tor-project November 2018

tor-project@lists.torproject.org

28 participants
33 discussions

Public beta testing of OONI Probe mobile apps
by Maria Xynou 19 Nov '18

19 Nov '18

Hello, Thanks to great feedback provided by the community, the OONI team has been working on revamping and improving upon the OONI Probe mobile apps. Today, we are excited to announce that we have released the public beta! To further improve upon the apps before the stable release, we invite you to become beta testers and to report any bugs/issues. # Becoming a beta tester On Android: * Sign up to the beta: https://play.google.com/apps/testing/org.openobservatory.ooniprobe * Update your OONI Probe mobile app (to get the public beta) from Google Play On iOS: * Tap on this link from your device and follow the instructions: https://testflight.apple.com/join/rh3Ig7fE # Reporting issues Once you have installed and played around with the public beta of the OONI Probe mobile apps, we encourage you to report any issues you encounter. You can file tickets on the following GitHub repositories: * OONI Probe (all platforms): https://github.com/ooni/probe/issues * OONI Probe for Android: https://github.com/ooni/probe-android/issues * OONI Probe for iOS: https://github.com/ooni/probe-ios/issues Please check if the problem you are encountering has already been reported. If you’re not a GitHub user, you can share your feedback with us by writing an email to contact(a)openobservatory.org. Your feedback and bug reporting is hugely appreciated, as it will help us launch better apps! Thanks a million, and happy testing! ~ The OONI team. -- Maria Xynou Research & Partnerships Director Open Observatory of Network Interference (OONI) https://ooni.torproject.org/ PGP Key Fingerprint: 2DC8 AFB6 CA11 B552 1081 FBDE 2131 B3BE 70CA 417E

1 0

Tor as critical infrastructure
by Roger Dingledine 19 Nov '18

19 Nov '18

Tor is critical infrastructure across several very different spectra: - The underlying Tor proxy is the component that many internet freedom projects, from Briar to Onion Browser, rely on for their security properties. - The Tor Project is the origin and center of the pluggable transports idea, where our modularity means that tools like Lantern and Tunnelbear can (and do) directly reuse our obfs4 system for their own censorship circumvention goals. - OONI is increasingly becoming recognized as a core building block in assessing and understanding Internet censorship around the world. - Our browser changes in Tor Browser are changing the landscape of browser security, for example with Firefox declaring fingerprinting resistance as one of their top next priorities, and with Firefox and Brave and others wanting to bake Tor in to their "actually private browser mode" plans. - Facebook, New York Times, Securedrop, and many others have adopted Tor onion services as a safer security layer ("like https but better") for their users to reach their websites and other services. Some years ago the US Congress asked DRL to do a study of their funded projects, and one of the findings was that Tor was central to half of their projects at the time: https://www.rand.org/pubs/research_reports/RR794.html (see pages 73-74) That is, those projects wouldn't be able to accomplish their goals without relying on Tor for security and privacy and censorship resistance. We've always known Tor was in the middle of many efforts to improve lives around the world, but we would be wise to write this up in a way that others can recognize. Here are some potential concrete next steps: * A blog post with the above details and others that we brainstorm, to pull together all the parts of Tor that are critical infrastructure for other projects. * A condensed version for our future website, so the topic doesn't get lost in an old blog post. * A brochure-sized version that we can print out and give out at booths and conferences, alongside the "run a relay" advocacy brochures. * An intermediate-size version that we can use in funding proposals to remind funders of our critical role in this space -- not just for the traditional "internet freedom" funders but also for foundations and major donors and others who need help understanding our world. (On this last point, I had a discussion with one of our DRL program managers about Tor-as-critical-infrastructure, and he reminded me that DRL's charter is to not fund infrastructure. But even that is fine: everybody wants to see the stuff they fund get transitioned to broader use, and even when we aren't asking them to fund "infrastructure" directly, we can show them our consistent track record: "when you fund Tor things, it always ends up benefiting a much larger ecosystem.") --Roger

2 2

October Communications Report
by Stephanie A. Whited 16 Nov '18

16 Nov '18

Hi Tor, In October, the comms teams helped launch our end of year fundraising campaign. We’ve been working with The Berkeley Group on a brand perception study we can use to help create a marketing strategy next year. And I worked with Isa and Antonela on mockups for the new TPO site coming soon. October comms in numbers and links: New blog posts https://blog.torproject.org/strength-numbers-double-your-donation-mozillas-… https://blog.torproject.org/reflections-tor-meeting-newbie Twitter avg at least 3 tweets/weekday New followers: 3,894 Top tweets: https://twitter.com/torproject/status/1049370119338713088 https://twitter.com/torproject/status/1049328916790480901 https://twitter.com/torproject/status/1050381224554975233 Mastodon at least 1 post/week New followers: 290 LinkedIn at least 1 post/week New followers: 71 Facebook 1 post/weekday New followers: 193 Instagram at least 1 post/month New followers: 72 Newsletter 1/month https://newsletter.torproject.org/archive/2018-10-31-newbie-reflections-moz… Notable press https://techcrunch.com/2018/10/24/mozilla-tor-project/ https://www.zdnet.com/article/advertisers-can-track-users-across-the-intern… https://motherboard.vice.com/en_us/article/zm9jd4/old-school-sniffing-attac… -steph -- Stephanie A. Whited Communications Director The Tor Project IRC: stephw PGP Key ID: 39A876AD <https://pgp.mit.edu/pks/lookup?op=get&search=0x6D6B72C339A876AD>

1 0

October 2018 report for the ux team
by Antonela Debiasi 16 Nov '18

16 Nov '18

Hello Tor, We started October in the beautiful Mexico City. We met a lot of tor users in Mexico, and we got a lot of insightful discussions. Thanks Community team! We continued working with Tor Browser security settings. We are trying hard to make clear for our users to understand the trade-offs of picking each level. It is a work in progress now and will reach the stable channel soon. Reading the ticket could be overwhelming, but you can have an overview of our iterations looking at the attachments: https://trac.torproject.org/projects/tor/attachment/ticket/25658 Towards our intention to have more open conversations and share the work we are doing, we released the first documentation for one of the big projects we handled this year. Next scheduled docs include .onion security padlock and onboarding in TB8. Thanks, Pili for uploading it and Hiro for your review! https://trac.torproject.org/projects/tor/wiki/org/teams/UxTeam/Misc/Circuit… We are trying to find the most useful way to report the usability research we are running around the global south. As I mentioned in the previews recaps, we were using the ticket #27010 to archive our sessions. In addition to that, we put together a framework for reporting our usability testing. It captures a lot of data that shows the feature's history through development and UX. We already started to use it to inform our recent research on the Tor Browser, and we will have our first reports coming out soon. https://storm.torproject.org/shared/KaJn4JRxGajVno961aLOfqJs-8AsfIvGn-4e_5h… Also last month, we surveyed our community to pick the next Tor Browser Icon (!). The results were informed, and the applications team is already working on its implementation. Thanks all for participate! You can see the new Tor Browser icon here: https://trac.torproject.org/projects/tor/ticket/25702#comment:8 OONI released a newly redesigned version of Probe. We did design reviews with Elio and the OONI team to achieve the best experience for probers and researchers when they measure networks with their phones. Great work ooniers! https://lists.torproject.org/pipermail/ux/2018-October/000430.html The End of Year campaign is running, and we provided support to the Fundraising team with marketing material to promote it. We have banners running in different locales at torproject.org, Tor Browser and Tor Browser for Android. http://donate.torproject.org/ On behalf of the Tor UX team, Antonela

1 0

community team update, October 2018
by Alison Macrina 16 Nov '18

16 Nov '18

October 2018 Community Team highlights Meeting notes ================================================================== https://trac.torproject.org/projects/tor/wiki/org/teams/CommunityTeam#Curre… Tor Meeting ================================================================= We held the Mexico City meeting and it was amazing! You can read the notes from that meeting here [1]. Several Tor people including Gus and Antonela gave talks "Coloquio Academico Mecanismos de Privacidad y Anonimato en Redes" at UNAM after the Tor Meeting. Later in October, Alison sent out a survey for the next Tor Meeting location and dates to all core contributors (and the winner is Athens, May 2019) Community portal, support portal, and user advocacy ================================================================== We mapped out our needs for community.torproject.org and began working on outreach material for that portal along with the UX team. Maggie took on more user advocate responsibilities and continued the monthly user issues update email. Anti-censorship ================================================================== In October, Kat began work writing and aggregating reports about Tor's anti-censorship efforts. Localization ================================================================== emmapeel localized donate.torproject.org, got Chinese added to support.torproject.org, and added screenshots in Transifex. Library Freedom Institute ================================================================== Alison began migrating LFI content to a wiki. The LFI cohort completed weeks 19-22 of their training. Library Freedom also started a website redesign, which we will debut soon! Tor talks and outreach ================================================================== Maggie and Cybelle held a "Demystifying Tor" workshop at MozFest Alison submitted the CFP for the UX and community teams to talk at IFF. She also worked on planning for the two teams to attend that conference together. Roger submitted a talk to FOSDEM, Steph requested a stand, and ahf made a wiki for Tor people attending [2]. Gus is working on creating volunteer projects for students at the University of Sao Paulo (USP). Gus gave a Tor talk to students of LabJor [3] and gave a security workshop in Sao Paolo. Gus also organized travel to Guatemala to give a Tor talk and organized a security workshop at BIENAL in Sao Paolo. Relay advocacy ================================================================== Colin is working with a VPN company on deploying some exit relays. He also updated the obfsproxy bridge deployment instructions and identified primary documentation [4] and sent a moderation email to tor-relays [5]. He worked on deploying VMs for fallback directory list rebuilding and updated the fallback list in preparation for rebuild. Finally, Colin contacted operators running EOL versions of Tor and encouraged them to upgrade. ================================================================== [1] https://trac.torproject.org/projects/tor/wiki/org/meetings/2018MexicoCity/N… [2] https://trac.torproject.org/projects/tor/wiki/org/meetings/2019Brussels [3] http://www.labjor.unicamp.br/ [4] https://trac.torproject.org/projects/tor/wiki/doc/PluggableTransports/obfs4… [5] https://lists.torproject.org/pipermail/tor-relays/2018-October/016524.html -- Alison Macrina Community Team Lead The Tor Project

1 0

My first day as ED
by isabela 16 Nov '18

16 Nov '18

Hello Tor! We are officially done with the transition process! This means that I am now (for realz) Tor’s ED :) Shari will be in a consultant position till the end of the year, and starting 2019 she will join our Board. If you haven’t seen yet, here is her blog post on it: https://blog.torproject.org/strength-numbers-onion-blooms I wanted to write this note to you so we can review a bit of what was done during this transition period and how that lines up with some of the points I had on my (short term) vision for Tor. Some might remember the IRC chat after my nomination, where I shared a few bullet points of areas I would like Tor to focus on in the short term. Most of these are not new and are things that Tor (TPO+TPI) have been talking about for a while and know we should be doing. Let’s start with the goals related to: 1 - A Mature Tor Project (organization/community) 1.1 - Stable income flows from a diverse funding base ^ We built a Fundraising team (Sarah, Fundraising Director; and Al, Grant Writer) and equipped Sue (CFO) with a Finance team (Bekeela, Grant Manager; and Millicent, Bookkeeper) to help us achieve this goal. This is what I am calling our ‘money machine.’ They will work together with our new PMs (Gaba and Pili) on proposals and also on other sources of income for Tor (major donors, family foundations, direct donations, etc.). This team is meeting weekly to sync on all of the different grants, proposals, and fundraising campaigns we are working on or plan to do in the upcoming months. We also maintain a calendar where we will try to have at least 1 initiative per month related to bringing in money. Back in September, we created a calendar that goes till January, and in early 2019 we will have another big meeting where we will plan for the first 6 months of 2019 (the remaining time of our current fiscal year). 1.2 - Diverse and robust organization that meets our needs ^ A lot that I will be talking about in this email reflects on this goal. 1.3 - Strong organizational culture, focused on employee and volunteer happiness and stability ^ Shari did a lot of this already, from employee benefits and salary adjustments, to workshops at dev meetings (unconscious bias and the culture clash one in Mexico, for instance). A lot has been done, and of course there is still a lot to do. That is why I kept this goal here. For now I will just bring up one thing that I believe is important and we need to do. Tor has a culture, but we should be able to articulate our culture and define it so others know what it means, so most importantly, we don’t lose it as we grow. I just want to drop this here as a seed for others to think about it as well. We will resume this conversation in 2019 for sure! 1.4 - Global brand recognition - Tor means strong privacy ^ The Berkeley Group [theberkeleygroup.org] is a student organization of UC Berkeley that provides services to nonprofits for free or at a low cost. We contracted with them to research Tor’s brand perception by different demographics in the US and to provide us with suggestions of convincing points to improve our brand image, along with suggestions of channels we could use in a marketing strategy to help with that. We will be sharing all of this once it’s done, but we will use this to build a marketing strategy for 2019. Marketing means, as part of communications, how we will pitch to donors, how we do outreach, our website content, and the list goes on. It’s a bit of everything, but we should digest what The Berkeley Group delivers to us and figure out how we apply that in real life. Like the goal says, Tor should mean strong privacy for people, and all this work is to achieve that perception of our brand. Now let’s move to the other set of goals I had for product: 2 - Full Access (product) 2.1 - Any person on the planet can access the Tor Network ^There are a few things related to this goal, for instance people need to be able to bypass censorship against Tor to access the network. Also, we need to have clients that work on any device and any OS so we can really provide a way for *anyone* to access the Tor network. Of course both things are mega hard, and that’s ok. The goal here is for us to think about the challenges to get there and figure out how to get started. This year, mobile has been on our minds :) not only with releasing a mobile browser, but also with optimizing little t tor for mobile apps. We are also creating an anti-censorship team and building projects that will require different teams to work together to fix problems related to the user experience under censorship. 2.2 - Any person on the planet can use the Tor Network to access any website or online services ^Same thing, we can think of many different types of work that would help us achieve this goal. The work being done by our Community and UX teams, where folks are going to different countries, meeting communities at-risk, learning their needs, teaching them about online security and collecting their feedback on our tools is fundamental for us to achieve the *can use* part. And this goes too for the *can access* part of the goal 2.1, above this one. Goal 2.2 also is about accessing websites and online services. The painful captchas are a challenge we need to address, because this is a big complaint users have related to using Tor. At least some things have improved with CloudFlare and their alt-svc for .onion addresses solution, which is good. There is more to do, and this is a hard one to address, but we can’t ignore it just because it is hard. We should at least put our minds on it and see what can be done, and little by little we can get there. 2.3 - Ensure Tor Network is diverse, healthy, stable and scalable ^None of the above can be done if this one is not happening. To achieve this goal we will need a combination of efforts, like help from our research community and metrics and OONI teams, which can provide us with valuable information that can help us make new design decisions, monitor our network and test new code. Of course our network team is very important for this goal :) But we will need to add support for areas where we are under capacity right now, like monitoring the health of the network to make sure there is no malicious behavior or attacks on it. Sorry for the long email. Since today is considered my first day as ED, I thought it would be nice to go back to these goals and share a bit of how we can be working together to achieve those, and how the new people can help us too. I want to recognize that I am probably missing other goals we should be thinking about for the next 3 years. I would like to hear other thoughts, and I would like to do an update on this list at the meeting in Greece. This is the beginning of a conversation, not the end. I hope to have a chance to host a ‘tea time’ on irc before the end of the year for us to chat. Please hold me on that! I am mega busy, but I would really like to try that out before 2019. Cheers, Isabela PS: tons of <3 for Shari, who has been extremely amazing and who I will forever be thankful for her support, guidance, and help.

1 0

OONI Monthly Report: October 2018
by Maria Xynou 16 Nov '18

16 Nov '18

Hello Tor world, In October 2018, the OONI team co-published a new research report, in collaboration with DefendDefenders, examining Uganda's social media tax through the analysis of network measurements. We wrote new OONI Probe nettest specifications, improved our heuristics for semi-automated blockpage and blockserver detection, completed a list of improvements to the monitoring of OONI services, and released a private internal beta of the revamped OONI Probe mobile pps. We also facilitated an OONI workshop at MozFest and participated at the OTF Summit. ## Report on Uganda's Social Media Tax In collaboration with our Ugandan partners, DefendDefenders, we co-published a new research report tited: "Uganda's Social Media Tax through the lens of network measurements". Our joint report is available here: https://ooni.io/post/uganda-social-media-tax/ As part of our latest study, we examine the blocking of social media & circumvention tools across ISPs in Uganda through the analysis of OONI network measurements. Over the last months, we have published the following 5 research reports (in collaboration with our partners): 1. The State of Internet Censorship in Venezuela: https://ooni.torproject.org/post/venezuela-internet-censorship/ 2. The State of Internet Censorship in Egypt: https://ooni.torproject.org/post/egypt-internet-censorship/ 3. South Sudan: Measuring internet censorship in the world's youngest nation: https://ooni.torproject.org/post/south-sudan-censorship/ 4. Mali: Social media disruptions amid 2018 presidential election? https://ooni.torproject.org/post/mali-disruptions-amid-2018-election/ 5. Uganda's Social Media Tax through the lens of network measurements: https://ooni.io/post/uganda-social-media-tax/ More research studies are available on our website: https://ooni.torproject.org/post/ ## Revamping OONI Probe mobile apps Both Android and iOS apps have been implemented based on improvements to Measurement Kit and the finalized design and copy. We released a private internal beta to further test and polish the apps. Relevant pull requests include: * https://github.com/ooni/probe-ios/pull/187 * https://github.com/ooni/probe-ios/pull/186 * https://github.com/ooni/probe-ios/pull/185 * https://github.com/ooni/probe-ios/pull/184 * https://github.com/ooni/probe-android/pull/159 We are now preparing for a public beta release of the apps. ## Research and write specifications for new OONI Probe nettests We wrote specifications for a series of techniques that we plan on using in next generation OONI Probe nettests. These techniques will allow us to collect more rich network measurement data, further reduce the number of false positives in measurements and confirm, with a higher level of confidence, incidents of internet censorship. Our new nettest specifications are available via the following pull request: https://github.com/ooni/spec/pull/118 ## Implementation of semi-automated blockpage and blockserver detection We have added SimHash support (https://en.wikipedia.org/wiki/SimHash) to enable the semi-automated blockpage and blockserver detection. When several unrelated URLs present a similar page, this usually means that the page is either a common web-server error page or a blockpage. Human intelligence is still required to distinguish anti-DDoS service provider captcha pages from generic "403 Forbidden" web-server errors and a "genuine" blockpage. We therefore added support for SimHash to use it as the first approximation of webpage similarity, to avoid pair-wise comparision of hundreds of millions of webpages stored in the OONI dataset. See: https://github.com/ooni/pipeline/pull/124 We also added support for the partial re-processing of data, to avoid processing the whole dataset when the list of known blockpages changes. See: https://github.com/ooni/pipeline/commit/a86e4fe42dec869b02618ba2c3e28281205… ## Improvements to the monitoring of OONI services To detect issues with our infrastructure earlier and to therefore minimise downtime and be more responsive to incidents, we have done several improvements to monitoring. We have completed all activities the aimed at improving the monitoring of OONI services, listed in the following issue: https://github.com/ooni/sysadmin/issues/226 ## Community activities ### Community meeting We held a community meeting on Slack (https://slack.openobservatory.org/) on Wednesday, 24th October 2018. As part of the meeting, the OONI team provided updates on what we worked on during the past month. We also addressed community questions pertaining to running OONI Probe on Linux and Raspberry Pis. ### OONI Probe workshop at MozFest OONI's Elio traveled to London to facilitate an OONI Probe workshop at Mozilla Festival (https://twitter.com/mozTechSpeakers/status/1056851429766414336). This provided a great opportunity to engage more community members with OONI's work. ### OTF Summit OONI's Maria traveled to Taiwan to participate at the OTF Summit (29th & 30th October) and the Open Internet Day (31st October 2018). This provided an opportunity to connect with community members, learn more about their projects, and brainstorm on potential avenues for collaboration. ## Userbase In October 2018, OONI Probe was run 391,014 times from 5,062 different vantage points in 214 countries around the world. This information can also be found through our stats: https://api.ooni.io/stats ~ The OONI team. -- Maria Xynou Research & Partnerships Director Open Observatory of Network Interference (OONI) https://ooni.torproject.org/ PGP Key Fingerprint: 2DC8 AFB6 CA11 B552 1081 FBDE 2131 B3BE 70CA 417E

1 0

Notes from November 15 2018 Vegas team meeting
by Karsten Loesing 16 Nov '18

16 Nov '18

Notes for November 15 2018 meeting: Alison: 1) still finishing LFI round 1, working on round 2 2) creating community portal content 3) working on SIDA report Mike: 1) Sponsor2 work; still ignoring most other things. Gaba: 1) Gettor coordination for next week. 2) OONI roadmap and deadlines for MOSS. 3) Slowly receiving CVs for metrics data architect position. 4) Interviews for anti-censorship position. 5) Organizing sponsors that teams are working on. Antonela: 1) working on TB security settings - http://trac.torproject.org/25658 2) working on TBA+Orbot settings and onboarding - https://bugs.torproject.org/28329 3) the first version of our series of docs is on the wiki. Thanks pili for pushing it live and hiro for the review! https://trac.torproject.org/projects/tor/wiki/org/teams/UxTeam/Misc/Circuit… 4) met with Ciberseguras to talk about further community outreach together. 5) sent my article for the UNAM colloquium. 6) working with the community team on our new outreach material. 7) met with Helen and Pili to define our User Testing Reporting Framework. 8) planning usability research for next month in Brazil. 9) met with Duncan, a designer from Scotland who is interested on helping the UX team. 10) synced with Alex (ahf) about snowflake. 11) reviewing OONI Explorer mockups with Elio. Georg: 1) busy with getting Tor Browser for Android alpha into shape 2) writing back to the snap mail sent by Iain today (not sure what we want to do with that in particular and with our Linux situation in general yet) Nick: 1) lots of features, lots of releases, lots of coding. 2) anticensorship dev interviews seem to be going well. Arturo: 1) Preparing for a public beta release of OONI Probe mobile 2) Published a report on Uganda with our partner defend defenders: https://ooni.torproject.org/post/uganda-social-media-tax/ 3) Getting input on OONI Explorer from UX team 4) Anticensorship dev interviews Sarah: 1) Firming up YE campaign blog/email/social media schedule (will be contacting several of you to see if you are willing to author a post) 2) Finalizing language for next round of TB banners for next release 3) Met with OTF and Sida POs over the weekend Steph: 1) announced Nighat joined the board. Published blog, sent releases, shared on social 2) writing EOY campaign post, outlining others 3) making graphics from Tor Stories quotes 4) writing feedback from The Berkeley Group’s midpoint presentation 5) coordinated an interview for Isa 6) gave edits to the blog comment policy Pili: 1) Carried on with data gathering for Sponsor 9 report 2) Sent out Visual Identity Survey - Started analysing results Shari: 1) finishing my farewell blog post; should be posted later today 2) so many loose ends with the transition, which is happening this afternoon! isabela: 1) finishing transition - getting all things flipped (financial stuff) 2) reviewing YE campaign blog posts and other copies 3) catching up on visual identity exercises 4) helping on sida report a bit 5) recreating our organogram 6) did interview to spanish tve - a bit lame tho :( they were really into metrics and dark web 7) met with Sida PM and with OTF team in DC 8) reviewing 990

1 0

October 2018 User Feedback Report
by Maggie 15 Nov '18

15 Nov '18

Hey, friends! Welcome to the October 2018 user feedback report. For more information on what users and community members were talking about this month, check out the Fall 2018 User Feedback pad [1]. TL;DR: Things seem to be going smoothly! - Users aren't talking as much this month about the user agent changes. - The most common questions are related to using Tor together with a VPN (should I use both? Is it bad to use both? How can I hide the fact that I'm using Tor?). - Regarding TBA, users are largely grateful that we're developing an official Android app, and feedback is generally very positive. Ratings on the Google Play Store are high (the app is currently rated 4.3 stars), even when users are experiencing some fairly frustrating quality-of-life issues. - In offline news, Cybelle and I ran a Demystifying Tor workshop at MozFest! There was great turnout, and lots of interest in running relays. --- Now, on to the feedback! Scroll further down to see a recap of some of the MozFest session questions, a summary of Reddit posts, some points from Google Play Store reviews, a list of the most common Stack Exchange tags from the month, and a collection of some notable issues and bugs mentioned by users in October. - One of the most common points of confusion is whether people should use a VPN together with Tor to mask the fact that they're using Tor. In conversations about this on Reddit, pluggable transports are rarely mentioned. Even though we already have some information about VPNs in the FAQ, it seems that this explanation is not extensive enough, and that the information is not visible enough. I suggest that we release a blog post or a few tweets to further address this misconception. - In general, it seems like users will go to Reddit before reading the FAQ or support.torproject.org. How can we change this flow to encourage users to check Tor resources before seeking outside advice? - People always have questions about whether doing a certain thing will allow them to be fingerprinted (i.e. relative window position, adding bookmarks, etc.). Can we add a list of things to the FAQ that might allow users to be fingerprinted? We might also consider implementing more pop-up warnings when users attempt to do something that might identify them, as we currently do when users resize the browser window. - Tor is still broken for screen readers. In addition, Gesturefy (an extension that can be used as an accessibility aid) doesn't work with Tor Browser any more. These two issues are limiting Tor's accessibility, and making it so that certain users can't use Tor at all. --- Questions from the MozFest Demystifying Tor session: - Is it ever safe to run any type of relay from my home? - How can I contribute to Tor? - What are some good ways to convince people to use Tor? --- Most common questions on Reddit (r/TOR): - How can I hide the fact that I'm using Tor; or, should I use a VPN together with Tor? - (it's worth noting that these discussions rarely mention pluggable transports as a solution.) - Tor can't connect. What do I do? - People on Reddit are generally very good about troubleshooting this one. --- TBA Reviews & Feedback on Google Play Store: - People are frustrated by the current issues with copy/paste and text selection. - TBA fails to download files, causing frustration for users. - Users are requesting that we bundle Orbot and TBA into the same app. --- Most common stack exchange tags: - tor-browser-bundle - 18 asked this month - configuration - 10 asked this month - tor-install - 7 asked this month - windows - 6 asked this month - anonymity - 5 asked this month - security - 5 asked this month - tails - 5 asked this month - help - 5 asked this month - connection - 5 asked this month --- Notable bugs, fixes, & issues: #27867 - Gesturefy doesn't work with Tor Browser - (OPEN - needs more info) [2] #27256 - Text cannot be selected, copied, or pasted as usual on TBA - (OPEN - needs more info) [3] #27701 - TBA fails to download files - (OPEN) [4] #27987 - TBA disables screenshots, with no option to enable them - (OPEN) [5] #27845 - Browser window size is 1000x998 on MacOS - differs from other OSs and allows MacOS users to be differentiated - (OPEN) [6] #27813 - Tor 0.3.4.8 is leaking memory - (CLOSED - fixed in Tor 0.3.4.9) [7] --- That's it for the month of October! For the sake of brevity I've left out some other feedback, so if you want to know more, please do check out the Fall 2018 User Feedback pad [1] or reach out to me via email (waywardwyrd at riseup dot net) or IRC (wayward). Thanks for reading! I'll see you all back here next month. - Maggie (wayward) pronouns: she/they | twitter: @meochaidha <https://www.twitter.com/meochaidha> pgp: 0626 9C68 D0CC 1A5B E41B 72F2 615E B878 975C 4CDC ------ Annotations: 1. https://storm.torproject.org/shared/-vEQadBBHb8ZOzrLMMaJNrDuFK5XxJAQXcta30-… 2. https://trac.torproject.org/projects/tor/ticket/27867 3. https://trac.torproject.org/projects/tor/ticket/27256 4. https://trac.torproject.org/projects/tor/ticket/27701 5. https://trac.torproject.org/projects/tor/ticket/27987 6. https://trac.torproject.org/projects/tor/ticket/27845 7. https://trac.torproject.org/projects/tor/ticket/27813

1 0

Tails report for October 2018
by u 13 Nov '18

13 Nov '18

Hello, we just published our monthly report: https://tails.boum.org/news/report_2018_10/ Cheers! u.

1 0

2024

2023

2022

2021

2020

2019

2018

2017

2016

2015

tor-project November 2018