[tor-bugs] #25738 [- Select a component]: I'm waiting best fan thala dhoni and ilayathalapathy vijay

[Tor Bug Tracker & Wiki]

#25738: I'm waiting best fan thala dhoni and ilayathalapathy vijay
--+
 Reporter:  Roshan kumar  |  Owner:  (none)
 Type:  defect| Status:  new
 Priority:  Medium|  Milestone:
Component:  - Select a component  |Version:
 Severity:  Normal|   Keywords:  baba
Actual Points:|  Parent ID:
   Points:|   Reviewer:
  Sponsor:|
--+
 Roshan

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #24734 [Core Tor/Tor]: Remove the return value of fascist_firewall_choose_address_node()

[Tor Bug Tracker & Wiki]

#24734: Remove the return value of fascist_firewall_choose_address_node()
-+-
 Reporter:  teor |  Owner:  neel
 Type:  defect   | Status:
 |  needs_revision
 Priority:  Medium   |  Milestone:  Tor:
 |  0.3.4.x-final
Component:  Core Tor/Tor |Version:
 Severity:  Normal   | Resolution:
 Keywords:  ipv6, tor-relay, |  Actual Points:
  034-triage-20180328, 034-removed-20180328  |
Parent ID:  #24403   | Points:  0.5
 Reviewer:   |Sponsor:
-+-
Changes (by teor):

 * status:  assigned => needs_revision


Comment:

 Thanks for the patch.

 These things need to be fixed:

 Change comments like:
 {{{
 If neither address is chosen, return 0, else return 1.
 }}}
 So they say what the functions do now.

 Make sure every function initialises the ap value before it returns. For
 example, the first few lines in fascist_firewall_choose_address_rs(),
 fascist_firewall_choose_address_node() and
 fascist_firewall_choose_address_dir_server() leave this value
 uninitialised. Please make this change in a separate commit or patch file.
 Leaving return values uninitialised is a potential security issue, and we
 should backport it to 0.2.9 and later.

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #22079 [Community]: Community governance documents

[Tor Bug Tracker & Wiki]

#22079: Community governance documents
---+
 Reporter:  alison |  Owner:  alison
 Type:  project| Status:  new
 Priority:  Medium |  Milestone:
Component:  Community  |Version:
 Severity:  Normal | Resolution:
 Keywords: |  Actual Points:
Parent ID: | Points:
 Reviewer: |Sponsor:
---+

Comment (by catalyst):

 Replying to [comment:11 atagar]:
 > Some more things that have come up...
 >
 > * Lets add 'what is your irc nick?' to our membership questions so they
 can be granted permissions when subscribed.
 I suggest clarifying this as "your IRC nick on the OFTC network"

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #22079 [Community]: Community governance documents

[Tor Bug Tracker & Wiki]

#22079: Community governance documents
---+
 Reporter:  alison |  Owner:  alison
 Type:  project| Status:  new
 Priority:  Medium |  Milestone:
Component:  Community  |Version:
 Severity:  Normal | Resolution:
 Keywords: |  Actual Points:
Parent ID: | Points:
 Reviewer: |Sponsor:
---+

Comment (by atagar):

 Another thing that was mentioned on irc was to simplify the process of
 making small amendments. Maybe something similar to our membership
 addition policy (if nobody objects then it happens, otherwise it proceeds
 with a standard voting process).

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #24734 [Core Tor/Tor]: Remove the return value of fascist_firewall_choose_address_node()

[Tor Bug Tracker & Wiki]

#24734: Remove the return value of fascist_firewall_choose_address_node()
-+-
 Reporter:  teor |  Owner:  neel
 Type:  defect   | Status:
 |  assigned
 Priority:  Medium   |  Milestone:  Tor:
 |  0.3.4.x-final
Component:  Core Tor/Tor |Version:
 Severity:  Normal   | Resolution:
 Keywords:  ipv6, tor-relay, |  Actual Points:
  034-triage-20180328, 034-removed-20180328  |
Parent ID:  #24403   | Points:  0.5
 Reviewer:   |Sponsor:
-+-

Comment (by neel):

 I have a patch under the filename `b24734-001.patch`.

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #24734 [Core Tor/Tor]: Remove the return value of fascist_firewall_choose_address_node()

[Tor Bug Tracker & Wiki]

#24734: Remove the return value of fascist_firewall_choose_address_node()
-+-
 Reporter:  teor |  Owner:  neel
 Type:  defect   | Status:
 |  assigned
 Priority:  Medium   |  Milestone:  Tor:
 |  0.3.4.x-final
Component:  Core Tor/Tor |Version:
 Severity:  Normal   | Resolution:
 Keywords:  ipv6, tor-relay, |  Actual Points:
  034-triage-20180328, 034-removed-20180328  |
Parent ID:  #24403   | Points:  0.5
 Reviewer:   |Sponsor:
-+-
Changes (by neel):

 * Attachment "b24734-001.patch" added.

 [PATCH] Remove the return value from the fascist_firewall_choose_address_*
 family of functions (Revision 1)

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #25737 [Applications/Tor Browser]: Tor Browser's update check bypassed Tor once on macos, because of xpcproxy?

[Tor Bug Tracker & Wiki]

#25737: Tor Browser's update check bypassed Tor once on macos, because of 
xpcproxy?
--+--
 Reporter:  cypherpunks   |  Owner:  tbb-team
 Type:  defect| Status:  new
 Priority:  Medium|  Milestone:
Component:  Applications/Tor Browser  |Version:
 Severity:  Normal| Resolution:
 Keywords:|  Actual Points:
Parent ID:| Points:
 Reviewer:|Sponsor:
--+--

Comment (by cypherpunks):

 10.13.4

 No, I don't have a system wide proxy set: what I call an isolation proxy
 is a simple linux box, with filtering/redirection purposes. It's
 transparent.

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #25737 [Applications/Tor Browser]: Tor Browser's update check bypassed Tor once on macos, because of xpcproxy? (was: Tor Browser Bundle IP Leak)

[Tor Bug Tracker & Wiki]

#25737: Tor Browser's update check bypassed Tor once on macos, because of 
xpcproxy?
--+--
 Reporter:  cypherpunks   |  Owner:  tbb-team
 Type:  defect| Status:  new
 Priority:  Medium|  Milestone:
Component:  Applications/Tor Browser  |Version:
 Severity:  Normal| Resolution:
 Keywords:|  Actual Points:
Parent ID:| Points:
 Reviewer:|Sponsor:
--+--

Comment (by arma):

 Can you tell us which version of MacOS?

 Do you have a system-wide proxy set?

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #25737 [Applications/Tor Browser]: Tor Browser Bundle IP Leak

[Tor Bug Tracker & Wiki]

#25737: Tor Browser Bundle IP Leak
--+--
 Reporter:  cypherpunks   |  Owner:  tbb-team
 Type:  defect| Status:  new
 Priority:  Medium|  Milestone:
Component:  Applications/Tor Browser  |Version:
 Severity:  Normal| Resolution:
 Keywords:|  Actual Points:
Parent ID:| Points:
 Reviewer:|Sponsor:
--+--

Comment (by cypherpunks):

 Sorry for my wrong wording, I should have written tor-launcher, vidalia is
 an error.
 And I am using the official bundle, not something hacked-together ...

 The application firewall is a fork of https://github.com/objective-
 see/LuLu .

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #25737 [Applications/Tor Browser]: Tor Browser Bundle IP Leak

[Tor Bug Tracker & Wiki]

#25737: Tor Browser Bundle IP Leak
--+--
 Reporter:  cypherpunks   |  Owner:  tbb-team
 Type:  defect| Status:  new
 Priority:  Medium|  Milestone:
Component:  Applications/Tor Browser  |Version:
 Severity:  Normal| Resolution:
 Keywords:|  Actual Points:
Parent ID:| Points:
 Reviewer:|Sponsor:
--+--

Comment (by arma):

 Right, that connection looks like an update check. And it should be going
 over Tor.

 Can you reproduce this issue with actual normal Tor Browser?

 It sounds like you have some hacked-together thing that nobody else uses,
 and so that would be the first thing to look at if there are surprises.

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #25737 [Applications/Tor Browser]: Tor Browser Bundle IP Leak

[Tor Bug Tracker & Wiki]

#25737: Tor Browser Bundle IP Leak
--+--
 Reporter:  cypherpunks   |  Owner:  tbb-team
 Type:  defect| Status:  new
 Priority:  Medium|  Milestone:
Component:  Applications/Tor Browser  |Version:
 Severity:  Normal| Resolution:
 Keywords:|  Actual Points:
Parent ID:| Points:
 Reviewer:|Sponsor:
--+--

Comment (by cypherpunks):

 Why vidalia?

 > listera.torproject.org

 https://db.torproject.org/machines.cgi?host=listera

 extensions.torbutton.versioncheck_url

 > race condition

 between torbutton and tor-launcher

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

[tor-bugs] #25737 [Applications/Tor Browser]: Tor Browser Bundle IP Leak

[Tor Bug Tracker & Wiki]

#25737: Tor Browser Bundle IP Leak
--+--
 Reporter:  cypherpunks   |  Owner:  tbb-team
 Type:  defect| Status:  new
 Priority:  Medium|  Milestone:
Component:  Applications/Tor Browser  |Version:
 Severity:  Normal|   Keywords:
Actual Points:|  Parent ID:
   Points:|   Reviewer:
  Sponsor:|
--+--
 I am on macOS, and my current setup involves an isolation proxy, custom pf
 rules, an application firewall and the tor browser bundle (7.5.3).

 The firefox process has only localhost access to the tor.real process.
 The tor.real process has only localhost access to the obf4proxy process.
 The obfs4proxy process can only access the remote IP/port tuple.
 I modified the tbb-torrc adding `UseBridges 1`.

 During the latest (vidalia) startup, my application firewall warned me
 that a process named `xpcproxy` was attempting to directly connect to
 `82.195.75.101/443tcp`.

 Since a reverse dns lookup resolves to `listera.torproject.org`, I believe
 this to be non malicious, but I'd count the behaviour as a potential IP
 leak.

 Firefox should wait for the tor process to be ready and spawn the call
 over a tor circuit; if not, a malicious ISP (eg) has the potential to
 enumerate users.

 I denied the access and restarted the browser, but have not been able to
 reproduce yet. So this is possibly a race condition between firefox and
 vidalia, because of this I am unsure if this should be a tor browser or a
 tor launcher ticket.

 How can I inspect this?

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #24734 [Core Tor/Tor]: Remove the return value of fascist_firewall_choose_address_node()

[Tor Bug Tracker & Wiki]

#24734: Remove the return value of fascist_firewall_choose_address_node()
-+-
 Reporter:  teor |  Owner:  neel
 Type:  defect   | Status:
 |  assigned
 Priority:  Medium   |  Milestone:  Tor:
 |  0.3.4.x-final
Component:  Core Tor/Tor |Version:
 Severity:  Normal   | Resolution:
 Keywords:  ipv6, tor-relay, |  Actual Points:
  034-triage-20180328, 034-removed-20180328  |
Parent ID:  #24403   | Points:  0.5
 Reviewer:   |Sponsor:
-+-

Comment (by teor):

 Please change both functions so they do not return any values.

 If they would have returned an error value, make sure that the address
 they return in the pointer is the null address. I think you can generate a
 null address using tor_addr_make_null() or similar. See get_pref_orport()
 and fet_prim_orport() for examples of similar functions.

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #25735 [Applications/Tor Browser]: Tor Browser stalls while loading Facebook login page (Waiting for static.xx.fbcdn.net)

[Tor Bug Tracker & Wiki]

#25735: Tor Browser stalls while loading Facebook login page (Waiting for
static.xx.fbcdn.net)
--+--
 Reporter:  uzi   |  Owner:  tbb-team
 Type:  defect| Status:  new
 Priority:  Medium|  Milestone:
Component:  Applications/Tor Browser  |Version:
 Severity:  Major | Resolution:
 Keywords:|  Actual Points:
Parent ID:| Points:
 Reviewer:|Sponsor:
--+--

Comment (by uzi):

 Exact same behavior:
 - on a different machine with Windows 7
 - with a different internet connection

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #22079 [Community]: Community governance documents

[Tor Bug Tracker & Wiki]

#22079: Community governance documents
---+
 Reporter:  alison |  Owner:  alison
 Type:  project| Status:  new
 Priority:  Medium |  Milestone:
Component:  Community  |Version:
 Severity:  Normal | Resolution:
 Keywords: |  Actual Points:
Parent ID: | Points:
 Reviewer: |Sponsor:
---+
Changes (by juga):

 * Attachment "0001-Include-prefered-pronoun-s-in-membership-
 questions.patch" added.


--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #22079 [Community]: Community governance documents

[Tor Bug Tracker & Wiki]

#22079: Community governance documents
---+
 Reporter:  alison |  Owner:  alison
 Type:  project| Status:  new
 Priority:  Medium |  Milestone:
Component:  Community  |Version:
 Severity:  Normal | Resolution:
 Keywords: |  Actual Points:
Parent ID: | Points:
 Reviewer: |Sponsor:
---+
Changes (by juga):

 * Attachment "0001-Include-prefered-pronoun-in-membership-questions.patch"
 removed.


--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #22079 [Community]: Community governance documents

[Tor Bug Tracker & Wiki]

#22079: Community governance documents
---+
 Reporter:  alison |  Owner:  alison
 Type:  project| Status:  new
 Priority:  Medium |  Milestone:
Component:  Community  |Version:
 Severity:  Normal | Resolution:
 Keywords: |  Actual Points:
Parent ID: | Points:
 Reviewer: |Sponsor:
---+
Changes (by juga):

 * Attachment "0001-Include-prefered-pronoun-in-membership-questions.patch"
 added.


--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #22079 [Community]: Community governance documents

[Tor Bug Tracker & Wiki]

#22079: Community governance documents
---+
 Reporter:  alison |  Owner:  alison
 Type:  project| Status:  new
 Priority:  Medium |  Milestone:
Component:  Community  |Version:
 Severity:  Normal | Resolution:
 Keywords: |  Actual Points:
Parent ID: | Points:
 Reviewer: |Sponsor:
---+
Changes (by juga):

 * Attachment "0001-Include-prefered-pronoun-in-membership-questions.patch"
 added.


--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #22079 [Community]: Community governance documents

[Tor Bug Tracker & Wiki]

#22079: Community governance documents
---+
 Reporter:  alison |  Owner:  alison
 Type:  project| Status:  new
 Priority:  Medium |  Milestone:
Component:  Community  |Version:
 Severity:  Normal | Resolution:
 Keywords: |  Actual Points:
Parent ID: | Points:
 Reviewer: |Sponsor:
---+

Comment (by juga):

 I'd also include pronoun in the membership questions. Attaching patch

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #25736 [Applications/Tor Browser]: browser tracking issue??

[Tor Bug Tracker & Wiki]

#25736: browser tracking issue??
--+--
 Reporter:  Wally |  Owner:  tbb-team
 Type:  defect| Status:  new
 Priority:  Medium|  Milestone:
Component:  Applications/Tor Browser  |Version:
 Severity:  Normal| Resolution:
 Keywords:|  Actual Points:
Parent ID:| Points:
 Reviewer:|Sponsor:
--+--

Comment (by cypherpunks):

 > Duplicate but I'm too lazy right now to find the right ticket.

 #17228

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #22079 [Community]: Community governance documents

[Tor Bug Tracker & Wiki]

#22079: Community governance documents
---+
 Reporter:  alison |  Owner:  alison
 Type:  project| Status:  new
 Priority:  Medium |  Milestone:
Component:  Community  |Version:
 Severity:  Normal | Resolution:
 Keywords: |  Actual Points:
Parent ID: | Points:
 Reviewer: |Sponsor:
---+

Comment (by atagar):

 Some more things that have come up...

 * Lets add 'what is your irc nick?' to our membership questions so they
 can be granted permissions when subscribed.

 * As part of the above I'd like permission to include the #tor-internal
 password in the welcome email. Or maybe we should drop the password? Since
 we have two authentication checks (GroupServ membership and the password)
 the later should be redundant, and including it in the welcome email would
 cut down on friction for new members to get involved.

 * Lets clarify what we do when folks are added during a vote. My
 suggestion is that they cannot take part in the vote but also do not count
 toward quorum.

 * Lets clarify what we do when a person's membership is revoked during a
 vote. My suggestion is that they can still take part in the vote and count
 toward quorum.

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #24734 [Core Tor/Tor]: Remove the return value of fascist_firewall_choose_address_node()

[Tor Bug Tracker & Wiki]

#24734: Remove the return value of fascist_firewall_choose_address_node()
-+-
 Reporter:  teor |  Owner:  neel
 Type:  defect   | Status:
 |  assigned
 Priority:  Medium   |  Milestone:  Tor:
 |  0.3.4.x-final
Component:  Core Tor/Tor |Version:
 Severity:  Normal   | Resolution:
 Keywords:  ipv6, tor-relay, |  Actual Points:
  034-triage-20180328, 034-removed-20180328  |
Parent ID:  #24403   | Points:  0.5
 Reviewer:   |Sponsor:
-+-
Changes (by neel):

 * status:  new => assigned
 * cc: neel@… (added)
 * owner:  (none) => neel


Comment:

 I am interested in taking this ticket.

 However, looking at the source code, I see
 `fascist_firewall_choose_address_node()` returns a
 `fascist_firewall_choose_address_base()`. Would it be okay to just call
 the latter from the former without a return value?

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #25736 [Applications/Tor Browser]: browser tracking issue??

[Tor Bug Tracker & Wiki]

#25736: browser tracking issue??
--+--
 Reporter:  Wally |  Owner:  tbb-team
 Type:  defect| Status:  new
 Priority:  Medium|  Milestone:
Component:  Applications/Tor Browser  |Version:
 Severity:  Normal| Resolution:
 Keywords:|  Actual Points:
Parent ID:| Points:
 Reviewer:|Sponsor:
--+--
Changes (by cypherpunks):

 * keywords:  header tracking =>
 * owner:  (none) => tbb-team
 * version:  Tor: unspecified =>
 * component:  - Select a component => Applications/Tor Browser
 * priority:  High => Medium


Comment:

 Duplicate but I'm too lazy right now to find the right ticket.

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

[tor-bugs] #25736 [- Select a component]: browser tracking issue??

[Tor Bug Tracker & Wiki]

#25736: browser tracking issue??
--+--
 Reporter:  Wally |  Owner:  (none)
 Type:  defect| Status:  new
 Priority:  High  |  Milestone:
Component:  - Select a component  |Version:  Tor: unspecified
 Severity:  Normal|   Keywords:  header tracking
Actual Points:|  Parent ID:
   Points:|   Reviewer:
  Sponsor:|
--+--
 A security problem?
 I don't know but thought you might like to see this.

 Karl Fogle on redbean.com the writer of onetime the program for
 implementation on onetime pad encryption noted that Firefox sends link
 following in headers.
 He also wrote an article on it which you can read at his site:
 "https://www.rants.org/2018/02/a-mystery-firefox-and-user-privacy/";
 I think it's a good idea he poses and I have changed the header policy on
 all my mozilla products,"including Tor."
 In "about:config"
 Changed,"Network.http.sendRefererHeader to 0 instead of the default 2"
 Am I just being paranoid or is this a real problem?

 Wally Walberger

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #24243 [Applications/Tor Browser]: Tor Browser only render HTML for local pages via file://, no images/CSS

[Tor Bug Tracker & Wiki]

#24243: Tor Browser only render HTML for local pages via file://, no images/CSS
--+--
 Reporter:  anonym|  Owner:  tbb-team
 Type:  defect| Status:  new
 Priority:  Medium|  Milestone:
Component:  Applications/Tor Browser  |Version:
 Severity:  Normal| Resolution:
 Keywords:  AffectsTails  |  Actual Points:
Parent ID:| Points:
 Reviewer:|Sponsor:
--+--

Comment (by ilf):

 Also affected by this (TBB 7.3.5, non-Tails).

 Using inline CSS might be a workaround for local files you control (and
 invest the ressources to change). But there are other use-cases for local
 files, where this workaround is not feasable.

 F.e. a local output of munin, which is now unusable in TBB. :(

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #25735 [Applications/Tor Browser]: Tor Browser stalls while loading Facebook login page (Waiting for static.xx.fbcdn.net)

[Tor Bug Tracker & Wiki]

#25735: Tor Browser stalls while loading Facebook login page (Waiting for
static.xx.fbcdn.net)
--+--
 Reporter:  uzi   |  Owner:  tbb-team
 Type:  defect| Status:  new
 Priority:  Medium|  Milestone:
Component:  Applications/Tor Browser  |Version:
 Severity:  Major | Resolution:
 Keywords:|  Actual Points:
Parent ID:| Points:
 Reviewer:|Sponsor:
--+--

Comment (by Ga15):

 Works for me at win10 pro.

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs