Re: [Tails-dev] Tor Launcher extension [Was: Mike's March 20…

Delete this message

Reply to this message
Author: Mike Perry
Date:  
To: intrigeri
CC: tails-dev, mcs, brade
New-Topics: Re: [Tails-dev] Tor Launcher extension [Was: Mike's March 2013], Re: [Tails-dev] Tor Launcher extension [Was: Mike's March 2013]
Subject: Re: [Tails-dev] Tor Launcher extension [Was: Mike's March 2013]
Thus spake intrigeri (intrigeri@???):

> Hi Mike and fellow Tails developers,
>
> Mike Perry wrote (02 Apr 2013 02:55:20 GMT) :
> > 5. I helped Pearl Crescent get a bunch of feedback on their Tor Launcher
> > extension at the dev meeting and elsewhere. My current estimation is
> > that shipping some running code in a TBB-alpha is still more important
> > at this point than anything else, given the number of partially
> > conflicting usability parameters involved. If you think otherwise, you
> > should probably email me now before it's too late.
>
> We, at Tails, should evaluate if and how this project would fit our
> needs. Assuming we replace Vidalia with this extension some day, we
> most probably would not want it to launch Tor, but merely control it.
>
> Mike,
>
> 1. Any obvious showstopper, off the top of your head, regarding how
>    the Tor Launcher could be usable for Tails?


I think you guys mostly won't use it. My guess is you'd probably just
set the env vars $TOR_CONTROL_PORT and $TOR_CONTROL_PASSWD to allow New
Identity and simply launch Firefox directly without any form of network
configuration in the browser.

#8511 might cause you problems if you use a $TOR_SOCKS_PORT env var with
a value other than 9151, though. You may want to either add iptables
redirect rule for 9151 or add an additional SocksPort line to your torrc
rather than messing with TBB's socks port env vars for that reason.
Changing the socks port at runtime will cause the issues mentioned in
that bug.

> 2. Will the "control a system-wide Tor instance, that possibly is
>    started or restarted after the Torbrowser" usecase be supported?


Unlikely, unless you provide us with a $TOR_CONTROL_PASSWD env var (or
a COOKIE/SAFECOOKIE auth implementation for Torbutton...)

I also want to allow Vidalia to continue to exist as a standalone
controller package via either COOKIE or SAFECOOKIE auth mechanisms. This
probably means that $TOR_CONTROL_PASSWD will ultimately be deprecated
from Tor Browser. If the privsep properties of SAFECOOKIE appeal to
you, let me know. Otherwise initial versions will likely support only
COOKIE auth at best.

> Starting points to look into this:
>
> * ticket: https://trac.torproject.org/projects/tor/ticket/6009
> * source: https://gitweb.torproject.org/tor-launcher.git


Yep, you're in the right place. See also the tor-launcher remotes.

The plan for Tor Launcher in TBB-alpha is "maximumly minimalist". If
everything works out, you should be able to use Tor Browser without Tor
Launcher at all, but you may have to change/replace the
start-tor-browser script slightly, and/or tweak some env vars before
launching your patched Firefox.

--
Mike Perry