Re: [tor-bugs] #31333 [Core Tor/Tor]: reduce fingerprints len by 32.5% to reduce descriptors size

[Tor Bug Tracker & Wiki]

#31333: reduce fingerprints len by 32.5% to reduce descriptors size
+--
 Reporter:  cypherpunks |  Owner:  (none)
 Type:  enhancement | Status:  closed
 Priority:  Low |  Milestone:
Component:  Core Tor/Tor|Version:  Tor: unspecified
 Severity:  Normal  | Resolution:  duplicate
 Keywords:  fingerprint descriptor  |  Actual Points:
Parent ID:  | Points:
 Reviewer:  |Sponsor:
+--

Comment (by teor):

 Replying to [comment:2 cypherpunks]:
 > Replying to [comment:1 teor]:
 >
 >
 > > There are a few fingerprints that are still in the legacy hex format,
 but their space usage is insignificant compared to 6000 relays.
 >
 > you are very quick in response. i see microdescriptor does not affect
 it.

 Microdescriptors do contain hex fingerprints in family lines. Changing
 them would require a proposal. And we would have to use hex fingerprints
 until every tor version understood base64 fingerprints.

 Maybe we will get a similar benefit when we add ed25519 fingerprints, and
 remove hex sha1 fingerprints.

 > i have looked into my cached-descriptors and found about 2200 family
 lines with containing 23.548 sha1 notation fingerprints = 941kB. base64
 encoded, without trailing =s could result into 635kB only

 Yes, but only relays download descriptors. Most clients do not.

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #31333 [Core Tor/Tor]: reduce fingerprints len by 32.5% to reduce descriptors size

[Tor Bug Tracker & Wiki]

#31333: reduce fingerprints len by 32.5% to reduce descriptors size
+--
 Reporter:  cypherpunks |  Owner:  (none)
 Type:  enhancement | Status:  closed
 Priority:  Low |  Milestone:
Component:  Core Tor/Tor|Version:  Tor: unspecified
 Severity:  Normal  | Resolution:  duplicate
 Keywords:  fingerprint descriptor  |  Actual Points:
Parent ID:  | Points:
 Reviewer:  |Sponsor:
+--

Comment (by cypherpunks):

 Replying to [comment:1 teor]:


 > There are a few fingerprints that are still in the legacy hex format,
 but their space usage is insignificant compared to 6000 relays.

 you are very quick in response. i see microdescriptor does not affect it.
 i have looked into my cached-descriptors and found about 2200 family lines
 with containing 23.548 sha1 notation fingerprints = 941kB. base64
 encoded, without trailing =s could result into 635kB only

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #31155 [Applications/Tor Browser]: Privacy with TOR

[Tor Bug Tracker & Wiki]

#31155: Privacy with TOR
--+--
 Reporter:  Webster   |  Owner:  tbb-team
 Type:  defect| Status:  reopened
 Priority:  Medium|  Milestone:
Component:  Applications/Tor Browser  |Version:
 Severity:  Normal| Resolution:
 Keywords:|  Actual Points:
Parent ID:| Points:
 Reviewer:|Sponsor:
--+--
Changes (by Webster):

 * status:  closed => reopened
 * resolution:  not a bug =>


Comment:

 Our PCs run Windows 10. They are configured with Firefox for normal
 browsing. We use only Tor Browser to log on to WordPress.
 The fact remains that TOR Browser is no longer offering anonymity when we
 browse WordPress using our usual PCs.
 If this problem isn't rectified by August 12, we'll inform other Tor
 users.

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #24351 [Applications/Tor Browser]: Block Global Active Adversary Cloudflare

[Tor Bug Tracker & Wiki]

#24351: Block Global Active Adversary Cloudflare
-+-
 Reporter:  nullius  |  Owner:
 |  cypherpunks
 Type:  enhancement  | Status:
 |  assigned
 Priority:  High |  Milestone:
Component:  Applications/Tor Browser |Version:
 Severity:  Major| Resolution:
 Keywords:  security, privacy, anonymity, mitm,  |  Actual Points:
  cloudflare |
Parent ID:  #18361   | Points:  1000
 Reviewer:   |Sponsor:
-+-

Comment (by cypherpunks):

 Replying to [comment:119 cypherpunks]:


 > 1. Add checkbox "Block Connection to the Cloudflare IP ranges" to the
 about:preferences#privacy so the user can decide.

 the [https://www.cloudflare.com/ips/ ipranges] are public and null routing
 them is easy first step in protection from MitM. as tor browser uses socks
 config it is not via about:config possible yet but it is easy with
 proxy.pac scripts realizeable
 Replying to [comment:119 cypherpunks]:


 >
 > 2. Add Cloudflare icon next to the padlock if the website is behind
 Cloudflare.
 >

 Well, to be honest. not only cloudflare is the problem. so a cloud icon
 (not Cloudflare) would be wiser.

 But no all CDN are in MitM position.

 Replying to [comment:118 cypherpunks]:

 > Calm down, folks. This is a bug tracker which means only constructive
 advises are welcome here.
 > Tor (not Tor Browser) really can do nothing when some site wants to sell
 its users to cloudflare.
 >
 >
 > > Nothing mentioning about this MiTM eavesdropper Cloudflare.
 > >
 > >
 > The only thing Tor Browser can do is to add some icon besides the green
 lock to state that some site is poisoned by cloudflare.

 [cloud logo with a little metallic "∩" above it.][https://github.com
 /mozilla-mobile/focus-android/issues/1743#issuecomment-464382371]

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #31333 [Core Tor/Tor]: reduce fingerprints len by 32.5% to reduce descriptors size

[Tor Bug Tracker & Wiki]

#31333: reduce fingerprints len by 32.5% to reduce descriptors size
+--
 Reporter:  cypherpunks |  Owner:  (none)
 Type:  enhancement | Status:  closed
 Priority:  Low |  Milestone:
Component:  Core Tor/Tor|Version:  Tor: unspecified
 Severity:  Normal  | Resolution:  duplicate
 Keywords:  fingerprint descriptor  |  Actual Points:
Parent ID:  | Points:
 Reviewer:  |Sponsor:
+--
Changes (by teor):

 * status:  new => closed
 * resolution:   => duplicate


Comment:

 Most clients use microdescriptors and the microdescriptor consensus, so
 the size of fingerprints in descriptors doesn't matter that much.

 Microdescriptor fingerprints have always been base64:
 https://gitweb.torproject.org/torspec.git/tree/dir-spec.txt#n1563

 As have v3 consensus and microdesc consensus relay line fingerprints:
 https://gitweb.torproject.org/torspec.git/tree/dir-spec.txt#n2297

 And any fingerprints in tor cells are binary.

 There are a few fingerprints that are still in the legacy hex format, but
 their space usage is insignificant compared to 6000 relays.

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

[tor-bugs] #31333 [Core Tor/Tor]: reduce fingerprints len by 32.5% to reduce descriptors size

[Tor Bug Tracker & Wiki]

#31333: reduce fingerprints len by 32.5% to reduce descriptors size
+--
 Reporter:  cypherpunks |  Owner:  (none)
 Type:  enhancement | Status:  new
 Priority:  Low |  Component:  Core Tor/Tor
  Version:  Tor: unspecified|   Severity:  Normal
 Keywords:  fingerprint descriptor  |  Actual Points:
Parent ID:  | Points:
 Reviewer:  |Sponsor:
+--
 I have read proposals to reduce descriptor size and found fingerprints use
 SHA1, why not use base64 for them to change for example:
 moria relay:

 SHA1:
 {{{
 string(40) "9695DFC35FFEB861329B9F1AB04C46397020CE31"
 }}}
 base64 without trailing padding:
 {{{
 string(27) "lpXfw1/+uGEym58asExGOXAgzjE"
 }}}

 pseudocode for example:
 {{{
 substr(base64_encode(hex2bin('9695DFC35FFEB861329B9F1AB04C46397020CE31')),0,27)
 }}}

 results into 32.5% less fingerprints stringlen.

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #31324 [Applications/Tor Browser]: Spoof the Tor Browser time displayed to websites

[Tor Bug Tracker & Wiki]

#31324: Spoof the Tor Browser time displayed to websites
--+--
 Reporter:  cypherpunks   |  Owner:  tbb-team
 Type:  enhancement   | Status:  closed
 Priority:  Medium|  Milestone:
Component:  Applications/Tor Browser  |Version:  Tor: unspecified
 Severity:  Normal| Resolution:  not a bug
 Keywords:|  Actual Points:
Parent ID:| Points:
 Reviewer:|Sponsor:
--+--

Comment (by cypherpunks):

 Tor must be run on root level to change system clock

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #18361 [Applications/Tor Browser]: Issues with corporate censorship and mass surveillance

[Tor Bug Tracker & Wiki]

#18361: Issues with corporate censorship and mass surveillance
--+--
 Reporter:  ioerror   |  Owner:  cypherpunks
 Type:  defect| Status:  assigned
 Priority:  Very High |  Milestone:
Component:  Applications/Tor Browser  |Version:
 Severity:  Critical  | Resolution:
 Keywords:|  Actual Points:
Parent ID:| Points:  1000 light years
 Reviewer:|Sponsor:
--+--

Comment (by cypherpunks):

 Hmm...

 https://trac.torproject.org/projects/tor/ticket/24351#comment:113

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #24351 [Applications/Tor Browser]: Block Global Active Adversary Cloudflare

[Tor Bug Tracker & Wiki]

#24351: Block Global Active Adversary Cloudflare
-+-
 Reporter:  nullius  |  Owner:
 |  cypherpunks
 Type:  enhancement  | Status:
 |  assigned
 Priority:  High |  Milestone:
Component:  Applications/Tor Browser |Version:
 Severity:  Major| Resolution:
 Keywords:  security, privacy, anonymity, mitm,  |  Actual Points:
  cloudflare |
Parent ID:  #18361   | Points:  1000
 Reviewer:   |Sponsor:
-+-

Comment (by cypherpunks):

 >>115

 Go ahead, pick your poison you Cloudflare employee

 https://codeberg.org/crimeflare/cloudflare-
 tor/src/branch/master/addon_firefox

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #24351 [Applications/Tor Browser]: Block Global Active Adversary Cloudflare

[Tor Bug Tracker & Wiki]

#24351: Block Global Active Adversary Cloudflare
-+-
 Reporter:  nullius  |  Owner:
 |  cypherpunks
 Type:  enhancement  | Status:
 |  assigned
 Priority:  High |  Milestone:
Component:  Applications/Tor Browser |Version:
 Severity:  Major| Resolution:
 Keywords:  security, privacy, anonymity, mitm,  |  Actual Points:
  cloudflare |
Parent ID:  #18361   | Points:  1000
 Reviewer:   |Sponsor:
-+-

Comment (by cypherpunks):

 No offense, but Tor project *can* do something here.

 > Tor (not Tor Browser) really can do nothing

 No excuse.

 > only constructive advises are welcome here.

 Okay then, here is my advise for Tor project.


 1. Add checkbox "Block Connection to the Cloudflare IP ranges" to the
 about:preferences#privacy so the user can decide.

 2. Add Cloudflare icon next to the padlock if the website is behind
 Cloudflare.

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #24351 [Applications/Tor Browser]: Block Global Active Adversary Cloudflare

[Tor Bug Tracker & Wiki]

#24351: Block Global Active Adversary Cloudflare
-+-
 Reporter:  nullius  |  Owner:
 |  cypherpunks
 Type:  enhancement  | Status:
 |  assigned
 Priority:  High |  Milestone:
Component:  Applications/Tor Browser |Version:
 Severity:  Major| Resolution:
 Keywords:  security, privacy, anonymity, mitm,  |  Actual Points:
  cloudflare |
Parent ID:  #18361   | Points:  1000
 Reviewer:   |Sponsor:
-+-

Comment (by cypherpunks):

 Calm down, folks. This is a bug tracker which means only constructive
 advises are welcome here.
 Tor (not Tor Browser) really can do nothing when some site wants to sell
 its users to cloudflare.
 > Nothing mentioning about this MiTM eavesdropper Cloudflare.
 The only thing Tor Browser can do is to add some icon besides the green
 lock to state that some site is poisoned by cloudflare.

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #31330 [Applications/Tor Browser]: tor not starting in mac

[Tor Bug Tracker & Wiki]

#31330: tor not starting in mac
--+--
 Reporter:  etext2muthu   |  Owner:  tbb-team
 Type:  defect| Status:  new
 Priority:  Medium|  Milestone:
Component:  Applications/Tor Browser  |Version:
 Severity:  Normal| Resolution:
 Keywords:|  Actual Points:
Parent ID:| Points:
 Reviewer:|Sponsor:
--+--
Changes (by teor):

 * owner:  (none) => tbb-team
 * component:  Core Tor/Tor => Applications/Tor Browser


--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

[tor-bugs] #31332 [Metrics/Relay Search]: Please update the FallbackDir flags in relay search

[Tor Bug Tracker & Wiki]

#31332: Please update the FallbackDir flags in relay search
--+--
 Reporter:  teor  |  Owner:  metrics-team
 Type:  defect| Status:  new
 Priority:  Medium|  Milestone:
Component:  Metrics/Relay Search  |Version:
 Severity:  Normal|   Keywords:
Actual Points:|  Parent ID:
   Points:|   Reviewer:
  Sponsor:|
--+--
 Tor updated the list of fallbacks at the end of June 2019:
 https://lists.torproject.org/pipermail/tor-relays/2019-July/017475.html

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #24351 [Applications/Tor Browser]: Block Global Active Adversary Cloudflare

[Tor Bug Tracker & Wiki]

#24351: Block Global Active Adversary Cloudflare
-+-
 Reporter:  nullius  |  Owner:
 |  cypherpunks
 Type:  enhancement  | Status:
 |  assigned
 Priority:  High |  Milestone:
Component:  Applications/Tor Browser |Version:
 Severity:  Major| Resolution:
 Keywords:  security, privacy, anonymity, mitm,  |  Actual Points:
  cloudflare |
Parent ID:  #18361   | Points:  1000
 Reviewer:   |Sponsor:
-+-

Comment (by cypherpunks):

 Replying to [comment:113 cypherpunks]:
 > Replying to [comment:112 cypherpunks]:
 > > One thing I don't like Tor project is they are COMPLETELY ignoring
 this issue.
 > And for good reasons, since it's unreasonable, if you block Cloudflare
 you end up blocking half the Internet, hence you have less users. It will
 be a complete disaster.
 cursed. are you an cloudflare employee?

 Cloudflare blocking me from time to time on daily basis and MiTM my whole
 traffic by decryptingmy banking website, cryptocurrency exchange
 website, dating website, Onlineshops websites, computer forum boards, news
 website, torrent websites, software repository,  some (in my country )
 illegal streaming website - all this even while using Tor Browser. No way
 to stop them gather and collect all of my traffic in plaintext. Which the
 browsers say, "site is secure https end-to-end encryption". Nothing
 mentioning about this MiTM eavesdropper Cloudflare. It's a real serious
 and large security problematic, everyone must not and can't simply
 stupidly ignore. (like: "i got nothing to hide") why not posting your
 MiTM'ed banking sites transactions oublic on internets? It's the same.
 nothing is hidden anymore. Cloudflare knows everything about you, from the
 position they are into now and still getting accelerate worse everyday.

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #31088 [Core Tor/Tor]: Check IPv4 and IPv6 private addresses in descriptors, first hops, and extends

[Tor Bug Tracker & Wiki]

#31088: Check IPv4 and IPv6 private addresses in descriptors, first hops, and
extends
-+-
 Reporter:  teor |  Owner:  neel
 Type:  defect   | Status:
 |  needs_revision
 Priority:  Medium   |  Milestone:  Tor:
 |  unspecified
Component:  Core Tor/Tor |Version:
 Severity:  Normal   | Resolution:
 Keywords:  ipv6, tor-relay, tor-client, tor-|  Actual Points:
  dirauth|
Parent ID:  #24403   | Points:
 Reviewer:  nickm|Sponsor:
-+-
Changes (by teor):

 * status:  needs_review => needs_revision


Comment:

 Replying to [comment:2 neel]:
 > I have a PR here: https://github.com/torproject/tor/pull/1182
 >
 > I'm not sure if tests are needed here. I don't think they're needed so I
 didn't include them here.

 Tests are always needed. Please write tests.

 > Also here:
 > > And when clients connect:
 > >
 
​https://github.com/torproject/tor/blob/f7e8b3b68c8e2cecfc7ff4072e9f00d316aaba4f/src/core/or/circuitbuild.c#L552
 >
 > I didn't see any mention of separate IPv4 or IPv6 addresses here or in
 `extend_info_t`.

 That's because you're working on a child ticket of #24403, which will
 introduce separate IPv4 and IPv6 addresses in extend_info_t. (Or proposal
 306 will introduce them if we do it first.)

 Please open a separate ticket for the parts of this ticket that you can't
 do yet, because they depend on future planned changes.

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #31088 [Core Tor/Tor]: Check IPv4 and IPv6 private addresses in descriptors, first hops, and extends

[Tor Bug Tracker & Wiki]

#31088: Check IPv4 and IPv6 private addresses in descriptors, first hops, and
extends
-+-
 Reporter:  teor |  Owner:  neel
 Type:  defect   | Status:
 |  needs_review
 Priority:  Medium   |  Milestone:  Tor:
 |  unspecified
Component:  Core Tor/Tor |Version:
 Severity:  Normal   | Resolution:
 Keywords:  ipv6, tor-relay, tor-client, tor-|  Actual Points:
  dirauth|
Parent ID:  #24403   | Points:
 Reviewer:  nickm|Sponsor:
-+-

Comment (by teor):

 Replying to [comment:7 neel]:
 > I don't believe a null address will count as internal, but I removed the
 check because in `tor_addr_is_internal_()` at the end of the function on a
 null family (or any non-IPv4/IPv6):
 >
 > {{{
 >   /* unknown address family... assume it's not safe for external use */
 >   /* rather than tor_assert(0) */
 >   log_warn(LD_BUG, "tor_addr_is_internal() called from %s:%d with a "
 >"non-IP address of type %d", filename, lineno,
 (int)v_family);
 >   tor_fragile_assert();
 >   return 1;
 > }}}
 >
 > So (I guess) it would report as internal anyways.

 We don't want to execute a tor_fragile_assert().

 So the null address checks are required, and we should treat a null
 address as a missing address:
 * if one address is null, use the result for the other address
 * if both addresses are null, reject, because the request can never
 succeed

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #30279 [Core Tor/Chutney]: Test IPv6-only v3 onion services in Chutney's CI, once homebrew tor stable supports them

[Tor Bug Tracker & Wiki]

#30279: Test IPv6-only v3 onion services in Chutney's CI, once homebrew tor 
stable
supports them
-+-
 Reporter:  teor |  Owner:  teor
 Type:  enhancement  | Status:
 |  needs_review
 Priority:  Low  |  Milestone:
Component:  Core Tor/Chutney |Version:
 Severity:  Normal   | Resolution:
 Keywords:  merge-after-041-stable-in-homebrew,  |  Actual Points:  0.2
  tor-hs, ipv6, single-onion, fast-fix,  |
  chutney-ci, network-team-roadmap-2019-Q1Q2,|
  041-deferred-20190530  |
Parent ID:   | Points:  0.1
 Reviewer:  nickm|Sponsor:
 |  Sponsor19-can
-+-

Comment (by teor):

 Replying to [comment:10 nickm]:
 > We could revisit this once we merge #30827 and add 041-nightly to
 Chutney's travis.

 Yeah, we might need to revise the patch again.

 But the merge will have to wait for 0.4.1-stable in Homebrew:

 Replying to [comment:6 teor]:
 >
 > This merge will have to wait for 0.4.1-stable, because:
 > * we can only do IPv6 on macOS on Travis,
 > * macOS Travis uses homebrew, which tracks tor stable,
 > * #23588 was merged into 0.4.1.1-alpha.

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #24351 [Applications/Tor Browser]: Block Global Active Adversary Cloudflare

[Tor Bug Tracker & Wiki]

#24351: Block Global Active Adversary Cloudflare
-+-
 Reporter:  nullius  |  Owner:
 |  cypherpunks
 Type:  enhancement  | Status:
 |  assigned
 Priority:  High |  Milestone:
Component:  Applications/Tor Browser |Version:
 Severity:  Major| Resolution:
 Keywords:  security, privacy, anonymity, mitm,  |  Actual Points:
  cloudflare |
Parent ID:  #18361   | Points:  1000
 Reviewer:   |Sponsor:
-+-

Comment (by cypherpunks):

 > How is "breaking half the Internet" not unreasonable

 And who is breaking it? Tor?
 So you just give up and let Cloudflare continue their activity?

 > Since the proposal as it stands isn't serious.

 This is a serious problem. You have no idea how many users got blocked by
 CF every day, do you?

 > plus CF captchas got so low nowadays

 Wrong. Why don't you do your research?

 > so it's no longer that much of a concern

 No. This is a continued issue.
 Tor with Chrome, Tor with Opera, Tor with network client, etc.
 So many requests are intercepted by CF and breaked by it. Every day.

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #30747 [Core Tor/sbws]: Unclear check for skipping scaling due to missing bandwidths or missing descriptors

[Tor Bug Tracker & Wiki]

#30747: Unclear check for skipping scaling due to missing bandwidths or missing
descriptors
-+-
 Reporter:  teor |  Owner:  (none)
 Type:  defect   | Status:  closed
 Priority:  High |  Milestone:  sbws:
 |  1.1.x-final
Component:  Core Tor/sbws|Version:  sbws: 1.1.0
 Severity:  Major| Resolution:  fixed
 Keywords:  sbws-majority-blocker-maybe  |  Actual Points:  0.2
Parent ID:  #30733   | Points:  0.2
 Reviewer:  juga |Sponsor:
-+-
Changes (by juga):

 * status:  merge_ready => closed
 * resolution:   => fixed


Comment:

 Replying to [comment:3 gaba]:
 > Can we merge this? Anything else that needs to be done here?

 No, just lack of time in the last month to work on sbws code.
 Merged.

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

[tor-bugs] #31331 [Core Tor/sbws]: scanner integration test fails some times because the test Web server is not multi-threaded

[Tor Bug Tracker & Wiki]

#31331: scanner integration test fails some times because the test Web server is
not multi-threaded
---+---
 Reporter:  juga   |  Owner:  (none)
 Type:  defect | Status:  new
 Priority:  Medium |  Milestone:  sbws: unspecified
Component:  Core Tor/sbws  |Version:  sbws: 1.1.0
 Severity:  Normal |   Keywords:
Actual Points: |  Parent ID:
   Points:  1  |   Reviewer:
  Sponsor: |
---+---
 Because the Python Web server used for the integration tests is not multi-
 threaded, some relays' circuits timeout.
 Most of the cases, this is desired since in a public network this would
 happen too.
 It is not desired in the case that the integration test check for a
 concrete relay measurement success, which is
 
`tests/integration/core/test_scanner.py::test_measure_relay_with_maxadvertisedbandwidth`
 (https://travis-ci.org/torproject/sbws/jobs/565274602#L1971).
 This case can be solved by checking the descriptor bandwidth, not the
 measurement.
 Ideally, the Python Web server should be changed to be multi-threaded and
 shutting down some relays for the cases where the tests check failures.

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #25578 [Applications/Tor Browser]: Package and distribute Tor Browser using Flatpak

[Tor Bug Tracker & Wiki]

#25578: Package and distribute Tor Browser using Flatpak
--+--
 Reporter:  mjog  |  Owner:  tbb-team
 Type:  enhancement   | Status:  new
 Priority:  Medium|  Milestone:
Component:  Applications/Tor Browser  |Version:
 Severity:  Normal| Resolution:
 Keywords:|  Actual Points:
Parent ID:| Points:
 Reviewer:|Sponsor:
--+--

Comment (by rugk):

 @muelli maybe you should just follow these instructions?
 https://github.com/flathub/flathub/wiki/App-Submission#how-to-submit-an-
 app

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #18356 [Core Tor/Tor]: obfs4proxy cannot bind to <1024 port with systemd hardened service unit

[Tor Bug Tracker & Wiki]

#18356: obfs4proxy cannot bind to <1024 port with systemd hardened service unit
-+-
 Reporter:  irregulator  |  Owner:  asn
 Type:  defect   | Status:  new
 Priority:  Low  |  Milestone:  Tor:
 |  unspecified
Component:  Core Tor/Tor |Version:  Tor:
 |  0.2.7.4-rc
 Severity:  Normal   | Resolution:
 Keywords:  obfs4proxy, systemd, jessie, tor-pt  |  Actual Points:
Parent ID:   | Points:  15
 Reviewer:   |Sponsor:
-+-

Comment (by phw):

 Replying to [comment:8 quite]:
 > But since this issue (and #7875) still lingers years later, I'm thinking
 that what we're after is a solution that allows setting up a bridge by
 simply installing the tor package, the obfs4proxy binary (by some means),
 and editing torrc? And not a documented, post-package-installation
 workaround/tweak.
 [[br]]
 We are working on this over at #31153.

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

[tor-bugs] #31330 [Core Tor/Tor]: tor not starting in mac

[Tor Bug Tracker & Wiki]

#31330: tor not starting in mac
-+--
 Reporter:  etext2muthu  |  Owner:  (none)
 Type:  defect   | Status:  new
 Priority:  Medium   |  Component:  Core Tor/Tor
  Version:   |   Severity:  Normal
 Keywords:   |  Actual Points:
Parent ID:   | Points:
 Reviewer:   |Sponsor:
-+--
 Tor not starting and closing immediately. tried uninstall and installing
 stable version but still didn't start. Tried release candidate version but
 still not working. Not able to figure out why it stopped working. Using
 beta 10.15 mac OS, it was working fine and all of a sudden it stopped. Let
 me know

 Process:   firefox [25275]
 Path:  /Applications/Tor
 Browser.app/Contents/MacOS/firefox
 Identifier:org.torproject.torbrowser
 Version:   8.5.4 (6019.3.7)
 Code Type: X86-64 (Native)
 Parent Process:??? [1]
 Responsible:   firefox [25275]
 User ID:   501

 Date/Time: 2019-08-04 21:37:25.109 +0530
 OS Version:Mac OS X 10.15 (19A526h)
 Report Version:12
 Anonymous UUID:8E533A54-CA03-F07C-3412-65165DB9C887

 Sleep/Wake UUID:   CE1A5A0C-01D6-4196-8725-347115C98619

 Time Awake Since Boot: 16000 seconds
 Time Since Wake:   1600 seconds

 System Integrity Protection: enabled

 Crashed Thread:0  Dispatch queue: com.apple.main-thread

 Exception Type:EXC_BAD_ACCESS (SIGSEGV)
 Exception Codes:   EXC_I386_GPFLT
 Exception Note:EXC_CORPSE_NOTIFY

 Termination Signal:Segmentation fault: 11
 Termination Reason:Namespace SIGNAL, Code 0xb
 Terminating Process:   exc handler [25275]

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #31320 [Core Tor/Tor]: Add an IPv6 ORPort example to the torrc.minimal.in-staging and torrc.sample.in files

[Tor Bug Tracker & Wiki]

#31320: Add an IPv6 ORPort example to the torrc.minimal.in-staging and
torrc.sample.in files
+--
 Reporter:  teor|  Owner:  (none)
 Type:  enhancement | Status:  needs_review
 Priority:  Medium  |  Milestone:  Tor:
|  unspecified
Component:  Core Tor/Tor|Version:
 Severity:  Normal  | Resolution:
 Keywords:  tor-relay, ipv6, doc, fast-fix  |  Actual Points:
Parent ID:  | Points:  0.2
 Reviewer:  |Sponsor:
+--
Changes (by nickm):

 * status:  new => needs_review


--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #24351 [Applications/Tor Browser]: Block Global Active Adversary Cloudflare

[Tor Bug Tracker & Wiki]

#24351: Block Global Active Adversary Cloudflare
-+-
 Reporter:  nullius  |  Owner:
 |  cypherpunks
 Type:  enhancement  | Status:
 |  assigned
 Priority:  High |  Milestone:
Component:  Applications/Tor Browser |Version:
 Severity:  Major| Resolution:
 Keywords:  security, privacy, anonymity, mitm,  |  Actual Points:
  cloudflare |
Parent ID:  #18361   | Points:  1000
 Reviewer:   |Sponsor:
-+-

Comment (by cypherpunks):

 Replying to [comment:114 cypherpunks]:
 > How "unreasonable"?
 How is "breaking half the Internet" not unreasonable?

 > And why ignoring this issue is a "good" thing?
 Since the proposal as it stands isn't serious. (which is a shame
 considering that the underlying issue is real, and Cloudflare is guilty)

 > The problem is they, including Tor Project, are allowing Cloudflare
 censorship on many users. This is not just about Tor users.
 Tor can't do little to stop an organization from blocking Tor users, plus
 CF captchas got so low nowadays so it's no longer that much of a concern
 (the real thing is the MiTM and semi-Global Active Adversary status).

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #23301 [Core Tor/Tor]: prop224: Refactor connection_ap_handle_onion

[Tor Bug Tracker & Wiki]

#23301: prop224: Refactor connection_ap_handle_onion
-+-
 Reporter:  dgoulet  |  Owner:  neel
 Type:  defect   | Status:
 |  assigned
 Priority:  Medium   |  Milestone:  Tor:
 |  unspecified
Component:  Core Tor/Tor |Version:
 Severity:  Normal   | Resolution:
 Keywords:  tor-hs, prop224, |  Actual Points:
  034-triage-20180328, 034-removed-20180328  |
Parent ID:  #23300   | Points:
 Reviewer:   |Sponsor:
-+-
Changes (by neel):

 * cc: neel (added)
 * owner:  (none) => neel


--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #24351 [Applications/Tor Browser]: Block Global Active Adversary Cloudflare

[Tor Bug Tracker & Wiki]

#24351: Block Global Active Adversary Cloudflare
-+-
 Reporter:  nullius  |  Owner:
 |  cypherpunks
 Type:  enhancement  | Status:
 |  assigned
 Priority:  High |  Milestone:
Component:  Applications/Tor Browser |Version:
 Severity:  Major| Resolution:
 Keywords:  security, privacy, anonymity, mitm,  |  Actual Points:
  cloudflare |
Parent ID:  #18361   | Points:  1000
 Reviewer:   |Sponsor:
-+-

Comment (by cypherpunks):

 > And for good reasons, since it's unreasonable

 How "unreasonable"? And why ignoring this issue is a "good" thing?

 > It will be a complete disaster

 The problem is they, including Tor Project, are allowing Cloudflare
 censorship on many users. This is not just about Tor users.

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #24351 [Applications/Tor Browser]: Block Global Active Adversary Cloudflare

[Tor Bug Tracker & Wiki]

#24351: Block Global Active Adversary Cloudflare
-+-
 Reporter:  nullius  |  Owner:
 |  cypherpunks
 Type:  enhancement  | Status:
 |  assigned
 Priority:  High |  Milestone:
Component:  Applications/Tor Browser |Version:
 Severity:  Major| Resolution:
 Keywords:  security, privacy, anonymity, mitm,  |  Actual Points:
  cloudflare |
Parent ID:  #18361   | Points:  1000
 Reviewer:   |Sponsor:
-+-

Comment (by cypherpunks):

 Replying to [comment:112 cypherpunks]:
 > One thing I don't like Tor project is they are COMPLETELY ignoring this
 issue.
 And for good reasons, since it's unreasonable, if you block Cloudflare you
 end up blocking half the Internet, hence you have less users. It will be a
 complete disaster.

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #18356 [Core Tor/Tor]: obfs4proxy cannot bind to <1024 port with systemd hardened service unit

[Tor Bug Tracker & Wiki]

#18356: obfs4proxy cannot bind to <1024 port with systemd hardened service unit
-+-
 Reporter:  irregulator  |  Owner:  asn
 Type:  defect   | Status:  new
 Priority:  Low  |  Milestone:  Tor:
 |  unspecified
Component:  Core Tor/Tor |Version:  Tor:
 |  0.2.7.4-rc
 Severity:  Normal   | Resolution:
 Keywords:  obfs4proxy, systemd, jessie, tor-pt  |  Actual Points:
Parent ID:   | Points:  15
 Reviewer:   |Sponsor:
-+-

Comment (by quite):

 The workarounds are documented in the "canonical":

 
https://trac.torproject.org/projects/tor/wiki/doc/PluggableTransports/obfs4proxy

 And as well at:

   https://community.torproject.org/relay/setup/bridge/debian-ubuntu/

 But since this issue (and #7875) still lingers years later, I'm thinking
 that what we're after is a solution that allows setting up a bridge by
 simply installing the tor package, the obfs4proxy binary (by some means),
 and editing torrc? And not a documented, post-package-installation
 workaround/tweak.

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #24351 [Applications/Tor Browser]: Block Global Active Adversary Cloudflare

[Tor Bug Tracker & Wiki]

#24351: Block Global Active Adversary Cloudflare
-+-
 Reporter:  nullius  |  Owner:
 |  cypherpunks
 Type:  enhancement  | Status:
 |  assigned
 Priority:  High |  Milestone:
Component:  Applications/Tor Browser |Version:
 Severity:  Major| Resolution:
 Keywords:  security, privacy, anonymity, mitm,  |  Actual Points:
  cloudflare |
Parent ID:  #18361   | Points:  1000
 Reviewer:   |Sponsor:
-+-

Comment (by cypherpunks):

 One thing I don't like Tor project is they are COMPLETELY ignoring this
 issue.
 It seems they don't have ANY problems with Cloudflare.

 Good thing is I don't donate to the tor project because of this.
 I run several Tor nodes instead of donating money to Cloudflare-supporter
 group named "The Tor Project".

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #24351 [Applications/Tor Browser]: Block Global Active Adversary Cloudflare

[Tor Bug Tracker & Wiki]

#24351: Block Global Active Adversary Cloudflare
-+-
 Reporter:  nullius  |  Owner:
 |  cypherpunks
 Type:  enhancement  | Status:
 |  assigned
 Priority:  High |  Milestone:
Component:  Applications/Tor Browser |Version:
 Severity:  Major| Resolution:
 Keywords:  security, privacy, anonymity, mitm,  |  Actual Points:
  cloudflare |
Parent ID:  #18361   | Points:  1000
 Reviewer:   |Sponsor:
-+-

Comment (by cypherpunks):

 ^^ oh and if your browser is <60, you better upgrade to LATEST browser(60
 or above)

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #24351 [Applications/Tor Browser]: Block Global Active Adversary Cloudflare

[Tor Bug Tracker & Wiki]

#24351: Block Global Active Adversary Cloudflare
-+-
 Reporter:  nullius  |  Owner:
 |  cypherpunks
 Type:  enhancement  | Status:
 |  assigned
 Priority:  High |  Milestone:
Component:  Applications/Tor Browser |Version:
 Severity:  Major| Resolution:
 Keywords:  security, privacy, anonymity, mitm,  |  Actual Points:
  cloudflare |
Parent ID:  #18361   | Points:  1000
 Reviewer:   |Sponsor:
-+-

Comment (by cypherpunks):

 Hey dude. Why don't you just read before you ask?

 1. https://codeberg.org/crimeflare/cloudflare-tor
 2. Scroll down to "What can you do?" section
 3. Click it
 4. Download it (already signed)

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs