Opened 13 months ago

Closed 13 months ago

Last modified 13 months ago

#26098 closed defect (fixed)

remove meek-amazon from the Tor Browser

Reported by: inf0 Owned by: tbb-team
Priority: High Milestone:
Component: Applications/Tor Browser Version:
Severity: Normal Keywords: tbb-bridges meek TorBrowserTeam201805
Cc: Actual Points:
Parent ID: Points:
Reviewer: Sponsor:

Description


Hash: SHA512

Please remove the meek-amazon bridge from the Tor Browser. Amazon is no longer supporting 'domain-fronting' and has effectively asked us to stop this CDN end-point.
Patch file is attached to this ticket.

Some more details here:
https://blog.torproject.org/domain-fronting-critical-open-web

  • --Sina

Comment: GPGTools - https://gpgtools.org

iQIcBAEBCgAGBQJa+dysAAoJEMeylP64yITypVQP/R3KYgX0Xvm2AjmoDb2ltQ5m
2iupbfV1PPmVBIOPbM9bCPAETo9F4ANol5PjUNPSQClfp+qicpCLbcLCVAXxwovA
Ul2Rfq92/Ib3ZFTyfJJh7jxxnE744VIQ5S/x/S3ra5DcmletG1aaFViHQs0+S2Qa
hsrcpGioktLV88kC2XwJYAAiTTZ3qvZgc44xV2kG4eGIVWUWBvXEqsvICqCbxxqa
c7CBX0bSDW+/nV78+een56FXIxcmEK4hTdpsL2KfVjbf0cRCnEkY1lyhBtzL+KqM
R73o+aG3Ab/gqFVHKHW0ie3cuo3frvbjF9DJf2OoBmmHo+r/HzoU5dnlFMdM/8PN
oOvkWT2bHpFjfB+ir/253Bbtg9CNdUIgGNwJ3/mrbATZ35W5bILe68IQtFHnObVn
V0ecXhnFJWhhtyawmbjc4cY2eDNfmeulNFJIPgDRrhmRrS/Guaqqj6RPWgLZ8Fd5
CaZf/DHShLlsJNhu/l3kMLgvVbUrbOZIGR3L1mgL3tTGAsIEG89EJH0Ge0KNDLvQ
2qcD5wH+/ZmzMzsPbHOw+IsjGlpIH49IZzrsJKMxEsw4JfYQTHh/Ws2Y6VCIvT+R
adOOSO+lyCgyUbXd7FS+hw+Yq3xUS4U9V2O4c/yinzI2vkS8paoXnPN0Qf5Brn/6
s/eBNqcBbYHSKuiKGfYU
=G0Bu


Child Tickets

Attachments (4)

0001-remove-meek-amazon-from-the-Tor-Browser.patch (1.7 KB) - added by inf0 13 months ago.
0001-remove-meek-amazon-from-the-Tor-Browser.patch.asc (2.6 KB) - added by inf0 13 months ago.
0001-removed-amazon-meek.patch (1.8 KB) - added by inf0 13 months ago.
Use this patch
0001-removed-amazon-meek.patch.asc (2.6 KB) - added by inf0 13 months ago.

Download all attachments as: .zip

Change History (14)

comment:1 Changed 13 months ago by inf0

Another try:

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

Please remove the meek-amazon bridge from the Tor Browser. Amazon is no longer supporting 'domain-fronting' and has effectively asked us to stop this CDN end-point.
Patch file is attached to this ticket.

Some more details here: 
https://blog.torproject.org/domain-fronting-critical-open-web

- --Sina
-----BEGIN PGP SIGNATURE-----
Comment: GPGTools - https://gpgtools.org

iQIcBAEBCgAGBQJa+dysAAoJEMeylP64yITypVQP/R3KYgX0Xvm2AjmoDb2ltQ5m
2iupbfV1PPmVBIOPbM9bCPAETo9F4ANol5PjUNPSQClfp+qicpCLbcLCVAXxwovA
Ul2Rfq92/Ib3ZFTyfJJh7jxxnE744VIQ5S/x/S3ra5DcmletG1aaFViHQs0+S2Qa
hsrcpGioktLV88kC2XwJYAAiTTZ3qvZgc44xV2kG4eGIVWUWBvXEqsvICqCbxxqa
c7CBX0bSDW+/nV78+een56FXIxcmEK4hTdpsL2KfVjbf0cRCnEkY1lyhBtzL+KqM
R73o+aG3Ab/gqFVHKHW0ie3cuo3frvbjF9DJf2OoBmmHo+r/HzoU5dnlFMdM/8PN
oOvkWT2bHpFjfB+ir/253Bbtg9CNdUIgGNwJ3/mrbATZ35W5bILe68IQtFHnObVn
V0ecXhnFJWhhtyawmbjc4cY2eDNfmeulNFJIPgDRrhmRrS/Guaqqj6RPWgLZ8Fd5
CaZf/DHShLlsJNhu/l3kMLgvVbUrbOZIGR3L1mgL3tTGAsIEG89EJH0Ge0KNDLvQ
2qcD5wH+/ZmzMzsPbHOw+IsjGlpIH49IZzrsJKMxEsw4JfYQTHh/Ws2Y6VCIvT+R
adOOSO+lyCgyUbXd7FS+hw+Yq3xUS4U9V2O4c/yinzI2vkS8paoXnPN0Qf5Brn/6
s/eBNqcBbYHSKuiKGfYU
=G0Bu
-----END PGP SIGNATURE-----

comment:2 Changed 13 months ago by cypherpunks

Please remove Amazon from the Earth. God is no longer supporting Amazon and has effectively asked us to stop this evil end-point.

comment:3 Changed 13 months ago by gk

Status: newneeds_review

comment:4 Changed 13 months ago by gk

Keywords: TorBrowserTeam201805R added; TorBrowserTeam2018 removed

comment:5 Changed 13 months ago by cypherpunks

What a sad day. :'(

comment:6 Changed 13 months ago by cypherpunks

What a sad day. :'(

Try to look on the bright side. This patch saves thousand bucks per month.

comment:7 Changed 13 months ago by gk

Keywords: TorBrowserTeam201805 added; TorBrowserTeam201805R removed
Status: needs_reviewneeds_revision

Could you write a patch against the tor-browser-build repo? We switch away from Gitian to rbm with Tor Browser 7.5. You'll find the pref file in projects/tor-browser/Bundle-Data/PTConfigs. Thanks.

comment:8 Changed 13 months ago by cypherpunks

Needs a patch as well for Orbot I think (though I can be mistaken): https://gitweb.torproject.org/orbot.git (obfs4 will be the only remaining pluggable transport :'( hopefully snowflake will make its way there)

Changed 13 months ago by inf0

Use this patch

Changed 13 months ago by inf0

comment:9 Changed 13 months ago by inf0

0001-removed-amazon-meek.patch​ added, which is made against the tor-browser-build repo.
I'll make a patch for orbot shortly.

Also note that meek-azure is still alive!

comment:10 Changed 13 months ago by gk

Resolution: fixed
Status: needs_revisionclosed

Applied to master (commit 22af54508a1e98bec13ee9580aac7c1b907043e8) and maint-7.5 (commit efa9901ec57d0d78aa1f8034a922da4f792c0ee0). Those changes will be picked up by the next stable and alpha releases (but we won't do extra releases just to get this bug fixed).

Last edited 13 months ago by gk (previous) (diff)
Note: See TracTickets for help on using tickets.