Re: [tor-bugs] #27302 [Core Tor/Tor]: Duplicate votes on 0.3.4 and later

2018-09-06 Thread Tor Bug Tracker & Wiki 
#27302: Duplicate votes on 0.3.4 and later
--+
 Reporter:  teor  |  Owner:  teor
 Type:  defect| Status:  closed
 Priority:  Medium|  Milestone:  Tor: 0.3.4.x-final
Component:  Core Tor/Tor  |Version:  Tor: 0.3.4.1-alpha
 Severity:  Normal| Resolution:  wontfix
 Keywords:  regression|  Actual Points:
Parent ID:  #27303| Points:
 Reviewer:|Sponsor:
--+
Changes (by teor):

 * status:  assigned => closed
 * keywords:  regression, 034-must => regression
 * resolution:   => wontfix
 * parent:  #27146 => #27303


Comment:

 I made some changes to chutney, and I think we should fix this issue by
 ignoring the warning in chutney. It's unlikely to happen in the public
 network. And if it does, it's not a big deal.

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #27146 [Core Tor/Tor]: Mismatched digest in 0.3.3.9 and master mixed chutney network

2018-09-06 Thread Tor Bug Tracker & Wiki 
#27146: Mismatched digest in 0.3.3.9 and master mixed chutney network
-+-
 Reporter:  teor |  Owner:  (none)
 Type:  defect   | Status:  new
 Priority:  Medium   |  Milestone:  Tor:
 |  0.3.5.x-final
Component:  Core Tor/Tor |Version:
 Severity:  Normal   | Resolution:
 Keywords:  regression, tor-dirauth, macOS,  |  Actual Points:
  035-must, 035-roadmap-proposed |
Parent ID:   | Points:
 Reviewer:   |Sponsor:
-+-
Changes (by teor):

 * keywords:
 regression, tor-dirauth, macOS, 035-must, 035-roadmap-proposed,
 034-must
 => regression, tor-dirauth, macOS, 035-must, 035-roadmap-proposed
 * milestone:  Tor: 0.3.4.x-final => Tor: 0.3.5.x-final


Comment:

 I made some changes to chutney, and I think we're ok to fix these tor
 issues in 0.3.5 (or later).

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #27302 [Core Tor/Tor]: Duplicate votes on 0.3.4 and later

2018-09-06 Thread Tor Bug Tracker & Wiki 
#27302: Duplicate votes on 0.3.4 and later
--+
 Reporter:  teor  |  Owner:  teor
 Type:  defect| Status:  assigned
 Priority:  Medium|  Milestone:  Tor: 0.3.4.x-final
Component:  Core Tor/Tor  |Version:  Tor: 0.3.4.1-alpha
 Severity:  Normal| Resolution:
 Keywords:  regression, 034-must  |  Actual Points:
Parent ID:  #27146| Points:
 Reviewer:|Sponsor:
--+

Comment (by teor):

 Replying to [comment:6 teor]:
 > ...
 >
 > In 0.3.4 and earlier, each scheduled action happens in successive
 callbacks, which are a few hundred milliseconds apart.

 This sentence is wrong: in 0.3.4, all scheduled actions happen in the same
 callback, just like 0.3.3. But the issues I describe can still happen on
 the public network.

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #27296 [Core Tor/Tor]: macOS x86_64 fails test-timers

2018-09-06 Thread Tor Bug Tracker & Wiki 
#27296: macOS x86_64 fails test-timers
--+
 Reporter:  teor  |  Owner:  teor
 Type:  defect| Status:  assigned
 Priority:  Medium|  Milestone:  Tor: 0.3.5.x-final
Component:  Core Tor/Tor  |Version:  Tor: 0.3.4.6-rc
 Severity:  Normal| Resolution:
 Keywords:|  Actual Points:
Parent ID:| Points:
 Reviewer:|Sponsor:
--+
Changes (by teor):

 * milestone:  Tor: 0.3.4.x-final => Tor: 0.3.5.x-final


--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #27381 [Core Tor/Tor]: Bad consensus diffs on 0.3.4 and later

2018-09-06 Thread Tor Bug Tracker & Wiki 
#27381: Bad consensus diffs on 0.3.4 and later
--+
 Reporter:  teor  |  Owner:  teor
 Type:  defect| Status:  assigned
 Priority:  Medium|  Milestone:  Tor: 0.3.5.x-final
Component:  Core Tor/Tor  |Version:
 Severity:  Normal| Resolution:
 Keywords:  tor-auth  |  Actual Points:
Parent ID:  #27146| Points:
 Reviewer:|Sponsor:
--+
Changes (by teor):

 * keywords:  tor-auth, 034-must => tor-auth
 * milestone:  Tor: 0.3.4.x-final => Tor: 0.3.5.x-final


Comment:

 I think this is a chutney timing issue, and shouldn't appear on the public
 network. Let's try it and see.

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #27296 [Core Tor/Tor]: macOS x86_64 fails test-timers

2018-09-06 Thread Tor Bug Tracker & Wiki 
#27296: macOS x86_64 fails test-timers
--+
 Reporter:  teor  |  Owner:  teor
 Type:  defect| Status:  assigned
 Priority:  Medium|  Milestone:  Tor: 0.3.4.x-final
Component:  Core Tor/Tor  |Version:  Tor: 0.3.4.6-rc
 Severity:  Normal| Resolution:
 Keywords:|  Actual Points:
Parent ID:| Points:
 Reviewer:|Sponsor:
--+
Changes (by teor):

 * keywords:  034-must =>


Comment:

 We're seeing this error occasionally, but it's not essential for 0.3.4.

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #10609 [Core Tor/Torflow]: aggregate.py should ignore empty scan-data files

2018-09-06 Thread Tor Bug Tracker & Wiki 
#10609: aggregate.py should ignore empty scan-data files
--+--
 Reporter:  ln5   |  Owner:  (none)
 Type:  defect| Status:  assigned
 Priority:  Medium|  Milestone:
Component:  Core Tor/Torflow  |Version:
 Severity:  Normal| Resolution:
 Keywords:  easy intro|  Actual Points:
Parent ID:| Points:
 Reviewer:|Sponsor:
--+--
Changes (by teor):

 * status:  needs_review => assigned
 * owner:  teor => (none)


Comment:

 Disowning this ticket, I don't think we'll ever fix torflow.

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #10609 [Core Tor/Torflow]: aggregate.py should ignore empty scan-data files

2018-09-06 Thread Tor Bug Tracker & Wiki 
#10609: aggregate.py should ignore empty scan-data files
--+--
 Reporter:  ln5   |  Owner:  (none)
 Type:  defect| Status:  needs_review
 Priority:  Medium|  Milestone:
Component:  Core Tor/Torflow  |Version:
 Severity:  Normal| Resolution:
 Keywords:  easy intro|  Actual Points:
Parent ID:| Points:
 Reviewer:|Sponsor:
--+--
Changes (by teor):

 * status:  assigned => needs_review


--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #27402 [Core Tor/Tor]: stop reporting "internal paths" during bootstrap

2018-09-06 Thread Tor Bug Tracker & Wiki 
#27402: stop reporting "internal paths" during bootstrap
+
 Reporter:  catalyst|  Owner:  (none)
 Type:  enhancement | Status:  assigned
 Priority:  Medium  |  Milestone:  Tor: 0.3.5.x-final
Component:  Core Tor/Tor|Version:
 Severity:  Normal  | Resolution:
 Keywords:  s8-bootstrap, tor-spec  |  Actual Points:
Parent ID:  | Points:
 Reviewer:  |Sponsor:  Sponsor8-can
+
Changes (by teor):

 * keywords:  s8-bootstrap, tor-spec, 034-backport, 034-must =>
 s8-bootstrap, tor-spec


--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

[tor-bugs] #27531 [Applications/Tor Browser]: Tor Browser 8 crashes trying to print on Linux

2018-09-06 Thread Tor Bug Tracker & Wiki 
#27531: Tor Browser 8 crashes trying to print on Linux
--+---
 Reporter:  mikeperry |  Owner:  tbb-team
 Type:  defect| Status:  new
 Priority:  Medium|  Milestone:
Component:  Applications/Tor Browser  |Version:
 Severity:  Normal|   Keywords:  tbb-crash
Actual Points:|  Parent ID:
   Points:|   Reviewer:
  Sponsor:|
--+---
 Looks like a crash in the print dialog itself:

 {{{
 #0  0x0006a0e6 in ?? ()
 #1  0x7e03fcbebc0e in OPENSSL_cpuid_setup () from
 /lib64/libcrypto.so.1.1
 #2  0x7e03fcb820b7 in _init () from /lib64/libcrypto.so.1.1
 #3  0x7e041317a5d0 in ?? () from
 /usr/lib64/gtk-3.0/3.0.0/printbackends/libprintbackend-cloudprint.so
 #4  0x7e044b4914da in call_init.part () from /lib64/ld-
 linux-x86-64.so.2
 #5  0x7e044b491616 in _dl_init () from /lib64/ld-linux-x86-64.so.2
 #6  0x7e044b4957bf in dl_open_worker () from /lib64/ld-
 linux-x86-64.so.2
 #7  0x7e044a28fc4f in _dl_catch_exception () from /lib64/libc.so.6
 #8  0x7e044b495037 in _dl_open () from /lib64/ld-linux-x86-64.so.2
 #9  0x7e044b060006 in dlopen_doit () from /lib64/libdl.so.2
 #10 0x7e044a28fc4f in _dl_catch_exception () from /lib64/libc.so.6
 #11 0x7e044a28fcdf in _dl_catch_error () from /lib64/libc.so.6
 #12 0x7e044b060725 in _dlerror_run () from /lib64/libdl.so.2
 #13 0x7e044b060096 in dlopen@@GLIBC_2.2.5 () from /lib64/libdl.so.2
 #14 0x7e0448f6e902 in g_module_open () from /lib64/libgmodule-2.0.so.0
 #15 0x7e0449831f7a in gtk_print_backend_module_load () from
 /lib64/libgtk-3.so.0
 #16 0x7e04468bd1c1 in g_type_module_use () from
 /lib64/libgobject-2.0.so.0
 #17 0x7e04498328b0 in _gtk_print_backend_module_create () from
 /lib64/libgtk-3.so.0
 #18 0x7e0449832cd7 in gtk_print_backend_load_modules () from
 /lib64/libgtk-3.so.0
 #19 0x7e044982c4dd in gtk_print_unix_dialog_init () from
 /lib64/libgtk-3.so.0
 #20 0x7e04468b9f3a in g_type_create_instance () from
 /lib64/libgobject-2.0.so.0
 #21 0x7e044689c6c8 in g_object_new_internal () from
 /lib64/libgobject-2.0.so.0
 #22 0x7e044689e64e in g_object_new_valist () from
 /lib64/libgobject-2.0.so.0
 #23 0x7e044689e9ad in g_object_new () from /lib64/libgobject-2.0.so.0
 #24 0x7e043cd65e24 in nsPrintDialogWidgetGTK::nsPrintDialogWidgetGTK
 (this=0x7ffc301b5280, aParent=, aSettings=0x7e040823c7e0)
 at /var/tmp/build/firefox-
 124fa904c4b2/widget/gtk/nsPrintDialogGTK.cpp:160
 #25 0x7e043cd67523 in nsPrintDialogServiceGTK::Show (this=, aParent=, aSettings=0x7e040823c7e0,
 aWebBrowserPrint=) at /var/tmp/build/firefox-
 124fa904c4b2/widget/gtk/nsPrintDialogGTK.cpp:524
 #26 0x7e043db2dccd in nsPrintingPromptService::ShowPrintDialog
 (this=, parent=0x7e041fbe87f0,
 webBrowserPrint=0x7e0416349000,
 printSettings=0x7e040823c7e0) at /var/tmp/build/firefox-
 124fa904c4b2/toolkit/components/printingui/nsPrintingPromptService.cpp:83
 #27 0x7e043db315fe in
 mozilla::embedding::PrintingParent::ShowPrintDialog (this=0x7e04081fc060,
 aParent=0x7e0410365800, aData=...,
 aResult=aResult@entry=0x7ffc301b5400) at /var/tmp/build/firefox-
 124fa904c4b2/toolkit/components/printingui/ipc/PrintingParent.cpp:162
 #28 0x7e043db31c18 in
 mozilla::embedding::PrintingParent::RecvShowPrintDialog (this=, aDialog=0x7e0415a64f40, aParent=,
 aData=...) at /var/tmp/build/firefox-
 124fa904c4b2/toolkit/components/printingui/ipc/PrintingParent.cpp:183
 #29 0x7e043b5b79c0 in
 mozilla::embedding::PPrintingParent::OnMessageReceived
 (this=0x7e04081fc060, msg__=...)
 at /var/tmp/build/firefox-124fa904c4b2/obj-x86_64-pc-linux-
 gnu/ipc/ipdl/PPrintingParent.cpp:314
 #30 0x7e043b69eae6 in mozilla::dom::PContentParent::OnMessageReceived
 (this=0x7e0407f4f000, msg__=...)
 at /var/tmp/build/firefox-124fa904c4b2/obj-x86_64-pc-linux-
 gnu/ipc/ipdl/PContentParent.cpp:3319
 #31 0x7e043b4983ef in
 mozilla::ipc::MessageChannel::DispatchAsyncMessage
 (this=this@entry=0x7e0407f4f108, aMsg=...)
 at /var/tmp/build/firefox-
 124fa904c4b2/ipc/glue/MessageChannel.cpp:2138
 #32 0x7e043b49e67b in mozilla::ipc::MessageChannel::DispatchMessage
 (this=0x7e0407f4f108, aMsg=...)
 at /var/tmp/build/firefox-
 124fa904c4b2/ipc/glue/MessageChannel.cpp:2068
 #33 0x7e043b49ffb9 in mozilla::ipc::MessageChannel::RunMessage
 (this=, aTask=...)
 #34 0x7e043b4a00ed in mozilla::ipc::MessageChannel::MessageTask::Run
 (this=0x7e041bb53f30)
 at /var/tmp/build/firefox-
 124fa904c4b2/ipc/glue/MessageChannel.cpp:1947
 #35 0x7e043b0e3018 in nsThread::ProcessNextEvent (this=0x7e0449f5cd40,
 aMayWait=, aResult=0x7ffc301b612f)
 at

Re: [tor-bugs] #17393 [Webpages/Website]: Make the various javascript on Tor sites be LibreJS-compatible?

2018-09-06 Thread Tor Bug Tracker & Wiki 
#17393: Make the various javascript on Tor sites be LibreJS-compatible?
+--
 Reporter:  arma|  Owner:  traumschule
 Type:  enhancement | Status:  needs_review
 Priority:  Medium  |  Milestone:  WebsiteV3
Component:  Webpages/Website|Version:
 Severity:  Minor   | Resolution:
 Keywords:  defer-new-website, website-bug  |  Actual Points:
Parent ID:  | Points:
 Reviewer:  |Sponsor:
+--

Comment (by arma):

 Are all of these javascript things actually free software? I want to make
 sure we aren't just taking the random javascript we got from somewhere on
 the internet and slapping a free software license on it (because that's
 not how software licensing works).

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #27300 [Core Tor/Chutney]: Increase chutney timings to allow for Tor timing changes in 0.3.4

2018-09-06 Thread Tor Bug Tracker & Wiki 
#27300: Increase chutney timings to allow for Tor timing changes in 0.3.4
-+-
 Reporter:  teor |  Owner:  teor
 Type:  defect   | Status:  closed
 Priority:  Medium   |  Milestone:
Component:  Core Tor/Chutney |Version:
 Severity:  Normal   | Resolution:  fixed
 Keywords:  regression, tor-dirauth, 035-must,   |  Actual Points:
  035-roadmap-proposed, 034-must |
Parent ID:  #27146   | Points:
 Reviewer:   |Sponsor:
-+-
Changes (by teor):

 * status:  assigned => closed
 * resolution:   => fixed


Comment:

 Merged in 36fc77e.

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #27502 [Applications/Tor Browser]: Prioritize .onion hosts in AltSvc?

2018-09-06 Thread Tor Bug Tracker & Wiki 
#27502: Prioritize .onion hosts in AltSvc?
--+--
 Reporter:  arthuredelstein   |  Owner:  tbb-team
 Type:  defect| Status:  new
 Priority:  Medium|  Milestone:
Component:  Applications/Tor Browser  |Version:
 Severity:  Normal| Resolution:
 Keywords:|  Actual Points:
Parent ID:| Points:
 Reviewer:|Sponsor:
--+--

Comment (by mahrud):

 Not quite. Even if there is only one .onion alt-svc presented, sometimes
 after a few requests the browser seems to ignore the alt-svc and connect
 directly. I haven't read the code, but my guess is that this happens
 because the .onion takes a bit longer to load the first time. If that's
 the case the solution would be to force the browser to prioritize the
 onion route even if the first request took longer.


 On a tangential note: should the Circuit Display show the onion address
 used when connecting through an alt-svc? Currently it doesn't.

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #27389 [Core Tor/Tor]: Appveyor Windows 64-bit builds fail because the compiler is broken

2018-09-06 Thread Tor Bug Tracker & Wiki 
#27389: Appveyor Windows 64-bit builds fail because the compiler is broken
--+
 Reporter:  teor  |  Owner:  teor
 Type:  defect| Status:
  |  needs_review
 Priority:  Medium|  Milestone:  Tor:
  |  0.3.4.x-final
Component:  Core Tor/Tor  |Version:  Tor:
  |  0.3.4.1-alpha
 Severity:  Major | Resolution:
 Keywords:  035-must, 034-must, 034-backport  |  Actual Points:
Parent ID:| Points:
 Reviewer:  nickm |Sponsor:
--+

Comment (by teor):

 See my branch bug27389-034-fixes on https://github.com/teor2345/tor.git

 It merges the fixes for #27460, #27461, #27463, and #27465 into
 maint-0.3.4.

 It should pass CI:
 * https://ci.appveyor.com/project/teor2345/tor/build/1.0.162
 * https://travis-ci.org/teor2345/tor/builds/425564191

 Let's deal with the child tickets individually, because they're spread
 across 0.2.9 and 0.3.4.

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #27460 [Core Tor/Tor]: Appveyor: --disable-gcc-hardening

2018-09-06 Thread Tor Bug Tracker & Wiki 
#27460: Appveyor: --disable-gcc-hardening
--+
 Reporter:  teor  |  Owner:  teor
 Type:  defect| Status:
  |  needs_revision
 Priority:  Medium|  Milestone:  Tor:
  |  0.3.4.x-final
Component:  Core Tor/Tor  |Version:  Tor:
  |  0.3.4.1-alpha
 Severity:  Normal| Resolution:
 Keywords:  035-must, 034-must, 034-backport  |  Actual Points:
Parent ID:  #27389| Points:
 Reviewer:|Sponsor:
--+

Comment (by teor):

 Replying to [comment:3 nickm]:
 >
 > I think this solution is probably right for 0.3.4

 Please see my branch bug27460-034 on ​https://github.com/teor2345/tor.git

 The CI for 0.3.4 is here, but it will fail Appveyor until all the children
 of #27389 are merged:
 * https://ci.appveyor.com/project/teor2345/tor/build/1.0.161
 * https://travis-ci.org/teor2345/tor/builds/425561775

 The passing CI for all the #27389 fixes on 0.3.4 is here:
 * https://ci.appveyor.com/project/teor2345/tor/build/1.0.156
 * ​https://travis-ci.org/teor2345/tor/builds/425096670

 > but maybe in 0.3.5 we should change the implementation of gcc-hardening
 so that it does an AC_TRY_RUN() to see whether it can use these compiler
 flags safely.  That could be another ticket, though.

 Arguably, this is a bug in autoconf: if the "checking size of" process
 crashes, then configure should error, not continue with a size of 0. But
 we're unlikely to get that fixed, because the documented behaviour is:

 AC_CHECK_SIZEOF (type-or-expr, [unused], [includes =
 ‘AC_INCLUDES_DEFAULT’])

 Define SIZEOF_type-or-expr (see Standard Symbols) to be the size in
 bytes of type-or-expr, which may be either a type or an expression
 returning a value that has a size. If the expression ‘sizeof (type-or-
 expr)’ is invalid, the result is 0. ...

 https://www.gnu.org/software/autoconf/manual/autoconf-2.67/html_node
 /Generic-Compiler-Characteristics.html

 Which isn't precisely "The result is 0 if the program crashes.", but it's
 close enough.

 I opened #27530 for AC_TRY_RUN, and #27468 for checking the latest
 versions of gcc and clang in our CI.

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #27460 [Core Tor/Tor]: Appveyor: --disable-gcc-hardening

2018-09-06 Thread Tor Bug Tracker & Wiki 
#27460: Appveyor: --disable-gcc-hardening
--+
 Reporter:  teor  |  Owner:  teor
 Type:  defect| Status:
  |  needs_review
 Priority:  Medium|  Milestone:  Tor:
  |  0.3.4.x-final
Component:  Core Tor/Tor  |Version:  Tor:
  |  0.3.4.1-alpha
 Severity:  Normal| Resolution:
 Keywords:  035-must, 034-must, 034-backport  |  Actual Points:
Parent ID:  #27389| Points:
 Reviewer:|Sponsor:
--+
Changes (by teor):

 * status:  needs_revision => needs_review


--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #27468 [Core Tor/Tor]: CI: add builds with the latest clang and gcc

2018-09-06 Thread Tor Bug Tracker & Wiki 
#27468: CI: add builds with the latest clang and gcc
--+
 Reporter:  teor  |  Owner:  teor
 Type:  enhancement   | Status:  assigned
 Priority:  Medium|  Milestone:  Tor: 0.3.5.x-final
Component:  Core Tor/Tor  |Version:
 Severity:  Normal| Resolution:
 Keywords:  tor-ci|  Actual Points:
Parent ID:  #27389| Points:
 Reviewer:|Sponsor:
--+
Changes (by teor):

 * parent:   => #27389


--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

[tor-bugs] #27530 [Core Tor/Tor]: Configure: Use AC_TRY_RUN() to check that --enable-gcc-hardening works

2018-09-06 Thread Tor Bug Tracker & Wiki 
#27530: Configure: Use AC_TRY_RUN() to check that --enable-gcc-hardening works
--+
 Reporter:  teor  |  Owner:  teor
 Type:  defect| Status:  assigned
 Priority:  Medium|  Milestone:  Tor: 0.3.5.x-final
Component:  Core Tor/Tor  |Version:  Tor: unspecified
 Severity:  Normal|   Keywords:  fast-fix
Actual Points:|  Parent ID:  #27389
   Points:|   Reviewer:
  Sponsor:|
--+
 Split off [comment:3:ticket:27460 #27460 Comment 3]:

 > maybe in 0.3.5 we should change the implementation of gcc-hardening so
 that it does an AC_TRY_RUN() to see whether it can use these compiler
 flags safely. That could be another ticket, though.

 When we merge to 0.3.5, we should also revert #27460.

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

[tor-bugs] #27529 [Applications/Tor Browser]: Fix disable CSS regression in Firefox 60/TORBrowser 8

2018-09-06 Thread Tor Bug Tracker & Wiki 
#27529: Fix disable CSS regression in Firefox 60/TORBrowser 8
-+-
 Reporter:  cypherpunks3 |  Owner:  tbb-team
 Type:  defect   | Status:  new
 Priority:  Medium   |  Milestone:
Component:  Applications/Tor |Version:
  Browser|   Keywords:  tbb-8.0-issues tbb-
 Severity:  Normal   |  regression ff60-esr
Actual Points:   |  Parent ID:
   Points:   |   Reviewer:
  Sponsor:   |
-+-
 I find this bug mentioned in that comment:
 https://blog.torproject.org/comment/276628#comment-276628

 Mozilla has a patch: https://bugzilla.mozilla.org/show_bug.cgi?id=1487856

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #27513 [HTTPS Everywhere/EFF-HTTPS Everywhere]: Add-on for redirecting users to onion site

2018-09-06 Thread Tor Bug Tracker & Wiki 
#27513: Add-on for redirecting users to onion site
-+-
 Reporter:  cyberpunks   |  Owner:  legind
 Type:  enhancement  | Status:  new
 Priority:  Low  |  Milestone:
Component:  HTTPS Everywhere/EFF-HTTPS   |Version:
  Everywhere |
 Severity:  Normal   | Resolution:
 Keywords:   |  Actual Points:
Parent ID:   | Points:
 Reviewer:   |Sponsor:
-+-

Comment (by legind):

 (The above `.tor` pseudo-TLD is an example from gk's
 https://blog.torproject.org/cooking-onions-names-your-onions.)

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #27513 [HTTPS Everywhere/EFF-HTTPS Everywhere]: Add-on for redirecting users to onion site

2018-09-06 Thread Tor Bug Tracker & Wiki 
#27513: Add-on for redirecting users to onion site
-+-
 Reporter:  cyberpunks   |  Owner:  legind
 Type:  enhancement  | Status:  new
 Priority:  Low  |  Milestone:
Component:  HTTPS Everywhere/EFF-HTTPS   |Version:
  Everywhere |
 Severity:  Normal   | Resolution:
 Keywords:   |  Actual Points:
Parent ID:   | Points:
 Reviewer:   |Sponsor:
-+-

Comment (by legind):

 You also didn't give consent to access `eff.org` for HTTPS Everywhere
 extension updates, or `addons.mozilla.org` for NoScript extension updates,
 but that's what Tor Browser has been doing for the better part of a
 decade.  It's one of the ways that we are able to ship quick fixes if
 vulnerabilities are found, or updates to the coverage for HTTPS sites.  In
 fact, rolling HTTPS Everywhere ruleset updates improves the anonymity
 guarantees of the Tor Browser by ensuring that you can't be fingerprinted
 by clever techniques that differentiate your version of the HTTPS
 Everywhere rulesets from everyone elses.

 "Self-hosted add-on" in your case means that it updates instead from the
 server of some random person with no established credibility, which is
 laughable.  I don't think that's any better than `addons.mozilla.org`.  At
 best, it's a misleading statement.

 HTTPS Everywhere is developed by the EFF in collaboration with the Tor
 Project.  You're already trusting the Tor Project for updates to the Tor
 Browser.  Fetching these rulesets from https://www.https-rulesets.org/
 allows users to ensure comprehensive HTTPS coverage, and isn't comparable
 to an extension that forces onion service connections despite user
 preference.

 Custom ruleset channels in HTTPS Everywhere also allow users to limit a
 ruleset update channel by scope.  So if a user subscribes to an auto-
 redirection channel, they can enter the regex `http://[^/]+\.tor/` to
 ensure that it only acts on the `.tor` pseudo-TLD.

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

[tor-bugs] #27528 [Applications/Tor Browser]: about:preferences#privacy -> Tor Browser will [ never remember history ] by default & remove other options.

2018-09-06 Thread Tor Bug Tracker & Wiki 
#27528: about:preferences#privacy -> Tor Browser will [ never remember history 
] by
default & remove other options.
--+--
 Reporter:  cypherpunks3  |  Owner:  tbb-team
 Type:  task  | Status:  new
 Priority:  Medium|  Milestone:
Component:  Applications/Tor Browser  |Version:
 Severity:  Normal|   Keywords:
Actual Points:|  Parent ID:
   Points:|   Reviewer:
--+--
 Why there is "remember history" option?

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

[tor-bugs] #27527 [Applications/Tor Browser]: Remove "Google" from built-in Search list because it is unusable via Tor in most cases.

2018-09-06 Thread Tor Bug Tracker & Wiki 
#27527: Remove "Google" from built-in Search list because it is unusable via 
Tor in
most cases.
--+--
 Reporter:  cypherpunks3  |  Owner:  tbb-team
 Type:  task  | Status:  new
 Priority:  Medium|  Milestone:
Component:  Applications/Tor Browser  |Version:
 Severity:  Normal|   Keywords:
Actual Points:|  Parent ID:
   Points:|   Reviewer:
--+--
 Title.

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

[tor-bugs] #27526 [Applications/Tor Browser]: Remove Dark and Light theme from Themes because these are idntifiable via Javascript

2018-09-06 Thread Tor Bug Tracker & Wiki 
#27526: Remove Dark and Light theme from Themes because these are idntifiable 
via
Javascript
--+--
 Reporter:  cypherpunks3  |  Owner:  tbb-team
 Type:  task  | Status:  new
 Priority:  Medium|  Milestone:
Component:  Applications/Tor Browser  |Version:
 Severity:  Normal|   Keywords:
Actual Points:|  Parent ID:
   Points:|   Reviewer:
--+--
 Title.

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

[tor-bugs] #27525 [Applications/Tor Browser]: Hide "Click to load installed sys plugins" from about:addons -> Plugins

2018-09-06 Thread Tor Bug Tracker & Wiki 
#27525: Hide "Click to load installed sys plugins" from about:addons -> Plugins
--+--
 Reporter:  cypherpunks3  |  Owner:  tbb-team
 Type:  task  | Status:  new
 Priority:  Medium|  Milestone:
Component:  Applications/Tor Browser  |Version:
 Severity:  Normal|   Keywords:
Actual Points:|  Parent ID:
   Points:|   Reviewer:
--+--
 Title.

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

[tor-bugs] #27524 [Applications/Tor Browser]: Hide "New Identity" "New circuit" burger menu buttons if "extensions.torbutton.use_nontor_proxy" is true.

2018-09-06 Thread Tor Bug Tracker & Wiki 
#27524: Hide "New Identity" "New circuit" burger menu buttons if
"extensions.torbutton.use_nontor_proxy" is true.
--+--
 Reporter:  cypherpunks3  |  Owner:  tbb-team
 Type:  task  | Status:  new
 Priority:  Medium|  Milestone:
Component:  Applications/Tor Browser  |Version:
 Severity:  Normal|   Keywords:
Actual Points:|  Parent ID:
   Points:|   Reviewer:
--+--
 Title.

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

[tor-bugs] #27523 [Community/Tor Support]: Restore cypherpunks account for us.

2018-09-06 Thread Tor Bug Tracker & Wiki 
#27523: Restore cypherpunks account for us.
---+---
 Reporter:  cypherpunks3   |  Owner:  phoul
 Type:  task   | Status:  new
 Priority:  High   |  Milestone:
Component:  Community/Tor Support  |Version:
 Severity:  Critical   |   Keywords:
Actual Points: |  Parent ID:
   Points: |   Reviewer:
---+---
 When?

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #27476 [Applications/Tor Browser]: Remove gap between Tor Launcher window and main browser window

2018-09-06 Thread Tor Bug Tracker & Wiki 
#27476: Remove gap between Tor Launcher window and main browser window
-+-
 Reporter:  arthuredelstein  |  Owner:  tbb-
 |  team
 Type:  defect   | Status:  new
 Priority:  Medium   |  Milestone:
Component:  Applications/Tor Browser |Version:
 Severity:  Normal   | Resolution:
 Keywords:  tor-launcher tbb-performance ux- |  Actual Points:
  team   |
Parent ID:   | Points:
 Reviewer:   |Sponsor:
-+-

Comment (by arthuredelstein):

 Replying to [comment:4 cypherpunks3]:
 > Replying to [comment:3 arthuredelstein]:
 > > I don't think users will necessarily understand what a blank window
 means.
 > Well it would at least solve the issue you eloquently describe in
 paragraph 2 & 3, right?

 Yes, it would help! And I appreciate the suggestion. But I think a blank
 window would be confusing and so, I'd prefer to keep the Tor Launcher
 window open instead if we go with Option 1.

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #27513 [HTTPS Everywhere/EFF-HTTPS Everywhere]: Add-on for redirecting users to onion site

2018-09-06 Thread Tor Bug Tracker & Wiki 
#27513: Add-on for redirecting users to onion site
-+-
 Reporter:  cyberpunks   |  Owner:  legind
 Type:  enhancement  | Status:  new
 Priority:  Low  |  Milestone:
Component:  HTTPS Everywhere/EFF-HTTPS   |Version:
  Everywhere |
 Severity:  Normal   | Resolution:
 Keywords:   |  Actual Points:
Parent ID:   | Points:
 Reviewer:   |Sponsor:
-+-

Comment (by cypherpunks3):

 I'm sure I didn't give a consent to access https://www.https-rulesets.org/
 in background.

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #27513 [HTTPS Everywhere/EFF-HTTPS Everywhere]: Add-on for redirecting users to onion site

2018-09-06 Thread Tor Bug Tracker & Wiki 
#27513: Add-on for redirecting users to onion site
-+-
 Reporter:  cyberpunks   |  Owner:  legind
 Type:  enhancement  | Status:  new
 Priority:  Low  |  Milestone:
Component:  HTTPS Everywhere/EFF-HTTPS   |Version:
  Everywhere |
 Severity:  Normal   | Resolution:
 Keywords:   |  Actual Points:
Parent ID:   | Points:
 Reviewer:   |Sponsor:
-+-

Comment (by cypherpunks3):

 By the way your `HTTPS Everywhere` add-on shipped with "`Auto-update
 ruleses`" enabled
 by default and you clearly didn't notify the user about automatic
 connection.

 What do you think about this?

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #27461 [Core Tor/Tor]: Windows: cast between incompatible function types in main

2018-09-06 Thread Tor Bug Tracker & Wiki 
#27461: Windows: cast between incompatible function types in main
-+-
 Reporter:  teor |  Owner:  teor
 Type:  defect   | Status:
 |  needs_review
 Priority:  Medium   |  Milestone:  Tor:
 |  0.3.4.x-final
Component:  Core Tor/Tor |Version:  Tor:
 |  0.2.2.23-alpha
 Severity:  Normal   | Resolution:
 Keywords:  035-must, 034-must, 034-backport,|  Actual Points:
  033-backport, 032-backport, 029-backport   |
Parent ID:  #27389   | Points:
 Reviewer:   |Sponsor:
-+-
Changes (by teor):

 * status:  needs_revision => needs_review
 * keywords:  035-must, 034-must, 034-backport =>
 035-must, 034-must, 034-backport, 033-backport, 032-backport,
 029-backport
 * version:  Tor: 0.3.4.1-alpha => Tor: 0.2.2.23-alpha


Comment:

 Please see my branches bug27463-029 and bug27463-032 on
 ​https://github.com/teor2345/tor.git

 The 032 branch fixes a minor merge conflict due to an #endif comment.

 The CI is here, but it will fail Appveyor until all the children of #27389
 are merged:
 * 0.3.4:
   * https://ci.appveyor.com/project/teor2345/tor/build/1.0.160
   * https://travis-ci.org/teor2345/tor/builds/425552509
 * 0.3.2:
   * https://travis-ci.org/teor2345/tor/builds/425552403
 * 0.2.9:
   * https://travis-ci.org/teor2345/tor/builds/425552011

 The passing CI for all the #27389 fixes on 0.3.4 is here:
 * https://ci.appveyor.com/project/teor2345/tor/build/1.0.156
 * ​https://travis-ci.org/teor2345/tor/builds/425096670

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #27513 [HTTPS Everywhere/EFF-HTTPS Everywhere]: Add-on for redirecting users to onion site

2018-09-06 Thread Tor Bug Tracker & Wiki 
#27513: Add-on for redirecting users to onion site
-+-
 Reporter:  cyberpunks   |  Owner:  legind
 Type:  enhancement  | Status:  new
 Priority:  Low  |  Milestone:
Component:  HTTPS Everywhere/EFF-HTTPS   |Version:
  Everywhere |
 Severity:  Normal   | Resolution:
 Keywords:   |  Actual Points:
Parent ID:   | Points:
 Reviewer:   |Sponsor:
-+-

Comment (by cypherpunks3):

 Replying to [comment:4 legind]:
 > Uh, I'm pretty sure it does though.  It's called `addons.mozilla.org`.

 "Self-hosted add-on" does not connect to `addons.mozilla.org`.

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #27432 [Core Tor/Tor]: Appveyor: all compiled x86_64 executables crash

2018-09-06 Thread Tor Bug Tracker & Wiki 
#27432: Appveyor: all compiled x86_64 executables crash
--+
 Reporter:  teor  |  Owner:  teor
 Type:  defect| Status:  closed
 Priority:  Medium|  Milestone:  Tor: 0.3.4.x-final
Component:  Core Tor/Tor  |Version:
 Severity:  Normal| Resolution:  duplicate
 Keywords:  034-must? |  Actual Points:
Parent ID:  #27460| Points:
 Reviewer:|Sponsor:
--+
Changes (by teor):

 * status:  needs_revision => closed
 * resolution:   => duplicate


Comment:

 Let's deal with this in #27460.

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #24351 [Applications/Tor Browser]: Block Global Active Adversary Cloudflare

2018-09-06 Thread Tor Bug Tracker & Wiki 
#24351: Block Global Active Adversary Cloudflare
-+-
 Reporter:  nullius  |  Owner:  tbb-
 |  team
 Type:  enhancement  | Status:
 |  reopened
 Priority:  High |  Milestone:
Component:  Applications/Tor Browser |Version:
 Severity:  Major| Resolution:
 Keywords:  security, privacy, anonymity, mitm,  |  Actual Points:
  cloudflare |
Parent ID:  #18361   | Points:  1000
 Reviewer:   |Sponsor:
-+-

Comment (by mhoye):

 An endpoint-sanctioned CDN cannot reasonably be considered a MITM attack,
 condescension towards our engineers and their decision-making process is
 not an acceptable use of Bugzilla, and this bug will stay closed as is.

 If you disagree with this decision feel free to email me directly.

 Thank you.

 > les

 You're an idiot. You should not discriminate CDN servers.

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #27463 [Core Tor/Tor]: hs: rend_client_send_introduction v0 string truncation warning

2018-09-06 Thread Tor Bug Tracker & Wiki 
#27463: hs: rend_client_send_introduction v0 string truncation warning
-+-
 Reporter:  teor |  Owner:  teor
 Type:  defect   | Status:
 |  needs_review
 Priority:  Medium   |  Milestone:  Tor:
 |  0.3.4.x-final
Component:  Core Tor/Tor |Version:
 Severity:  Normal   | Resolution:
 Keywords:  035-must, 034-must, 034-backport,|  Actual Points:
  033-backport, 032-backport, 029-backport   |
Parent ID:  #27389   | Points:
 Reviewer:   |Sponsor:
-+-
Changes (by teor):

 * keywords:  035-must, 034-must, 034-backport =>
 035-must, 034-must, 034-backport, 033-backport, 032-backport,
 029-backport
 * status:  needs_revision => needs_review
 * version:  Tor: 0.3.4.1-alpha =>


Comment:

 Please see my branch bug27463-029 on ​https://github.com/teor2345/tor.git



 The CI is here, but it will fail Appveyor until all the children of #27389
 are merged:
 * 0.3.4:
   * https://ci.appveyor.com/project/teor2345/tor/build/1.0.159
   * ​https://travis-ci.org/teor2345/tor/builds/425549078
 * 0.2.9:
   * ​https://travis-ci.org/teor2345/tor/builds/425549007

 The passing CI for all the #27389 fixes on 0.3.4 is here:
 * https://ci.appveyor.com/project/teor2345/tor/build/1.0.156
 * ​https://travis-ci.org/teor2345/tor/builds/425096670

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

[tor-bugs] #27522 [Applications/Tor Browser]: Screen Size doesn't change with customizing Firefox toolbars

2018-09-06 Thread Tor Bug Tracker & Wiki 
#27522: Screen Size doesn't change with customizing Firefox toolbars
-+-
 Reporter:  awa7 |  Owner:  tbb-team
 Type:  defect   | Status:  new
 Priority:  Medium   |  Milestone:
Component:  Applications/Tor |Version:
  Browser|   Keywords:  Tor Browser, Firefox,
 Severity:  Normal   |  Screen Size, Fingerprint
Actual Points:   |  Parent ID:
   Points:   |   Reviewer:
  Sponsor:   |
-+-
 The Screen Size in Tor Browser is forced to 1000x600px at my screen size.
 However, when changing the layout of the Toolbars via "Customize ->
 Density", the window stays the same. Even after hitting "New Identity",
 the window size stays the same, so the toolbars "eat" more (or less) of
 the inner screen size. You can run Panopticlick with the three different
 density settings, and only on "Narrow" you will get the 1000x600 (or I
 assume the other right screen size, if you don't have 1000x600).

 I consider this kind of a privacy leak, because some people may change the
 toolbar layout, and they may think "Am using TB so everything's gonna be
 alright". On Panopticlick the screen size has a good impact.

 Hope i described the "bug" or whatever good enough.

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #17393 [Webpages/Website]: Make the various javascript on Tor sites be LibreJS-compatible?

2018-09-06 Thread Tor Bug Tracker & Wiki 
#17393: Make the various javascript on Tor sites be LibreJS-compatible?
+--
 Reporter:  arma|  Owner:  traumschule
 Type:  enhancement | Status:  needs_review
 Priority:  Medium  |  Milestone:  WebsiteV3
Component:  Webpages/Website|Version:
 Severity:  Minor   | Resolution:
 Keywords:  defer-new-website, website-bug  |  Actual Points:
Parent ID:  | Points:
 Reviewer:  |Sponsor:
+--
Changes (by traumschule):

 * status:  assigned => needs_review


Comment:

 https://github.com/torproject/webwml/pull/45

 Creating the table it was not quite possible to find the exact origin of
 all our JQuery libraries. I used [https://ssd.eff.org/en/librejs/jslicense
 EFFs jslicense list] as a reference. This page describes the issues
 creating an
 
[https://www.mediawiki.org/wiki/Requests_for_comment/Isolate_custom_jQuery_libraries
 inventory of used js in mediawiki] quite well. For example searching for
 JQuery Client libraries leads to no exact result, so it is hard to decide
 which version we are using, from which origin and how much it was
 modified. {{{git blame}}} helped to find editors of our specific files, in
 doubt we can interview Andrew Lewman who added most of the JQuery
 libraries. If you find any wrong links in the table, please let me know.

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #27521 [Core Tor/Tor]: Comment: typo in get_interface_addresses_win32() function comment

2018-09-06 Thread Tor Bug Tracker & Wiki 
#27521: Comment: typo in get_interface_addresses_win32() function comment
---+
 Reporter:  teor   |  Owner:  teor
 Type:  defect | Status:  needs_review
 Priority:  Medium |  Milestone:  Tor: 0.3.5.x-final
Component:  Core Tor/Tor   |Version:
 Severity:  Normal | Resolution:
 Keywords:  fast-fix, comment  |  Actual Points:
Parent ID: | Points:
 Reviewer: |Sponsor:
---+
Changes (by teor):

 * status:  assigned => needs_review
 * keywords:  fast-fix => fast-fix, comment


Comment:

 I rewrote the function comment of get_interface_addresses_win32(). It
 still referred to GetAdpatersInfo().

 See my branch bug27521 on https://github.com/teor2345/tor.git

 CI is here, Appveyor will fail due to #27389:
 * https://ci.appveyor.com/project/teor2345/tor/build/1.0.158
 * https://travis-ci.org/teor2345/tor/builds/425535657

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

[tor-bugs] #27521 [Core Tor/Tor]: Comment: typo in get_interface_addresses_win32() function comment

2018-09-06 Thread Tor Bug Tracker & Wiki 
#27521: Comment: typo in get_interface_addresses_win32() function comment
--+
 Reporter:  teor  |  Owner:  teor
 Type:  defect| Status:  assigned
 Priority:  Medium|  Milestone:  Tor: 0.3.5.x-final
Component:  Core Tor/Tor  |Version:
 Severity:  Normal|   Keywords:  fast-fix
Actual Points:|  Parent ID:
   Points:|   Reviewer:
  Sponsor:|
--+


--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #27465 [Core Tor/Tor]: Windows: cast between incompatible function types in address.c

2018-09-06 Thread Tor Bug Tracker & Wiki 
#27465: Windows: cast between incompatible function types in address.c
-+-
 Reporter:  teor |  Owner:  teor
 Type:  defect   | Status:
 |  needs_review
 Priority:  Medium   |  Milestone:  Tor:
 |  0.3.4.x-final
Component:  Core Tor/Tor |Version:  Tor:
 |  0.2.3.11-alpha
 Severity:  Normal   | Resolution:
 Keywords:  034-must, 034-backport,  |  Actual Points:
  033-backport, 032-backport, 029-backport   |
Parent ID:  #27389   | Points:
 Reviewer:   |Sponsor:
-+-

Comment (by teor):

 The CI is here, but it will fail Appveyor until all the children of #27389
 are merged:
 * 0.3.4:
   * https://ci.appveyor.com/project/teor2345/tor/build/1.0.157
   * https://travis-ci.org/teor2345/tor/builds/425533313
 * 0.2.9:
   * https://travis-ci.org/teor2345/tor/builds/425531011

 The passing CI for all the #27389 fixes on 0.3.4 is here:
 * https://ci.appveyor.com/project/teor2345/tor/build/1.0.156
 * https://travis-ci.org/teor2345/tor/builds/425096670

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #27465 [Core Tor/Tor]: Windows: cast between incompatible function types in address.c

2018-09-06 Thread Tor Bug Tracker & Wiki 
#27465: Windows: cast between incompatible function types in address.c
-+-
 Reporter:  teor |  Owner:  teor
 Type:  defect   | Status:
 |  needs_review
 Priority:  Medium   |  Milestone:  Tor:
 |  0.3.4.x-final
Component:  Core Tor/Tor |Version:  Tor:
 |  0.2.3.11-alpha
 Severity:  Normal   | Resolution:
 Keywords:  034-must, 034-backport,  |  Actual Points:
  033-backport, 032-backport, 029-backport   |
Parent ID:  #27389   | Points:
 Reviewer:   |Sponsor:
-+-
Changes (by teor):

 * keywords:  035-must, 034-must, 034-backport => 034-must, 034-backport,
 033-backport, 032-backport, 029-backport
 * status:  needs_revision => needs_review
 * version:  Tor: 0.3.4.1-alpha => Tor: 0.2.3.11-alpha


Comment:

 Please see my branch bug27465-029 on https://github.com/teor2345/tor.git

 We already fixed this issue in 0.3.5 by removing the lookup and cast in
 #26481. So the code will conflict when merging to 0.3.5, we should do an
 --ours merge (and delete the changes file?).

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #27495 [Applications/Tor Browser]: Tor Browser 8.0 wrong user-agent

2018-09-06 Thread Tor Bug Tracker & Wiki 
#27495: Tor Browser 8.0 wrong user-agent
--+---
 Reporter:  temp123   |  Owner:  tbb-team
 Type:  defect| Status:  closed
 Priority:  Medium|  Milestone:
Component:  Applications/Tor Browser  |Version:
 Severity:  Normal| Resolution:  duplicate
 Keywords:|  Actual Points:
Parent ID:| Points:
 Reviewer:|Sponsor:
--+---

Comment (by cypherpunks3):

 Replying to [comment:2 arma]:
 > This ticket makes a good point that the useragent is actually set to
 Windows in my about:config, so it sure looks like it's *trying* to set the
 useragent, it's just not actually setting it correctly (or using it).
 >
 > (I hear from the tor browser devs that they are no longer trying to lie
 about user agent, (a) because you can't actually convincing lie, because
 there are so many other components that would have to change too, and (b)
 because when Android enters the scene, they won't want to get served the
 non-mobile version of pages. But I think there are still some arguments in
 favor of setting the useragent to Windows for the desktop version: passive
 website logs only look at user-agent for one, and when the openbsd people
 get their Tor Browser going they'll sure stand out. Oh and a third reason
 is the flood of people who keep thinking there's a bug to report. :)

 The first issue is the most severe. I do not want to be the only person in
 the website logs who is shown as using Linux. The fix is so easy. Is there
 any way we can correct this? Should I be installing a browser extension to
 force the user agent?

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #17393 [Webpages/Website]: Make the various javascript on Tor sites be LibreJS-compatible?

2018-09-06 Thread Tor Bug Tracker & Wiki 
#17393: Make the various javascript on Tor sites be LibreJS-compatible?
+-
 Reporter:  arma|  Owner:  traumschule
 Type:  enhancement | Status:  assigned
 Priority:  Medium  |  Milestone:  WebsiteV3
Component:  Webpages/Website|Version:
 Severity:  Minor   | Resolution:
 Keywords:  defer-new-website, website-bug  |  Actual Points:
Parent ID:  | Points:
 Reviewer:  |Sponsor:
+-

Comment (by traumschule):

 LibreJS 7.16 recognizes the link to a [https://www.gnu.org/licenses
 /javascript-labels.html JavaScript Web Labels table]. It can be placed
 anywhere in the site, but not in comments:
 {{{
 JavaScript license
 information
 }}}
 The result is that all JavaScript on the page is qualified with {{{Free
 licenses (GPL-2.0)}}}:
 https://share.riseup.net/#B7FX1hAfLjz9Y2VGam3w4Q (screenshot)

 It seems that the content of the linked page does not change the result as
 it was tested with an empty page and with a table listing the scripts by
 name.

 A license definition only at the head of the loaded script as described in
 [https://www.gnu.org/software/librejs/free-your-javascript.html 3.2.4
 Stylized comment] however is not recognized, or i made a mistake:
 http://yslc6nb5fftewvbmxlkdm3h3b42feesug7qebc2a42xsgeesp4llkayd.onion/docs
 /debian-selector.js

 Based on this i propose to place the link to the Web labels table in the
 footer to appear on all pages of our site.

 It is good to know that it works well with onion addresses.

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #27520 [Applications/Tor Browser]: Fix regression breaking user agent spoofing

2018-09-06 Thread Tor Bug Tracker & Wiki 
#27520: Fix regression breaking user agent spoofing
--+--
 Reporter:  cypherpunks3  |  Owner:  tbb-team
 Type:  defect| Status:  new
 Priority:  Very High |  Milestone:
Component:  Applications/Tor Browser  |Version:
 Severity:  Major | Resolution:
 Keywords:|  Actual Points:
Parent ID:| Points:
 Reviewer:|Sponsor:
--+--

Comment (by cypherpunks3):

 Should I install an extension to manually spoof user agent in the mean
 time?

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

[tor-bugs] #27520 [Applications/Tor Browser]: Fix regression breaking user agent spoofing

2018-09-06 Thread Tor Bug Tracker & Wiki 
#27520: Fix regression breaking user agent spoofing
--+--
 Reporter:  cypherpunks3  |  Owner:  tbb-team
 Type:  defect| Status:  new
 Priority:  Very High |  Milestone:
Component:  Applications/Tor Browser  |Version:
 Severity:  Major |   Keywords:
Actual Points:|  Parent ID:
   Points:|   Reviewer:
  Sponsor:|
--+--
 From https://bugzilla.mozilla.org/show_bug.cgi?id=1404608, a patch was
 added that breaks user agent spoofing. This patch is small and reverting
 it will fix this issue. Please fix this regression.

 The main problem is that users who have JS disabled are largely protected
 from platform fingerprinting. The lack of spoofing makes it so that even
 those users can no longer hide their platform. I do not want to be the
 only person who shows as using Linux on some of the sites I visit.

 Please fix this issue.

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #24351 [Applications/Tor Browser]: Block Global Active Adversary Cloudflare

2018-09-06 Thread Tor Bug Tracker & Wiki 
#24351: Block Global Active Adversary Cloudflare
-+-
 Reporter:  nullius  |  Owner:  tbb-
 |  team
 Type:  enhancement  | Status:
 |  reopened
 Priority:  High |  Milestone:
Component:  Applications/Tor Browser |Version:
 Severity:  Major| Resolution:
 Keywords:  security, privacy, anonymity, mitm,  |  Actual Points:
  cloudflare |
Parent ID:  #18361   | Points:  1000
 Reviewer:   |Sponsor:
-+-

Comment (by les):

 https://addons.mozilla.org/en-US/firefox/addon/detect-cloudflare/

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #27513 [HTTPS Everywhere/EFF-HTTPS Everywhere]: Add-on for redirecting users to onion site

2018-09-06 Thread Tor Bug Tracker & Wiki 
#27513: Add-on for redirecting users to onion site
-+-
 Reporter:  cyberpunks   |  Owner:  legind
 Type:  enhancement  | Status:  new
 Priority:  Low  |  Milestone:
Component:  HTTPS Everywhere/EFF-HTTPS   |Version:
  Everywhere |
 Severity:  Normal   | Resolution:
 Keywords:   |  Actual Points:
Parent ID:   | Points:
 Reviewer:   |Sponsor:
-+-

Comment (by legind):

 Uh, I'm pretty sure it does though.  It's called addons.mozilla.com.

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #27513 [HTTPS Everywhere/EFF-HTTPS Everywhere]: Add-on for redirecting users to onion site

2018-09-06 Thread Tor Bug Tracker & Wiki 
#27513: Add-on for redirecting users to onion site
-+-
 Reporter:  cyberpunks   |  Owner:  legind
 Type:  enhancement  | Status:  new
 Priority:  Low  |  Milestone:
Component:  HTTPS Everywhere/EFF-HTTPS   |Version:
  Everywhere |
 Severity:  Normal   | Resolution:
 Keywords:   |  Actual Points:
Parent ID:   | Points:
 Reviewer:   |Sponsor:
-+-

Comment (by cypherpunks3):

 https://trac.torproject.org/projects/tor/wiki/org/projects/WeSupportTor
 Having healthy.onion since last year, it's good.
 Unlike HTTPSEverywhere this add-on does not connect to remote server to
 update the list.

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #27519 [Core Tor/Tor]: missing "Service configured in" for hs-v3 lines in info log

2018-09-06 Thread Tor Bug Tracker & Wiki 
#27519: missing "Service configured in" for hs-v3 lines in info log
--+--
 Reporter:  traumschule   |  Owner:  (none)
 Type:  defect| Status:  new
 Priority:  Medium|  Milestone:
Component:  Core Tor/Tor  |Version:  Tor: unspecified
 Severity:  Normal| Resolution:
 Keywords:|  Actual Points:
Parent ID:| Points:
 Reviewer:|Sponsor:
--+--

Comment (by traumschule):

 Maybe it's worth to note that the v3 onions are accessible.

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

[tor-bugs] #27519 [Core Tor/Tor]: missing "Service configured in" for hs-v3 lines in info log

2018-09-06 Thread Tor Bug Tracker & Wiki 
#27519: missing "Service configured in" for hs-v3 lines in info log
--+--
 Reporter:  traumschule   |  Owner:  (none)
 Type:  defect| Status:  new
 Priority:  Medium|  Milestone:
Component:  Core Tor/Tor  |Version:  Tor: unspecified
 Severity:  Normal|   Keywords:
Actual Points:|  Parent ID:
   Points:|   Reviewer:
  Sponsor:|
--+--
 (My) Tor version 0.3.5.0-alpha-dev does not print out

 > [info] {GENERAL} Service configured in "/var/lib/tor/hidden_service

 for v3 onion services. The output for
 {{{
 rgrep "Service configured in" /var/log/tor/|grep hsv3
 }}}
 is empty here, although i have at least one onion service configure in a
 path by that name.

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #27495 [Applications/Tor Browser]: Tor Browser 8.0 wrong user-agent

2018-09-06 Thread Tor Bug Tracker & Wiki 
#27495: Tor Browser 8.0 wrong user-agent
--+---
 Reporter:  temp123   |  Owner:  tbb-team
 Type:  defect| Status:  closed
 Priority:  Medium|  Milestone:
Component:  Applications/Tor Browser  |Version:
 Severity:  Normal| Resolution:  duplicate
 Keywords:|  Actual Points:
Parent ID:| Points:
 Reviewer:|Sponsor:
--+---

Comment (by cypherpunks3):

 Replying to [comment:2 arma]:
 > (I hear from the tor browser devs that they are no longer trying to lie
 about user agent, (a) because you can't actually convincing lie,
 1) Not everyone does OS detection with JS, so the trackers who use the UA
 only (i.e. without JS detection) are duped, 2) with JS disabled there's no
 reliable way to tell exactly the OS (except some CSS bugs from now and
 then),
 > because there are so many other components that would have to change
 too,
 3) these elements can be changed too in the long term (search for a
 keyword that sounds like tbb-fingerprinting-os or something). We can have
 fantastic dreams, right?

 > and (b) because when Android enters the scene, they won't want to get
 served the non-mobile version of pages.
 Mobile vs desktop distinction is justifiable, and it entails nothing for
 the case we're dealing with here.

 Replying to [comment:4 gk]:
 >  Not only is it more than confusing to get always a random .exe file
 offered for download even though you are not on Windows but things like
 Google apps were actually broken for macOS users (see:
 ​https://bugzilla.mozilla.org/show_bug.cgi?id=1405810)
 This is kinda ironic considering that logging into your Google account to
 use Google Docs with Tor is straight-up *impossible* unless one does the
 SMS verification - or partial de-anonymization to put it in another
 fashion (except for the folks who buy SMS boxes with Bitcoin). So we're
 doing trading-off a situation that only a very limited number of Mac OS
 (marketshare is low) *and* Tor users encounter for the global Tor populace
 (the reports come from a standard Firefox for a reason)? This is even more
 ironic considering the amount of voluntary breakage that Google makes on
 its websites and services for the standard Firefox and Firefox Mobile, let
 alone the Tor Browser (recent examples in mind: YouTube uses an old
 standard not implemented in Firefox which leads to 5-10sec of delay on
 Firefox vs Chrome, the Google search looked different for Firefox Mobile
 vs Chrome Mobile and would change with a simple UA change to Chrome
 Mobile's UA). In other words trading privacy for hostile Google's
 usability shouldn't be even on our imagination.

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #27422 [Webpages/Website]: Remove signature line from security.txt

2018-09-06 Thread Tor Bug Tracker & Wiki 
#27422: Remove signature line from security.txt
--+--
 Reporter:  traumschule   |  Owner:  (none)
 Type:  defect| Status:  reopened
 Priority:  Medium|  Milestone:  website redesign
Component:  Webpages/Website  |Version:
 Severity:  Normal| Resolution:
 Keywords:|  Actual Points:
Parent ID:  #25131| Points:
 Reviewer:|Sponsor:
--+--
Changes (by traumschule):

 * status:  closed => reopened
 * resolution:  fixed =>


Comment:

 not merged yet ..

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #27424 [Webpages/Website]: Remove hiring line from security.txt

2018-09-06 Thread Tor Bug Tracker & Wiki 
#27424: Remove hiring line from security.txt
--+--
 Reporter:  traumschule   |  Owner:  (none)
 Type:  defect| Status:  reopened
 Priority:  Medium|  Milestone:  website redesign
Component:  Webpages/Website  |Version:
 Severity:  Normal| Resolution:
 Keywords:|  Actual Points:
Parent ID:  #25131| Points:
 Reviewer:|Sponsor:
--+--
Changes (by traumschule):

 * status:  closed => reopened
 * resolution:  fixed =>


Comment:

 not merged yet ..

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

[tor-bugs] #27518 [Applications/Tor Browser]: firefox tries to access system's snapd profile

2018-09-06 Thread Tor Bug Tracker & Wiki 
#27518: firefox tries to access system's snapd profile
--+--
 Reporter:  traumschule   |  Owner:  tbb-team
 Type:  defect| Status:  new
 Priority:  Medium|  Milestone:
Component:  Applications/Tor Browser  |Version:
 Severity:  Normal|   Keywords:  tbb-security
Actual Points:|  Parent ID:
   Points:|   Reviewer:
  Sponsor:|
--+--
 (I accepted the offered restart to upgrade TB 8.0a10 and it didn't come up
 from alone again, but this is an aside since 8.5a1
 [https://share.riseup.net/#hTGrSevtp2zZD-493OZaPA works well after].)

 When i logged in to trac, firefox tried to access a local snap profile and
 failed. I would not expect it to do that:
 {{{
 (/path/to/tor-browser8.0a10/Browser/firefox.real:20293): dconf-WARNING **:
 23:01:32.166: Unable to open /var/lib/snapd/desktop/dconf/profile/user:
 Permission denied
 }}}

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #27476 [Applications/Tor Browser]: Remove gap between Tor Launcher window and main browser window

2018-09-06 Thread Tor Bug Tracker & Wiki 
#27476: Remove gap between Tor Launcher window and main browser window
-+-
 Reporter:  arthuredelstein  |  Owner:  tbb-
 |  team
 Type:  defect   | Status:  new
 Priority:  Medium   |  Milestone:
Component:  Applications/Tor Browser |Version:
 Severity:  Normal   | Resolution:
 Keywords:  tor-launcher tbb-performance ux- |  Actual Points:
  team   |
Parent ID:   | Points:
 Reviewer:   |Sponsor:
-+-

Comment (by cypherpunks3):

 Replying to [comment:3 arthuredelstein]:
 > I don't think users will necessarily understand what a blank window
 means.
 Well it would at least solve the issue you eloquently describe in
 paragraph 2 & 3, right?

 > Without looking at the code or testing further, my guess is a big part
 of the perceived slowness is due to real slowness, which is that we delay
 starting to build the browser window until after the launch process is
 finished.
 Right, that can be fixed too.

 (Note: For the alphas on Linux who have SelfRando the content processes
 are slow to load so it's very noticeable, especially on an Intel Atom.)

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #27424 [Webpages/Website]: Remove hiring line from security.txt

2018-09-06 Thread Tor Bug Tracker & Wiki 
#27424: Remove hiring line from security.txt
--+--
 Reporter:  traumschule   |  Owner:  (none)
 Type:  defect| Status:  closed
 Priority:  Medium|  Milestone:  website redesign
Component:  Webpages/Website  |Version:
 Severity:  Normal| Resolution:  fixed
 Keywords:|  Actual Points:
Parent ID:  #25131| Points:
 Reviewer:|Sponsor:
--+--
Changes (by traumschule):

 * status:  needs_review => closed
 * resolution:   => fixed


--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #27422 [Webpages/Website]: Remove signature line from security.txt

2018-09-06 Thread Tor Bug Tracker & Wiki 
#27422: Remove signature line from security.txt
--+--
 Reporter:  traumschule   |  Owner:  (none)
 Type:  defect| Status:  closed
 Priority:  Medium|  Milestone:  website redesign
Component:  Webpages/Website  |Version:
 Severity:  Normal| Resolution:  fixed
 Keywords:|  Actual Points:
Parent ID:  #25131| Points:
 Reviewer:|Sponsor:
--+--
Changes (by traumschule):

 * status:  needs_review => closed
 * resolution:   => fixed


--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #27350 [Core Tor/Nyx]: Nyx -d ignores supplied file name

2018-09-06 Thread Tor Bug Tracker & Wiki 
#27350: Nyx -d ignores supplied file name
--+
 Reporter:  traumschule   |  Owner:  atagar
 Type:  defect| Status:  closed
 Priority:  Medium|  Milestone:
Component:  Core Tor/Nyx  |Version:
 Severity:  Normal| Resolution:  fixed
 Keywords:|  Actual Points:
Parent ID:| Points:
 Reviewer:|Sponsor:
--+
Changes (by traumschule):

 * status:  needs_review => closed
 * resolution:   => fixed


Comment:

 the original issues is fixed, opened #27517 for debug output issue

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

[tor-bugs] #27517 [Core Tor/Nyx]: ./run_nyx shows stem's debug output

2018-09-06 Thread Tor Bug Tracker & Wiki 
#27517: ./run_nyx shows stem's debug output
--+
 Reporter:  traumschule   |  Owner:  atagar
 Type:  defect| Status:  new
 Priority:  Medium|  Milestone:
Component:  Core Tor/Nyx  |Version:
 Severity:  Normal|   Keywords:
Actual Points:|  Parent ID:
   Points:|   Reviewer:
  Sponsor:|
--+
 I did not find out why I see stem's debug output with ./run_nyx from a
 fresh clone:

 {{{
 nyx_fresh$ ./run_nyx -d nyx.log
 TRACE:stem:Nyx 2.0.4-dev Debug Dump
 Stem Version: 1.6.0
 Python Version: 2.7.15
 Platform: Linux (debian buster/sid )
 

 Nyx Configuration (/home/user/.nyx/config):
 [file doesn't exist]
 

 Saving a debug log to nyx.log, please check it for sensitive information
 before sharing it.
 NOTICE:stem:No nyxrc loaded, using defaults. You can customize nyx by
 placing a configuration file at /home/user/.nyx/config (see
 https://nyx.torproject.org/nyxrc.sample for its options).
 TRACE:stem:config entry 'tor_chroot' not found, defaulting to ''
 TRACE:stem:Sent to tor: PROTOCOLINFO 1
 TRACE:stem:Received from tor:
 250-PROTOCOLINFO 1
 250-AUTH METHODS=COOKIE,SAFECOOKIE,HASHEDPASSWORD
 COOKIEFILE="/var/run/tor/control.authcookie"
 250-VERSION Tor="0.3.5.0-alpha-dev"
 250 OK
 Tor controller password:
 }}}

 (follow-up of #27350)

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #3799 [Community/Translations]: Investigate methods for translating strings in Unixoid shell scripts

2018-09-06 Thread Tor Bug Tracker & Wiki 
#3799: Investigate methods for translating strings in Unixoid shell scripts
+--
 Reporter:  rransom |  Owner:  traumschule
 Type:  task| Status:  needs_review
 Priority:  Medium  |  Milestone:
Component:  Community/Translations  |Version:
 Severity:  Normal  | Resolution:
 Keywords:  |  Actual Points:
Parent ID:  | Points:
 Reviewer:  emmapeel|Sponsor:
+--
Changes (by traumschule):

 * reviewer:   => emmapeel


Comment:

 still needs a live test, but are strings are ready for translation

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #27305 [Webpages/Website]: create a download page for TBA on torproject.org

2018-09-06 Thread Tor Bug Tracker & Wiki 
#27305: create a download page for TBA on torproject.org
--+
 Reporter:  isabela   |  Owner:
  |  traumschule
 Type:  task  | Status:  closed
 Priority:  Immediate |  Milestone:
Component:  Webpages/Website  |Version:
 Severity:  Normal| Resolution:  fixed
 Keywords:  tbb-mobile, TorBrowserTeam201809  |  Actual Points:
Parent ID:  #26531| Points:
 Reviewer:|Sponsor:  Sponsor8
--+
Changes (by traumschule):

 * status:  needs_review => closed
 * resolution:   => fixed


--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #27514 [Webpages/Website]: Add instructions how to verify signatures on Android

2018-09-06 Thread Tor Bug Tracker & Wiki 
#27514: Add instructions how to verify signatures on Android
--+--
 Reporter:  traumschule   |  Owner:  (none)
 Type:  task  | Status:  needs_review
 Priority:  Medium|  Milestone:
Component:  Webpages/Website  |Version:
 Severity:  Normal| Resolution:
 Keywords:|  Actual Points:
Parent ID:  #3893 | Points:
 Reviewer:|Sponsor:
--+--
Changes (by traumschule):

 * status:  new => needs_review


Comment:

 First draft:
 
https://github.com/torproject/webwml/pull/31/commits/eb879168aa1fa702e8bb0623be2ab716c19f9dd2

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #27398 [Core Tor/sbws]: Create GH/torproject/sbws repository

2018-09-06 Thread Tor Bug Tracker & Wiki 
#27398: Create GH/torproject/sbws repository
---+-
 Reporter:  juga   |  Owner:  pastly
 Type:  defect | Status:  closed
 Priority:  Medium |  Milestone:  sbws 1.0 (MVP must)
Component:  Core Tor/sbws  |Version:
 Severity:  Normal | Resolution:  fixed
 Keywords: |  Actual Points:
Parent ID: | Points:
 Reviewer:  teor   |Sponsor:
---+-

Comment (by pastly):

 Replying to [comment:11 teor]:
 > pastly, can you check we still need all the deploy keys at:
 > https://github.com/torproject/sbws/settings/keys

 Removed them, they're unneeded.

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #27409 [Internal Services/Service - trac]: improve captcha used by trac

2018-09-06 Thread Tor Bug Tracker & Wiki 
#27409: improve captcha used by trac
--+-
 Reporter:  cypherpunks3  |  Owner:  qbi
 Type:  defect| Status:  new
 Priority:  Medium|  Milestone:
Component:  Internal Services/Service - trac  |Version:
 Severity:  Normal| Resolution:
 Keywords:  cypherpunks, captcha, spam|  Actual Points:
Parent ID:  #26752| Points:
 Reviewer:|Sponsor:
--+-

Comment (by qbi):

 I changed the CAPTCHA to `ImageCaptcha` and will see how this evolves.

 A problem I see with the cypherpunks account is not necessarily related to
 CAPTCHAs. If we lift the restrictions the cypherpunks account can do all
 sort of bad stuff. So personally I'd like to see what happens. But if
 someone goes berzerk again, there need to be restrictions again.

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #27455 [Internal Services/Service - lists]: We can remove execdir-support mailman list

2018-09-06 Thread Tor Bug Tracker & Wiki 
#27455: We can remove execdir-support mailman list
---+
 Reporter:  arma   |  Owner:  qbi
 Type:  defect | Status:  closed
 Priority:  Medium |  Milestone:
Component:  Internal Services/Service - lists  |Version:
 Severity:  Normal | Resolution:  fixed
 Keywords: |  Actual Points:
Parent ID: | Points:
 Reviewer: |Sponsor:
---+
Changes (by qbi):

 * status:  new => closed
 * resolution:   => fixed


--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #22582 [Applications/Tor Browser]: www.nexusmods.com not working properly in TOR

2018-09-06 Thread Tor Bug Tracker & Wiki 
#22582: www.nexusmods.com not working properly in TOR
---+--
 Reporter:  WalrusInAnus   |  Owner:  tbb-team
 Type:  defect | Status:  reopened
 Priority:  Medium |  Milestone:
Component:  Applications/Tor Browser   |Version:
 Severity:  Normal | Resolution:
 Keywords:  tbb-usability-website, cloudflare  |  Actual Points:
Parent ID:  #18361 | Points:
 Reviewer: |Sponsor:
---+--

Comment (by traumschule):

 I see a lot of nice images. What's wrong with that?
 (a screenshot how it should look like at share.riseup.net could help)

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #27507 [Applications/Tor Browser]: DuckDuckGo can't be used without JS in Tor Browser 8 anymore

2018-09-06 Thread Tor Bug Tracker & Wiki 
#27507: DuckDuckGo can't be used without JS in Tor Browser 8 anymore
+--
 Reporter:  gk  |  Owner:  tbb-team
 Type:  defect  | Status:  new
 Priority:  Medium  |  Milestone:
Component:  Applications/Tor Browser|Version:
 Severity:  Normal  | Resolution:
 Keywords:  tbb-8.0-issues, tbb-regression  |  Actual Points:
Parent ID:  | Points:
 Reviewer:  |Sponsor:
+--
Changes (by arthuredelstein):

 * cc: arthuredelstein (added)


--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #27513 [HTTPS Everywhere/EFF-HTTPS Everywhere]: Add-on for redirecting users to onion site

2018-09-06 Thread Tor Bug Tracker & Wiki 
#27513: Add-on for redirecting users to onion site
-+-
 Reporter:  cyberpunks   |  Owner:  legind
 Type:  enhancement  | Status:  new
 Priority:  Low  |  Milestone:
Component:  HTTPS Everywhere/EFF-HTTPS   |Version:
  Everywhere |
 Severity:  Normal   | Resolution:
 Keywords:   |  Actual Points:
Parent ID:   | Points:
 Reviewer:   |Sponsor:
-+-

Comment (by traumschule):

 came across https://searxes.danwin1210.me lately, it links healthy.onion.
 needs some testing though.

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

[tor-bugs] #27516 [Applications/Tor Browser]: New Identity hotkey/keyboard shortcut (Ctrl+Shift+U) is inhibited while cursor is in a text box

2018-09-06 Thread Tor Bug Tracker & Wiki 
#27516: New Identity hotkey/keyboard shortcut (Ctrl+Shift+U) is inhibited while
cursor is in a text box
--+
 Reporter:  abie2E|  Owner:  tbb-team
 Type:  defect| Status:  new
 Priority:  Medium|  Milestone:
Component:  Applications/Tor Browser  |Version:
 Severity:  Normal|   Keywords:  fingerprinting
Actual Points:|  Parent ID:
   Points:|   Reviewer:
  Sponsor:|
--+
 Since the TBB 8.0 update, I now use the keyboard shortcut/hotkey to select
 New Identity (previously I used the menu path in the TorButton, whose
 removal I believe is misguided - but I digress).

 But the hotkey doesn't work if the text cursor is in a text input area on
 a web page, it seems. And in some cases it even just outputs the letter
 "U" into that input, which is potentially even a fingerprinting
 information leak in some contexts. It also jeopardizes users who may have
 to quickly conceal their private activities, who would use this keyboard
 shortcut as a kind of "Boss Key" as was found on old computer games.

 I believe that this hotkey should work at all times and in all contexts as
 long as a Tor Browser window is in focus.

 Thank you to all who contribute to this wonderful and important project.
 Do not be dissuaded from your courageous work.

 Related: #17599

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #27513 [HTTPS Everywhere/EFF-HTTPS Everywhere]: Add-on for redirecting users to onion site

2018-09-06 Thread Tor Bug Tracker & Wiki 
#27513: Add-on for redirecting users to onion site
-+-
 Reporter:  cyberpunks   |  Owner:  legind
 Type:  enhancement  | Status:  new
 Priority:  Low  |  Milestone:
Component:  HTTPS Everywhere/EFF-HTTPS   |Version:
  Everywhere |
 Severity:  Normal   | Resolution:
 Keywords:   |  Actual Points:
Parent ID:   | Points:
 Reviewer:   |Sponsor:
-+-

Comment (by legind):

 It is not always clear that a user would rather access the onion service
 for a given site rather than the clearnet site.  Onion services have in
 the past suffered from problems that the clearnet sites lacked.  In
 Facebook's case, certain videos would fail to load due to improper onion
 CDN configurations and the like.  Also, accessing onion sites on TB can be
 slower than the clearnet alternatives.

 I think giving users the option to redirect to onion sites is the right
 path: perhaps an option within HTTPS Everywhere or TB that, when
 explicitly allowed, forwards a site to the onion URL.  This can be
 advertised by the HTTPS version of a site via the HTTP Alternative Service
 header, for instance. (https://tools.ietf.org/html/draft-ietf-httpbis-alt-
 svc-14)

 There is the additional problem of discovery and maintenance of such
 rulesets within HTTPS Everywhere.  What if an onion service needs to do a
 key rotation?  How is that communicated to the ruleset maintainers?  This
 can be tricky business.

 Note that with the addition of update channels in HTTPS Everywhere
 (https://github.com/EFForg/https-everywhere/blob/master/docs/en_US
 /ruleset-update-channels.md) it is now possible for some entity (say, the
 Tor Project) to publish rulesets for HTTPS Everywhere that allows users to
 opt in to being automatically forwarded to the onion-service equivalent of
 a site.

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #27514 [Webpages/Website]: Add instructions how to verify signatures on Android

2018-09-06 Thread Tor Bug Tracker & Wiki 
#27514: Add instructions how to verify signatures on Android
--+
 Reporter:  traumschule   |  Owner:  (none)
 Type:  task  | Status:  new
 Priority:  Medium|  Milestone:
Component:  Webpages/Website  |Version:
 Severity:  Normal| Resolution:
 Keywords:|  Actual Points:
Parent ID:  #3893 | Points:
 Reviewer:|Sponsor:
--+

Comment (by traumschule):

 Please help to make this more useful for less advanced users:

 1. To show the applications signature you need the app Checkey. It can be
 installed via
 [https://f-droid.org/en/packages/info.guardianproject.checkey F-Droid] or
 from [https://github.com/guardianproject/checkey source], if you know how
 to do it.

 2. APK files are signed java JAR files, so you need the application
 jarsigner or [https://developer.android.com/studio/command-line/apksigner
 apksigner]

 {{{
 jarsigner -verify -verbose -certs my_application.apk
 }}}
 or
 {{{
 apksigner: apksigner verify --print-certs application-development-
 release.apk
 }}}

 Details: https://android.stackexchange.com/questions/9312/how-can-i
 -verify-the-authenticity-of-an-apk-file-i-downloaded

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #10394 [Applications/Tor Browser]: Torbrowser's updater updates HTTPS-everywhere

2018-09-06 Thread Tor Bug Tracker & Wiki 
#10394: Torbrowser's updater updates HTTPS-everywhere
-+-
 Reporter:  StrangeCharm |  Owner:  tbb-
 |  team
 Type:  task | Status:
 |  reopened
 Priority:  Medium   |  Milestone:
Component:  Applications/Tor Browser |Version:
 Severity:  Normal   | Resolution:
 Keywords:  tbb-security, TorBrowserTeam201805,  |  Actual Points:
  https-everywhere   |
Parent ID:   | Points:
 Reviewer:   |Sponsor:
-+-

Comment (by legind):

 gk, do you see any problem with simply setting the extension update URL to
 `https://0.0.0.0/` rather than `data:text/plain,`?  This doesn't result an
 the extension load-time error.

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

[tor-bugs] #27515 [- Select a component]: video placeholder didn't work in Tor browser 8.0

2018-09-06 Thread Tor Bug Tracker & Wiki 
#27515: video placeholder didn't work in Tor browser 8.0
--+
 Reporter:  1362572   |  Owner:  (none)
 Type:  defect| Status:  new
 Priority:  Medium|  Milestone:
Component:  - Select a component  |Version:
 Severity:  Normal|   Keywords:
Actual Points:|  Parent ID:
   Points:|   Reviewer:
  Sponsor:|
--+
 noscript isn't working any more, don't show any placeholder just block the
 video when using safest level

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

[tor-bugs] #27514 [Webpages/Website]: Add instructions how to verify signatures on Android

2018-09-06 Thread Tor Bug Tracker & Wiki 
#27514: Add instructions how to verify signatures on Android
--+
 Reporter:  traumschule   |  Owner:  (none)
 Type:  task  | Status:  new
 Priority:  Medium|  Milestone:
Component:  Webpages/Website  |Version:
 Severity:  Normal|   Keywords:
Actual Points:|  Parent ID:  #3893
   Points:|   Reviewer:
  Sponsor:|
--+
 With #26531 https://www.torproject.org/docs/verifying-signatures.html
 needs a section for Android.

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #27310 [Core Tor/Tor]: Tor 0.3.4.7-rc fails to upload v3 hidden service descriptors

2018-09-06 Thread Tor Bug Tracker & Wiki 
#27310: Tor 0.3.4.7-rc fails to upload v3 hidden service descriptors
+
 Reporter:  traumschule |  Owner:  (none)
 Type:  defect  | Status:  reopened
 Priority:  High|  Milestone:  Tor: 0.3.5.x-final
Component:  Core Tor/Tor|Version:  Tor: 0.3.4.7-rc
 Severity:  Normal  | Resolution:
 Keywords:  tor-hs regression?  |  Actual Points:
Parent ID:  | Points:
 Reviewer:  |Sponsor:
+

Comment (by cstest):

 When I restart Tor instance I also delete Tor data folder and since
 "state" file is keeping HidServRevCounter my v3 hidden service will not
 working immediately.

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

[tor-bugs] #27513 [HTTPS Everywhere/EFF-HTTPS Everywhere]: Add-on for redirecting users to onion site

2018-09-06 Thread Tor Bug Tracker & Wiki 
#27513: Add-on for redirecting users to onion site
-+-
 Reporter:  cyberpunks   |  Owner:  legind
 Type:  enhancement  | Status:  new
 Priority:  Low  |  Milestone:
Component:  HTTPS Everywhere/EFF-HTTPS   |Version:
  Everywhere |
 Severity:  Normal   |   Keywords:
Actual Points:   |  Parent ID:
   Points:   |   Reviewer:
  Sponsor:   |
-+-
 Is it possible to have an add-on that redirect users to onion sites when
 possible? For examples, a user visiting https://www.qubes-os.org/ will get
 redirected to
 http://sik5nlgfc5qylnnsr57qrbm64zbdx6t4lreyhpon3ychmxmiem7tioad.onion/.

 My initial thought is that we can simply extend https-everywhere to allow
 this behavior. Also, it would be important to allow users to customize
 their redirection list since it would be hard to maintain an up-to-date
 list ourselves. Of course, we also need to warn the users not to blindly
 trust any list available on the web.

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #27310 [Core Tor/Tor]: Tor 0.3.4.7-rc fails to upload v3 hidden service descriptors

2018-09-06 Thread Tor Bug Tracker & Wiki 
#27310: Tor 0.3.4.7-rc fails to upload v3 hidden service descriptors
+
 Reporter:  traumschule |  Owner:  (none)
 Type:  defect  | Status:  reopened
 Priority:  High|  Milestone:  Tor: 0.3.5.x-final
Component:  Core Tor/Tor|Version:  Tor: 0.3.4.7-rc
 Severity:  Normal  | Resolution:
 Keywords:  tor-hs regression?  |  Actual Points:
Parent ID:  | Points:
 Reviewer:  |Sponsor:
+
Changes (by cstest):

 * Attachment "log.txt.gz" added.


--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #8415 [Core Tor/Tor]: Use event_set_mem_functions

2018-09-06 Thread Tor Bug Tracker & Wiki 
#8415: Use event_set_mem_functions
--+
 Reporter:  nickm |  Owner:  rl1987
 Type:  enhancement   | Status:  needs_revision
 Priority:  Medium|  Milestone:  Tor:
  |  0.3.5.x-final
Component:  Core Tor/Tor  |Version:
 Severity:  Normal| Resolution:
 Keywords:  easy backend libevent malloc  |  Actual Points:
Parent ID:| Points:
 Reviewer:|Sponsor:
--+

Comment (by rl1987):

 It seems that `CRYPTO_set_mem_ex_functions` is no longer present in modern
 OpenSSL. I added a call to `CRYPTO_set_mem_functions` in
 fd9d51c5fce9d2a3539c2f18665c3af1a8941d58.

 However, on my Vagrant VM (which has OpenSSL 1.1.0f) there are following
 compiler warnings:
 {{{
 src/core/mainloop/main.c: In function ‘tor_run_main’:
 src/core/mainloop/main.c:4240:28: warning: passing argument 1 of
 ‘CRYPTO_set_mem_functions’ from incompatible pointer type [-Wincompatible-
 pointer-types]
CRYPTO_set_mem_functions(tor_malloc_,
 ^~~
 In file included from /usr/include/openssl/bn.h:33:0,
  from /usr/include/openssl/engine.h:23,
  from ./src/lib/crypt_ops/crypto_openssl_mgt.h:17,
  from ./src/lib/crypt_ops/crypto_curve25519.h:15,
  from ./src/lib/crypt_ops/crypto_ed25519.h:14,
  from ./src/core/or/channel.h:15,
  from src/core/mainloop/main.c:56:
 /usr/include/openssl/crypto.h:262:5: note: expected ‘void * (*)(size_t,
 const char *, int) {aka void * (*)(long unsigned int,  const char *,
 int)}’ but argument is of type ‘void * (*)(size_t) {aka void * (*)(long
 unsigned int)}’
  int CRYPTO_set_mem_functions(
  ^~~~
 src/core/mainloop/main.c:4241:28: warning: passing argument 2 of
 ‘CRYPTO_set_mem_functions’ from incompatible pointer type [-Wincompatible-
 pointer-types]
 tor_realloc_,
 ^~~~
 In file included from /usr/include/openssl/bn.h:33:0,
  from /usr/include/openssl/engine.h:23,
  from ./src/lib/crypt_ops/crypto_openssl_mgt.h:17,
  from ./src/lib/crypt_ops/crypto_curve25519.h:15,
  from ./src/lib/crypt_ops/crypto_ed25519.h:14,
  from ./src/core/or/channel.h:15,
  from src/core/mainloop/main.c:56:
 /usr/include/openssl/crypto.h:262:5: note: expected ‘void * (*)(void *,
 size_t,  const char *, int) {aka void * (*)(void *, long unsigned int,
 const char *, int)}’ but argument is of type ‘void * (*)(void *, size_t)
 {aka void * (*)(void *, long unsigned int)}’
  int CRYPTO_set_mem_functions(
  ^~~~
 src/core/mainloop/main.c:4242:28: warning: passing argument 3 of
 ‘CRYPTO_set_mem_functions’ from incompatible pointer type [-Wincompatible-
 pointer-types]
 tor_free_);
 ^
 In file included from /usr/include/openssl/bn.h:33:0,
  from /usr/include/openssl/engine.h:23,
  from ./src/lib/crypt_ops/crypto_openssl_mgt.h:17,
  from ./src/lib/crypt_ops/crypto_curve25519.h:15,
  from ./src/lib/crypt_ops/crypto_ed25519.h:14,
  from ./src/core/or/channel.h:15,
  from src/core/mainloop/main.c:56:
 /usr/include/openssl/crypto.h:262:5: note: expected ‘void (*)(void *,
 const char *, int)’ but argument is of type ‘void (*)(void *)’
  int CRYPTO_set_mem_functions(
  ^~~~
 }}}

 Do we disregard these? It compiles without warnings on macOS (OpenSSL
 1.1.0i) and on CI. OpenSSL declares their memory management functions with
 `char *` arguments, which is weird.

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #22582 [Applications/Tor Browser]: www.nexusmods.com not working properly in TOR

2018-09-06 Thread Tor Bug Tracker & Wiki 
#22582: www.nexusmods.com not working properly in TOR
---+--
 Reporter:  WalrusInAnus   |  Owner:  tbb-team
 Type:  defect | Status:  reopened
 Priority:  Medium |  Milestone:
Component:  Applications/Tor Browser   |Version:
 Severity:  Normal | Resolution:
 Keywords:  tbb-usability-website, cloudflare  |  Actual Points:
Parent ID:  #18361 | Points:
 Reviewer: |Sponsor:
---+--

Comment (by gk):

 Resolved #27509 as a duplicate.

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #27510 [Applications/Tor Browser]: Bookmark sidebar

2018-09-06 Thread Tor Bug Tracker & Wiki 
#27510: Bookmark sidebar
--+---
 Reporter:  isnaiter  |  Owner:  tbb-team
 Type:  defect| Status:  needs_information
 Priority:  Medium|  Milestone:
Component:  Applications/Tor Browser  |Version:
 Severity:  Trivial   | Resolution:
 Keywords:  bookmark sidebar  |  Actual Points:
Parent ID:| Points:
 Reviewer:|Sponsor:
--+---

Comment (by isnaiter):

 Replying to [comment:1 gk]:
 > What is the issue here? Can you give us some steps to reproduce it?

 I have some bookmarks in my Tor, and I use the sidebar, when I open Tor
 sidebar is there, but when I do "New Identity", the sidebar hides, then I
 hit "Show sidebars" button in toolbar to it appears again.

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #27509 [Community/Outreach]: Captcha not showing on nexusmods.com

2018-09-06 Thread Tor Bug Tracker & Wiki 
#27509: Captcha not showing on nexusmods.com
+---
 Reporter:  WalrusInAnus|  Owner:  alison
 Type:  defect  | Status:  closed
 Priority:  Medium  |  Milestone:
Component:  Community/Outreach  |Version:
 Severity:  Blocker | Resolution:  duplicate
 Keywords:  |  Actual Points:
Parent ID:  | Points:
 Reviewer:  |Sponsor:
+---
Changes (by gk):

 * status:  new => closed
 * resolution:   => duplicate


Comment:

 Resolving this as duplicate of #22582 as this is likely a related issue.

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #26381 [Applications/Tor Browser]: about:tor page does not load on first start on Windows and browser is stuck in endless reload cycle

2018-09-06 Thread Tor Bug Tracker & Wiki 
#26381: about:tor page does not load on first start on Windows and browser is 
stuck
in endless reload cycle
-+-
 Reporter:  gk   |  Owner:
 |  pospeselr
 Type:  defect   | Status:
 |  needs_review
 Priority:  Very High|  Milestone:
Component:  Applications/Tor Browser |Version:
 Severity:  Normal   | Resolution:
 Keywords:  tbb-torbutton, ff60-esr, |  Actual Points:
  TorBrowserTeam201808R, TorBrowserTeam201809R   |
Parent ID:   | Points:
 Reviewer:   |Sponsor:
-+-
Changes (by pospeselr):

 * keywords:  tbb-torbutton, ff60-esr, TorBrowserTeam201808R,
 TorBrowserTeam201809 => tbb-torbutton, ff60-esr,
 TorBrowserTeam201808R, TorBrowserTeam201809R


Comment:

 Patch for tor-launcher: https://gitweb.torproject.org/user/richard/tor-
 
launcher.git/commit/?h=bug_26381=1c660a194b9be54671735db4316fe4bbfb0db4a3=10=0=1

 Verified this change is working as expected, no more dead tabs!

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #27510 [Applications/Tor Browser]: Bookmark sidebar

2018-09-06 Thread Tor Bug Tracker & Wiki 
#27510: Bookmark sidebar
--+---
 Reporter:  isnaiter  |  Owner:  tbb-team
 Type:  defect| Status:  needs_information
 Priority:  Medium|  Milestone:
Component:  Applications/Tor Browser  |Version:
 Severity:  Trivial   | Resolution:
 Keywords:  bookmark sidebar  |  Actual Points:
Parent ID:| Points:
 Reviewer:|Sponsor:
--+---
Changes (by gk):

 * status:  new => needs_information
 * owner:  (none) => tbb-team
 * component:  Applications => Applications/Tor Browser


Comment:

 What is the issue here? Can you give us some steps to reproduce it?

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #26624 [Applications/Tor Browser]: NoScript blocks on Standard-Safer security setting in 8.0a9 contrary to behavior in 8.0a8

2018-09-06 Thread Tor Bug Tracker & Wiki 
#26624: NoScript blocks  on Standard-Safer security setting in 8.0a9
contrary to behavior in 8.0a8
-+-
 Reporter:  cypherpunks  |  Owner:  tbb-
 |  team
 Type:  defect   | Status:  new
 Priority:  Medium   |  Milestone:
Component:  Applications/Tor Browser |Version:
 Severity:  Normal   | Resolution:
 Keywords:  tbb-security-slider, noscript,   |  Actual Points:
  tbb-8.0-issues, tbb-regression |
Parent ID:   | Points:
 Reviewer:   |Sponsor:
-+-
Changes (by gk):

 * keywords:  ff60-esr, tbb-security-slider, noscript => tbb-security-
 slider, noscript, tbb-8.0-issues, tbb-regression


--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #25658 [Applications/Tor Browser]: Activity 2.1: Improve user understanding and user control by clarifying Tor Browser's security features

2018-09-06 Thread Tor Bug Tracker & Wiki 
#25658: Activity 2.1: Improve user understanding and user control by clarifying 
Tor
Browser's security features
---+---
 Reporter:  isabela|  Owner:  antonela
 Type:  project| Status:  assigned
 Priority:  High   |  Milestone:
Component:  Applications/Tor Browser   |Version:
 Severity:  Normal | Resolution:
 Keywords:  ux-team, TorBrowserTeam201805  |  Actual Points:
Parent ID: | Points:
 Reviewer: |Sponsor:  Sponsor17
---+---
Changes (by gk):

 * cc: isnaiter (added)


Comment:

 #27511 is a duplicate (for the "New Identity" on the toolbar part).

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #27511 [Applications/Tor Browser]: New identity button

2018-09-06 Thread Tor Bug Tracker & Wiki 
#27511: New identity button
--+---
 Reporter:  isnaiter  |  Owner:  tbb-team
 Type:  enhancement   | Status:  closed
 Priority:  Medium|  Milestone:
Component:  Applications/Tor Browser  |Version:
 Severity:  Normal| Resolution:  duplicate
 Keywords:|  Actual Points:
Parent ID:| Points:
 Reviewer:|Sponsor:
--+---
Changes (by gk):

 * status:  new => closed
 * resolution:   => duplicate


Comment:

 Yes, we are working on that during our security slider redesign. This is
 done in #25658, thus marking this bug as a duplicate.

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #27507 [Applications/Tor Browser]: DuckDuckGo can't be used without JS in Tor Browser 8 anymore

2018-09-06 Thread Tor Bug Tracker & Wiki 
#27507: DuckDuckGo can't be used without JS in Tor Browser 8 anymore
+--
 Reporter:  gk  |  Owner:  tbb-team
 Type:  defect  | Status:  new
 Priority:  Medium  |  Milestone:
Component:  Applications/Tor Browser|Version:
 Severity:  Normal  | Resolution:
 Keywords:  tbb-8.0-issues, tbb-regression  |  Actual Points:
Parent ID:  | Points:
 Reviewer:  |Sponsor:
+--

Comment (by h1n1):

 is another problem related to noscript-TB communication

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #27507 [Applications/Tor Browser]: DuckDuckGo can't be used without JS in Tor Browser 8 anymore

2018-09-06 Thread Tor Bug Tracker & Wiki 
#27507: DuckDuckGo can't be used without JS in Tor Browser 8 anymore
+--
 Reporter:  gk  |  Owner:  tbb-team
 Type:  defect  | Status:  new
 Priority:  Medium  |  Milestone:
Component:  Applications/Tor Browser|Version:
 Severity:  Normal  | Resolution:
 Keywords:  tbb-8.0-issues, tbb-regression  |  Actual Points:
Parent ID:  | Points:
 Reviewer:  |Sponsor:
+--

Comment (by h1n1):

 this happen all time a set high security level in TB and don't close and
 reopen TB

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #20700 [Core Tor/Tor]: prop224: Implement standard client authorization

2018-09-06 Thread Tor Bug Tracker & Wiki 
#20700: prop224: Implement standard client authorization
-+-
 Reporter:  dgoulet  |  Owner:  haxxpop
 Type:  enhancement  | Status:
 |  needs_review
 Priority:  Very High|  Milestone:  Tor:
 |  0.3.5.x-final
Component:  Core Tor/Tor |Version:
 Severity:  Normal   | Resolution:
 Keywords:  prop224, tor-hs, 035-roadmap-|  Actual Points:
  master, 035-triaged-in-20180711|
Parent ID:  #25955   | Points:  3
 Reviewer:  nickm|Sponsor:
-+-
Changes (by dgoulet):

 * status:  needs_revision => needs_review


Comment:

 Revisions have been pushed in the PR. For some reasons, the OSX clang
 Travis build failed during "setup" so I don't know how to restart that but
 everything else is green.

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #27512 [Core Tor/sbws]: Stop making disk space syscalls

2018-09-06 Thread Tor Bug Tracker & Wiki 
#27512: Stop making disk space syscalls
---+--
 Reporter:  juga   |  Owner:  juga
 Type:  defect | Status:  needs_review
 Priority:  Medium |  Milestone:
Component:  Core Tor/sbws  |Version:
 Severity:  Normal | Resolution:
 Keywords: |  Actual Points:
Parent ID: | Points:
 Reviewer: |Sponsor:
---+--
Changes (by juga):

 * status:  assigned => needs_review


--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #27512 [Core Tor/sbws]: Stop making disk space syscalls

2018-09-06 Thread Tor Bug Tracker & Wiki 
#27512: Stop making disk space syscalls
---+--
 Reporter:  juga   |  Owner:  juga
 Type:  defect | Status:  assigned
 Priority:  Medium |  Milestone:
Component:  Core Tor/sbws  |Version:
 Severity:  Normal | Resolution:
 Keywords: |  Actual Points:
Parent ID: | Points:
 Reviewer: |Sponsor:
---+--

Comment (by juga):

 https://github.com/torproject/sbws/pull/250

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #27451 [Core Tor/Tor]: Refactor socket closing in tor_tls_free()

2018-09-06 Thread Tor Bug Tracker & Wiki 
#27451: Refactor socket closing in tor_tls_free()
-+-
 Reporter:  nickm|  Owner:  nickm
 Type:  defect   | Status:
 |  assigned
 Priority:  Medium   |  Milestone:  Tor:
 |  0.3.5.x-final
Component:  Core Tor/Tor |Version:
 Severity:  Normal   | Resolution:
 Keywords:  035-roadmap-master, 035-triaged- |  Actual Points:
  in-20180711|
Parent ID:  #26631   | Points:
 Reviewer:   |Sponsor:
-+-

Comment (by nickm):

 My first attempt at addressing this was in
 b5fddbd24144a94580e50886cd07a82968a1b86c, but that caused bug #27500, and
 had to be reverted with 22e24031452d57852e83738bacfff012439f0258.

 I see two possible solutions here:
   * Find some way to make NSS follow OpenSSL's behavior, and let us free
 the connection without closing the fd.
   * Have OpenSSL follow NSS's behavior (which will be easy) -- and adjust
 our connection code to tolerate that behavior.  (This is what I tried to
 do before).

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #27512 [Core Tor/sbws]: Stop making disk space syscalls (was: Stop making syscalls)

2018-09-06 Thread Tor Bug Tracker & Wiki 
#27512: Stop making disk space syscalls
---+--
 Reporter:  juga   |  Owner:  juga
 Type:  defect | Status:  assigned
 Priority:  Medium |  Milestone:
Component:  Core Tor/sbws  |Version:
 Severity:  Normal | Resolution:
 Keywords: |  Actual Points:
Parent ID: | Points:
 Reviewer: |Sponsor:
---+--

Comment (by juga):

 Edit which type of syscalls

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

[tor-bugs] #27512 [Core Tor/sbws]: Stop making syscalls

2018-09-06 Thread Tor Bug Tracker & Wiki 
#27512: Stop making syscalls
---+--
 Reporter:  juga   |  Owner:  juga
 Type:  defect | Status:  assigned
 Priority:  Medium |  Milestone:
Component:  Core Tor/sbws  |Version:
 Severity:  Normal |   Keywords:
Actual Points: |  Parent ID:
   Points: |   Reviewer:
  Sponsor: |
---+--
 In #26937#comment:4 it was commented that some systems might not allow
 syscalls.
 Documentation was added but the code with syscalls too.

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #27487 [Community/Outreach]: I can't log into TOR, instead get the below message. What's up with that?

2018-09-06 Thread Tor Bug Tracker & Wiki 
#27487: I can't log into TOR, instead get the below message. What's up with 
that?
+
 Reporter:  Yepper  |  Owner:  alison
 Type:  defect  | Status:  new
 Priority:  Medium  |  Milestone:
Component:  Community/Outreach  |Version:
 Severity:  Normal  | Resolution:
 Keywords:  |  Actual Points:
Parent ID:  | Points:
 Reviewer:  |Sponsor:
+
Changes (by rl1987):

 * owner:  (none) => alison
 * component:  - Select a component => Community/Outreach


--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #27509 [Community/Outreach]: Captcha not showing on nexusmods.com

2018-09-06 Thread Tor Bug Tracker & Wiki 
#27509: Captcha not showing on nexusmods.com
+
 Reporter:  WalrusInAnus|  Owner:  alison
 Type:  defect  | Status:  new
 Priority:  Medium  |  Milestone:
Component:  Community/Outreach  |Version:
 Severity:  Blocker | Resolution:
 Keywords:  |  Actual Points:
Parent ID:  | Points:
 Reviewer:  |Sponsor:
+
Changes (by rl1987):

 * owner:  (none) => alison
 * component:  - Select a component => Community/Outreach


--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #27511 [Applications/Tor Browser]: New identity button

2018-09-06 Thread Tor Bug Tracker & Wiki 
#27511: New identity button
--+--
 Reporter:  isnaiter  |  Owner:  tbb-team
 Type:  enhancement   | Status:  new
 Priority:  Medium|  Milestone:
Component:  Applications/Tor Browser  |Version:
 Severity:  Normal| Resolution:
 Keywords:|  Actual Points:
Parent ID:| Points:
 Reviewer:|Sponsor:
--+--
Changes (by rl1987):

 * owner:  (none) => tbb-team
 * component:  - Select a component => Applications/Tor Browser


--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

[tor-bugs] #27511 [- Select a component]: New identity button

2018-09-06 Thread Tor Bug Tracker & Wiki 
#27511: New identity button
--+
 Reporter:  isnaiter  |  Owner:  (none)
 Type:  enhancement   | Status:  new
 Priority:  Medium|  Milestone:
Component:  - Select a component  |Version:
 Severity:  Normal|   Keywords:
Actual Points:|  Parent ID:
   Points:|   Reviewer:
  Sponsor:|
--+
 Please, make possible to put a "new identity button" in the toolbar.

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

[tor-bugs] #27510 [Applications]: Bookmark sidebar

2018-09-06 Thread Tor Bug Tracker & Wiki 
#27510: Bookmark sidebar
--+--
 Reporter:  isnaiter  |  Owner:  (none)
 Type:  defect| Status:  new
 Priority:  Medium|  Milestone:
Component:  Applications  |Version:
 Severity:  Trivial   |   Keywords:  bookmark sidebar
Actual Points:|  Parent ID:
   Points:|   Reviewer:
  Sponsor:|
--+--
 Bookmark sidebar hides after "new identity".

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #27484 [Applications/Tor Browser]: Onboarding: unintuitive not-navigation buttons, starting with "Circuit Display" / "See My Path"

2018-09-06 Thread Tor Bug Tracker & Wiki 
#27484: Onboarding: unintuitive not-navigation buttons, starting with "Circuit
Display" / "See My Path"
-+-
 Reporter:  dmr  |  Owner:  tbb-
 |  team
 Type:  defect   | Status:  new
 Priority:  Medium   |  Milestone:
Component:  Applications/Tor Browser |Version:
 Severity:  Normal   | Resolution:
 Keywords:  tbb-8.0-issues, tbb-onboarding, ux-  |  Actual Points:
  team   |
Parent ID:   | Points:
 Reviewer:   |Sponsor:
-+-

Comment (by dmr):

 Replying to [comment:4 mcs]:
 > Regarding navigation: as I mentioned in ticket:27483#comment:2, I
 believe that Firefox only provides navigation between panels via the left
 hand side buttons. I agree it can be confusing to train people that the
 right button is for "go to the next panel" and then change the behavior
 part way through the onboarding sequence. Maybe the UX team should test
 this with more people and decide what is best.

 I believe that the behavior should be consistent for each screen. Thus,
 either of these options should do that:
 * remove the buttons on the first few screens that navigate for the user
 * make the "not-navigation" buttons //also// advance the screen to the
 next, in addition to their current effects

 Another part of the switch in behavior that was really confusing was the
 //lack of description// for what was going to happen. Doing things in a
 different tab is fairly unexpected / "jumpy" from a UX perspective - if
 there was some wording that "forewarned" the user, I think that the
 opening of a new tab wouldn't have been so confusing.

 Just to reiterate and tie pieces of earlier comments together...
 I said:
 > Nothing in the "Circuit Display" paragraph indicates it will have a
 different effect than that.
 > [...]
 > A similar thing happens for "Security" / "Review Settings" and
 "Experience Tips" / "See FAQs". However, for "Security", the text in the
 paragraph does indicate that something else will happen in response to the
 button click.

 arma said:
 > Right. I was going through the onboarding, everything was cool, I
 clicked "See my path" and now I have a tab open to duckduckgo. [...]

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

  1   2   >