to run the following protection components: Safe Money,URL Advisor, Parental Control, Private Browsing, Web Anti Virus and Anti-Banner"

comment:33 Changed 10 months ago by cypherpunks

As I said earlier, this is another lame attempt at providing screwity by decrypting secure connections, signed Mr. Eugene. It's literally lamentable for Kaspersky to do something like this. This can only be explained by incompetence.

comment:34 Changed 10 months ago by Dude_Virus

I am not sure how kaspersky can suddenly cause a problem. Last I used TOR was 5 days ago where everything is working fine. In Kaspersky I always had scan encrypted connection enabled because I use the protection components Safe Money, Private Browsing, Web Anti Virus and Anti-Banner". I havent tweaked anything in the last 5 days so not sure what changed suddenly.

Further testing on this shows that it is not only https site but even http sites which are having the issue. This only is happening in the TOR browser and not in any other browser including firefox.

The Kaspersky setting is not set to always scan encrypted connection but is set to scan encrypted connection on request from protection components (that too kaspersky components).

Last edited 10 months ago by Dude_Virus (previous) (diff)

comment:35 in reply to:  34 ; Changed 10 months ago by mario

Replying to Dude_Virus:
My dear Dude_Virus,
I can't provide more info about a part my workaround as above.

1) I can only confirm that the issue is present ONLY when I use Tor browser and I attempt to use the https protocol. http is working with TOR (at least for the few website that I tested)
2) The issue disappears if I uncheck the kaspersky setting "do not scan encrypted ..."
3) If I switch off the TOR browser and restore the standard Kaspersky settings ALL is perfectly working

Bye
Mario

I am not sure how kaspersky can suddenly cause a problem. Last I used TOR was 5 days ago where everything is working fine. In Kaspersky I always had scan encrypted connection enabled because I use the protection components Safe Money, Private Browsing, Web Anti Virus and Anti-Banner". I havent tweaked anything in the last 5 days so not sure what changed suddenly.

Further testing on this shows that it is not only https site but even http sites which are having the issue. This only is happening in the TOR browser and not in any other browser including firefox.

The Kaspersky setting is not set to always scan encrypted connection but is set to scan encrypted connection on request from protection components (that too kaspersky components).

comment:36 in reply to:  35 ; Changed 10 months ago by cypherpunks

Replying to mario:

1) I can only confirm that the issue is present ONLY when I use Tor browser and I attempt to use the https protocol. http is working with TOR (at least for the few website that I tested)

Can you please go to http://example.com/ in the Tor Browser, then click on Ctrl+U to see the source and copy paste it here? (while Kaspesky is enabled with its problematic settings)

Last edited 10 months ago by cypherpunks (previous) (diff)

comment:37 in reply to:  36 Changed 10 months ago by mario

Replying to cypherpunks:

Replying to mario:

1) I can only confirm that the issue is present ONLY when I use Tor browser and I attempt to use the https protocol. http is working with TOR (at least for the few website that I tested)

Can you please go to http://example.com/ in the Tor Browser, then click on Ctrl+U to see the source and copy paste it here? (while Kaspesky is enabled with its problematic settings)

Hi,
here it is wht you required:

<!doctype html>
<html>
<head>

<title>Example Domain</title>

<meta charset="utf-8" />
<meta http-equiv="Content-type" content="text/html; charset=utf-8" />
<meta name="viewport" content="width=device-width, initial-scale=1" />
<style type="text/css">
body {

background-color: #f0f0f2;
margin: 0;
padding: 0;
font-family: "Open Sans", "Helvetica Neue", Helvetica, Arial, sans-serif;


}
div {

width: 600px;
margin: 5em auto;
padding: 50px;
background-color: #fff;
border-radius: 1em;

}
a:link, a:visited {

color: #38488f;
text-decoration: none;

}
@media (max-width: 700px) {

body {

background-color: #fff;

}
div {

width: auto;
margin: 0 auto;
border-radius: 0;
padding: 1em;

}

}
</style>

</head>

<body>
<div>

<h1>Example Domain</h1>
<p>This domain is established to be used for illustrative examples in documents. You may use this
domain in examples without prior coordination or asking for permission.</p>
<p><a href="http://www.iana.org/domains/example">More information...</a></p>

</div>
</body>
</html>

comment:38 Changed 10 months ago by cypherpunks

@mario

Okay, it doesn't look like Kaspersky has been tampering with pages as it does with clearnet so I'm not sure why only HTTPS websites are messed up in your case.

comment:39 in reply to:  35 Changed 10 months ago by Dude_Virus

Replying to mario:

Replying to Dude_Virus:
My dear Dude_Virus,
I can't provide more info about a part my workaround as above.

1) I can only confirm that the issue is present ONLY when I use Tor browser and I attempt to use the https protocol. http is working with TOR (at least for the few website that I tested)
2) The issue disappears if I uncheck the kaspersky setting "do not scan encrypted ..."
3) If I switch off the TOR browser and restore the standard Kaspersky settings ALL is perfectly working

Bye
Mario

Hi Mario

For me even if I try www.google.com it fails because the URL is changing to https://www.google.com. Even after disabling HTTPS everywhere it still forces the site to go to https.

Another thing that I noticed was that at the bottom the status keeps flipping between connected and then connecting. It keeps doing that for a few times and then I get the secure connection failed.
I found another workaround that if you add the websites in the exclusion list then in spite of the setting being

comment:40 Changed 10 months ago by gk

Resolution: not a bug
Status: needs_informationclosed

So it seems Kaspersky tools got an update that broke Tor Browser? And fiddling with their whitelisting/features solves that? Sounds like not a bug in our court.

comment:41 in reply to:  30 Changed 10 months ago by Toruser85

Replying to mario:

Replying to Nemo:

Internet Security - Current version - defs up to date.
Replying to Nemo:

I'm afraid not.Replying to cypherpunks:

Replying to Nemo:

Similar situation here.
Dell E6330; Windows 7 Pro; Relatively new Samsung EVO HD; fresh load of V7.5; Current Firefox; DuckDuck Go for Tor
Shut down Kaspersky and the result is the same - "Secure Connection Failed" with and without HTTPS Everywhere enabled.
I can copy and paste the debug info if that would be helpful but there is quite a bit and I don't want to fill up space here unless you want me to. If there is a specific section of the debug you'd like to see, let me know.
Thank you for your attention to this and your help trying to resolve it.

Try to use the meek-amazon pluggable transport (Click on the Torbutton (that green onion on your toolbar) > Tor Network Settings... > Select a built-in bridge > meek-amazon). Does it work then?

Kaspersky has a reputation for doing full TLS decryption since Mr. Eugene is a smart puppet.

Dear all,
I'm using Kaspersky (free edition) too, and I solved the problem as following:
1-TOR settings (default )
2- open kaspersky settings -> additional -> Network-> Encrypt connection settings -> CHECK the do not scan encrypted connection

done
thanks for your precious contribute

done.. it was kaspersky

comment:42 Changed 10 months ago by gk

Cc: phshirk added

comment:43 Changed 10 months ago by phshirk

it was kaspersky

comment:44 Changed 8 months ago by cypherpunks

#25778 is a duplicate

Note: See TracTickets for help on using tickets.