Re: [tor-bugs] #19640 [Metrics/metrics-lib]: review and improve interface hierarchy

[Tor Bug Tracker & Wiki]

#19640: review and improve interface hierarchy
-+---
 Reporter:  iwakeh   |  Owner:  iwakeh
 Type:  enhancement  | Status:  accepted
 Priority:  Medium   |  Milestone:  metrics-lib 1.9.0
Component:  Metrics/metrics-lib  |Version:
 Severity:  Normal   | Resolution:
 Keywords:   |  Actual Points:
Parent ID:   | Points:
 Reviewer:   |Sponsor:
-+---
Changes (by iwakeh):

 * owner:  metrics-team => iwakeh
 * status:  assigned => accepted


--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #22526 [Applications/Tor Browser]: TBB reloads nonstop

[Tor Bug Tracker & Wiki]

#22526: TBB reloads nonstop
--+---
 Reporter:  Dbryrtfbcbhgf |  Owner:  tbb-team
 Type:  defect| Status:  needs_information
 Priority:  Medium|  Milestone:
Component:  Applications/Tor Browser  |Version:
 Severity:  Normal| Resolution:
 Keywords:|  Actual Points:
Parent ID:| Points:
 Reviewer:|Sponsor:
--+---

Comment (by gk):

 Replying to [comment:1 gk]:
 > Does it really reload things or is the throbber just spinning the whole
 time? Or, asking differently, assuming you have a wired connection, does
 the nonstop reloading suddenly stop if you plug the cable?

 Okay looks indeed like non-stop reloading. #22530 is related I think.

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #22530 [Webpages/Blog]: Tor Browser 7.0 can't post on https://blog.torproject.org unless security slider is lowered

[Tor Bug Tracker & Wiki]

#22530: Tor Browser 7.0 can't post on https://blog.torproject.org unless 
security
slider is lowered
---+--
 Reporter:  cypherpunks|  Owner:  hiro
 Type:  defect | Status:  new
 Priority:  High   |  Milestone:
Component:  Webpages/Blog  |Version:
 Severity:  Major  | Resolution:
 Keywords: |  Actual Points:
Parent ID: | Points:
 Reviewer: |Sponsor:
---+--

Comment (by gk):

 If I set my slider to "high" and just allow JavaScript on the blog it
 works. Otherwise I get a redirect loop (you can see that when you are
 opening the web console (Ctrl + Shift + K) and go to the Network tab.

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #22526 [Applications/Tor Browser]: TBB reloads nonstop

[Tor Bug Tracker & Wiki]

#22526: TBB reloads nonstop
--+---
 Reporter:  Dbryrtfbcbhgf |  Owner:  tbb-team
 Type:  defect| Status:  needs_information
 Priority:  Medium|  Milestone:
Component:  Applications/Tor Browser  |Version:
 Severity:  Normal| Resolution:
 Keywords:|  Actual Points:
Parent ID:| Points:
 Reviewer:|Sponsor:
--+---

Comment (by Dbryrtfbcbhgf):

 Replying to [comment:1 gk]:
 > Does it really reload things or is the throbber just spinning the whole
 time? Or, asking differently, assuming you have a wired connection, does
 the nonstop reloading suddenly stop if you plug the cable?
 Here is a video showing the bug.
 https://filenurse.com/download/adb7ef9efe63977b932622ecb48814d1.html

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #22362 [Applications/Tor Browser]: Tor Browser freezes when loading https://www.facebook.com/tr/ on a website

[Tor Bug Tracker & Wiki]

#22362: Tor Browser freezes when loading https://www.facebook.com/tr/ on a 
website
-+-
 Reporter:  gk   |  Owner:  tbb-
 |  team
 Type:  defect   | Status:
 |  needs_review
 Priority:  High |  Milestone:
Component:  Applications/Tor Browser |Version:
 Severity:  Major| Resolution:
 Keywords:  noscript, TorBrowserTeam201706R, |  Actual Points:
  GeorgKoppen201706  |
Parent ID:   | Points:
 Reviewer:   |Sponsor:
-+-

Comment (by gk):

 Replying to [comment:19 jiminycricket]:
 > Is this the same issue persisting in Tor Browser 7.0? The Guardian also
 crashes on this page:
 >
 > https://www.theguardian.com/science/2017/jun/07/oldest-homo-sapiens-
 bones-ever-found-shake-foundations-of-the-human-story

 Yes. We'll ship a workaround in 7.0.1 which is coming out next week.

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

[tor-bugs] #22534 [Core Tor/Tor]: Stop ignoring rend protocol versions greater than 7 in legacy hidden service descriptors

[Tor Bug Tracker & Wiki]

#22534: Stop ignoring rend protocol versions greater than 7 in legacy hidden
service descriptors
--+
 Reporter:  teor  |  Owner:
 Type:  defect| Status:  new
 Priority:  Very Low  |  Milestone:  Tor: unspecified
Component:  Core Tor/Tor  |Version:  Tor: 0.2.4.3-alpha
 Severity:  Minor |   Keywords:  hs-legacy
Actual Points:|  Parent ID:
   Points:  0.2   |   Reviewer:
  Sponsor:|
--+
 REND_PROTOCOL_VERSION_BITMASK_WIDTH is 16, but
 rend_encode_v2_descriptors() only checks bits 0 to 7.

 This was introduced in 0a6480c in 0.2.4.3-alpha, which fixed #6827, which
 was itself a bugfix on c58675 in 0.2.0.10-alpha.

 I think we should wontfix this.

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #22534 [Core Tor/Tor]: Stop parsing rend protocol versions greater than 7 in legacy hidden service descriptors (was: Stop ignoring rend protocol versions greater than 7 in legacy hidden

[Tor Bug Tracker & Wiki]

#22534: Stop parsing rend protocol versions greater than 7 in legacy hidden 
service
descriptors
--+
 Reporter:  teor  |  Owner:
 Type:  defect| Status:  new
 Priority:  Very Low  |  Milestone:  Tor: unspecified
Component:  Core Tor/Tor  |Version:  Tor: 0.2.4.3-alpha
 Severity:  Minor | Resolution:
 Keywords:  hs-legacy |  Actual Points:
Parent ID:| Points:  0.2
 Reviewer:|Sponsor:
--+

Comment (by teor):

 This means Tor generates versions 0-7, but parses versions 0-15.

 If we do want to fix it, we can make REND_PROTOCOL_VERSION_BITMASK_WIDTH
 8, and use it in rend_encode_v2_descriptors(). This will make our parser
 ignore versions 8-15. And nothing will change.

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #22533 [Metrics/metrics-lib]: microdescs are not parsed correctly

[Tor Bug Tracker & Wiki]

#22533: microdescs are not parsed correctly
-+--
 Reporter:  iwakeh   |  Owner:  metrics-team
 Type:  defect   | Status:  needs_review
 Priority:  Medium   |  Milestone:
Component:  Metrics/metrics-lib  |Version:
 Severity:  Normal   | Resolution:
 Keywords:   |  Actual Points:
Parent ID:   | Points:
 Reviewer:   |Sponsor:
-+--

Comment (by karsten):

 Looks good!  Please find [https://gitweb.torproject.org/user/karsten
 /metrics-
 lib.git/commit/?h=task-22533&id=e0e5d87aacd9f70c23262b7ee10e3e51ec0ae577
 my branch task-22533] with a change log entry and version bump.  If this
 looks okay, I'll release today.  (I'll also run this on the CollecTor host
 now.)

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #22533 [Metrics/metrics-lib]: microdescs are not parsed correctly

[Tor Bug Tracker & Wiki]

#22533: microdescs are not parsed correctly
-+--
 Reporter:  iwakeh   |  Owner:  metrics-team
 Type:  defect   | Status:  merge_ready
 Priority:  Medium   |  Milestone:
Component:  Metrics/metrics-lib  |Version:
 Severity:  Normal   | Resolution:
 Keywords:   |  Actual Points:
Parent ID:   | Points:
 Reviewer:   |Sponsor:
-+--
Changes (by iwakeh):

 * status:  needs_review => merge_ready


Comment:

 Looks fine to me.  Merge ready (assuming you also ran the tests etc ;-)

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #22526 [Applications/Tor Browser]: TBB reloads nonstop

[Tor Bug Tracker & Wiki]

#22526: TBB reloads nonstop
--+---
 Reporter:  Dbryrtfbcbhgf |  Owner:  tbb-team
 Type:  defect| Status:  closed
 Priority:  Medium|  Milestone:
Component:  Applications/Tor Browser  |Version:
 Severity:  Normal| Resolution:  duplicate
 Keywords:|  Actual Points:
Parent ID:| Points:
 Reviewer:|Sponsor:
--+---
Changes (by gk):

 * status:  needs_information => closed
 * resolution:   => duplicate


Comment:

 Thanks. Yes, that's #22530 I guess. I'll close this as a duplicate as this
 is a blog bug I think.

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #22530 [Webpages/Blog]: Tor Browser 7.0 can't post on https://blog.torproject.org unless security slider is lowered

[Tor Bug Tracker & Wiki]

#22530: Tor Browser 7.0 can't post on https://blog.torproject.org unless 
security
slider is lowered
---+--
 Reporter:  cypherpunks|  Owner:  hiro
 Type:  defect | Status:  new
 Priority:  High   |  Milestone:
Component:  Webpages/Blog  |Version:
 Severity:  Major  | Resolution:
 Keywords: |  Actual Points:
Parent ID: | Points:
 Reviewer: |Sponsor:
---+--
Changes (by gk):

 * cc: Dbryrtfbcbhgf (added)


Comment:

 Closed #22526 as duplicate.

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #22530 [Webpages/Blog]: Tor Browser 7.0 can't post on https://blog.torproject.org unless security slider is lowered

[Tor Bug Tracker & Wiki]

#22530: Tor Browser 7.0 can't post on https://blog.torproject.org unless 
security
slider is lowered
---+--
 Reporter:  cypherpunks|  Owner:  hiro
 Type:  defect | Status:  new
 Priority:  High   |  Milestone:
Component:  Webpages/Blog  |Version:
 Severity:  Major  | Resolution:
 Keywords: |  Actual Points:
Parent ID: | Points:
 Reviewer: |Sponsor:
---+--
Changes (by gk):

 * cc: gk (added)


--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #21903 [Core Tor/Chutney]: Disable DNS in chutney by default, and add an option to enable it

[Tor Bug Tracker & Wiki]

#21903: Disable DNS in chutney by default, and add an option to enable it
--+
 Reporter:  teor  |  Owner:  teor
 Type:  defect| Status:  needs_revision
 Priority:  Medium|  Milestone:
Component:  Core Tor/Chutney  |Version:
 Severity:  Normal| Resolution:
 Keywords:|  Actual Points:
Parent ID:  #19573| Points:  0.5
 Reviewer:|Sponsor:
--+

Comment (by teor):

 In #21989, arma suggests chutney uses ServerDNSDetectHijacking 0. That
 might solve some of these issues, but it certainly won't solve the
 eventdns breakage.

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #22533 [Metrics/metrics-lib]: microdescs are not parsed correctly

[Tor Bug Tracker & Wiki]

#22533: microdescs are not parsed correctly
-+--
 Reporter:  iwakeh   |  Owner:  metrics-team
 Type:  defect   | Status:  merge_ready
 Priority:  Medium   |  Milestone:
Component:  Metrics/metrics-lib  |Version:
 Severity:  Normal   | Resolution:
 Keywords:   |  Actual Points:
Parent ID:   | Points:
 Reviewer:   |Sponsor:
-+--

Comment (by karsten):

 Thanks for checking!  Initial test run from a few minutes ago looks good,
 but I'll keep it running for a few hours and will release this afternoon.
 Thanks!

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

[tor-bugs] #22535 [Applications/Tor Browser]: searching from about:tor brings me to duckduckgo but my query is discarded

[Tor Bug Tracker & Wiki]

#22535: searching from about:tor brings me to duckduckgo but my query is 
discarded
--+--
 Reporter:  arma  |  Owner:  tbb-team
 Type:  defect| Status:  new
 Priority:  Medium|  Milestone:
Component:  Applications/Tor Browser  |Version:
 Severity:  Normal|   Keywords:
Actual Points:|  Parent ID:
   Points:|   Reviewer:
  Sponsor:|
--+--
 Go to about:tor and in the text box in the middle of the window, type foo
 and then either hit enter or click the magnifying glass.

 It brings me to duckduckgo, but it doesn't carry the search query along
 with it -- I have to do my search query again once I'm at duckduckgo.

 Things work fine from a blank tab, or from the little search box in the
 upper right.

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #22535 [Applications/Tor Browser]: searching from about:tor brings me to duckduckgo but my query is discarded

[Tor Bug Tracker & Wiki]

#22535: searching from about:tor brings me to duckduckgo but my query is 
discarded
--+--
 Reporter:  arma  |  Owner:  tbb-team
 Type:  defect| Status:  new
 Priority:  Medium|  Milestone:
Component:  Applications/Tor Browser  |Version:
 Severity:  Normal| Resolution:
 Keywords:  tbb-usability |  Actual Points:
Parent ID:| Points:
 Reviewer:|Sponsor:
--+--
Changes (by gk):

 * cc: mcs, brade (added)
 * keywords:   => tbb-usability


--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

[tor-bugs] #22536 [Applications/Tor Browser]: On New Identitythe new window opens at a different location before the old one gets closed

[Tor Bug Tracker & Wiki]

#22536: On New Identitythe new window opens at a different location before the 
old
one gets closed
-+-
 Reporter:  gk   |  Owner:  tbb-team
 Type:  defect   | Status:  new
 Priority:  Medium   |  Milestone:
Component:  Applications/Tor |Version:
  Browser|   Keywords:  tbb-7.0-issues, tbb-
 Severity:  Normal   |  regression, tbb-newnym
Actual Points:   |  Parent ID:
   Points:   |   Reviewer:
  Sponsor:   |
-+-
 In some circumstances, after hitting New Identity the new browser window
 will open at a different location on the screen before the old one is
 gone. We are currently doing:
 {{{
   OpenBrowserWindow();

   torbutton_log(3, "New identity successful");

   // Run garbage collection and cycle collection after window is gone.
   // This ensures that blob URIs are forgotten.
   window.addEventListener("unload", function (event) {
 torbutton_log(3, "Initiating New Identity GC pass");
 // Clear out potential pending sInterSliceGCTimer:
 m_tb_domWindowUtils.runNextCollectorTimer();

 // Clear out potential pending sICCTimer:
 m_tb_domWindowUtils.runNextCollectorTimer();

 // Schedule a garbage collection in 4000-1000ms...
 m_tb_domWindowUtils.garbageCollect();

 // To ensure the GC runs immediately instead of 4-10s from now, we
 need
 // to poke it at least 11 times.
 // We need 5 pokes for GC, 1 poke for the interSliceGC, and 5 pokes
 for CC.
 // See nsJSContext::RunNextCollectorTimer() in
 // https://mxr.mozilla.org/mozilla-
 central/source/dom/base/nsJSEnvironment.cpp#1970.
 // XXX: We might want to make our own method for immediate full GC...
 for (let poke = 0; poke < 11; poke++) {
m_tb_domWindowUtils.runNextCollectorTimer();
 }

 // And now, since the GC probably actually ran *after* the CC last
 time,
 // run the whole thing again.
 m_tb_domWindowUtils.garbageCollect();
 for (let poke = 0; poke < 11; poke++) {
m_tb_domWindowUtils.runNextCollectorTimer();
 }

 torbutton_log(3, "Completed New Identity GC pass");
   });

   // Close the current window for added safety
   window.close();
 }}}
 So, this issue can show up if the garbage collection takes quite some time
 for some reason. We might want to think about whether we can improve
 things for this use case while not making New Identity much slower.

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #22536 [Applications/Tor Browser]: On New Identity the new window opens at a different location before the old one gets closed (was: On New Identitythe new window opens at a different l

[Tor Bug Tracker & Wiki]

#22536: On New Identity the new window opens at a different location before the 
old
one gets closed
-+-
 Reporter:  gk   |  Owner:  tbb-
 |  team
 Type:  defect   | Status:  new
 Priority:  Medium   |  Milestone:
Component:  Applications/Tor Browser |Version:
 Severity:  Normal   | Resolution:
 Keywords:  tbb-7.0-issues, tbb-regression,  |  Actual Points:
  tbb-newnym |
Parent ID:   | Points:
 Reviewer:   |Sponsor:
-+-

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

[tor-bugs] [Tor Bug Tracker & Wiki] Batch modify: #22343, #22471, #21999, #22282

[Tor Bug Tracker & Wiki]

Batch modification to #22343, #22471, #21999, #22282 by gk:
keywords to tbb-7.0-issues, tbb-regression

Comment:
Regression from 6.X.

--
Tickets URL: 

Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

[tor-bugs] [Tor Bug Tracker & Wiki] Batch modify: #21924, #21948, #21973, #22040, ...

[Tor Bug Tracker & Wiki]

Batch modification to #21924, #21948, #21973, #22040, #22431, #22432, #22451 by 
gk:
keywords to tbb-7.0-issues, tbb-regression

Comment:
Regressions since 6.X.

--
Tickets URL: 

Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #22098 [Applications/Tor Browser]: PulseAudio alert banner leads to a 404 page

[Tor Bug Tracker & Wiki]

#22098: PulseAudio alert banner leads to a 404 page
--+--
 Reporter:  dcf   |  Owner:  tbb-team
 Type:  defect| Status:  closed
 Priority:  Medium|  Milestone:
Component:  Applications/Tor Browser  |Version:
 Severity:  Normal| Resolution:  fixed
 Keywords:  ff52-esr  |  Actual Points:
Parent ID:| Points:
 Reviewer:|Sponsor:
--+--
Changes (by gk):

 * status:  assigned => closed
 * resolution:   => fixed


Comment:

 That's supposed to be fixed now.

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #22141 [Metrics/metrics-lib]: Deprecate `DescriptorFile` and add relevant information to `Descriptor`

[Tor Bug Tracker & Wiki]

#22141: Deprecate `DescriptorFile` and add relevant information to `Descriptor`
-+---
 Reporter:  karsten  |  Owner:  metrics-team
 Type:  enhancement  | Status:  needs_review
 Priority:  Medium   |  Milestone:  metrics-lib 1.9.0
Component:  Metrics/metrics-lib  |Version:
 Severity:  Normal   | Resolution:
 Keywords:   |  Actual Points:
Parent ID:   | Points:
 Reviewer:   |Sponsor:
-+---
Changes (by karsten):

 * status:  needs_revision => needs_review


Comment:

 Please find my updated branch with a few tweaks.  I also just commented on
 #16225 to say that this ticket addresses some aspects of what's discussed
 there.  Regarding two suggestions made there:

  - Let's talk about switching to `Future`.  One possible benefit I see is
 that we could create such an instance and put it into the queue as soon as
 we have split a descriptor file into descriptor-sized chunks and then
 parse it in the background.  And we might not even do that now but change
 the interface to doing it in the future.  A possible drawback is that the
 interface might become a little more complicated.  I haven't tried out the
 change yet, so maybe I'm wrong.  What other aspects are there?

  - I couldn't think of a good way to avoid returning `null` in
 `getException()`, at least without `Optional` which we don't have yet.  Do
 you have any ideas?

 What do you think of the change made in this ticket more generally?  The
 commit I posted was mostly a conversation starter.  It's not too late to
 do something differently or not change anything at all if there are
 aspects I have overlooked.  Thanks!

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #16225 [Metrics/metrics-lib]: Unify exception/error handling in metrics-lib

[Tor Bug Tracker & Wiki]

#16225: Unify exception/error handling in metrics-lib
-+---
 Reporter:  karsten  |  Owner:  karsten
 Type:  enhancement  | Status:  needs_information
 Priority:  Medium   |  Milestone:  metrics-lib 1.9.0
Component:  Metrics/metrics-lib  |Version:
 Severity:  Normal   | Resolution:
 Keywords:   |  Actual Points:
Parent ID:   | Points:
 Reviewer:   |Sponsor:
-+---

Comment (by karsten):

 See also #22141 which has an implementation of some aspects discussed
 here.

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #22048 [Applications/Tor Browser]: Find search phrase is preserved between sessions

[Tor Bug Tracker & Wiki]

#22048: Find search phrase is preserved between sessions
--+---
 Reporter:  bugreporter69 |  Owner:  tbb-team
 Type:  defect| Status:  closed
 Priority:  Medium|  Milestone:
Component:  Applications/Tor Browser  |Version:
 Severity:  Normal| Resolution:  duplicate
 Keywords:|  Actual Points:
Parent ID:| Points:
 Reviewer:|Sponsor:
--+---
Changes (by gk):

 * status:  needs_information => closed
 * resolution:   => duplicate


Comment:

 Replying to [comment:2 brade]:
 > dup of #14139?

 I guess so.

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

[tor-bugs] #22537 [Internal Services/Service - lists]: Please add iwakeh as moderator to metrics-bugs@ and metrics-team@

[Tor Bug Tracker & Wiki]

#22537: Please add iwakeh as moderator to metrics-bugs@ and metrics-team@
---+-
 Reporter:  karsten|  Owner:  qbi
 Type:  task   | Status:  new
 Priority:  Medium |  Milestone:
Component:  Internal Services/Service - lists  |Version:
 Severity:  Normal |   Keywords:
Actual Points: |  Parent ID:
   Points: |   Reviewer:
  Sponsor: |
---+-
 As the summary says, please add iwakeh (AT tpo) as moderator to the
 metrics-bugs@ and metrics-team@ lists.  Thanks!

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #14139 [Applications/Tor Browser]: Tor browser shares its last search term with other browsers on OSX

[Tor Bug Tracker & Wiki]

#14139: Tor browser shares its last search term with other browsers on OSX
--+--
 Reporter:  clashman  |  Owner:  tbb-team
 Type:  defect| Status:  new
 Priority:  Medium|  Milestone:
Component:  Applications/Tor Browser  |Version:
 Severity:  Normal| Resolution:
 Keywords:  osx   |  Actual Points:
Parent ID:| Points:
 Reviewer:|Sponsor:
--+--
Changes (by gk):

 * cc: bugreporter69 (added)
 * severity:   => Normal


Comment:

 Resolved #22048 as a duplicate.

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #22529 [Applications/Tor Browser]: Find in Page is shared with Firefox

[Tor Bug Tracker & Wiki]

#22529: Find in Page is shared with Firefox
--+---
 Reporter:  ononvsdno |  Owner:  tbb-team
 Type:  defect| Status:  closed
 Priority:  High  |  Milestone:
Component:  Applications/Tor Browser  |Version:
 Severity:  Major | Resolution:  duplicate
 Keywords:  search|  Actual Points:
Parent ID:| Points:
 Reviewer:|Sponsor:
--+---
Changes (by gk):

 * status:  new => closed
 * version:  Tor: 0.3.0.7 =>
 * resolution:   => duplicate
 * milestone:  Tor: 0.3.0.x-final =>


Comment:

 Duplicate of #14139.

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #14139 [Applications/Tor Browser]: Tor browser shares its last search term with other browsers on OSX

[Tor Bug Tracker & Wiki]

#14139: Tor browser shares its last search term with other browsers on OSX
--+--
 Reporter:  clashman  |  Owner:  tbb-team
 Type:  defect| Status:  new
 Priority:  Medium|  Milestone:
Component:  Applications/Tor Browser  |Version:
 Severity:  Normal| Resolution:
 Keywords:  osx   |  Actual Points:
Parent ID:| Points:
 Reviewer:|Sponsor:
--+--
Changes (by gk):

 * cc: ononvsdno (added)


Comment:

 Resolved #22529 as duplicate.

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #22537 [Internal Services/Service - lists]: Please add iwakeh as moderator to metrics-bugs@ and metrics-team@

[Tor Bug Tracker & Wiki]

#22537: Please add iwakeh as moderator to metrics-bugs@ and metrics-team@
---+
 Reporter:  karsten|  Owner:  qbi
 Type:  task   | Status:  closed
 Priority:  Medium |  Milestone:
Component:  Internal Services/Service - lists  |Version:
 Severity:  Normal | Resolution:  fixed
 Keywords: |  Actual Points:
Parent ID: | Points:
 Reviewer: |Sponsor:
---+
Changes (by qbi):

 * status:  new => closed
 * resolution:   => fixed


--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #22537 [Internal Services/Service - lists]: Please add iwakeh as moderator to metrics-bugs@ and metrics-team@

[Tor Bug Tracker & Wiki]

#22537: Please add iwakeh as moderator to metrics-bugs@ and metrics-team@
---+
 Reporter:  karsten|  Owner:  qbi
 Type:  task   | Status:  closed
 Priority:  Medium |  Milestone:
Component:  Internal Services/Service - lists  |Version:
 Severity:  Normal | Resolution:  fixed
 Keywords: |  Actual Points:
Parent ID: | Points:
 Reviewer: |Sponsor:
---+

Comment (by karsten):

 Wow, that was quick.  Thanks!

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

[tor-bugs] #22538 [Applications/Tor Browser]: Changing circuit for page with certificate error switches catch-all circuit instead

[Tor Bug Tracker & Wiki]

#22538: Changing circuit for page with certificate error switches catch-all 
circuit
instead
--+-
 Reporter:  gk|  Owner:  tbb-team
 Type:  defect| Status:  new
 Priority:  Medium|  Milestone:
Component:  Applications/Tor Browser  |Version:
 Severity:  Normal|   Keywords:  tbb-linkability
Actual Points:|  Parent ID:
   Points:|   Reviewer:
  Sponsor:|
--+-
 Go to https://pinning-test.badssl.com/ and change the circuit for this
 site. The expected behavior would be to use a new circuit keyed to
 badssl.com. But what happens is that the catch-all circuit gets changed.
 Found in #22513.

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #22513 [Applications/Tor Browser]: Tor Browser connects to the same circuit even after CONNRESET received

[Tor Bug Tracker & Wiki]

#22513: Tor Browser connects to the same circuit even after CONNRESET received
--+---
 Reporter:  cypherpunks   |  Owner:  tbb-team
 Type:  defect| Status:  needs_information
 Priority:  Medium|  Milestone:
Component:  Applications/Tor Browser  |Version:
 Severity:  Normal| Resolution:
 Keywords:  tbb-usability |  Actual Points:
Parent ID:| Points:
 Reviewer:|Sponsor:
--+---

Comment (by gk):

 Replying to [comment:5 cypherpunks]:
 > The main issue of this ticket is
 > > Tor Browser connects to the same circuit even after CONNRESET
 received. That ends with "Secure Connection Failed" page.
 > Without that no error would occur.

 So what should happen under the hood? Tor Browser should be smart enough
 to use a new circuit automatically when `CONNRESET` is received?

 > The second issue, like in comment:3, is that
 > > "New Tor Circuit for this Site" should indeed change the circuit for
 it and not the catch-all one
 > (it has no relevance to `CONNRESET`)

 Then let's track it in a different bug: #22538.

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

[tor-bugs] #22539 [Applications/Tor Browser]: Going back to about:tor gives an invalid address error

[Tor Bug Tracker & Wiki]

#22539: Going back to about:tor gives an invalid address error
--+--
 Reporter:  cypherpunks   |  Owner:  tbb-team
 Type:  defect| Status:  new
 Priority:  Medium|  Milestone:
Component:  Applications/Tor Browser  |Version:
 Severity:  Normal|   Keywords:
Actual Points:|  Parent ID:
   Points:|   Reviewer:
  Sponsor:|
--+--
 Steps to reproduce:

 1. Go to `about:tor` by either entering it in the location bar or pressing
 Alt+Home.
 2. Browse to another address using the same tab.
 3. Go back one page by pressing the left arrow in the location bar or
 pressing Alt+Left.
 4. Get a 'The address isn’t valid' error page.

 Expected behavior would be to return back to the `about:tor` page.

 This is reproducible in Tor Browser 7.0 on Linux.

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #10760 [Applications/Tor Browser]: Integrate TorButton and TorLauncher to TorBrowser core to prevent users from disabling them

[Tor Bug Tracker & Wiki]

#10760: Integrate TorButton and TorLauncher to TorBrowser core to prevent users
from disabling them
--+--
 Reporter:  Rezonansowy   |  Owner:  tbb-team
 Type:  defect| Status:  new
 Priority:  High  |  Milestone:
Component:  Applications/Tor Browser  |Version:
 Severity:  Normal| Resolution:
 Keywords:  needs-triage  |  Actual Points:
Parent ID:| Points:
 Reviewer:|Sponsor:
--+--
Changes (by boklm):

 * cc: boklm (added)


--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #22539 [Applications/Tor Browser]: Going back to about:tor gives an invalid address error

[Tor Bug Tracker & Wiki]

#22539: Going back to about:tor gives an invalid address error
--+--
 Reporter:  cypherpunks   |  Owner:  tbb-team
 Type:  defect| Status:  new
 Priority:  Medium|  Milestone:
Component:  Applications/Tor Browser  |Version:
 Severity:  Normal| Resolution:
 Keywords:|  Actual Points:
Parent ID:| Points:
 Reviewer:|Sponsor:
--+--

Comment (by blockflare):

 Duplicate: https://trac.torproject.org/projects/tor/ticket/21948

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #22539 [Applications/Tor Browser]: Going back to about:tor gives an invalid address error

[Tor Bug Tracker & Wiki]

#22539: Going back to about:tor gives an invalid address error
--+---
 Reporter:  cypherpunks   |  Owner:  tbb-team
 Type:  defect| Status:  closed
 Priority:  Medium|  Milestone:
Component:  Applications/Tor Browser  |Version:
 Severity:  Normal| Resolution:  duplicate
 Keywords:|  Actual Points:
Parent ID:| Points:
 Reviewer:|Sponsor:
--+---
Changes (by gk):

 * status:  new => closed
 * resolution:   => duplicate


Comment:

 Yep, duplicate of #21948.

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #21948 [Applications/Tor Browser]: Going back to about:tor page gives a "The address isn’t valid"-error

[Tor Bug Tracker & Wiki]

#21948: Going back to about:tor page gives a "The address isn’t valid"-error
-+-
 Reporter:  gk   |  Owner:  tbb-
 |  team
 Type:  defect   | Status:  new
 Priority:  Medium   |  Milestone:
Component:  Applications/Tor Browser |Version:
 Severity:  Normal   | Resolution:
 Keywords:  ff52-esr, tbb-e10s, tbb-7.0-issues,  |  Actual Points:
  tbb-regression |
Parent ID:   | Points:
 Reviewer:   |Sponsor:
-+-

Comment (by gk):

 Resolved #22539 as duplicate.

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #22530 [Webpages/Blog]: Tor Browser 7.0 can't post on https://blog.torproject.org unless security slider is lowered

[Tor Bug Tracker & Wiki]

#22530: Tor Browser 7.0 can't post on https://blog.torproject.org unless 
security
slider is lowered
---+--
 Reporter:  cypherpunks|  Owner:  hiro
 Type:  defect | Status:  new
 Priority:  High   |  Milestone:
Component:  Webpages/Blog  |Version:
 Severity:  Major  | Resolution:
 Keywords: |  Actual Points:
Parent ID: | Points:
 Reviewer: |Sponsor:
---+--

Comment (by hiro):

 There is a problem with the menu bar. It needs js enabled to work. I am
 wondering if this can be fixed by having a custom admin template in
 drupal. The problem with building a custom admin template in drupal is
 that it might complicate things a bit.

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

[tor-bugs] #22540 [Applications/Tor Browser]: Some preferences are reset when browser is closed (even those in user.js)

[Tor Bug Tracker & Wiki]

#22540: Some preferences are reset when browser is closed (even those in 
user.js)
--+--
 Reporter:  nido  |  Owner:  tbb-team
 Type:  defect| Status:  new
 Priority:  Medium|  Milestone:
Component:  Applications/Tor Browser  |Version:
 Severity:  Normal|   Keywords:
Actual Points:|  Parent ID:
   Points:|   Reviewer:
  Sponsor:|
--+--
 I am using Tor Browser without Tor as described here:
 https://www.whonix.org/wiki/Tor_Browser_without_Tor

 Until the 7.0 update, these custom preferences could be set (in
 `about:config` or in `user.js` in the `profile.default` directory) and
 would persist when Tor Browser was closed and opened again:

 {{{
 // Disable proxying
 user_pref("network.proxy.socks_remote_dns", false);
 user_pref("network.proxy.type", 0);
 // Disable Tor service
 user_pref("extensions.torlauncher.start_tor", false);
 }}}

 Since the 7.0 update, only the `extensions.torlauncher.start_tor` setting
 persists. The others are reset when Tor Browser is closed, in both Linux
 and Windows. Even setting them in `user.js` has no effect; they need to be
 set manually each time Tor Browser is started. (At least they are applied
 at once so that using Tor Browser without Tor is possible.)

 How can they be made persistent?

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

[tor-bugs] #22541 [Applications/Tor Browser]: Support for Tor Browser without Tor?

[Tor Bug Tracker & Wiki]

#22541: Support for Tor Browser without Tor?
--+--
 Reporter:  nido  |  Owner:  tbb-team
 Type:  enhancement   | Status:  new
 Priority:  Medium|  Milestone:
Component:  Applications/Tor Browser  |Version:
 Severity:  Normal|   Keywords:
Actual Points:|  Parent ID:
   Points:|   Reviewer:
  Sponsor:|
--+--
 Even without Tor, Tor Browser offers better protection from online
 tracking than Firefox, Google Chrome/Chromium or Microsoft Edge,
 especially against fingerprinting, right?

 It ~~is~~ was (see #5236) easy to disable Tor in Tor Browser so as to use
 it as the default clearnet browser, as...

 * described here: https://www.whonix.org/wiki/Tor_Browser_without_Tor
 * and here: https://www.whonix.org/wiki/Tor_Browser_without_Tor
 * discussed here: https://forums.whonix.org/t/todo-research-and-document-
 how-to-use-tor-browser-for-security-not-anonymity-how-to-use-tbb-using-
 clearnet/3822
 * and here: https://lists.torproject.org/pipermail/tbb-
 dev/2017-April/000508.html

 What would you think about releasing and/or supporting a version of Tor
 Browser without Tor? Why would this not be a good idea?

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #22540 [Applications/Tor Browser]: Some preferences are reset when browser is closed (even those in user.js)

[Tor Bug Tracker & Wiki]

#22540: Some preferences are reset when browser is closed (even those in 
user.js)
--+---
 Reporter:  nido  |  Owner:  tbb-team
 Type:  defect| Status:  needs_information
 Priority:  Medium|  Milestone:
Component:  Applications/Tor Browser  |Version:
 Severity:  Normal| Resolution:
 Keywords:|  Actual Points:
Parent ID:| Points:
 Reviewer:|Sponsor:
--+---
Changes (by mcs):

 * cc: brade, mcs (added)
 * status:  new => needs_information


Comment:

 In Tor Browser 7.0, the Tor Launcher and Torbutton extensions work
 together to make it more difficult for people to accidentally disable Tor.
 Please try setting the TOR_TRANSPROXY environment variable before starting
 Tor Browser, or disable Tor Launcher extension. Then let us know if one of
 those solutions resolves this issue for you.

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #22541 [Applications/Tor Browser]: Support for Tor Browser without Tor?

[Tor Bug Tracker & Wiki]

#22541: Support for Tor Browser without Tor?
--+--
 Reporter:  nido  |  Owner:  tbb-team
 Type:  enhancement   | Status:  new
 Priority:  Medium|  Milestone:
Component:  Applications/Tor Browser  |Version:
 Severity:  Normal| Resolution:
 Keywords:|  Actual Points:
Parent ID:| Points:
 Reviewer:|Sponsor:
--+--

Comment (by nido):

 Sorry, I meant to refer to ticket #22540.

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #22451 [Applications/Tor Browser]: about:cache is not useful anymore in ESR52-based Tor Browser (only wyciwyg-URIs if at all any)

[Tor Bug Tracker & Wiki]

#22451: about:cache is not useful anymore in ESR52-based Tor Browser (only 
wyciwyg-
URIs if at all any)
-+-
 Reporter:  gk   |  Owner:  gk
 Type:  defect   | Status:
 |  assigned
 Priority:  High |  Milestone:
Component:  Applications/Tor Browser |Version:
 Severity:  Major| Resolution:
 Keywords:  ff52-esr, TorBrowserTeam201706,  |  Actual Points:
  GeorgKoppen201706, tbb-7.0-issues, tbb-|
  regression |
Parent ID:   | Points:
 Reviewer:   |Sponsor:
-+-
Changes (by gk):

 * priority:  Medium => High
 * severity:  Normal => Major


Comment:

 Hm, I found an unkeyed item in it today. I wonder how useful that
 `about:cache` page still is and whether it is actually telling the truth
 about the isolation...

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #22540 [Applications/Tor Browser]: Some preferences are reset when browser is closed (even those in user.js)

[Tor Bug Tracker & Wiki]

#22540: Some preferences are reset when browser is closed (even those in 
user.js)
--+---
 Reporter:  nido  |  Owner:  tbb-team
 Type:  defect| Status:  closed
 Priority:  Medium|  Milestone:
Component:  Applications/Tor Browser  |Version:
 Severity:  Normal| Resolution:  not a bug
 Keywords:|  Actual Points:
Parent ID:| Points:
 Reviewer:|Sponsor:
--+---
Changes (by nido):

 * status:  needs_information => closed
 * resolution:   => not a bug


Comment:

 Setting the preferences (in about:config or with user.js) and disabling
 Tor Launcher seem to resolve the issue. Thanks!

 Tor Browser in Linux (not in Windows) now opens with two "About Tor" home
 pages, but this may be unrelated.

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

[tor-bugs] #22542 [Applications/Tor Browser]: Tor Browser 7.0 Security Settings Window too small on macOS 10.12

[Tor Bug Tracker & Wiki]

#22542: Tor Browser 7.0 Security Settings Window too small on macOS 10.12
--+--
 Reporter:  teor  |  Owner:  tbb-team
 Type:  defect| Status:  new
 Priority:  Medium|  Milestone:
Component:  Applications/Tor Browser  |Version:
 Severity:  Normal|   Keywords:
Actual Points:|  Parent ID:
   Points:|   Reviewer:
  Sponsor:|
--+--
 When I run Tor Browser 7.0 on macOS 10.12, and open the security settings
 window, the last line of text is off the page. This is probably because
 the UI font changed.

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #21724 [Applications/Tor Browser]: Distinguish between Tor Browser and Firefox when macOS opens documents

[Tor Bug Tracker & Wiki]

#21724: Distinguish between Tor Browser and Firefox when macOS opens documents
--+--
 Reporter:  teor  |  Owner:  tbb-team
 Type:  defect| Status:  closed
 Priority:  Medium|  Milestone:
Component:  Applications/Tor Browser  |Version:
 Severity:  Normal| Resolution:  fixed
 Keywords:  TorBrowserTeam201703R |  Actual Points:
Parent ID:  #17670| Points:
 Reviewer:|Sponsor:
--+--

Comment (by teor):

 I had Tor Browser selected as my default browser (links automatically open
 in it). When I updated to Tor Browser 7.0, it stopped being my default
 browser, because the creator code changed due to this patch (or possibly
 #21723).

 This is what we expected to happen, but I thought I'd make a note here in
 case anyone reports this issue. Once users set 7.0 as the default browser,
 it will stay as the default, and it won't get confused with Firefox.

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #21723 [Applications/Tor Browser]: Fix inconsistent generation of MOZ_MACBUNDLE_ID

[Tor Bug Tracker & Wiki]

#21723: Fix inconsistent generation of MOZ_MACBUNDLE_ID
--+--
 Reporter:  teor  |  Owner:  tbb-team
 Type:  defect| Status:  closed
 Priority:  Medium|  Milestone:
Component:  Applications/Tor Browser  |Version:
 Severity:  Normal| Resolution:  fixed
 Keywords:  TorBrowserTeam201704R |  Actual Points:
Parent ID:  #17670| Points:
 Reviewer:|Sponsor:
--+--

Comment (by teor):

 If Tor Browser is the default browser in macOS, this change resets it.
 That's what we expected. See
 https://trac.torproject.org/projects/tor/ticket/21724#comment:7 for
 details.

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #16485 [Applications/Tor Browser]: Firefox bug - Unrecognized storage name 'null' in about:cache URL

[Tor Bug Tracker & Wiki]

#16485: Firefox bug - Unrecognized storage name 'null' in about:cache URL
-+-
 Reporter:  gk   |  Owner:  tbb-
 |  team
 Type:  defect   | Status:  closed
 Priority:  Medium   |  Milestone:
Component:  Applications/Tor Browser |Version:
 Severity:  Normal   | Resolution:  fixed
 Keywords:  tbb-usability,   |  Actual Points:
  TorBrowserTeam201706R  |
Parent ID:   | Points:
 Reviewer:   |Sponsor:
-+-

Comment (by gk):

 Replying to [comment:8 gk]:
 > Replying to [comment:7 mcs]:
 > > r=brade, r=mcs
 > > I have trouble making sense of what is displayed in about:cache, but
 this fix looks okay.
 >
 > That's probably due to the interface not being particular intuitive or
 more on this page being broken. :)
 >
 > > Is there a Firefox bug filed for this issue?
 >
 > Not yet, I plan to file one later and reference it in this ticket.

 Now it is: https://bugzilla.mozilla.org/show_bug.cgi?id=1371263

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #22493 [Core Tor/Tor]: Fix TROVE-2017-004

[Tor Bug Tracker & Wiki]

#22493: Fix TROVE-2017-004
--+
 Reporter:  nickm |  Owner:
 Type:  defect| Status:  new
 Priority:  High  |  Milestone:  Tor: 0.3.1.x-final
Component:  Core Tor/Tor  |Version:
 Severity:  Normal| Resolution:
 Keywords:|  Actual Points:
Parent ID:| Points:
 Reviewer:|Sponsor:
--+

Comment (by weasel):

 aka CVE-2017-0375

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #22494 [Core Tor/Tor]: Fix TROVE-2017-005

[Tor Bug Tracker & Wiki]

#22494: Fix TROVE-2017-005
--+
 Reporter:  nickm |  Owner:
 Type:  defect| Status:  new
 Priority:  High  |  Milestone:  Tor: 0.3.1.x-final
Component:  Core Tor/Tor  |Version:
 Severity:  Normal| Resolution:
 Keywords:|  Actual Points:
Parent ID:| Points:
 Reviewer:|Sponsor:
--+

Comment (by weasel):

 aka CVE-2017-0376

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #22540 [Applications/Tor Browser]: Some preferences are reset when browser is closed (even those in user.js)

[Tor Bug Tracker & Wiki]

#22540: Some preferences are reset when browser is closed (even those in 
user.js)
--+---
 Reporter:  nido  |  Owner:  tbb-team
 Type:  defect| Status:  closed
 Priority:  Medium|  Milestone:
Component:  Applications/Tor Browser  |Version:
 Severity:  Normal| Resolution:  not a bug
 Keywords:|  Actual Points:
Parent ID:| Points:
 Reviewer:|Sponsor:
--+---

Comment (by gk):

 Replying to [comment:2 nido]:
 > Setting the preferences (in about:config or with user.js) and disabling
 Tor Launcher seems to resolve the issue. Thanks!

 You are welcome.

 > Tor Browser in Linux (not in Windows) now opens with two "About Tor"
 home pages, but this may be unrelated.

 Could you open a new ticket in our bug tracker with steps to reproduce the
 issue?

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #22541 [Applications/Tor Browser]: Support for Tor Browser without Tor?

[Tor Bug Tracker & Wiki]

#22541: Support for Tor Browser without Tor?
--+
 Reporter:  nido  |  Owner:  tbb-team
 Type:  enhancement   | Status:  closed
 Priority:  Medium|  Milestone:
Component:  Applications/Tor Browser  |Version:
 Severity:  Normal| Resolution:  worksforme
 Keywords:|  Actual Points:
Parent ID:| Points:
 Reviewer:|Sponsor:
--+
Changes (by gk):

 * status:  new => closed
 * resolution:   => worksforme


Comment:

 Seems this is not a bug either (after #22540 turned out to be not a bug)?
 If I am wrong please reopen and provide more information about what
 exactly is missing but has been available previously.

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #22542 [Applications/Tor Browser]: Tor Browser 7.0 Security Settings Window too small on macOS 10.12

[Tor Bug Tracker & Wiki]

#22542: Tor Browser 7.0 Security Settings Window too small on macOS 10.12
-+-
 Reporter:  teor |  Owner:  tbb-
 |  team
 Type:  defect   | Status:
 |  needs_information
 Priority:  Medium   |  Milestone:
Component:  Applications/Tor Browser |Version:
 Severity:  Normal   | Resolution:
 Keywords:  tbb-7.0-issues, tbb-regression,  |  Actual Points:
  tbb-security-slider|
Parent ID:   | Points:
 Reviewer:   |Sponsor:
-+-
Changes (by gk):

 * keywords:   => tbb-7.0-issues, tbb-regression, tbb-security-slider
 * cc: arthuredelstein (added)
 * status:  new => needs_information


Comment:

 So, you don't get a scrollbar and the text is off the page? Or is the
 issue that you are already getting a scrollbar on the level with the least
 amount of text?

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #22542 [Applications/Tor Browser]: Tor Browser 7.0 Security Settings Window too small on macOS 10.12

[Tor Bug Tracker & Wiki]

#22542: Tor Browser 7.0 Security Settings Window too small on macOS 10.12
-+-
 Reporter:  teor |  Owner:  tbb-
 |  team
 Type:  defect   | Status:  new
 Priority:  Medium   |  Milestone:
Component:  Applications/Tor Browser |Version:
 Severity:  Normal   | Resolution:
 Keywords:  tbb-7.0-issues, tbb-regression,  |  Actual Points:
  tbb-security-slider|
Parent ID:   | Points:
 Reviewer:   |Sponsor:
-+-
Changes (by teor):

 * status:  needs_information => new


Comment:

 Replying to [comment:1 gk]:
 > So, you don't get a scrollbar and the text is off the page? Or is the
 issue that you are already getting a scrollbar on the level with the least
 amount of text?

 What I see:

 There is no visual indication that there is any extra text in the window
 that can be scrolled to.

 There is a scrollbar, but on macOS, it is invisible until the user starts
 scrolling.
 If a user just happens to start scrolling, then the final line becomes
 visible, but the first line is hidden.

 The scrolling also makes it hard to tell exactly which lines apply to Low,
 Medium, and High.

 What I expect:

 All the text is shown on the screen when the user opens the window.

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #22541 [Applications/Tor Browser]: Support for Tor Browser without Tor?

[Tor Bug Tracker & Wiki]

#22541: Support for Tor Browser without Tor?
--+--
 Reporter:  nido  |  Owner:  tbb-team
 Type:  enhancement   | Status:  reopened
 Priority:  Medium|  Milestone:
Component:  Applications/Tor Browser  |Version:
 Severity:  Normal| Resolution:
 Keywords:|  Actual Points:
Parent ID:| Points:
 Reviewer:|Sponsor:
--+--
Changes (by nido):

 * status:  closed => reopened
 * resolution:  worksforme =>


Comment:

 It isn't a bug. Thus I marked it as an enhancement and wrote at the end:

 "What would you think about releasing and/or supporting a version of Tor
 Browser without Tor? Why would this not be a good idea?"

 I was hoping to get some input from developers. I thought the bug tracker
 would be useful for that. If it's not, change its status to closed again.

 (I'd edit the description if I could.)

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #22542 [Applications/Tor Browser]: Tor Browser 7.0 Security Settings Window too small on macOS 10.12

[Tor Bug Tracker & Wiki]

#22542: Tor Browser 7.0 Security Settings Window too small on macOS 10.12
-+-
 Reporter:  teor |  Owner:  tbb-
 |  team
 Type:  defect   | Status:  new
 Priority:  Medium   |  Milestone:
Component:  Applications/Tor Browser |Version:
 Severity:  Normal   | Resolution:
 Keywords:  tbb-7.0-issues, tbb-regression,  |  Actual Points:
  tbb-security-slider|
Parent ID:   | Points:
 Reviewer:   |Sponsor:
-+-

Comment (by teor):

 Replying to [comment:2 teor]:
 > Replying to [comment:1 gk]:
 > > So, you don't get a scrollbar and the text is off the page? Or is the
 issue that you are already getting a scrollbar on the level with the least
 amount of text?

 This only happens when I am in High Security Mode.
 The scrollbar appears for a few seconds when I first switch to High
 Security Mode, then disappears. (I didn't see the scrollbar to start with,
 because I was in High Security Mode before I upgraded.)

 > What I see:
 >
 > There is no visual indication that there is any extra text in the window
 that can be scrolled to.
 >
 > There is a scrollbar, but on macOS, it is invisible until the user
 starts scrolling.
 > If a user just happens to start scrolling, then the final line becomes
 visible, but the first line is hidden.
 >
 > The scrolling also makes it hard to tell exactly which lines apply to
 Low, Medium, and High.
 >
 > What I expect:
 >
 > All the text is shown on the screen when the user opens the window.

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

[tor-bugs] #22543 [Applications/Tor Browser]: Tor Browser 7.0 shows window resize warning on every new window for a few seconds

[Tor Bug Tracker & Wiki]

#22543: Tor Browser 7.0 shows window resize warning on every new window for a 
few
seconds
--+--
 Reporter:  teor  |  Owner:  tbb-team
 Type:  defect| Status:  new
 Priority:  Medium|  Milestone:
Component:  Applications/Tor Browser  |Version:
 Severity:  Normal|   Keywords:
Actual Points:|  Parent ID:
   Points:|   Reviewer:
  Sponsor:|
--+--
 When I open a new Tor Browser window using Tor Browser 7.0 on macOS 10.12,
 I see a warning about resizing the window appear for a few seconds. Then
 it disappears.

 This only happens when I open a new window with the default content
 (about:tor).

 When I open a new empty tab, new tab with content, or new window with
 content, I don't see the warning.

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #22541 [Applications/Tor Browser]: Support for Tor Browser without Tor?

[Tor Bug Tracker & Wiki]

#22541: Support for Tor Browser without Tor?
--+--
 Reporter:  nido  |  Owner:  tbb-team
 Type:  enhancement   | Status:  reopened
 Priority:  Medium|  Milestone:
Component:  Applications/Tor Browser  |Version:
 Severity:  Normal| Resolution:
 Keywords:|  Actual Points:
Parent ID:| Points:
 Reviewer:|Sponsor:
--+--

Comment (by mcs):

 This would not be a good idea because we don't want the average person to
 download something named "Tor Browser" and later learn that it does not
 use the Tor Network.

 Using Tor Browser without Tor is something we can support for advanced
 users, but in my opinion it would be dangerous to provide such a browser
 to most users. And I don't think we have enough developers working on Tor
 Browser to support a rebranded fork (not named "Tor Browser") although
 someone else could start such a project.

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #22510 [Webpages/Blog]: Increasing brand presence on the Tor blog (i.e. to make it look more Tor-y)

[Tor Bug Tracker & Wiki]

#22510: Increasing brand presence on the Tor blog (i.e. to make it look more 
Tor-y)
---+--
 Reporter:  linda  |  Owner:  antonela
 Type:  enhancement| Status:  assigned
 Priority:  Medium |  Milestone:
Component:  Webpages/Blog  |Version:
 Severity:  Normal | Resolution:
 Keywords: |  Actual Points:
Parent ID: | Points:
 Reviewer: |Sponsor:
---+--

Comment (by teor):

 I'd appreciate it if we could reduce the number of fonts, colours, sizes,
 and styles used on the new blog. It looks very untidy with every second
 line looking slightly different.

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #22510 [Webpages/Blog]: Increasing brand presence on the Tor blog (i.e. to make it look more Tor-y)

[Tor Bug Tracker & Wiki]

#22510: Increasing brand presence on the Tor blog (i.e. to make it look more 
Tor-y)
---+--
 Reporter:  linda  |  Owner:  antonela
 Type:  enhancement| Status:  assigned
 Priority:  Medium |  Milestone:
Component:  Webpages/Blog  |Version:
 Severity:  Normal | Resolution:
 Keywords: |  Actual Points:
Parent ID: | Points:
 Reviewer: |Sponsor:
---+--

Comment (by linda):

 Replying to [comment:2 teor]:
 > I'd appreciate it if we could reduce the number of fonts, colours,
 sizes, and styles used on the new blog. It looks very untidy with every
 second line looking slightly different.

 Great point. It's a good practice to do so. I'll relay this information to
 Antonela--although I hope that she is already taking this into account.

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #22510 [Webpages/Blog]: Increasing brand presence on the Tor blog (i.e. to make it look more Tor-y)

[Tor Bug Tracker & Wiki]

#22510: Increasing brand presence on the Tor blog (i.e. to make it look more 
Tor-y)
---+--
 Reporter:  linda  |  Owner:  antonela
 Type:  enhancement| Status:  assigned
 Priority:  Medium |  Milestone:
Component:  Webpages/Blog  |Version:
 Severity:  Normal | Resolution:
 Keywords: |  Actual Points:
Parent ID: | Points:
 Reviewer: |Sponsor:
---+--

Comment (by teor):

 In particular, the h2 style is jarring: it's the only forced-caps font on
 most pages. And it's not particularly readable.

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #22395 [Webpages/Blog]: find a way to present the comment threading more intuitively

[Tor Bug Tracker & Wiki]

#22395: find a way to present the comment threading more intuitively
---+--
 Reporter:  arma   |  Owner:  antonela
 Type:  defect | Status:  assigned
 Priority:  Medium |  Milestone:
Component:  Webpages/Blog  |Version:
 Severity:  Normal | Resolution:
 Keywords:  ux-team|  Actual Points:
Parent ID:  #22013 | Points:
 Reviewer: |Sponsor:
---+--

Comment (by linda):

 Replying to [comment:6 arma]:
 > Replying to [comment:5 arma]:
 > > Something interesting that we can make use of here that is probably
 nonstandard for this situation: everybody who has a blog account is a Tor
 person, and is thus (from our perspective) inherently more worth listening
 to.
 >
 > For one idea, see the white boxes around comments by the author of the
 blog post:
 >
 https://web.archive.org/web/20170514015915/https://blog.torproject.org/blog
 /transparency-openness-and-our-2015-financials

 These are great ideas. I'll forward them along to Antonela. :)

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #22510 [Webpages/Blog]: Increasing brand presence on the Tor blog (i.e. to make it look more Tor-y)

[Tor Bug Tracker & Wiki]

#22510: Increasing brand presence on the Tor blog (i.e. to make it look more 
Tor-y)
---+--
 Reporter:  linda  |  Owner:  antonela
 Type:  enhancement| Status:  assigned
 Priority:  Medium |  Milestone:
Component:  Webpages/Blog  |Version:
 Severity:  Normal | Resolution:
 Keywords: |  Actual Points:
Parent ID: | Points:
 Reviewer: |Sponsor:
---+--

Comment (by linda):

 Replying to [comment:4 teor]:
 > In particular, the h2 style is jarring: it's the only forced-caps font
 on most pages. And it's not particularly readable.

 *looks at blog*

 Yeah, it's a bit awkward. It's so much smaller than h1, but it seems like
 it's SCREAMING FOR ATTENTION.

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #22507 [Internal Services/Service - lists]: Please prepare schleuder transport for tor-community-coun...@torproject.org

[Tor Bug Tracker & Wiki]

#22507: Please prepare schleuder transport for 
tor-community-coun...@torproject.org
---+-
 Reporter:  hiro   |  Owner:  qbi
 Type:  defect | Status:  new
 Priority:  Medium |  Milestone:
Component:  Internal Services/Service - lists  |Version:
 Severity:  Normal | Resolution:
 Keywords: |  Actual Points:
Parent ID: | Points:
 Reviewer: |Sponsor:
---+-
Changes (by hiro):

 * owner:  tpa => qbi
 * component:  Internal Services/Tor Sysadmin Team => Internal
 Services/Service - lists


--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #22542 [Applications/Tor Browser]: Tor Browser 7.0 Security Settings Window too small on macOS 10.12

[Tor Bug Tracker & Wiki]

#22542: Tor Browser 7.0 Security Settings Window too small on macOS 10.12
-+-
 Reporter:  teor |  Owner:  tbb-
 |  team
 Type:  defect   | Status:
 |  needs_review
 Priority:  Medium   |  Milestone:
Component:  Applications/Tor Browser |Version:
 Severity:  Normal   | Resolution:
 Keywords:  tbb-7.0-issues, tbb-regression,  |  Actual Points:
  tbb-security-slider, TorBrowserTeam201706R |
Parent ID:   | Points:
 Reviewer:   |Sponsor:
-+-
Changes (by mcs):

 * keywords:  tbb-7.0-issues, tbb-regression, tbb-security-slider =>
 tbb-7.0-issues, tbb-regression, tbb-security-slider,
 TorBrowserTeam201706R
 * status:  new => needs_review


Comment:

 Here is a simple fix (increase a hard-coded height):
 https://gitweb.torproject.org/user/brade/torbutton.git/commit/?h=bug22542-01
 I assume this won't look too bad on the other platforms.

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #22513 [Applications/Tor Browser]: Tor Browser connects to the same circuit even after CONNRESET received

[Tor Bug Tracker & Wiki]

#22513: Tor Browser connects to the same circuit even after CONNRESET received
--+---
 Reporter:  cypherpunks   |  Owner:  tbb-team
 Type:  defect| Status:  needs_information
 Priority:  Medium|  Milestone:
Component:  Applications/Tor Browser  |Version:
 Severity:  Normal| Resolution:
 Keywords:  tbb-usability |  Actual Points:
Parent ID:| Points:
 Reviewer:|Sponsor:
--+---

Comment (by cypherpunks):

 Replying to [comment:6 gk]:
 > Replying to [comment:5 cypherpunks]:
 > > The main issue of this ticket is
 > > > Tor Browser connects to the same circuit even after CONNRESET
 received. That ends with "Secure Connection Failed" page.
 > > Without that no error would occur.
 >
 > So what should happen under the hood?
 Something that allows to continue browsing the site.
 > Tor Browser should be smart enough to use a new circuit automatically
 when `CONNRESET` is received?
 Are other options available?
 Without new circuit any request ends with `CONNRESET`, even in a new tab,
 making website inaccessible.
 > > The second issue, like in comment:3, is that
 > > > "New Tor Circuit for this Site" should indeed change the circuit for
 it and not the catch-all one
 > > (it has no relevance to `CONNRESET`)
 >
 > Then let's track it in a different bug: #22538.
 No problem.

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #22541 [Applications/Tor Browser]: Support for Tor Browser without Tor?

[Tor Bug Tracker & Wiki]

#22541: Support for Tor Browser without Tor?
--+--
 Reporter:  nido  |  Owner:  tbb-team
 Type:  enhancement   | Status:  reopened
 Priority:  Medium|  Milestone:
Component:  Applications/Tor Browser  |Version:
 Severity:  Normal| Resolution:
 Keywords:|  Actual Points:
Parent ID:| Points:
 Reviewer:|Sponsor:
--+--

Comment (by nido):

 Could someone point me to which files to edit to rebrand Tor Browser?

 Do any of you have any thoughts about how its security and privacy
 features compare to the major browsers when it's used without Tor? Would
 you use it (without Tor) instead of Chrome/Chromium/Firefox/Brave/...? Why
 (not)?

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #22542 [Applications/Tor Browser]: Tor Browser 7.0 Security Settings Window too small on macOS 10.12

[Tor Bug Tracker & Wiki]

#22542: Tor Browser 7.0 Security Settings Window too small on macOS 10.12
-+-
 Reporter:  teor |  Owner:  tbb-
 |  team
 Type:  defect   | Status:
 |  needs_review
 Priority:  Medium   |  Milestone:
Component:  Applications/Tor Browser |Version:
 Severity:  Normal   | Resolution:
 Keywords:  tbb-7.0-issues, tbb-regression,  |  Actual Points:
  tbb-security-slider, TorBrowserTeam201706R |
Parent ID:   | Points:
 Reviewer:   |Sponsor:
-+-

Comment (by cypherpunks):

 > UI font changed
 Spacing between lines changed.

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #22346 [Metrics/Metrics website]: tor browser update URL change and the update ping metrics

[Tor Bug Tracker & Wiki]

#22346: tor browser update URL change and the update ping metrics
-+--
 Reporter:  cypherpunks  |  Owner:  metrics-team
 Type:  defect   | Status:  new
 Priority:  Medium   |  Milestone:
Component:  Metrics/Metrics website  |Version:
 Severity:  Normal   | Resolution:
 Keywords:   |  Actual Points:
Parent ID:   | Points:
 Reviewer:   |Sponsor:
-+--

Comment (by karsten):

 Replying to [comment:5 gk]:
 > Not yet. How are we dealing with redirects we have/had in place? Do/did
 we double-count requests that get/got redirected?

 We're [https://metrics.torproject.org/stats.html#webstats disregarding
 redirects (code 302) and only counting succeeded requests (code 200)].
 Should we do this differently?

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #22346 [Metrics/Metrics website]: tor browser update URL change and the update ping metrics

[Tor Bug Tracker & Wiki]

#22346: tor browser update URL change and the update ping metrics
-+--
 Reporter:  cypherpunks  |  Owner:  metrics-team
 Type:  defect   | Status:  new
 Priority:  Medium   |  Milestone:
Component:  Metrics/Metrics website  |Version:
 Severity:  Normal   | Resolution:
 Keywords:   |  Actual Points:
Parent ID:   | Points:
 Reviewer:   |Sponsor:
-+--

Comment (by karsten):

 Replying to [comment:6 boklm]:
 > Replying to [comment:4 karsten]:
 > > boklm, gk, any ideas what we're missing?
 >
 > I don't see what is missing, or if something is missing.
 >
 > Would it be possible to run the same request, for the days January 24,
 25, 26 (when the update pings dropped), and April 4, 5, 6 (when they
 increased), to try to understand what changed? Maybe seeing which type of
 URL dropped or increased on those days can tell us if we are missing
 something.

 Sure, here's the output:

 {{{
 webstats=> SELECT log_date, site,
 webstats-> substr(resource_string, 1,
 webstats(>   strpos(resource_string, 'update_') + 8) AS resource_part,
 webstats-> SUM(count) AS count
 webstats->   FROM files NATURAL JOIN requests NATURAL JOIN resources
 webstats->   WHERE resource_string LIKE '%/torbrowser/update\__/%'
 webstats->   AND resource_string NOT LIKE '%.xml'
 webstats->   AND response_code = 200
 webstats->   AND method = 'GET'
 webstats->   AND (log_date = '2017-01-24'
 webstats(> OR log_date = '2017-01-25'
 webstats(> OR log_date = '2017-01-26'
 webstats(> OR log_date = '2017-04-04'
 webstats(> OR log_date = '2017-04-05'
 webstats(> OR log_date = '2017-04-06')
 webstats->   GROUP BY log_date, site, resource_part
 webstats->   ORDER BY log_date, count DESC;
   log_date  |  site  |   resource_part
 |  count
 
++---+-
  2017-01-24 | dist.torproject.org| /torbrowser/update_2/
 | 2025386
  2017-01-24 | aus1.torproject.org| /torbrowser/update_2/
 |   33549
  2017-01-24 | archive.torproject.org | /tor-package-
 archive/torbrowser/update_2/ |   1
  2017-01-25 | dist.torproject.org| /torbrowser/update_2/
 |  692113
  2017-01-25 | aus1.torproject.org| /torbrowser/update_2/
 |  151832
  2017-01-26 | aus1.torproject.org| /torbrowser/update_2/
 |  381621
  2017-01-26 | dist.torproject.org| /torbrowser/update_2/
 |  362971
  2017-01-26 | archive.torproject.org | /tor-package-
 archive/torbrowser/update_2/ |   2
  2017-04-04 | aus1.torproject.org| /torbrowser/update_2/
 |  655434
  2017-04-04 | dist.torproject.org| /torbrowser/update_2/
 |   50278
  2017-04-04 | archive.torproject.org | /tor-package-
 archive/torbrowser/update_2/ |   8
  2017-04-05 | aus1.torproject.org| /torbrowser/update_2/
 | 1488508
  2017-04-05 | dist.torproject.org| /torbrowser/update_2/
 |   5
  2017-04-05 | archive.torproject.org | /tor-package-
 archive/torbrowser/update_2/ |  23
  2017-04-06 | aus1.torproject.org| /torbrowser/update_2/
 | 1847522
  2017-04-06 | dist.torproject.org| /torbrowser/update_2/
 |   50576
  2017-04-06 | archive.torproject.org | /tor-package-
 archive/torbrowser/update_2/ |  11
 (17 rows)
 }}}

 Would you want to play with the database yourself?  It's ~3G uncompressed,
 so it shouldn't be that hard to dump and compress it.  You'd have to
 create a local PostgreSQL database and import that file, and then you
 could run requests like this yourself.  (I'd still be around to help with
 the schema as needed!)

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #22543 [Applications/Tor Browser]: Tor Browser 7.0 shows window resize warning on every new window for a few seconds

[Tor Bug Tracker & Wiki]

#22543: Tor Browser 7.0 shows window resize warning on every new window for a 
few
seconds
-+-
 Reporter:  teor |  Owner:  tbb-
 |  team
 Type:  defect   | Status:  new
 Priority:  Medium   |  Milestone:
Component:  Applications/Tor Browser |Version:
 Severity:  Normal   | Resolution:
 Keywords:  ff52-esr, tbb-e10s, tbb-7.0-issues,  |  Actual Points:
  tbb-regression |
Parent ID:   | Points:
 Reviewer:   |Sponsor:
-+-
Changes (by cypherpunks):

 * keywords:   => ff52-esr, tbb-e10s, tbb-7.0-issues, tbb-regression


--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #22535 [Applications/Tor Browser]: searching from about:tor brings me to duckduckgo but my query is discarded

[Tor Bug Tracker & Wiki]

#22535: searching from about:tor brings me to duckduckgo but my query is 
discarded
-+-
 Reporter:  arma |  Owner:  tbb-
 |  team
 Type:  defect   | Status:  new
 Priority:  Medium   |  Milestone:
Component:  Applications/Tor Browser |Version:
 Severity:  Normal   | Resolution:
 Keywords:  ff52-esr, tbb-e10s, tbb-7.0-issues,  |  Actual Points:
  tbb-regression, tbb-usability  |
Parent ID:   | Points:
 Reviewer:   |Sponsor:
-+-
Changes (by cypherpunks):

 * keywords:  tbb-usability => ff52-esr, tbb-e10s, tbb-7.0-issues, tbb-
 regression, tbb-usability


--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

[tor-bugs] #22544 [- Select a component]: JS-based crypto VERY slow since 7.0 update?

[Tor Bug Tracker & Wiki]

#22544: JS-based crypto VERY slow since 7.0 update?
--+-
 Reporter:  jiminycricket |  Owner:
 Type:  defect| Status:  new
 Priority:  Medium|  Milestone:
Component:  - Select a component  |Version:
 Severity:  Normal|   Keywords:
Actual Points:|  Parent ID:
   Points:|   Reviewer:
  Sponsor:|
--+-
 Hi,

 I tried using two services with JS-based crypto in Tor Browser 7.0, and
 they are suddenly VERY slow - they work, but only after a long delay, much
 longer than before.

 Try: https://cryptodog.github.io/cryptodog/

 Or logging into ProtonMail:

 protonmail.com or
 https://protonirockerxow.onion/

 I am using 64 bit Fedora 24 with the GNOME Wayland desktop.

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #12931 [Core Tor/Tor]: TOR_PT_SERVER_TRANSPORT_OPTIONS are not escaped according to pt-spec.txt

[Tor Bug Tracker & Wiki]

#12931: TOR_PT_SERVER_TRANSPORT_OPTIONS are not escaped according to pt-spec.txt
+--
 Reporter:  yawning |  Owner:  nickm
 Type:  defect  | Status:  assigned
 Priority:  Low |  Milestone:  Tor:
|  0.3.1.x-final
Component:  Core Tor/Tor|Version:  Tor:
|  unspecified
 Severity:  Normal  | Resolution:
 Keywords:  pluggable, transports, pt-spec  |  Actual Points:
Parent ID:  | Points:
 Reviewer:  |Sponsor:
+--
Changes (by catalyst):

 * cc: catalyst (added)


--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #22544 [- Select a component]: JS-based crypto VERY slow since 7.0 update?

[Tor Bug Tracker & Wiki]

#22544: JS-based crypto VERY slow since 7.0 update?
--+-
 Reporter:  jiminycricket |  Owner:
 Type:  defect| Status:  new
 Priority:  Medium|  Milestone:
Component:  - Select a component  |Version:
 Severity:  Normal| Resolution:
 Keywords:|  Actual Points:
Parent ID:| Points:
 Reviewer:|Sponsor:
--+-

Comment (by cypherpunks):

 See #22500

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #22543 [Applications/Tor Browser]: Tor Browser 7.0 shows window resize warning on every new window for a few seconds

[Tor Bug Tracker & Wiki]

#22543: Tor Browser 7.0 shows window resize warning on every new window for a 
few
seconds
-+-
 Reporter:  teor |  Owner:  tbb-
 |  team
 Type:  defect   | Status:  new
 Priority:  Medium   |  Milestone:
Component:  Applications/Tor Browser |Version:
 Severity:  Normal   | Resolution:
 Keywords:  ff52-esr, tbb-7.0-issues, tbb-   |  Actual Points:
  regression |
Parent ID:   | Points:
 Reviewer:   |Sponsor:
-+-
Changes (by mcs):

 * cc: arthuredelstein (added)
 * keywords:  ff52-esr, tbb-e10s, tbb-7.0-issues, tbb-regression =>
 ff52-esr, tbb-7.0-issues, tbb-regression


Comment:

 This is easy to reproduce, at least on OSX. It occurs even when e10s is
 disabled.

 After a window state change (`sizemodechange` event), the Torbutton code
 checks for `window.windowState === 1` (which is `STATE_MAXIMIZED`) and
 then adds the resize warning notification. In TB 7.0 that state occurs
 each time a new window is opened (at least in response to Cmd+N on OSX).
 But I don't know why. It seems to have something to do with the anti-
 fingerprinting window sizing code, because this problem does not occur if
 I set `privacy.resistFingerprinting = false`.

 I haven't tested this yet on Linux or Windows.

 A side note: it seems like we should add the warning for `windowState ===
 STATE_FULLSCREEN` too (but that is a different bug or a design decision
 that I am not familiar with).

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

[tor-bugs] #22545 [Applications/Tor Browser]: .onion sites are being labled with "insecure connection"

[Tor Bug Tracker & Wiki]

#22545: .onion sites are being labled with "insecure connection"
--+
 Reporter:  mrphs |  Owner:  tbb-team
 Type:  enhancement   | Status:  new
 Priority:  Immediate |  Milestone:
Component:  Applications/Tor Browser  |Version:
 Severity:  Blocker   |   Keywords:  #ux-team #tbb-
  |  usabilty
Actual Points:|  Parent ID:
   Points:|   Reviewer:
  Sponsor:|
--+
 After the recent update to TB 7.0 I noticed that the Tor Browser warns
 users that their connection to .onion sites are NOT secure with their
 "lock" icon crossed with a red line.

 And if the .onion site happens to have a password field, users gets a
 warning for entering their password on an insecure website.

 I believe this is due to recent UX changes in Firefox to warn users
 against website without TLS and seems like they haven't considered .onion
 usecase in their design.

 This terribly affects the experience of highly targeted users who might
 not have a clear understanding on the technology and are instructed to use
 .onion for their online and physical safety (eg for securedrop).

 I'm going to mark this ticket as "blocker" because I witnessed it blocked
 a user from using an .onion site and Tor Browser all together. They
 switched back to chrome on clearnet as they were worried they're doing
 things wrong and that it might have compromised their security.

 We should probably be a bit more careful with changes like that in future.
 Especially at a time like this.

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #22545 [Applications/Tor Browser]: .onion sites are being labled with "insecure connection"

[Tor Bug Tracker & Wiki]

#22545: .onion sites are being labled with "insecure connection"
--+--
 Reporter:  mrphs |  Owner:  tbb-team
 Type:  enhancement   | Status:  new
 Priority:  Immediate |  Milestone:
Component:  Applications/Tor Browser  |Version:
 Severity:  Blocker   | Resolution:
 Keywords:  #ux-team #tbb-usabilty|  Actual Points:
Parent ID:| Points:
 Reviewer:|Sponsor:
--+--
Description changed by mrphs:

Old description:

> After the recent update to TB 7.0 I noticed that the Tor Browser warns
> users that their connection to .onion sites are NOT secure with their
> "lock" icon crossed with a red line.
>
> And if the .onion site happens to have a password field, users gets a
> warning for entering their password on an insecure website.
>
> I believe this is due to recent UX changes in Firefox to warn users
> against website without TLS and seems like they haven't considered .onion
> usecase in their design.
>
> This terribly affects the experience of highly targeted users who might
> not have a clear understanding on the technology and are instructed to
> use .onion for their online and physical safety (eg for securedrop).
>
> I'm going to mark this ticket as "blocker" because I witnessed it blocked
> a user from using an .onion site and Tor Browser all together. They
> switched back to chrome on clearnet as they were worried they're doing
> things wrong and that it might have compromised their security.
>
> We should probably be a bit more careful with changes like that in
> future. Especially at a time like this.

New description:

 After the recent update to TB 7.0 I noticed that the Tor Browser warns
 users that their connection to .onion sites are NOT secure with their
 "lock icon" crossed with a red line.

 [[Image(#22545:insecure_onion.png, 300px)]]

 And if the .onion site happens to have a password field, users gets a
 warning for entering their password on an insecure website.

 [[Image(#22545:insecure_onion_password.png, 300px)]]

 I believe this is due to recent UX changes in Firefox to warn users
 against website without TLS and seems like they haven't considered .onion
 usecase in their design.

 This terribly affects the experience of highly targeted users who might
 not have a clear understanding on the technology and are instructed to use
 .onion for their online and physical safety (eg for SecureDrop).

 I'm going to mark this ticket as "blocker" because I witnessed it blocked
 a user from using an .onion site and Tor Browser all together. They
 switched back to chrome on clearnet as they were worried they're doing
 things wrong and that it might have compromised their security.

 We should probably be a bit more careful with changes like that in future.
 Especially at a time like this.

--

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #22545 [Applications/Tor Browser]: .onion sites are being labled with "insecure connection"

[Tor Bug Tracker & Wiki]

#22545: .onion sites are being labled with "insecure connection"
--+--
 Reporter:  mrphs |  Owner:  tbb-team
 Type:  enhancement   | Status:  new
 Priority:  Immediate |  Milestone:
Component:  Applications/Tor Browser  |Version:
 Severity:  Blocker   | Resolution:
 Keywords:  #ux-team #tbb-usabilty|  Actual Points:
Parent ID:| Points:
 Reviewer:|Sponsor:
--+--

Comment (by mrphs):

 It goes without saying that such changes significantly affect the push and
 efforts by the greater community to implement and adopt the use of .onion
 services and Tor Browser. Perhaps it wouldn't be a bad investment to have
 someone watch the changes of Firefox UX more closely.

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #22545 [Applications/Tor Browser]: .onion sites are being labled with "insecure connection"

[Tor Bug Tracker & Wiki]

#22545: .onion sites are being labled with "insecure connection"
--+--
 Reporter:  mrphs |  Owner:  tbb-team
 Type:  enhancement   | Status:  new
 Priority:  Immediate |  Milestone:
Component:  Applications/Tor Browser  |Version:
 Severity:  Blocker   | Resolution:
 Keywords:  #ux-team #tbb-usabilty|  Actual Points:
Parent ID:| Points:
 Reviewer:|Sponsor:
--+--

Comment (by mrphs):

 To re-produce the issue, visit any .onion site with password field in it:
 http://j6uhdvbhz74oefxf.onion/

 Only those handful of sites with a TLS cert on top of .onion are not
 affected by this change.

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #22545 [Applications/Tor Browser]: .onion sites are being labled with "insecure connection"

[Tor Bug Tracker & Wiki]

#22545: .onion sites are being labled with "insecure connection"
--+--
 Reporter:  mrphs |  Owner:  tbb-team
 Type:  enhancement   | Status:  new
 Priority:  Immediate |  Milestone:
Component:  Applications/Tor Browser  |Version:
 Severity:  Blocker   | Resolution:
 Keywords:  #ux-team #tbb-usabilty|  Actual Points:
Parent ID:| Points:
 Reviewer:|Sponsor:
--+--
Changes (by catalyst):

 * cc: catalyst (added)


Comment:

 This looks like another aspect of #21321.  There seems to be some
 disagreement about whether HTTP .onion sites should be considered "secure"
 in the UI.  #21952 is also somewhat related.

 See also [[org/meetings/2017Amsterdam/Notes/OSUX]].

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #21321 [Applications/Tor Browser]: Convince Mozilla; .onion HTTP is SECURE.

[Tor Bug Tracker & Wiki]

#21321: Convince Mozilla; .onion HTTP is SECURE.
--+--
 Reporter:  cypherpunks   |  Owner:  tbb-team
 Type:  task  | Status:  new
 Priority:  High  |  Milestone:
Component:  Applications/Tor Browser  |Version:
 Severity:  Major | Resolution:
 Keywords:  ff52-esr, tbb-usability, ux-team  |  Actual Points:
Parent ID:| Points:
 Reviewer:|Sponsor:
--+--
Changes (by gk):

 * priority:  Medium => High
 * keywords:  ff52-esr, tbb-usability-website => ff52-esr, tbb-usability,
 ux-team
 * severity:  Normal => Major
 * cc: mrphs (added)


Comment:

 #22545 is a duplicate.

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #22545 [Applications/Tor Browser]: .onion sites are being labled with "insecure connection"

[Tor Bug Tracker & Wiki]

#22545: .onion sites are being labled with "insecure connection"
--+---
 Reporter:  mrphs |  Owner:  tbb-team
 Type:  enhancement   | Status:  closed
 Priority:  Immediate |  Milestone:
Component:  Applications/Tor Browser  |Version:
 Severity:  Blocker   | Resolution:  duplicate
 Keywords:  #ux-team #tbb-usabilty|  Actual Points:
Parent ID:| Points:
 Reviewer:|Sponsor:
--+---
Changes (by gk):

 * status:  new => closed
 * resolution:   => duplicate


Comment:

 Duplicate of #21321.

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #21321 [Applications/Tor Browser]: Convince Mozilla; .onion HTTP is SECURE.

[Tor Bug Tracker & Wiki]

#21321: Convince Mozilla; .onion HTTP is SECURE.
--+--
 Reporter:  cypherpunks   |  Owner:  tbb-team
 Type:  task  | Status:  new
 Priority:  High  |  Milestone:
Component:  Applications/Tor Browser  |Version:
 Severity:  Major | Resolution:
 Keywords:  ff52-esr, tbb-usability, ux-team  |  Actual Points:
Parent ID:| Points:
 Reviewer:|Sponsor:
--+--

Comment (by gk):

 For the issue with the password field see: http://j6uhdvbhz74oefxf.onion/

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #21321 [Applications/Tor Browser]: Convince Mozilla; .onion HTTP is SECURE.

[Tor Bug Tracker & Wiki]

#21321: Convince Mozilla; .onion HTTP is SECURE.
--+--
 Reporter:  cypherpunks   |  Owner:  tbb-team
 Type:  task  | Status:  new
 Priority:  High  |  Milestone:
Component:  Applications/Tor Browser  |Version:
 Severity:  Major | Resolution:
 Keywords:  ff52-esr, tbb-usability, ux-team  |  Actual Points:
Parent ID:| Points:
 Reviewer:|Sponsor:
--+--

Comment (by gk):

 The discussion we had in Amsterdam
 
(https://trac.torproject.org/projects/tor/wiki/org/meetings/2017Amsterdam/Notes/OSUX)
 might be helpful as well.

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #22500 [Applications/Tor Browser]: "A webpage is slowing down your browser.." when accessing ProtonMail with Tor Browser 7.0-build1 (this did not happen in TBB 6.5)

[Tor Bug Tracker & Wiki]

#22500: "A webpage is slowing down your browser.." when accessing ProtonMail 
with
Tor Browser 7.0-build1 (this did not happen in TBB 6.5)
--+--
 Reporter:  cypherpunks   |  Owner:  tbb-team
 Type:  defect| Status:  closed
 Priority:  Medium|  Milestone:
Component:  Applications/Tor Browser  |Version:
 Severity:  Normal| Resolution:  wontfix
 Keywords:|  Actual Points:
Parent ID:| Points:
 Reviewer:|Sponsor:
--+--

Comment (by jiminycricket):

 Does "wontfix" mean that the issue won't be resolved? Do I have to lower
 my security settings to get the same performance I was getting before?

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #21321 [Applications/Tor Browser]: Convince Mozilla; .onion HTTP is SECURE.

[Tor Bug Tracker & Wiki]

#21321: Convince Mozilla; .onion HTTP is SECURE.
--+--
 Reporter:  cypherpunks   |  Owner:  tbb-team
 Type:  task  | Status:  new
 Priority:  High  |  Milestone:
Component:  Applications/Tor Browser  |Version:
 Severity:  Major | Resolution:
 Keywords:  ff52-esr, tbb-usability, ux-team  |  Actual Points:
Parent ID:| Points:
 Reviewer:|Sponsor:
--+--

Comment (by gk):

 #8686 is related (see the closed duplicate #22483 as well).

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #8686 [Applications/Tor Browser]: padlock or colored url bar for connections to hidden services

[Tor Bug Tracker & Wiki]

#8686: padlock or colored url bar for connections to hidden services
--+--
 Reporter:  proper|  Owner:  tbb-team
 Type:  enhancement   | Status:  new
 Priority:  Medium|  Milestone:
Component:  Applications/Tor Browser  |Version:
 Severity:  Normal| Resolution:
 Keywords:  tbb-torbutton, tbb-usability  |  Actual Points:
Parent ID:| Points:
 Reviewer:|Sponsor:
--+--
Changes (by catalyst):

 * cc: catalyst (added)


Comment:

 #21321 is related.

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #22494 [Core Tor/Tor]: Fix TROVE-2017-005

[Tor Bug Tracker & Wiki]

#22494: Fix TROVE-2017-005
--+
 Reporter:  nickm |  Owner:
 Type:  defect| Status:  closed
 Priority:  High  |  Milestone:  Tor: 0.3.1.x-final
Component:  Core Tor/Tor  |Version:
 Severity:  Normal| Resolution:  fixed
 Keywords:|  Actual Points:
Parent ID:| Points:
 Reviewer:|Sponsor:
--+
Changes (by nickm):

 * status:  new => closed
 * resolution:   => fixed


Comment:

 Fixed with 56a7c5bc15e0447203a491c1ee37de9939ad1dcd in 0.2.4 and forward.

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #22493 [Core Tor/Tor]: Fix TROVE-2017-004

[Tor Bug Tracker & Wiki]

#22493: Fix TROVE-2017-004
--+
 Reporter:  nickm |  Owner:
 Type:  defect| Status:  new
 Priority:  High  |  Milestone:  Tor: 0.3.1.x-final
Component:  Core Tor/Tor  |Version:
 Severity:  Normal| Resolution:
 Keywords:|  Actual Points:
Parent ID:| Points:
 Reviewer:|Sponsor:
--+

Comment (by nickm):

 Fixed with 79b59a2dfcb68897ee89d98587d09e55f07e68d7 in 0.3.0 and forward.

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #22493 [Core Tor/Tor]: Fix TROVE-2017-004

[Tor Bug Tracker & Wiki]

#22493: Fix TROVE-2017-004
--+
 Reporter:  nickm |  Owner:
 Type:  defect| Status:  closed
 Priority:  High  |  Milestone:  Tor: 0.3.1.x-final
Component:  Core Tor/Tor  |Version:
 Severity:  Normal| Resolution:  fixed
 Keywords:|  Actual Points:
Parent ID:| Points:
 Reviewer:|Sponsor:
--+
Changes (by nickm):

 * status:  new => closed
 * resolution:   => fixed


--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #22500 [Applications/Tor Browser]: "A webpage is slowing down your browser.." when accessing ProtonMail with Tor Browser 7.0-build1 (this did not happen in TBB 6.5)

[Tor Bug Tracker & Wiki]

#22500: "A webpage is slowing down your browser.." when accessing ProtonMail 
with
Tor Browser 7.0-build1 (this did not happen in TBB 6.5)
--+--
 Reporter:  cypherpunks   |  Owner:  tbb-team
 Type:  defect| Status:  closed
 Priority:  Medium|  Milestone:
Component:  Applications/Tor Browser  |Version:
 Severity:  Normal| Resolution:  wontfix
 Keywords:|  Actual Points:
Parent ID:| Points:
 Reviewer:|Sponsor:
--+--

Comment (by gk):

 Replying to [comment:6 jiminycricket]:
 > Does "wontfix" mean that the issue won't be resolved? Do I have to lower
 my security settings to get the same performance I was getting before?

 Yes. The performance gains are tied to the risk we want to mitigate at
 that slider level.

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #21321 [Applications/Tor Browser]: Convince Mozilla; .onion HTTP is SECURE.

[Tor Bug Tracker & Wiki]

#21321: Convince Mozilla; .onion HTTP is SECURE.
--+--
 Reporter:  cypherpunks   |  Owner:  tbb-team
 Type:  task  | Status:  new
 Priority:  High  |  Milestone:
Component:  Applications/Tor Browser  |Version:
 Severity:  Major | Resolution:
 Keywords:  ff52-esr, tbb-usability, ux-team  |  Actual Points:
Parent ID:| Points:
 Reviewer:|Sponsor:
--+--

Comment (by arma):

 Is there a way to separate the more general issue ("maybe we should teach
 mozilla to treat onion addresses like https addresses in all ways) from
 the more immediate issue ("ff52 has a new feature where it scares you when
 you're about to use a text form on an onion page")?

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #22545 [Applications/Tor Browser]: .onion sites are being labled with "insecure connection"

[Tor Bug Tracker & Wiki]

#22545: .onion sites are being labled with "insecure connection"
--+--
 Reporter:  mrphs |  Owner:  tbb-team
 Type:  enhancement   | Status:  reopened
 Priority:  Immediate |  Milestone:
Component:  Applications/Tor Browser  |Version:
 Severity:  Blocker   | Resolution:
 Keywords:  #ux-team #tbb-usabilty|  Actual Points:
Parent ID:| Points:
 Reviewer:|Sponsor:
--+--
Changes (by mrphs):

 * status:  closed => reopened
 * resolution:  duplicate =>


Comment:

 I don't think this is a dup of #21321 because I don't think there's a need
 to convince mozilla about .onion being secure or not and my reasons are:

 1) Using .onion on plain Firefox is indeed NOT secure and I think it is
 smart if Firefox users get this warning in case they've proxied their
 browser to use Tor.

 2) I thought a bit about whether I should open this ticket here or on
 their ticketing system and I decided here because regardless of their
 decision, this seems to be our responsibility to make sure within the Tor
 Browser, .onion sites are labeled correctly.

 So if you don't mind, I'm going to reopen this ticket.

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #21321 [Applications/Tor Browser]: Convince Mozilla; .onion HTTP is SECURE.

[Tor Bug Tracker & Wiki]

#21321: Convince Mozilla; .onion HTTP is SECURE.
--+--
 Reporter:  cypherpunks   |  Owner:  tbb-team
 Type:  task  | Status:  new
 Priority:  High  |  Milestone:
Component:  Applications/Tor Browser  |Version:
 Severity:  Major | Resolution:
 Keywords:  ff52-esr, tbb-usability, ux-team  |  Actual Points:
Parent ID:| Points:
 Reviewer:|Sponsor:
--+--

Comment (by gk):

 Well, we want to come up with patches in this ticket to the more immediate
 issue and then upstream them (which would be the "convince"-part).

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #21321 [Applications/Tor Browser]: .onion HTTP is shown as non-secure in Tor Browser (was: Convince Mozilla; .onion HTTP is SECURE.)

[Tor Bug Tracker & Wiki]

#21321: .onion HTTP is shown as non-secure in Tor Browser
--+--
 Reporter:  cypherpunks   |  Owner:  tbb-team
 Type:  task  | Status:  new
 Priority:  High  |  Milestone:
Component:  Applications/Tor Browser  |Version:
 Severity:  Major | Resolution:
 Keywords:  ff52-esr, tbb-usability, ux-team  |  Actual Points:
Parent ID:| Points:
 Reviewer:|Sponsor:
--+--

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

[tor-bugs] #22546 [Applications/Tor Browser]: SocksListenAddress error Tor browser 7.0

[Tor Bug Tracker & Wiki]

#22546: SocksListenAddress error Tor browser 7.0
--+--
 Reporter:  torlongtimeuser   |  Owner:  tbb-team
 Type:  defect| Status:  new
 Priority:  Medium|  Milestone:
Component:  Applications/Tor Browser  |Version:
 Severity:  Normal|   Keywords:
Actual Points:|  Parent ID:
   Points:|   Reviewer:
  Sponsor:|
--+--
 The code working well for order Tor Browser version,
 SocksListenAddress 0.0.0.0:9150
 when edit 'torrc' file, that error with Tor Browser 7.0 (I tested on
 windows, ubuntu linux, debian linux; all not working.).
 I think this may be a bug.

 how ever thanks for torproject and torteams.

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #8686 [Applications/Tor Browser]: padlock or colored url bar for connections to hidden services

[Tor Bug Tracker & Wiki]

#8686: padlock or colored url bar for connections to hidden services
--+--
 Reporter:  proper|  Owner:  tbb-team
 Type:  enhancement   | Status:  new
 Priority:  Medium|  Milestone:
Component:  Applications/Tor Browser  |Version:
 Severity:  Normal| Resolution:
 Keywords:  tbb-torbutton, tbb-usability  |  Actual Points:
Parent ID:| Points:
 Reviewer:|Sponsor:
--+--

Comment (by catalyst):

 I think plaintext .onion is somewhere between http and https.  There is
 end-to-end encryption with plaintext .onion, but its authenticated
 encryption properties are weaker than TLS.  On the other hand, .onion
 provides some location privacy.

 Maybe a one-dimensional scale is the wrong way to think about this.

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #22500 [Applications/Tor Browser]: "A webpage is slowing down your browser.." when accessing ProtonMail with Tor Browser 7.0-build1 (this did not happen in TBB 6.5)

[Tor Bug Tracker & Wiki]

#22500: "A webpage is slowing down your browser.." when accessing ProtonMail 
with
Tor Browser 7.0-build1 (this did not happen in TBB 6.5)
--+--
 Reporter:  cypherpunks   |  Owner:  tbb-team
 Type:  defect| Status:  closed
 Priority:  Medium|  Milestone:
Component:  Applications/Tor Browser  |Version:
 Severity:  Normal| Resolution:  wontfix
 Keywords:|  Actual Points:
Parent ID:| Points:
 Reviewer:|Sponsor:
--+--

Comment (by jiminycricket):

 Thank you for the reply.

 I have set my Tor Browser to "Low" but changed NoScript to allow scripts
 only on HTTPS sites, as a compromise.

 Might I suggest bringing back the "Medium low"/"Medium high" settings, as
 it used to be, except Medium low blocks scripts on non-HTTPS connections
 without blocking the performance enhancements?

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #22545 [Applications/Tor Browser]: .onion sites are being labled with "insecure connection"

[Tor Bug Tracker & Wiki]

#22545: .onion sites are being labled with "insecure connection"
--+---
 Reporter:  mrphs |  Owner:  tbb-team
 Type:  enhancement   | Status:  closed
 Priority:  Immediate |  Milestone:
Component:  Applications/Tor Browser  |Version:
 Severity:  Blocker   | Resolution:  duplicate
 Keywords:  #ux-team #tbb-usabilty|  Actual Points:
Parent ID:| Points:
 Reviewer:|Sponsor:
--+---
Changes (by gk):

 * status:  reopened => closed
 * resolution:   => duplicate


Comment:

 Replying to [comment:6 mrphs]:
 > I don't think this is a dup of #21321 because I don't think there's a
 need to convince mozilla about .onion being secure or not and my reasons
 are:
 >
 > 1) Using .onion on plain Firefox is indeed NOT secure and I think it is
 smart if Firefox users get this warning in case they've proxied their
 browser to use Tor.

 I think I am not convinced. Care to elaborate on that point in #21321?

 > 2) I thought a bit about whether I should open this ticket here or on
 their ticketing system and I decided here because regardless of their
 decision, this seems to be our responsibility to make sure within the Tor
 Browser, .onion sites are labeled correctly.
 >
 > So if you don't mind, I'm going to reopen this ticket.

 We can have this conversation in #21321 as I think we can move both
 aspects forward (write a patch for Tor Browser in a way that it gets
 upstreamed to Mozilla and get Mozilla "convinced"). At least it would be
 useful to have both conversations in one place I think.

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs