date:20170824

Re: [tor-bugs] #23321 [HTTPS Everywhere]: HTTPS Everywhere Settings Text is not Displayed

2017-08-24 Thread Tor Bug Tracker & Wiki

#23321: HTTPS Everywhere Settings Text is not Displayed
--+
 Reporter:  cypherpunks   |  Owner:  (none)
 Type:  defect| Status:  new
 Priority:  Medium|  Milestone:
Component:  HTTPS Everywhere  |Version:
 Severity:  Normal| Resolution:
 Keywords:|  Actual Points:
Parent ID:| Points:
 Reviewer:|Sponsor:
--+
Changes (by cypherpunks):

 * Attachment "tor_httpse_bug.png" added.


--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #23321 [HTTPS Everywhere]: HTTPS Everywhere Settings Text is not Displayed

2017-08-24 Thread Tor Bug Tracker & Wiki

#23321: HTTPS Everywhere Settings Text is not Displayed
--+---
 Reporter:  cypherpunks   |  Owner:  (none)
 Type:  defect| Status:  closed
 Priority:  Medium|  Milestone:
Component:  HTTPS Everywhere  |Version:
 Severity:  Normal| Resolution:  duplicate
 Keywords:|  Actual Points:
Parent ID:| Points:
 Reviewer:|Sponsor:
--+---
Changes (by yawning):

 * status:  new => closed
 * resolution:   => duplicate


Comment:

 Duplicate of #23258

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #23258 [Applications/Tor Browser]: HTTPS Everywhere is not working when noscript is enabled globally

2017-08-24 Thread Tor Bug Tracker & Wiki

#23258: HTTPS Everywhere is not working when noscript is enabled globally
--+--
 Reporter:  Dbryrtfbcbhgf |  Owner:  tbb-team
 Type:  defect| Status:  needs_review
 Priority:  High  |  Milestone:
Component:  Applications/Tor Browser  |Version:
 Severity:  Major | Resolution:
 Keywords:  TorBrowserTeam201708R |  Actual Points:
Parent ID:| Points:
 Reviewer:|Sponsor:
--+--

Comment (by yawning):

 Closed #23321 as a duplicate.

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

[tor-bugs] #23322 [HTTPS Everywhere]: HTTPS Everywhere Preferences has visible File Upload

2017-08-24 Thread Tor Bug Tracker & Wiki

#23322: HTTPS Everywhere Preferences has visible File Upload
--+
 Reporter:  cypherpunks   |  Owner:  (none)
 Type:  defect| Status:  new
 Priority:  Medium|  Milestone:
Component:  HTTPS Everywhere  |Version:
 Severity:  Normal|   Keywords:
Actual Points:|  Parent ID:
   Points:|   Reviewer:
  Sponsor:|
--+
 Tor Browser 7.0.4 (based on Mozilla Firefox 52.3.0) (64-bit)
 HTTPS Everywhere 2017.8.19
 macOS 10.12.6

 There is a visible file upload element with a "Browse" button on the HTTPS
 Everywhere page in about:addons

 See screenshot

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #23322 [HTTPS Everywhere]: HTTPS Everywhere Preferences has visible File Upload

2017-08-24 Thread Tor Bug Tracker & Wiki

#23322: HTTPS Everywhere Preferences has visible File Upload
--+
 Reporter:  cypherpunks   |  Owner:  (none)
 Type:  defect| Status:  new
 Priority:  Medium|  Milestone:
Component:  HTTPS Everywhere  |Version:
 Severity:  Normal| Resolution:
 Keywords:|  Actual Points:
Parent ID:| Points:
 Reviewer:|Sponsor:
--+
Changes (by cypherpunks):

 * Attachment "addons_browse.png" added.


--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #23061 [Core Tor/Tor]: crypto_rand_double() should produce all possible outputs on platforms with 32-bit int

2017-08-24 Thread Tor Bug Tracker & Wiki

#23061: crypto_rand_double() should produce all possible outputs on platforms 
with
32-bit int
-+-
 Reporter:  teor |  Owner:  nickm
 Type:  defect   | Status:
 |  needs_review
 Priority:  Medium   |  Milestone:  Tor:
 |  0.3.2.x-final
Component:  Core Tor/Tor |Version:  Tor:
 |  0.2.2.14-alpha
 Severity:  Normal   | Resolution:
 Keywords:  tor-relay, security-low, privcount,  |  Actual Points:  0.5
  031-backport, 030-backport, 029-backport, 028  |
  -backport-maybe, 027-backport-maybe, 026   |
  -backport-maybe, review-group-22   |
Parent ID:   | Points:  0.1
 Reviewer:   |Sponsor:
 |  SponsorQ
-+-

Comment (by teor):

 Replying to [comment:22 catalyst]:
 > Replying to [comment:21 nickm]:
 > > I tried the ldexp() trick too, but that fails the test that
 `uint64_to_dbl_0_1(UINT64_MAX) < 1.0` if have all four ldexp() calls.  If
 I remove the lowest-magnitude one, it's fine, but of course we only get 48
 bits.
 > Oh right, it'll round off the bits past `DBL_MANT_DIG`.  Maybe mask off
 all but the high 5 bits?

 This is still susceptible to the rounding mode in use at the time.
 So yawning's bit twiddling is going to be more reliable and robust.

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

[tor-bugs] #23323 [Core Tor/Tor]: sample_laplace_distribution should produce a valid result on 0.0

2017-08-24 Thread Tor Bug Tracker & Wiki

#23323: sample_laplace_distribution should produce a valid result on 0.0
-+-
 Reporter:  teor |  Owner:  (none)
 Type:  defect   | Status:  new
 Priority:  Medium   |  Milestone:  Tor: 0.3.2.x-final
Component:  Core |Version:  Tor: 0.2.6.3-alpha
  Tor/Tor|   Keywords:  tor-relay, security-low,
 Severity:  Normal   |  031-backport, 030-backport, 029-backport, 028
 |  -backport-maybe, 027-backport-maybe, 026
 |  -backport-maybe
Actual Points:   |  Parent ID:  #23061
   Points:  0.5  |   Reviewer:
  Sponsor:   |
-+-
 Destroying the signal with probability 1 in 2^-53^ isn't a great idea.
 Let's pick a sensible double value, and pass it through the function
 instead.

 I suggest 2^-54^, but it really doesn't matter exactly what value we use,
 as long as it produces valid results, because the probability is so low.

 Introduced in 45bc5a0

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #23323 [Core Tor/Tor]: sample_laplace_distribution should produce a valid result on 0.0

2017-08-24 Thread Tor Bug Tracker & Wiki

#23323: sample_laplace_distribution should produce a valid result on 0.0
-+-
 Reporter:  teor |  Owner:  (none)
 Type:  defect   | Status:  new
 Priority:  Medium   |  Milestone:  Tor:
 |  0.3.2.x-final
Component:  Core Tor/Tor |Version:  Tor:
 |  0.2.6.3-alpha
 Severity:  Normal   | Resolution:
 Keywords:  tor-relay, 031-backport, |  Actual Points:
  030-backport, 029-backport, 028-backport-  |
  maybe, 026-backport-maybe  |
Parent ID:  #23061   | Points:  0.5
 Reviewer:   |Sponsor:
-+-
Changes (by teor):

 * keywords:
 tor-relay, security-low, 031-backport, 030-backport, 029-backport, 028
 -backport-maybe, 027-backport-maybe, 026-backport-maybe
 =>
 tor-relay, 031-backport, 030-backport, 029-backport, 028-backport-
 maybe, 026-backport-maybe


--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #23061 [Core Tor/Tor]: crypto_rand_double() should produce all possible outputs on platforms with 32-bit int

2017-08-24 Thread Tor Bug Tracker & Wiki

#23061: crypto_rand_double() should produce all possible outputs on platforms 
with
32-bit int
-+-
 Reporter:  teor |  Owner:  nickm
 Type:  defect   | Status:
 |  needs_review
 Priority:  Medium   |  Milestone:  Tor:
 |  0.3.2.x-final
Component:  Core Tor/Tor |Version:  Tor:
 |  0.2.2.14-alpha
 Severity:  Normal   | Resolution:
 Keywords:  tor-relay, security-low, privcount,  |  Actual Points:  0.5
  031-backport, 030-backport, 029-backport, 028  |
  -backport-maybe, 026-backport-maybe, review-   |
  group-22   |
Parent ID:   | Points:  0.1
 Reviewer:   |Sponsor:
 |  SponsorQ
-+-
Changes (by teor):

 * keywords:
 tor-relay, security-low, privcount, 031-backport, 030-backport,
 029-backport, 028-backport-maybe, 027-backport-maybe, 026-backport-
 maybe, review-group-22
 =>
 tor-relay, security-low, privcount, 031-backport, 030-backport,
 029-backport, 028-backport-maybe, 026-backport-maybe, review-group-22


Comment:

 0.2.7 is EOL.

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #23061 [Core Tor/Tor]: crypto_rand_double() should produce all possible outputs on platforms with 32-bit int

2017-08-24 Thread Tor Bug Tracker & Wiki

#23061: crypto_rand_double() should produce all possible outputs on platforms 
with
32-bit int
-+-
 Reporter:  teor |  Owner:  nickm
 Type:  defect   | Status:
 |  needs_review
 Priority:  Medium   |  Milestone:  Tor:
 |  0.3.2.x-final
Component:  Core Tor/Tor |Version:  Tor:
 |  0.2.2.14-alpha
 Severity:  Normal   | Resolution:
 Keywords:  tor-relay, security-low, privcount,  |  Actual Points:  0.5
  031-backport, 030-backport, 029-backport, 028  |
  -backport-maybe, 026-backport-maybe, review-   |
  group-22   |
Parent ID:   | Points:  0.1
 Reviewer:   |Sponsor:
 |  SponsorQ
-+-

Comment (by teor):

 If we use `uint64_to_dbl_0_1()`, then each random double is of the form
 N*2^-53^, N = 0..(2^53^ - 1).

 This is the image that sample_laplace_distribution() produces from that
 domain:

 || rand_double || Output Calculation   || Output Value
 ||
 || 0|| INT64_MIN|| - 2^63^
 ||
 || 1 * 2^-53^   || - ln(2*2^-53^) * delta_f / epsilon   || 36.04 *
 delta_f / epsilon ||
 || 2 * 2^-53^   || - ln(4*2^-53^) * delta_f / epsilon   || 35.35 *
 delta_f / epsilon ||
 || ...  || ...  || ...
 ||
 || 0.5 - 2^-53^ || - ln(1.0 - 2*2^-53^) * delta_f / epsilon || 2.22 *
 delta_f / epsilon  ||
 || 0.5  || - ln(1.0) * delta_f / epsilon|| 0.0 *
 delta_f / epsilon   ||

 0.5 to 1.0 - 2^-53^ has the same pattern, but mirrored and negative.

 The greatest `delta_f / epsilon` we currently have is `2048 / 0.3 =
 6826.66`, so the maximum noise is 246033, with a discontinuity that
 destroys the signal when 0.0 maps to INT64_MIN (let's track that bug in
 #23323).

 The gap between 0.5 and 0.5 - 2^-53^ concerns me, because I think we need
 the smallest possible noise to be `1.0`, rather than `2.22 * delta_f /
 epsilon = 2.22 * 8 / 0.3 = 59.2`. But maybe this granularity is OK.

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #23147 [Core Tor/Tor]: prop280: Merge privcount-in-tor data collector backend implementation

2017-08-24 Thread Tor Bug Tracker & Wiki

#23147: prop280: Merge privcount-in-tor data collector backend implementation
--+
 Reporter:  nickm |  Owner:  (none)
 Type:  defect| Status:  new
 Priority:  Medium|  Milestone:  Tor: 0.3.2.x-final
Component:  Core Tor/Tor  |Version:
 Severity:  Normal| Resolution:
 Keywords:|  Actual Points:
Parent ID:| Points:
 Reviewer:|Sponsor:  SponsorQ
--+

Comment (by teor):

 T1: `sample_unit_gaussian()` should use `crypto_rand_double()` to generate
 `x` and `y`. See #23061.

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #23147 [Core Tor/Tor]: prop280: Merge privcount-in-tor data collector backend implementation

2017-08-24 Thread Tor Bug Tracker & Wiki

#23147: prop280: Merge privcount-in-tor data collector backend implementation
--+
 Reporter:  nickm |  Owner:  (none)
 Type:  defect| Status:  new
 Priority:  Medium|  Milestone:  Tor: 0.3.2.x-final
Component:  Core Tor/Tor  |Version:
 Severity:  Normal| Resolution:
 Keywords:|  Actual Points:
Parent ID:| Points:
 Reviewer:|Sponsor:  SponsorQ
--+

Comment (by teor):

 T2. `sample_unit_gaussian()` can't use both `r * sin(theta)` and `r *
 cos(theta)` unless they are independent samples. And I'm not sure if they
 are.

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #23147 [Core Tor/Tor]: prop280: Merge privcount-in-tor data collector backend implementation

2017-08-24 Thread Tor Bug Tracker & Wiki

#23147: prop280: Merge privcount-in-tor data collector backend implementation
--+
 Reporter:  nickm |  Owner:  (none)
 Type:  defect| Status:  new
 Priority:  Medium|  Milestone:  Tor: 0.3.2.x-final
Component:  Core Tor/Tor  |Version:
 Severity:  Normal| Resolution:
 Keywords:|  Actual Points:
Parent ID:| Points:
 Reviewer:|Sponsor:  SponsorQ
--+

Comment (by teor):

 T3. We should update the comments to say that `y` must be strictly less
 than 1.0, or log() produces infinity.

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #23147 [Core Tor/Tor]: prop280: Merge privcount-in-tor data collector backend implementation

2017-08-24 Thread Tor Bug Tracker & Wiki

#23147: prop280: Merge privcount-in-tor data collector backend implementation
--+
 Reporter:  nickm |  Owner:  (none)
 Type:  defect| Status:  new
 Priority:  Medium|  Milestone:  Tor: 0.3.2.x-final
Component:  Core Tor/Tor  |Version:
 Severity:  Normal| Resolution:
 Keywords:|  Actual Points:
Parent ID:| Points:
 Reviewer:|Sponsor:  SponsorQ
--+

Comment (by teor):

 T4. We should update the comments to say that x must be strictly less than
 1.0, or sin(TWO_PI*x) would produce three zeroes, and two of every other
 value.

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #23321 [HTTPS Everywhere]: HTTPS Everywhere Settings Text is not Displayed

Re: [tor-bugs] #23321 [HTTPS Everywhere]: HTTPS Everywhere Settings Text is not Displayed

Re: [tor-bugs] #23258 [Applications/Tor Browser]: HTTPS Everywhere is not working when noscript is enabled globally

[tor-bugs] #23322 [HTTPS Everywhere]: HTTPS Everywhere Preferences has visible File Upload

Re: [tor-bugs] #23322 [HTTPS Everywhere]: HTTPS Everywhere Preferences has visible File Upload

Re: [tor-bugs] #23061 [Core Tor/Tor]: crypto_rand_double() should produce all possible outputs on platforms with 32-bit int

[tor-bugs] #23323 [Core Tor/Tor]: sample_laplace_distribution should produce a valid result on 0.0

Re: [tor-bugs] #23323 [Core Tor/Tor]: sample_laplace_distribution should produce a valid result on 0.0

Re: [tor-bugs] #23061 [Core Tor/Tor]: crypto_rand_double() should produce all possible outputs on platforms with 32-bit int

Re: [tor-bugs] #23061 [Core Tor/Tor]: crypto_rand_double() should produce all possible outputs on platforms with 32-bit int

Re: [tor-bugs] #23147 [Core Tor/Tor]: prop280: Merge privcount-in-tor data collector backend implementation

Re: [tor-bugs] #23147 [Core Tor/Tor]: prop280: Merge privcount-in-tor data collector backend implementation

Re: [tor-bugs] #23147 [Core Tor/Tor]: prop280: Merge privcount-in-tor data collector backend implementation

Re: [tor-bugs] #23147 [Core Tor/Tor]: prop280: Merge privcount-in-tor data collector backend implementation

< 1 2

101 - 114 of 114 matches

Site Navigation

Mail list logo

Footer information