Re: [tor-dev] Archiving old Components in Trac
* teor: > Hi, > > Is anyone still using these trac components? > > Applications/Tor Messenger > Applications/Tor Mail We can archive both these components. > Applications/TorBirdy TorBirdy is an active project. -- Sukhbir ___ tor-dev mailing list tor-dev@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-dev
Re: [tor-dev] Ready to Integrate/Review New Marionette Version into Tor
* John Helmsen: > David, > > Ben hit the following error while running 'make testbuild': > > --2018-07-26 08:33:09-- > https://downloads.sourceforge.net/stixfonts/STIXv1.1.1-latex.zip > Resolving downloads.sourceforge.net (downloads.sourceforge.net)... > 216.105.38.13 > Connecting to downloads.sourceforge.net > (downloads.sourceforge.net)|216.105.38.13|:443... > connected. > HTTP request sent, awaiting response... 404 Not Found > 2018-07-26 08:33:09 ERROR 404: Not Found. (https://trac.torproject.org/projects/tor/ticket/26949 tracks this issue.) If you want to fix it for now, you can apply this and it should work: diff --git a/projects/fonts/build b/projects/fonts/build index 9b33da9..a1e066b 100644 --- a/projects/fonts/build +++ b/projects/fonts/build @@ -13,8 +13,8 @@ mkdir -p $distdir END; %] [% IF c("var/linux") || c("var/osx") %] - unzip -o STIXv1.1.1-latex.zip -d STIX - cp "STIX/Fonts/fonts/opentype/public/stix/STIXMath-Regular.otf" $distdir/ + unzip -o 2.0.0.zip -d STIX + cp "STIX/stixfonts-2.0.0/archive/STIXv1.1.1/Fonts/STIX-Word/STIXMath-Regular.otf" $distdir/ [% END %] [% IF c("var/linux") %] cp NotoEmoji-Regular.ttf $distdir/ diff --git a/projects/fonts/config b/projects/fonts/config index 1547403..9d11d2c 100644 --- a/projects/fonts/config +++ b/projects/fonts/config @@ -102,6 +102,6 @@ input_files: - URL: https://github.com/googlei18n/noto-cjk/raw/f36eda03dfa5582a6d49abbfb5c83d0209584158/NotoSansTC-Regular.otf sha256sum: e6b82f7d3dab605c428161124ceb5e169cde93de632d800297b167cdd88e7baa enable: '[% c("var/linux") %]' - - URL: https://downloads.sourceforge.net/stixfonts/STIXv1.1.1-latex.zip -sha256sum: e3b0f712e2644438eee2d0dcd2b10b2d54f1b972039de95b2f8e800bae1adbd8 + - URL: https://github.com/stipub/stixfonts/archive/2.0.0.zip +sha256sum: 4327a16797dabebedce28a9075671730e22c7f74831b24b1fb91e27faec5a235 enable: '[% c("var/linux") || c("var/osx") %]' ___ tor-dev mailing list tor-dev@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-dev
Re: [tor-dev] Tor Messenger recent IRC re-topic.
Hi, > Hello Everyone, > > We briefly talked about this idea of taking over Tor Messenger, a long with > our own ideas and were asked to mail in some Documentation/Roadmaps. I'm > asking in what form would you guys like to see this in? > > Basically: > > Would you like us to add a .txt as an attachment in a follow up email? > Or would it be better to host the files on our site, and allow people to > read without subject to downloading anything? You can email the proposal to the mailing list. Thanks, -- Sukhbir ___ tor-dev mailing list tor-dev@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-dev
Re: [tor-dev] Feedback Extension for Tor Browser
Hello, > Is the project 'Feedback Extension for Tor Browser' still a part of GSoC > 2017? I have already submitted a proposal and would like to work on it. > Please help. Yes, it is still a part of GSoC. We will let you know if we have any questions or if there is any feedback on the proposal itself. (We can't comment on the status of the proposal during this period as per GSoC guidelines.) -- Sukhbir ___ tor-dev mailing list tor-dev@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-dev
Re: [tor-dev] Getting error while making a build
* AKASH DAS: > I am getting the following error while running make fetch :- > > Can't exec "hg": No such file or directory at rbm/lib/RBM.pm line 406. > Error: Error cloning https://hg.mozilla.org/releases/mozilla-esr45/ > make: *** [fetch] Error 1 > > any help would be appreciable. You need Mercurial. On Debian/Ubuntu, apt-get install mercurial. -- Sukhbir ___ tor-dev mailing list tor-dev@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-dev
[tor-dev] Tor Messenger 0.1.0b4 is released
We are pleased to announce another public beta release of Tor Messenger. This release addresses a number of stability and usability issues, and includes the default bridge configurations for pluggable transports. The initial public release [0] was a success in that it garnered a lot of useful feedback. We tried to respond to all your concerns in the comments of the blog post [1] but also collected and aggregated a FAQ of the most common questions [2]. * Before Upgrading Before upgrading to the new release, you will need to backup your OTR keys or simply generate new ones. Please see the following steps to back them up [3]. In our eagerness to build on work done by Tor Browser, we made the decision to store your profile directory inside the application bundle. This complicates matters when you want to use the same accounts and keys across updates, especially while we don't have an automatic updater [4]. Also, as was vociferously pointed out by some of our early adopters, this probably isn't a very intuitive user experience. Copying the extracted application to someone else's computer would unknowingly transfer your accounts and OTR keys. It's unclear if this is commonly done and we'd love feedback on this point to understand the urgency of the issue. In future releases, we plan on revisiting this decision. The number one item on our roadmap is porting Tor Browser's updater patches [5] so that keeping Tor Messenger up-to-date is seamless and automatic. We also plan to add a UI to make importing OTR keys and accounts from Pidgin, and other clients, as easy as possible [6]. * Downloads Please note that Tor Messenger is _still in beta_. The purpose of this release is to help test the application and provide feedback. *At-risk users should not depend on it for their privacy and safety*. Linux (32-bit) https://dist.torproject.org/tormessenger/0.1.0b4/tor-messenger-linux32-0.1.0b4_en-US.tar.xz Linux (64-bit) https://dist.torproject.org/tormessenger/0.1.0b4/tor-messenger-linux64-0.1.0b4_en-US.tar.xz Windows https://dist.torproject.org/tormessenger/0.1.0b4/tormessenger-install-0.1.0b4_en-US.exe OS X (Mac) https://dist.torproject.org/tormessenger/0.1.0b4/TorMessenger-0.1.0b4-osx64_en-US.dmg sha256sums.txt https://dist.torproject.org/tormessenger/0.1.0b4/sha256sums.txt sha256sums.txt.asc https://dist.torproject.org/tormessenger/0.1.0b4/sha256sums.txt.asc The sha256sums.txt file containing hashes of the bundles is signed with the key 0x6887935AB297B391 (fingerprint: 3A0B 3D84 3708 9613 6B84 5E82 6887 935A B297 B391). * Changelog Here is the complete changelog since v0.1.0b2: Tor Messenger 0.1.0b4 -- November 22 2015 All Platforms Bug 17492: Include default bridges configuration Use tor and the pluggable transports from tor-browser 5.0.4 Bug 17552: Instantbird should handle XMPP message stanzas with subjects ctypes-otr Bug 17539: Pass username when interpolating resent string Bug 15179: Add an OTR Preferences item to the Tools menu Use the FIREFOX_42_0_RELEASE tag on mozilla-release Use the THUNDERBIRD_42_0b2_RELEASE tag on comm-release Bug 16489: Prevent automatic logins at startup Update Tor Messenger logo in Tor Launcher Mac Bug 16476: Themes preference is positioned incorrectly Bug 17456: Application hang when navigating the preferences menu Tor Messenger 0.1.0b3 -- October 30 2015 Windows Bug 17453: Fix Tor Messenger crash when starting up in Windows [0] - https://blog.torproject.org/blog/tor-messenger-beta-chat-over-tor-easily/ [1] - https://blog.torproject.org/blog/tor-messenger-beta-chat-over-tor-easily/#comments [2] - https://trac.torproject.org/projects/tor/wiki/doc/TorMessenger/FAQ [3] - https://trac.torproject.org/projects/tor/wiki/doc/TorMessenger/FAQ#WherearemyOTRkeysstoredHowcanIpreservethemacrossupdates [4] - https://bugs.torproject.org/13861 [5] - https://bugs.torproject.org/14388 [6] - https://bugs.torproject.org/16526 -- Sukhbir signature.asc Description: PGP signature ___ tor-dev mailing list tor-dev@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-dev
Re: [tor-dev] Tor Messenger Beta: Chat over Tor, Easily
* Malte: > Hell yeah! What was up with the previous (unannounced) beta version that was > already lying on dist.torproject.org? We were sorting out some branding issues :) And yes, that was never announced. > I would like to see OMEMO (based on Axolotl) get more adoption. Right now > Conversations is the only messenger I know which implements it, but it would > be cool if I could also use it with Tor Messenger. > http://conversations.im/omemo/ Other users also requested this, so we are tracking this at https://trac.torproject.org/projects/tor/ticket/17457. -- Sukhbir ___ tor-dev mailing list tor-dev@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-dev
Re: [tor-dev] Tor Messenger Beta: Chat over Tor, Easily
https://trac.torproject.org/projects/tor/ticket/17457 -- Sukhbir ___ tor-dev mailing list tor-dev@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-dev
[tor-dev] Tor Messenger Third Alpha
Hi, Tor Messenger is an instant messaging client currently under development. It is designed to make connections using the Tor network and will therefore be a valuable piece in the privacy-enhancing software toolkit (web: Tor Browser, email: Thunderbird + TorBirdy, chat: Tor Messenger.) Based on the Instantbird IM client, Tor Messenger: - sends all traffic over Tor, - enforces Off-the-Record Messaging (OTR) for one-on-one conversations by default, - can be used with a wide variety of chat networks, - has an easy-to-use graphical user interface localized into multiple languages. * Current Status Today we are releasing the third alpha version with which we hope to gain both usability and security related feedback. There have been two previous alpha releases to the mailling lists that have already helped smooth out some of the rougher edges. * What's New in Tor Messenger 0.0.6 - Support for Windows and OS X builds (in addition to Linux) - Improved privacy and security with network and application-related enhancements - Improved usability of the Instantbird OTR extension - Private key and known fingerprint management - XMPP in-band account registration support - Build localization support (currently Arabic; Chinese, Spanish, Farsi, and other languages coming soon) * Bundles Linux (32-bit): https://people.torproject.org/~sukhbir/tor-messenger-0.0.6/tor-messenger-0.0.6-linux-i686.tar.xz Linux (64-bit): https://people.torproject.org/~sukhbir/tor-messenger-0.0.6/tor-messenger-0.0.6-linux-x86_64.tar.xz Windows: https://people.torproject.org/~sukhbir/tor-messenger-0.0.6/tor-messenger-0.0.6-windows-i686.exe OS X: https://people.torproject.org/~sukhbir/tor-messenger-0.0.6/tor-messenger-0.0.6-osx-x86_64.dmg sha256sum: https://people.torproject.org/~sukhbir/tor-messenger-0.0.6/sha256sums.txt https://people.torproject.org/~sukhbir/tor-messenger-0.0.6/sha256sums.txt.asc The bundles are signed with the key 0xB297B391. * Instructions - On Linux, extract the bundle and then run: ./start-tor-messenger. - On OS X, copy the Tor Messenger application from the disk image to your local disk before running it. On all platforms, Tor Messenger sets the profile folder to the installation directory. * Code We are doing automated builds of Tor Messenger for all platforms using rbm (Reproducible Build Manager): https://gitweb.torproject.org/tor-messenger-build.git * Arabic Language Pack https://people.torproject.org/~sukhbir/tor-messenger-0.0.6/tor-messenger-ar.xpi Install the language pack as an add-on and then set general.useragent.locale to ar. (Thanks to Sherief Alaa for the translation.) * Feedback This is an early release and there may be serious privacy leaks and other issues -- please DO NOT recommend Tor Messenger to end users; this release is only for developers and advanced users who would like to help us with testing but understand the risks involved with using alpha software. With this release, we invite feedback not limited to anonymity leaks, usability issues, feature requests and suggestions for improvement. Please submit your feedback using the bug tracker (bugs.torproject.org; select the Tor Messenger component). You can also talk to us on this mailing list or on IRC. Thanks, Arlo Breault, Nicolas Vigier, Sukhbir Singh signature.asc Description: Digital signature ___ tor-dev mailing list tor-dev@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-dev
[tor-dev] RFC: Tor Messenger Second Alpha
Hi, Tor Messenger is an instant messaging client currently under development. It is designed to make connections using the Tor network and will therefore be a valuable piece in the privacy-enhancing software toolkit (web: Tor Browser, email: Thunderbird + TorBirdy, chat: Tor Messenger.) Based on the Instantbird IM client [0], Tor Messenger: - sends all traffic over Tor, - uses Off-the-Record (OTR) encryption [1] of conversations by default, - can be used with a wide variety of chat networks, - has an easy-to-use graphical user interface localized into multiple languages. Some more information about Tor Messenger (and why we picked Instantbird) can be found on the wiki [2]. * Current Status We have Tor Messenger bundles for Linux (32-bit and 64-bit) with OTR (using ctypes-otr [4]) and Tor support (Tor binary and Tor Launcher included), among other privacy settings. We are doing automated builds of Tor Messenger using rbm [5] (thanks to Nicolas Vigier). @@@ WARNING: NOT READY FOR PUBLIC USE. DO NOT DISTRIBUTE. @@@ * Bundles Linux (32-bit) https://people.torproject.org/~sukhbir/tor-messenger-0.0.5/tor-messenger-0.0.5-linux-i686.tar.xz Linux (64-bit) https://people.torproject.org/~sukhbir/tor-messenger-0.0.5/tor-messenger-0.0.5-linux-x86_64.tar.xz sha256sum https://people.torproject.org/~sukhbir/tor-messenger-0.0.5/sha256sums.txt https://people.torproject.org/~sukhbir/tor-messenger-0.0.5/sha256sums.txt.asc The bundles are signed with the key 0xB297B391. Extract the bundles and then run: ./start-tor-messenger. This is an early release and there may be serious privacy leaks and other issues -- please DO NOT recommend Tor Messenger to end users; this release is only for developers and advanced users who would like to help us with testing but understand the risks involved with using alpha software. DO NOT ignore this warning. Notable changes since the last release include various privacy improvements, OTR UI enhancements and support for authentication via SMP. @@@ WARNING: NOT READY FOR PUBLIC USE. DO NOT DISTRIBUTE. @@@ * Feedback With this release, we invite feedback not limited to anonymity leaks, usability issues, feature requests and suggestions for improvement. Please submit your feedback using the bug tracker [3] (select the Tor Messenger component). You can also talk to us on this mailing list or on IRC. (No seriously, don't use the bundles for any serious communication yet.) [0] - http://instantbird.com/ [1] - https://otr.cypherpunks.ca/ [2] - https://trac.torproject.org/projects/tor/wiki/doc/TorMessenger [3] - https://trac.torproject.org/projects/tor/newticket [4] - https://github.com/arlolra/ctypes-otr [5] - http://rbm.boklm.eu/ Thanks, Arlo Breault and Sukhbir Singh signature.asc Description: Digital signature ___ tor-dev mailing list tor-dev@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-dev
[tor-dev] RFC: Tor Messenger Alpha
Hi, Tor Messenger is an instant messaging client currently under development. It is designed to make connections using the Tor network and will therefore be a valuable piece in the privacy-enhancing software toolkit (web: Tor Browser, email: Thunderbird + TorBirdy, chat: Tor Messenger.) Based on the Instantbird IM client [0], Tor Messenger: - sends all traffic over Tor, - uses Off-the-Record (OTR) encryption [1] of conversations by default, - can be used with a wide variety of chat networks, - has an easy-to-use graphical user interface localized into multiple languages. Some more information about Tor Messenger (and why we picked Instantbird) can be found on the wiki [2]. Current Status We have Tor Messenger bundles for Linux (32-bit and 64-bit) with OTR (using ctypes-otr [4]) and Tor support (Tor binary and Tor Launcher included), among other privacy settings. We are doing automated builds of Tor Messenger using rbm [5] (thanks to Nicolas Vigier). @@@ WARNING: NOT READY FOR PUBLIC USE. DO NOT DISTRIBUTE. @@@ Bundles Linux (32-bit) https://people.torproject.org/~sukhbir/tor-messenger-0.0.4/tor-messenger-0.0.4-linux-i686.tar.xz Linux (64-bit) https://people.torproject.org/~sukhbir/tor-messenger-0.0.4/tor-messenger-0.0.4-linux-x86_64.tar.xz sha256sum https://people.torproject.org/~sukhbir/tor-messenger-0.0.4/sha256sums.txt https://people.torproject.org/~sukhbir/tor-messenger-0.0.4/sha256sums.txt.asc The bundles are signed with my key (Sukhbir Singh; 0xB297B391). Extract the bundles and then run: ./start-tor-messenger. This is an early release and there may be serious privacy leaks and other issues -- please DO NOT recommend Tor Messenger to end users; this release is only for developers and advanced users who would like to help us with testing but understand the risks involved with using alpha software. Do not ignore this warning. We will try to have a monthly release cycle leading up to a stable release by July 2015. @@@ WARNING: NOT READY FOR PUBLIC USE. DO NOT DISTRIBUTE. @@@ Feedback With this release, we invite feedback not limited to anonymity leaks, usability issues, feature requests and suggestions for improvement. Please submit your feedback using the bug tracker [3] (select the Tor Messenger component). You can also talk to us on this mailing list or on IRC. (No seriously, don't use the bundles for any serious communication yet.) [0] - http://instantbird.com/ [1] - https://otr.cypherpunks.ca/ [2] - https://trac.torproject.org/projects/tor/wiki/doc/TorMessenger [3] - https://trac.torproject.org/projects/tor/newticket [4] - https://github.com/arlolra/ctypes-otr [5] - http://rbm.boklm.eu/ Thanks, Arlo Breault and Sukhbir Singh signature.asc Description: Digital signature ___ tor-dev mailing list tor-dev@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-dev
Re: [tor-dev] Distributing TBB and Tails via Torrents
* Chuck Peters: I have been trying to download the new Tails the past week via torrent and the tracker seems to be broken. I know it isn't a good idea to use torrents over tor, but why doesn't torproject.org distribute the TBB, Tails and other tor related software with torrents? We discussed this in the past [0] and Moritz wrote a script [1] that generates the torrent files for the bundles. The only issue was that with a public tracker, it's trivial to find out who is participating in the download, and therefore, who is downloading the bundles. (You can also request bundles from GetTor which is back in operation [2], or using Satori.) [0] - https://bugs.torproject.org/9071 [1] - https://lists.torproject.org/pipermail/tor-talk/2011-March/019809.html [2] - https://blog.torproject.org/blog/say-hi-new-gettor -- Sukhbir ___ tor-dev mailing list tor-dev@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-dev
Re: [tor-dev] Chutney couldn't start Tor instances
Hi, No log files are generated in path/net/nodes/000a, so I don't know what happened. I don't see any conflicts with ports on localhost as far as I can see. Tor version 0.2.4.22 and Python 2.7.5+ are installed. Any ideas? I find it helpful to remove the --quiet switch from lib/chutney/TorNet.py (line 469) so that I can actually see why Tor failed to start. That is the right place to start looking. In your case, it is probably TestingClientDownloadSchedule or TestingServerDownloadSchedule that is causing the issue since I remember something with one of the versions in 0.2.4 (not exactly sure which). Try removing these lines from torrc_templates/client.tmpl, torrc_template/relay.tmpl and then reconfigure the network and then start it. It is either this, or DirServer/DirAuthority but the verbose output will tell you the exact problem (look for err). I have found these issues to be common when using an earlier version because of mismatch between the templates Chuntey is configured to use (recent versions of Tor) versus earlier versions with different options. But the fix is easy -- just update the template and reconfigure the network. -- Sukhbir ___ tor-dev mailing list tor-dev@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-dev
Re: [tor-dev] Finding the catch probability
Hi, Everything you need to know about running experiments on Shadow: https://github.com/shadow/shadow/wiki (Including installation) ___ tor-dev mailing list tor-dev@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-dev
[tor-dev] GetTor Meeting (April 29)
Hi, We will be having our first meeting on revamping GetTor in #tor-dev tomorrow from 20:00 - 20:45 UTC. Israel Leiva is the GSoC student who will be working on improving GetTor over the summer so we are looking for suggestions from the community on how we can improve the bundle distribution. (Sorry for the short notice and duration but everyone's schedule seems to be busy!) -- Sukhbir ___ tor-dev mailing list tor-dev@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-dev
Re: [tor-dev] GetTor Meeting (April 29)
Sorry, just to clarify, the meeting date is: Monday, April 28. 20:00 - 20:45 UTC. ___ tor-dev mailing list tor-dev@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-dev
Re: [tor-dev] Torbirdy
Hi, I've submitted my project proposal on Improving Torbirdy for review on Google Melange as suggested. If you guys can verify the proposal and suggest any modifications that would be great. Ok, thanks. We will continue the discussion on the Melange proposal. -- Sukhbir ___ tor-dev mailing list tor-dev@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-dev
Re: [tor-dev] Torbirdy
Hi, 3. And using extension hooks with explicit calls instead of checking user set configurations flags for removing timestamp data from header. This it's suggested will allow better handling of messages received/sent in the background by Thunderbird. Yes, that's correct. Figuring out how to do this and doing it properly is the only blocker Right, so start with fixing the preference setting system using extension hooks instead of preference flags. Then work with the new preference system on issues #6314, #6315. Finally, verify stability across different MUA's,MTA's for the updated patches, submit the patch request to #902573 #902580 and work with Mozilla for patch request acceptance. Right, that's pretty much about it! Does this process flow sound reasonable ? Should I give a more elaborate write-up on the it for you to proof-read or should I just give you the final project proposal for proof-reading ? Submitting the final project proposal is a good idea so that other mentors can also go through it (whether on Melange, or if you want to make it public, that is up to you.) The only prior experience I have with extension development was on Gnome and it was minimal. But I've started reading up on extension development in Thunderbird and the Torbirdy code. Should be able to run by you a more detailed project proposal soon. Which is OK, but do note as stated in the project description, this project requires good (working?) knowledge of both C++ and JavaScript. We can get into the specifics once you submit the proposal. -- Sukhbir ___ tor-dev mailing list tor-dev@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-dev
Re: [tor-dev] Torbirdy
Hi mujnabed, I wanted to clarify my understanding of the current status of the project. The project requires resolving two issues related to location anonymity weakening due to local timestamp leakage specifically in the MessageID Date header fields. Thanks for your interest in Tor and TorBirdy! From reading issues #6314, #6315 mentioned and the patch requests submitted for bugs #902573 and #902580 at bugzilla.mozilla.org, It seems that the current hold up by Mozilla to accepting the patch request are: 1. Establishing how well Thunderbird other mail clients handle the date not being inserted by the sender in the mail header 2. Finding which MTA/MSA's automatically insert date headers on their own and if most/all don't, finding a workaround to that. Gmai, Mail.com, Gmx, Yandex and the now dead Lavabit had been tested successfully for automatic date header insertion This was the idea when the patches were submitted but in later discussions, we decided that removing the date header completely was not a good idea and would break things, not only in Thunderbird but in other MUAs. Also, convincing Mozilla to get such a patch accepted is likely going to be difficult. The exact specifics can be discussed later, but as mentioned in #902573, this option looks most suitable: Keep the Date header and ensure it is in UTC (eg: allow some clock disclosure but not time zone to network) 3. And using extension hooks with explicit calls instead of checking user set configurations flags for removing timestamp data from header. This it's suggested will allow better handling of messages received/sent in the background by Thunderbird. Yes, that's correct. Figuring out how to do this and doing it properly is the only blocker. We already have code ready for generating random message-IDs (which could also use some work but that is for later) which is called using the preferences system, which is what you are going to be replacing. Let me know if you have any more questions. It would also be helpful to read https://bugzilla.mozilla.org/show_bug.cgi?id=776397, which was the original ticket we submitted. -- Sukhbir ___ tor-dev mailing list tor-dev@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-dev
Re: [tor-dev] Torbirdy - IMAP issue
arkmd has opened a ticket #10309 [https://trac.torproject.org/projects/tor/ticket/10309] for this issue. Let's continue the discussion there. -- Sukhbir ___ tor-dev mailing list tor-dev@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-dev
Re: [tor-dev] Torbirdy - IMAP issue
Hi, Using Thunderbird+Enigmail+Torbirdy. To solve this the user need to manually set the account drafts settings (in Copies Folders) to keep drafts on Local Folders. I think Torbirdy should do it by default. This info should be added to known issues on Torbirdy wiki. (If I recall correctly, this issue was discussed before also but I can't seem to find the thread/ticket.) By default, Enigmail saves an encrypted copy of the message. This is the default setting [1] and I think it also confirms this when it saves an encrypted message for the first time. TorBirdy does not modify this setting so it should be enabled by default for Enigmail. If you did not change this setting but still observed this behavior, please open a bug report [2] with all the relevant information (version of Thunderbird, TorBirdy, Enigmail, etc.) so that I can check this. Come to think of it, perhaps we should disable the automatic save feature altogether (#6337). Suggestions welcome. [1] - https://www.enigmail.net/documentation/userprefs.php (see saveEncrypted) [2] - https://trac.torproject.org/projects/tor/wiki/torbirdy/dev -- Sukhbir ___ tor-dev mailing list tor-dev@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-dev
Re: [tor-dev] About GSOC 2013 Steganography Browser Addon project idea
Hi Hareesan, : Exif.Photo.ImageUniqueID or Exif.Image.DateTime, etc ). If its a fixed location and if the man-in-middle know that location,and if he know Bob's public key (since its public), he could easily get to the message. If MIAB Alice will use Bob's public key to encrypt the message, so the message can be read by Bob and no one else, as only he has the corresponding private key. going to select the location arbitrarily, how it could be transferred to Bob's MIAB client? While MIAB proposes the use of blog pings (see section 3.1.1 of the paper) to distribute the messages and a MIAB client to embed them, our idea for this project is to come up with a similar system, but one that will allow: a). embedding secrets (like in our case, bridge addresses) in a website(s), b). detecting these secrets when a user navigates to them. So, while theoretically what we aim to do is similar to MIAB, the practical implementation will be different and coming up with that design will constitute the main part of your application. -- Sukhbir ___ tor-dev mailing list tor-dev@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-dev