tor-project November 2024

tor-project@lists.torproject.org

16 participants
19 discussions

TPA-RFC-71: Emergency email deployments, phase B
by Antoine Beaupré 05 Nov '24

05 Nov '24

Hi, So TPA has adopted this proposal, internally, to make yet another set of emergency changes to our mail system, to respond to critical issues affecting delivery and sustainability of our infrastructure. I encourage you to read the "Affected users" section and "Timeline" below. In particular, we will be experimenting with "sender rewriting" soon, which will involve mangling emails we forward around to try and fix deliverability on those. The schleuder mailing list will also move servers. Maintenance windows for those changes will be communicated separately. Thank you for your attention! PS: and no, we didn't submit this for adoption to everyone, because it was felt it was mostly technical changes that didn't warrant outside approval, let me know if that doesn't make sense, of course. -- Antoine Beaupré torproject.org system administration --- title: TPA-RFC-71: Emergency email deployments, phase B costs: staff approval: TPA affected users: all torproject.org email users deadline: 5 days, 2024-10-01 status: draft discussion: https://gitlab.torproject.org/tpo/tpa/team/-/issues/41778 --- Summary: deploy a new sender-rewriting mail forwarder ASAP, migrate mailing lists off the legacy server to a new machine, migrate the remaining Schleuder list to the Tails server, upgrade `eugeni`. Table of contents: - Background - Proposal - Actual changes - Mailman 3 upgrade - New sender-rewriting mail exchanger - Schleuder migration - Upgrade legacy mail server - Goals - Must have - Nice to have - Non-Goals - Scope - Affected users - Personas - Timeline - Optimistic timeline - Worst case scenario - Alternatives considered - References - History - Personas descriptions - Ariel, the fundraiser - Blipblop, the bot - Gary, the support guy - John, the contractor - Mallory, the director - Nancy, the fancy sysadmin - Orpheus, the developer # Background In [#41773][], we had yet another report of issues with mail delivery, particularly with email forwards, that are plaguing Gmail-backed aliases like grants@ and travel@. [#41773]: https://gitlab.torproject.org/tpo/tpa/team/-/issues/41773 This is becoming critical. It has been impeding people's capacity of using their email at work for a while, but it's been more acute since google's recent changes in email validation (see [#41399][]) as now hosts that have adopted the SPF/DKIM rules are bouncing. [#41399]: https://gitlab.torproject.org/tpo/tpa/team/-/issues/41399 On top of that, we're way behind on our buster upgrade schedule. We still have to upgrade our primary mail server, `eugeni`. The plan for that ([TPA-RFC-45][], [#41009][]) was to basically re-architecture everything. That won't happen fast enough for the LTS retirement which we have crossed two months ago (in July 2024) already. [TPA-RFC-45]: https://gitlab.torproject.org/tpo/tpa/team/-/wikis/policy/tpa-rfc-45-mail-a… [#41009]: https://gitlab.torproject.org/tpo/tpa/team/-/issues/41009 So, in essence, our main mail server is unsupported now, and we need to fix this as soon as possible Finally, we also have problems with certain servers (e.g. `state.gov`) that seem to dislike our bespoke certificate authority (CA) which makes *receiving* mails difficult for us. # Proposal So those are the main problems to fix: - Email forwarding is broken - Email reception is unreliable over TLS for some servers - Mail server is out of date and hard to upgrade (mostly because of Mailman) ## Actual changes The proposed solution is: - **Mailman 3 upgrade** ([#40471][]) - **New sender-rewriting mail exchanger** ([#40987][]) - **Schleuder migration** - **Upgrade legacy mail server** ([#40694][]) [#40471]: https://gitlab.torproject.org/tpo/tpa/team/-/issues/40471 [#40987]: https://gitlab.torproject.org/tpo/tpa/team/-/issues/40987 [#40694]: https://gitlab.torproject.org/tpo/tpa/team/-/issues/40694 ### Mailman 3 upgrade Build a new mailing list server to host the upgraded Mailman 3 service. Move old lists over and convert them while retaining the old archives available for posterity. This includes lots of URL changes and user-visible disruption, little can be done to work around that necessary change. We'll do our best to come up with redirections and rewrite rules, but ultimately this is a disruptive change. This involves yet another authentication system being rolled out, as Mailman 3 has its own user database, just like Mailman 2. At least it's one user per site, instead of per list, so it's a slight improvement. This is issue [#40471][]. ### New sender-rewriting mail exchanger This step is carried over from [TPA-RFC-45][], mostly unchanged. [Sender Rewriting Scheme]: https://en.wikipedia.org/wiki/Sender_Rewriting_Scheme [postsrsd]: https://github.com/roehling/postsrsd [postforward]: https://github.com/zoni/postforward Configure a new "mail exchanger" (MX) server with TLS certificates signed by our normal public CA (Let's Encrypt). This replaces that part of `eugeni`, will hopefully resolve issues with `state.gov` and others ([#41073][], [#41287][], [#40202][], [#33413][]). [#33413]: https://gitlab.torproject.org/tpo/tpa/team/-/issues/33413 [#40202]: https://gitlab.torproject.org/tpo/tpa/team/-/issues/40202 [#41287]: https://gitlab.torproject.org/tpo/tpa/team/-/issues/41287 [#41073]: https://gitlab.torproject.org/tpo/tpa/team/-/issues/41073 This would handle forwarding mail to other services (e.g. mailing lists) but also end-users. To work around reputation problems with forwards ([#40632][], [#41524][], [#41773][]), deploy a [Sender Rewriting Scheme][] (SRS) with [postsrsd][] (packaged in Debian, but [not in the best shape][]) and [postforward][] (not packaged in Debian, but zero-dependency Golang program). It's possible deploying [ARC][] headers with [OpenARC][], Fastmail's [authentication milter][] (which [apparently works better][]), or [rspamd's arc module][] might be sufficient as well, to be tested. [OpenARC]: https://tracker.debian.org/pkg/openarc [not in the best shape]: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1017361 Having it on a separate mail exchanger will make it easier to swap in and out of the infrastructure if problems would occur. The mail exchangers should also sign outgoing mail with DKIM, and *may* start doing better validation of incoming mail. [authentication milter]: https://github.com/fastmail/authentication_milter [apparently works better]: https://old.reddit.com/r/postfix/comments/17bbhd2/about_arc/k5iluvn/ [rspamd's arc module]: https://rspamd.com/doc/modules/arc.html [#41524]: https://gitlab.torproject.org/tpo/tpa/team/-/issues/41524 [#40632]: https://gitlab.torproject.org/tpo/tpa/team/-/issues/40632 [ARC]: http://arc-spec.org/ ### Schleuder migration Migrate the remaining mailing list left (the Community Council) to the Tails Shleuder server, retiring our Schleuder server entirely. This requires configuring the Tails server to accept mail for `(a)torproject.org`. Note that this may require changing the addresses of the existing Tails list to `(a)torproject.org` if Schleuder doesn't support virtual hosting (which is likely). ### Upgrade legacy mail server Once Mailman has been safely moved aside and is shown to be working correctly, upgrade Eugeni using the normal procedures. This should be a less disruptive upgrade, but is still risky because it's such an old box with lots of legacy. One key idea of this proposal is to keep the legacy mail server, `eugeni`, in place. It will continue handling the "MTA" (Mail Transfer Agent) work, which is to relay mail for other hosts, as a legacy system. The full eugeni replacement is seen as too complicated and unnecessary at this stage. The legacy server will be isolated from the rewriting forwarder so that outgoing mail is mostly unaffected by the forwarding changes. ## Goals This is not an exhaustive solution to all our email problems, [TPA-RFC-45][] is that longer-term project. ### Must have - Up to date, supported infrastructure. - Functional legacy email forwarding. ### Nice to have - Improve email forward deliverability to Gmail. ### Non-Goals - **Clean email forwarding**: email forwards *may* be mangled and rewritten to appear as coming from `(a)torproject.org` instead of the original address. This will be figured out at the implementation stage. - **Mailbox storage**: out of scope, see [TPA-RFC-45][]. It is hoped, however, that we *eventually* are able to provide such a service, as the sender-rewriting stuff might be too disruptive in the long run. - **Technical debt**: we keep the legacy mail server, `eugeni`. - **Improved monitoring**: we won't have a better view in how well we can deliver email. - **High availability**: the new servers will not add additional "single point of failures", but will not improve our availability situation (issue [#40604][]) [#40604]: https://gitlab.torproject.org/tpo/tpa/team/-/issues/40604 ## Scope This proposal affects the all inbound and outbound email services hosted under `torproject.org`. Services hosted under `torproject.net` are *not* affected. It also does *not* address directly phishing and scamming attacks ([#40596][]), but it is hoped the new mail exchanger will provide a place where it is easier to make such improvements in the future. [#40596]: https://gitlab.torproject.org/tpo/tpa/team/-/issues/40596 ## Affected users This affects all users which interact with `torproject.org` and its subdomains over email. It particularly affects all "tor-internal" users, users with LDAP accounts, or forwards under `(a)torproject.org`, as their mails will get rewritten on the way out. ### Personas Here we collect a few "personas" and try to see how the changes will affect them, largely derived from [TPA-RFC-45][], but without the alpha/beta/prod test groups. For *all* users, a common impact is that emails will be rewritten by the sender rewriting system. As mentioned above, the impact of this still remains to be clarified, but at least the hidden `Return-Path` header will be changed for bounces to go to our servers. Actual personas are in the Reference section, see [Personas descriptions][]. | Persona | Task | Impact | |---------|-------------|--------------------------------------------------------------------------| | Ariel | Fundraising | Improved incoming delivery | | Blipbot | Bot | No change | | Gary | Support | Improved incoming delivery, new moderator account on mailing list server | | John | Contractor | Improved incoming delivery | | Mallory | Director | Same as Ariel | | Nancy | Sysadmin | No change in delivery, new moderator account on mailing list server | | Orpheus | Developer | No change in delivery | [Personas descriptions]: #personas-descriptions ## Timeline ### Optimistic timeline - Late September (W39): issue raised again, proposal drafted (now) - October: - W40: proposal approved, installing new rewriting server - W41: rewriting server deployment, new mailman 3 server - W42: mailman 3 mailing list conversion tests, users required for testing - W43: mailman 2 retirement, mailman 3 in production - W44: Schleuder mailing list migration - November: - W45: `eugeni` upgrade ### Worst case scenario - Late September (W39): issue raised again, proposal drafted (now) - October: - W40: proposal approved, installing new rewriting server - W41-44: difficult rewriting server deployment - November: - W44-W48: difficult mailman 3 mailing list conversion and testing - December: - W49: Schleuder mailing list migration vetoed, Schleuder stays on `eugeni` - W50-W51: `eugeni` upgrade postponed to 2025 - January 2025: - W3: `eugeni` upgrade # Alternatives considered We decided to not just run the sender-rewriting on the legacy mail server because too many things are tangled up in that server. It is just too risky. We have also decided to not upgrade Mailman in place for the same reason: it's seen as too risky as well, because we'd first need to upgrade the Debian base system and if that fails, rolling back is too hard. # References - [discussion issue][] [discussion issue]: https://gitlab.torproject.org/tpo/tpa/team/-/issues/41778 ## History This is the the *fifth* proposal about our email services, here are the previous ones: * [TPA-RFC-15: Email services][] (rejected, replaced with TPA-RFC-31) * [TPA-RFC-31: outsource email services][] (rejected, in favor of TPA-RFC-44 and following) * [TPA-RFC-44: Email emergency recovery, phase A][] (standard, and mostly implemented except the sender-rewriting) * [TPA-RFC-45: Mail architecture][] (still draft) [TPA-RFC-15: Email services]: policy/tpa-rfc-15-email-services [TPA-RFC-31: outsource email services]: policy/tpa-rfc-31-outsource-email [TPA-RFC-44: Email emergency recovery, phase A]: policy/tpa-rfc-44-email-emergency-recovery [TPA-RFC-45: Mail architecture]: policy/tpa-rfc-45-mail-architecture ## Personas descriptions ### Ariel, the fundraiser Ariel does a lot of mailing. From talking to fundraisers through their normal inbox to doing mass newsletters to thousands of people on CiviCRM, they get a lot done and make sure we have bread on the table at the end of the month. They're awesome and we want to make them happy. Email is absolutely mission critical for them. Sometimes email gets lost and that's a major problem. They frequently tell partners their personal Gmail account address to work around those problems. Sometimes they send individual emails through CiviCRM because it doesn't work through Gmail! Their email forwards to Google Mail and they now have an LDAP account to do email delivery. ### Blipblop, the bot Blipblop is not a real human being, it's a program that receives mails and acts on them. It can send you a list of bridges (bridgedb), or a copy of the Tor program (gettor), when requested. It has a brother bot called Nagios/Icinga who also sends unsolicited mail when things fail. There are also bots that sends email when commits get pushed to some secret git repositories. ### Gary, the support guy Gary is the ticket overlord. He eats tickets for breakfast, then files 10 more before coffee. A hundred tickets is just a normal day at the office. Tickets come in through email, RT, Discourse, Telegram, Snapchat and soon, TikTok dances. Email is absolutely mission critical, but some days he wishes there could be slightly less of it. He deals with a lot of spam, and surely something could be done about that. His mail forwards to Riseup and he reads his mail over Thunderbird and sometimes webmail. Some time after TPA-RFC_44, Gary managed to finally get an OpenPGP key setup and TPA made him a LDAP account so he can use the submission server. He has already abandoned the Riseup webmail for TPO-related email, since it cannot relay mail through the submission server. ### John, the contractor John is a freelance contractor that's really into privacy. He runs his own relays with some cools hacks on Amazon, automatically deployed with Terraform. He typically run his own infra in the cloud, but for email he just got tired of fighting and moved his stuff to Microsoft's Office 365 and Outlook. Email is important, but not absolutely mission critical. The submission server doesn't currently work because Outlook doesn't allow you to add just an SMTP server. John does have an LDAP account, however. ### Mallory, the director Mallory also does a lot of mailing. She's on about a dozen aliases and mailing lists from accounting to HR and other unfathomable things. She also deals with funders, job applicants, contractors, volunteers, and staff. Email is absolutely mission critical for her. She often fails to contact funders and critical partners because `state.gov` blocks our email -- or we block theirs! Sometimes, she gets told through LinkedIn that a job application failed, because mail bounced at Gmail. She has an LDAP account and it forwards to Gmail. She uses Apple Mail to read their mail. ### Nancy, the fancy sysadmin Nancy has all the elite skills in the world. She can configure a Postfix server with her left hand while her right hand writes the Puppet manifest for the Dovecot authentication backend. She browses her mail through a UUCP over SSH tunnel using mutt. She runs her own mail server in her basement since 1996. Email is a pain in the back and she kind of hates it, but she still believes entitled to run their own mail server. Her email is, of course, hosted on her own mail server, and she has an LDAP account. She has already reconfigured her Postfix server to relay mail through the submission servers. ### Orpheus, the developer Orpheus doesn't particular like or dislike email, but sometimes has to use it to talk to people instead of compilers. They sometimes have to talk to funders (`#grantlyfe`), external researchers, teammates or other teams, and that often happens over email. Sometimes email is used to get important things like ticket updates from GitLab or security disclosures from third parties. They have an LDAP account and it forwards to their self-hosted mail server on a OVH virtual machine. They have already reconfigured their mail server to relay mail over SSH through the jump host, to the surprise of the TPA team. Email is not mission critical, and it's kind of nice when it goes down because they can get in the zone, but it should really be working eventually. -- Antoine Beaupré torproject.org system administration -- tpa-team mailing list tpa-team(a)lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tpa-team

2 9

cve's monthly status report
by cve 05 Nov '24

05 Nov '24

Hi, the following contains my status report for October '24. This month was my first month working for Tor. During this time, I primarily worked upon improving the test infrastructure for the [onionmasq](https://gitlab.torproject.org/tpo/core/onionmasq) project. In particular, I have done the following things: * Implement support for coverage reports, allowing the inspection of the coverage for each line within the codebase. [!289](https://gitlab.torproject.org/tpo/core/onionmasq/-/merge_requests/289) * A live demo is [available](https://tpo.pages.torproject.net/-/core/onionmasq/-/jobs/742690/…. * General clean-ups in the CI YAML file. !289 * Bugfix for payload advancement in the `parser` for IPv6 extensions. [!291](https://gitlab.torproject.org/tpo/core/onionmasq/-/merge_requests/291) * >80% coverage for the `parser`, including test cases for UDP and TCP in both IPv4 and IPv6. [!292](https://gitlab.torproject.org/tpo/core/onionmasq/-/merge_requests/292), [!307](https://gitlab.torproject.org/tpo/core/onionmasq/-/merge_requests/307) * 100% coverage for the `accounting` module. [!290](https://gitlab.torproject.org/tpo/core/onionmasq/-/merge_requests/290) * Bugfix in the README. [!298](https://gitlab.torproject.org/tpo/core/onionmasq/-/merge_requests/298) * Bugfix and test case for IPv4 address collision (previously, IP addresses were overwritten in the case of a collision). [!297](https://gitlab.torproject.org/tpo/core/onionmasq/-/merge_requests/297) * Bugfix for the listening on the IPv6 DNS resolver IP address. [!299](https://gitlab.torproject.org/tpo/core/onionmasq/-/merge_requests/299) * Chutney support for onionmasq (using a custom arti configuration). [!301](https://gitlab.torproject.org/tpo/core/onionmasq/-/merge_requests/301) * Integration test environment. [!302](https://gitlab.torproject.org/tpo/core/onionmasq/-/merge_requests/302) * Integration test for DNS look-ups to see if the mappings remain constant. [!302](https://gitlab.torproject.org/tpo/core/onionmasq/-/merge_requests/302) * Bugfix for dropping ICMP packets, instead of pretending to be every host on the planet. [!305](https://gitlab.torproject.org/tpo/core/onionmasq/-/merge_requests/305) * Bugfix for performing a UDP checksum validation. [!306](https://gitlab.torproject.org/tpo/core/onionmasq/-/merge_requests/306) * Bugfix of a file descriptor leak in the Android application. [!309](https://gitlab.torproject.org/tpo/core/onionmasq/-/merge_requests/309) * Several clippy improvements. [!308](https://gitlab.torproject.org/tpo/core/onionmasq/-/merge_requests/308) * Performed research in arti's behavior in case of a loss of connectivity. Besides the aforementioned, I also had several internal tasks, primarily around general on-boarding as well as getting to know the team. Thank You

1 0

Felicia's Montly Status Report, October 2024
by Priscila 05 Nov '24

05 Nov '24

Hi everyone, Here is my status report for October 2024: ### Tor Browser - Design System - Unified Mozilla Firefox and Tor Browser’s component libraries for Android: https://gitlab.torproject.org/tpo/ux/design/-/work_items/114 ### Tor Browser for Desktop - Adapted Tor Browser’s Desktop UI applying up to date styles (colors and typography) and components + prototyped UIs that weren’t available in Figma yet: https://gitlab.torproject.org/tpo/ux/design/-/work_items/111 - Reviewed Connection settings screens in comparison to the latest version of Tor Browser Alpha: https://gitlab.torproject.org/tpo/ux/design/-/issues/54 ### Tor Browser for Android - Adjusted Tor Browser’s Android UI applying up to date styles (colors and typography) and components + prototyped UIs that weren’t available in Figma yet: https://gitlab.torproject.org/tpo/ux/design/-/work_items/112 Once I was done with the task above, the main issue to “Integrate Firefox’s Figma libraries” was resolved: https://gitlab.torproject.org/tpo/ux/design/-/issues/63 - Updated the Android library in Figma following the latest releases: https://gitlab.torproject.org/tpo/ux/design/-/issues/106 Cheers, Felicia / UX Team

1 0

ebanam's monthly status and user support report for October 2024
by ebanam 04 Nov '24

04 Nov '24

Hello everyone, This is a summary of the work I did in the month of October followed by a more detailed report of the work done by our user support team. With a number of Tor Browser releases including the last major stable release of the year - Tor Browser 14 - much of my work included alpha testing, updating the Tor Browser user manual[0] before the release. And reviewing and updating the documentation[1] on Support Portal and the various user support channels and keeping track of user feedback after the release. I worked on a number of Tor Browser related user support tickets - from general questions about installing, updating and troubleshooting to bug reports. With the onset of the year-end campaign[2], I also worked on related support tickets, answering questions about Tor Browser. Topics include downloading, installing, using the browser it's various privacy enhancing features and questions about the Tor network in general. Finally a huge part of my work was dedicated to help users in regions where Tor is censored which includes but is not limited to helping users with instructions to download Tor Browser binaries from GetTor and/or official mirrors, verifying Tor Browser's GPG signature, help with using censorship circumvention methods that works best for them and overall troubleshooting. Here's a more detailed breakdown of the tickets our user support team worked on last month: # Frontdesk (email user support channel) * 668(↑) RT tickets created * 683(↓) RT tickets resolved Tickets by topics and numbers: 1. 267(↓) RT tickets: private bridge requests from Chinese speaking users. 2. 207(↑) RT tickets: circumventing censorship in Russian speaking countries. 3. 12 RT tickets: help with Troubleshooting Tor Browser desktop on Windows, macOS and Linux. 4. 6 RT tickets: help with updating Tor Browser and questions about Tor Browser dropping support for legacy operating systems.[3] 5. 5 RT tickets: Tor Browser 14 crashing on macOS when visiting some onionsites.[4] 6. 5 RT tickets: Questions about the various Security Levels[5] in Tor Browser and issues with disabling JavaScript on higher security levels. 7. 5 RT tickets: configuring Orbot to use bridges. 8. 3(↑) RT tickets: circumventing censorship with Tor in Farsi. 9. 3 RT tickets: Letterboxing is visible even if disabled when using Tor Browser on Tiled window managers.[6] 10. 3 RT tickets: Instructions to download Tor Browser 13.5 legacy for legacy operating systems.[7] 11. 2 RT tickets: questions about how Tor works - is my IP visible when using Tor? what application level protections I get when using Tor Browser? etc. 12. Help with verifying Tor Browser signature with GPG. 13. One report of Tor Browser 14 getting flagged by anti-virus software on Windows. 14. One report of a fake app on iOS masquerading as official Tor Browser. 15. Question about using Tor bridges with Tails. 16. Instructions to use GetTor to fetch Tor Browser binaries. 17. One report of a website blocking Tor traffic. 18. Question about the various keys used by Tor[8]. 19. Tor Browser fails to work on Linux is dbus-glib is not installed[9]. This issue should be fixed with Tor Browser 14. # Telegram, WhatsApp and Signal Support channel * 1023(↑) tickets resolved Breakdown: * 1003(↑) tickets on Telegram * 20(↓) tickets on WhatsApp * 0(-) ticket on Signal Tickets by topics and numbers: 1. 667(↑) tickets: circumventing censorship in Russian speaking countries. 2. 32(↑) tickets: private bridge requests from Chinese speaking users. 3. 24(↓) tickets: circumventing censorship with Tor in Farsi. 4. 23 tickets: helping users on iOS, using Onion Browser or Orbot, to use censorship circumvention methods. 5. 16 tickets: help with troubleshooting Tor Browser Desktop on Windows, macOS and Linux. 6. 8 tickets: help with installing Tor Browser on linux. 7. 8 tickets: help with troubleshooting Tor Browser on Android. 8. 7 tickets: help with instructions to use bridges with Tails. 9. 7 tickets: questions about various features in Tor Browser (Letterboxing, Security Levels, New Circuit, New Identity, etc.) 10. 6 tickets: instructions on how to get Tor Browser binaries from GetTor. 11. 5 tickets: Tor Browser 14 crashing on macOS when visiting some onionsites.[4] 12. 5 tickets: Users seeing a "proxy refused" error when visiting websites on Tor Browser for Android using Samsung devices.[10] 13. 4 tickets: help with using bridges with Orbot. 14. 4 tickets: questions about accessing or setting up onion services. 15. 3 tickets: help with setting up Snowflake proxy. 16. 2 tickets: help with using bridges and snowflake with little-t-tor. 17. 1 ticket: Tor Browser 14 displaying a security notification on latest versions of Ubuntu.[11] 18. 1 ticket: User seeing a "proxy refused" error when visiting websites on Tor Browser for Android using a Xiaomi device.[12] 19. 1 ticket: Instructions to download Tor Browser 13.5 legacy for legacy operating systems. # Highlights from the Tor Forum 1. Configuring little-t-tor to use pluggable transports (obfs4, WebTunnel, etc.). [13] 2. Security warning on Tor Browser 14+ on latest versions of Ubuntu.[14] 3. Running Tor Browser with Wayland windowing system on Linux.[15] 4. Download Tor Browser 13.5 legacy on Windows 7, 8 and 8.1 and macOS 10.12, 10.13 and 10.14 [7] 5. Unable to render images when uploading/downloading them via Tor Browser.[16] 6. Installing Tor Browser on (Kali) Linux - troubleshooting issue with permissions.[17] Note: (↑), (↓) and (-) are indicating if the number of tickets we received for these topics have been increasing, decreasing or have been the same from the previous month respectively. Thanks everyone! e. [0]: https://gitlab.torproject.org/tpo/web/manual/-/issues/174 [1]: https://gitlab.torproject.org/tpo/community/support/-/issues/40160 [2]: https://blog.torproject.org/2024-fundraiser-donations-matched/ [3]: https://support.torproject.org/tbb/tor-browser-and-legacy-os/ [4]: https://gitlab.torproject.org/tpo/applications/tor-browser/-/issues/43245 [5]: https://tb-manual.torproject.org/security-settings/ [6]: https://gitlab.torproject.org/tpo/applications/tor-browser/-/issues/42670 [7]: https://forum.torproject.org/t/download-tor-browser-13-5-legacy-on-windows-… [8]: https://support.torproject.org/about/key-management/ [9]: https://gitlab.torproject.org/tpo/applications/tor-browser/-/issues/41914 [10]: https://gitlab.torproject.org/tpo/applications/tor-browser/-/issues/42714 [11]: https://gitlab.torproject.org/tpo/applications/tor-browser/-/issues/43101 [12]: https://gitlab.torproject.org/tpo/applications/tor-browser/-/issues/41289 [13]: https://forum.torproject.org/t/error-with-the-tor-cli-client/15502 [14]: https://forum.torproject.org/t/after-updating-to-tor-browser-14-0-tor-brows… [15]: https://forum.torproject.org/t/linux-is-it-alright-to-run-the-tor-browser-o… [16]: https://forum.torproject.org/t/problem-in-the-images-that-i-download-or-try… [17]: https://forum.torproject.org/t/i-cant-open-tor-browser-on-kali-linux/15082

1 0

sajolida's report, September 2024
by sajolida 04 Nov '24

04 Nov '24

Hi, September was again more busy than average to respect the timeline of Project 101 (Tor VPN) and Tails releases. Tor VPN ======= - I analyzed the usability test of Tor VPN 0.6.2 that I did in August. https://gitlab.torproject.org/tpo/ux/research/-/issues/69 In short, the usability of Tor VPN 0.6.2 is decent when people don't need to use a bridge, but very bad when Tor is blocked. None of the participant managed to use a bridge on their own. The main issues are unclear system status and confusing network model. Quotes: “Tor is like a bridge.“ — P5 “I'm looking for bridges that make it like if I were in Switzerland.“ — P4 “It should say: You are being blocked! With Tor you can bypass this censorship using a bridge.“ — P6 Summary of findings: https://gitlab.torproject.org/-/project/92/uploads/1fba8220a110622d852bf448… List of all issues: https://nc.torproject.net/s/fXbRYw76pTXJZym Video clips: https://nc.torproject.net/f/645757 - I created GitLab issues to document the most severe issues: Improve feedback while "Connecting" https://gitlab.torproject.org/tpo/applications/vpn/-/issues/181 Clarify connection status on all screens https://gitlab.torproject.org/tpo/applications/vpn/-/issues/182 Allow changing exit location from Configure menu https://gitlab.torproject.org/tpo/applications/vpn/-/issues/185 Improve discoverability of the list of countries https://gitlab.torproject.org/tpo/applications/vpn/-/issues/186 Clarify what can be tapped in the Bridges screen https://gitlab.torproject.org/tpo/applications/vpn/-/issues/187 Remove the need to press Enter when entering a bridge line https://gitlab.torproject.org/tpo/applications/vpn/-/issues/188 Clarify which bridge is being used (eg. after Bridge Bot) https://gitlab.torproject.org/tpo/applications/vpn/-/issues/189 Improve discoverability of the circuit view https://gitlab.torproject.org/tpo/applications/vpn/-/issues/190 Allow configuring only a single bridge https://gitlab.torproject.org/tpo/applications/vpn/-/issues/193 Rethink how the different relays are named https://gitlab.torproject.org/tpo/applications/vpn/-/issues/194 Clarify just enough about the network model https://gitlab.torproject.org/tpo/applications/vpn/-/issues/195 Don't allow changing exit location unless already connected https://gitlab.torproject.org/tpo/applications/vpn/-/issues/196 Report loss of connectivity to the Tor network https://gitlab.torproject.org/tpo/core/onionmasq/-/issues/110 - I started brainstorming solutions to all of these issues with Duncan and the rest of the UX team. Tails ===== I wrote some documentation to help users with recent issues: - Shim SBAT verification error (#20471) https://tails.net/news/version_6.7/#sbat - Provide fsck from Welcome Screen when the file system of the Persistent Storage is corrupted (#15451) https://gitlab.tails.boum.org/tails/tails/-/merge_requests/1586 This one was a LOT of work to figure out which data forensics path we should recommend to users and document the main ones step-by-step. -- sajolida

1 1

Rhatto's Monthly Status Report, October 2024
by rhatto 04 Nov '24

04 Nov '24

Hi all :) This is my monthly status report for October 2024 with the main relevant activities I have done, was involved or are related to my work during the period. # Onionprobe Ansible Role A considerable time was spent finding ways to structure and test Ansible roles, collections and playbooks through GitLab CI. Goal is to provide easier-to use procedures to manage Onion Services infrastructure. As a direct result of this research, it was possible to finally refactor and release an Ansible role to manage Onionprobe, a monitoring tool for onionsites: https://gitlab.torproject.org/tpo/onion-services/ansible/onionprobe-role It was interesting to research how to do basic Ansible tests using GitLab CI, and a special thanks goes to TPA for providing the base Podman image which allows running Podman in a GitLab CI job: https://gitlab.torproject.org/tpo/tpa/base-images # Onionprobe Onionprobe itself got some improvements, including support for running the standalone monitor node with Podman: https://onionservices.torproject.org/apps/web/onionprobe/standalone/ # OnionSec The OnionSec library and command line for testing onionsites got some enhancements as well: https://github.com/TheEnbyperor/onion-sec/pull/1 # Libraries The Onion Services Ecosystem got a Libraries page: https://onionservices.torproject.org/dev/libraries/ It still needs some improvements, and also some input from the upstream devs to check accuracy: https://gitlab.torproject.org/tpo/onion-services/ecosystem/-/issues/21 # Support Finally, also did the usual and ongoing sponsored work with deployment, maintenance and monitoring of Onion Services. -- Silvio Rhatto pronouns he/him

1 0

intrigeri's report, September 2024
by intrigeri 04 Nov '24

04 Nov '24

Hi, In case you missed it, Tails is now part of Tor: https://blog.torproject.org/tor-tails-join-forces/ Time-off ======== This was as short work months: I took 2 weeks off for personal reasons. I'm back. User-visible ============ - I reviewed the doc sajolida wrote to mitigate SBAT-related boot failures https://gitlab.tails.boum.org/tails/tails/-/issues/20471 - I gathered stats from bug reports to verify that our new idea (credits: sajolida) makes sense wrt. reporting errors about the partition table, partition header, and resizing. We plan to start designing and implementing in October. https://gitlab.tails.boum.org/tails/tails/-/issues/20505 https://gitlab.tails.boum.org/tails/tails/-/issues/20531 - Always notify users of N.x that they should upgrade to (N+1).y https://gitlab.tails.boum.org/tails/tails/-/issues/20542 - Fixed recent(ish) regressions - Spurious error message on Tails sticks installed a long time ago https://gitlab.tails.boum.org/tails/tails/-/issues/20519 Project and outreach ==================== - I attended the Global Gathering, together with a lovely crew of Tor people. - I helped a tiny bit with the messaging of the Tails/Tor merge announcement. Team lead ========= Most of my time left was used to set up new processes, integrating with the other Tor teams. Cheers, -- intrigeri

2 1

Nina’s Monthly Status Report, October, 2024
by Nina 01 Nov '24

01 Nov '24

Hi! Below is my October’24 report! In October, I resolved1104(↑110) tickets: * On Telegram (@TorProjectSupportBot) - 855 (↑127); * On RT (frontdesk@tpo) - 248 (↑59); * On WhatsApp (+447421000612) - 1(↓26); * and on Signal (+17787431312) - 0 (0). My main focus - as usual - was to help Russian-speaking users bypass censorship and connect to Tor, which often includes troubleshooting. I also collected users’ feedback to monitor the censor's activity and to help find working anti-censorship solutions. Apart from user support I also took part in Tor Forum moderation, worked with app store reviews, and joined the Tor relay operators meetup. Most of the tickets were from users in Russia requesting bridges, as the ones they received from rdsys distributors weren't working for them. I also collected user feedback on other plugglable transports (WebTunnel, obfs4, and Snowflake) and added it to the main ticket about censorship in Russia[1]. *## New Tor Browser release* Tor Browser 14 was released in October [2], with the LegacyOS users-Windows 7-8 and macOS 10.12-10.14-staying with 13.5.9. So, I took part in preparing the instructions for the Legacy OS users to help them understand the transition period and make sure that censored users can also get access to the Tor Browser version that would work for them [3]. In collaboration with @ebanam, I reported a bug affecting macOS users who are trying to open certain .onion websites [4]. I continued taking part in the investigation of the Samsung "proxy server refused connection" bug [5]. *## **Google Play Reviews for Tor Browser**(TBA)**and Tor Browser Alpha**for Android* Tor Browser App had a Google Play rating of 4.394-4.396 (↑) stars in October 2024, which is higher than in September. Tor Browser app(TBA)got 691 (↑23)reviews out of 58,498for the lifetime. Most commonissuesonthe reviews: * Samsung users point out the error "Proxy server refused connection"on their devices; [4] * Tor Browser doesn't work: mostly from Russian users, who are struggling to find a non-blockedbridge; * Tor speed is too slow. Tor Browser Alpha (TBA) app had a rating of 4.254 (↓) which is lower that in September. In October, Tor Browserfor Android (TBA)Alpha got 40 (↑5)reviews out of 8359for the lifetime. [1] https://gitlab.torproject.org/tpo/anti-censorship/censorship-analysis/-/iss… [2] https://blog.torproject.org/new-release-tor-browser-140/ [3] https://gitlab.torproject.org/tpo/community/support/-/issues/40163 [4] https://gitlab.torproject.org/tpo/applications/tor-browser/-/issues/43245 [5] https://gitlab.torproject.org/tpo/applications/tor-browser/-/issues/42714

1 0

PieroV's Monthly Status Report, October 2024
by Pier Angelo Vendrame 01 Nov '24

01 Nov '24

Hi everyone! Here is my status report for October 2024. Ten days ago, we finally released Tor Browser 14.0 after several months of work on it 🎉 [0]. Therefore, in the first weeks of October, I mostly fixed minor bugs/details and tried to help my colleagues resolve other problems for the big release. I also spent a considerable amount of time doing QA. While doing it, I created new resources to make the QA process faster. I added all of them to the tests for self-signed HTTPS Onion Sites I created a while ago [1]. I also restarted my upstream effort. I think the upstreaming of Bug 1556002 [2] and Bug 1923264 [3] were the fastest I have ever had 😄. I also tried to start a conversation about ignoring `content-disposition: attachment` in some cases [4], but that will need more work downstream first. After the release, I returned to working on issues we didn't want to rush for the stable, such as moving FontConfig's fonts.conf [5]. While doing so, I also found a compatibility problem between the modern Python version we self-compile to be able to build Firefox and the legacy OpenSSL version we still have in our old build environment [6]. I fixed it by downgrading Python to 3.9.20, which is still officially supported by the PSF and the various build systems we use. That was the less-impacting solution, but not the only possible one. Also, we really needed to fix it quickly, as it would have prevented us from building 14.0.1. Currently, I am working on fixing the "Proxy server refuses connection" problem that some Android devices (mostly Samsung phones) show [7]. I think a workaround would be to return to TCP sockets for the SOCKS connections. I prefer Unix domain sockets, as they can be used only by the browser with our configuration, whereas TCP sockets will be available to other apps as well, which is a linkability concern. If you have an Android device with this behavior and think you can help debug it, please consider commenting on that GitLab issue [7]. With this effort, we will also get closer to solving an 11-year-old issue, a new record for me 😄 [8]. Finally, I did the usual maintenance work. I rebased our browsers (the 128-based stable and the 115-based legacy channel) and started the new branches for the 14.5 series. I also prepared the 14.0.1 Tor Browser stable release and built it. Best, Pier [0] https://blog.torproject.org/new-release-tor-browser-140/ [1] https://onion-tests.pierov.org/ [2] https://bugzilla.mozilla.org/show_bug.cgi?id=1556002 [3] https://bugzilla.mozilla.org/show_bug.cgi?id=1923264 [4] https://bugzilla.mozilla.org/show_bug.cgi?id=1923368 [5] https://gitlab.torproject.org/tpo/applications/tor-browser/-/issues/43140 [6] https://gitlab.torproject.org/tpo/applications/tor-browser-build/-/issues/4… [7] https://gitlab.torproject.org/tpo/applications/tor-browser/-/issues/42714 [8] https://gitlab.torproject.org/tpo/applications/tor-launcher/-/issues/10439

1 0

2024

2023

2022

2021

2020

2019

2018

2017

2016

2015

tor-project November 2024