briar issueshttps://code.briarproject.org/briar/briar/-/issues2020-11-18T21:47:03Zhttps://code.briarproject.org/briar/briar/-/issues/1266Use OONI data to identify locations where Tor bridges should be used2020-11-18T21:47:03ZakwizgranUse OONI data to identify locations where Tor bridges should be usedThis should be done in a scriptable way so the list can be updated regularly.
Subtask of #647.This should be done in a scriptable way so the list can be updated regularly.
Subtask of #647.https://code.briarproject.org/briar/briar/-/issues/1205Check that registration methods aren't called after startup2020-11-18T22:30:29ZakwizgranCheck that registration methods aren't called after startupVarious registration methods are meant to be called at injection time, before `LifecycleManager#startServices()` is called. Add checks to ensure they aren't called later in the lifecycle (e.g. due to a singleton being created lazily).Various registration methods are meant to be called at injection time, before `LifecycleManager#startServices()` is called. Add checks to ensure they aren't called later in the lifecycle (e.g. due to a singleton being created lazily).https://code.briarproject.org/briar/briar/-/issues/1183Key manager blocks startup by holding DB lock2020-11-18T22:40:15ZakwizgranKey manager blocks startup by holding DB lock`KeyManagerImpl#startService()` uses a read-write transaction to load contacts, store transports, and start key rotation. When there are many contacts this transaction can hold the DB lock for several seconds, preventing the contact list...`KeyManagerImpl#startService()` uses a read-write transaction to load contacts, store transports, and start key rotation. When there are many contacts this transaction can hold the DB lock for several seconds, preventing the contact list from being loaded.
Move the transaction off the critical path, and if possible break it up into smaller transactions.https://code.briarproject.org/briar/briar/-/issues/1179Handshake protocol2020-11-18T22:39:28ZakwizgranHandshake protocolTo enable account backups (#110) and simplify the introduction protocol (#474) it would be useful to have a way of bootstrapping from static keys, suitable for storing in a backup or exchanging in an introduction, to forward secret trans...To enable account backups (#110) and simplify the introduction protocol (#474) it would be useful to have a way of bootstrapping from static keys, suitable for storing in a backup or exchanging in an introduction, to forward secret transport keys.https://code.briarproject.org/briar/briar/-/issues/1158FLAG_SECURE not applying to settings dialogs (when Chromecasted)2020-11-19T04:35:35ZakwizgranFLAG_SECURE not applying to settings dialogs (when Chromecasted)User feedback: "Setting popups are still seen in mirrored screen, the rest is black but the popup where you can select 1 of the 2 options is still mirrored."User feedback: "Setting popups are still seen in mirrored screen, the rest is black but the popup where you can select 1 of the 2 options is still mirrored."https://code.briarproject.org/briar/briar/-/issues/1147Support Bluetooth discovery for adding contacts2022-01-26T13:50:35ZakwizgranSupport Bluetooth discovery for adding contactsThe local Bluetooth address is no longer available on the Nexus 5X running Android 8.1. `BluetoothAdapter#getAddress()` returns the fake address 02:00:00:00:00:00, and `Settings.Secure.getString(ctx, "bluetooth_address")` returns null.
...The local Bluetooth address is no longer available on the Nexus 5X running Android 8.1. `BluetoothAdapter#getAddress()` returns the fake address 02:00:00:00:00:00, and `Settings.Secure.getString(ctx, "bluetooth_address")` returns null.
This means we can no longer include our Bluetooth address in the QR code when adding a contact. Instead we'll need to make the device temporarily discoverable, and indicate in the QR code that the contact should use discovery to find us. The contact will need the ACCESS_COARSE_LOCATION permission for discovery.
The contact will need to store our Bluetooth address for future connection attempts. We don't currently have a way for plugins to store local per-contact information, but we can add one.https://code.briarproject.org/briar/briar/-/issues/1003RSS feeds served by Cloudflare fail to import due to captcha page2021-11-24T17:04:00ZakwizgranRSS feeds served by Cloudflare fail to import due to captcha pageA user reported that the following feed fails to import: https://blog.fefe.de/rss.xml
A quick test confirms that there's no error message, but no posts appear. The RSS feed appears in the list of feeds, with the expected title. Maybe th...A user reported that the following feed fails to import: https://blog.fefe.de/rss.xml
A quick test confirms that there's no error message, but no posts appear. The RSS feed appears in the list of feeds, with the expected title. Maybe there's an issue with parsing the feed? The items have no dates.
(Note: The issue of feeds without dates has been moved to #1708.)https://code.briarproject.org/briar/briar/-/issues/944WiFi Transport layer dead when device has been offline for long2020-11-19T15:20:50ZErnir ErlingssonWiFi Transport layer dead when device has been offline for longBriar was running for two days in flight mode but failed to connect when device internet connectivity was restored per WiFi. I failed to check other transports due to a crash ~~that I'm still investigating, it might be that Briar's stabi...Briar was running for two days in flight mode but failed to connect when device internet connectivity was restored per WiFi. I failed to check other transports due to a crash ~~that I'm still investigating, it might be that Briar's stability was compromised.~~
Edit: Unrelated crash due to an error in my save/restore branchhttps://code.briarproject.org/briar/briar/-/issues/922Emoji in forum and group names2020-11-19T15:24:18ZakwizgranEmoji in forum and group namesA tester asked to be able to use emoji in forum and group names. (This is possible with an emoji keyboard, but not otherwise.)A tester asked to be able to use emoji in forum and group names. (This is possible with an emoji keyboard, but not otherwise.)https://code.briarproject.org/briar/briar/-/issues/901Improve key binding in contact exchange protocol2020-11-19T15:35:33ZakwizgranImprove key binding in contact exchange protocolThe contact exchange protocol provides the following guarantees:
* Each party knows that the ephemeral and identity public keys she received are owned by the other party
* Each party knows that the ephemeral and identity public keys she ...The contact exchange protocol provides the following guarantees:
* Each party knows that the ephemeral and identity public keys she received are owned by the other party
* Each party knows that the ephemeral and identity public keys she received were used by the other party in the same run of the protocol - in other words it binds each party's ephemeral key pair to the same party's identity key pair and vice versa
* Each party knows that the ephemeral public key she received was used by the other party in the current run of the protocol - in other words it binds the parties' ephemeral key pairs to each other
To achieve this, each party uses her identity key pair to sign a nonce derived from the ephemeral shared secret, and authenticates the signed nonce using a symmetric key derived from the ephemeral shared secret.
Each party knows that the nonce she received is fresh, as it depends on her own ephemeral key pair, so the nonce itself proves that the other party owns the ephemeral public key received by the first party, while the signature proves that the other party owns the identity public key received by the first party.
The nonce is unique to this combination of ephemeral key pairs, so the signature represents a claim by the owner of the received identity public key that she took part in a protocol run involving both ephemeral key pairs. Authenticating the signed nonce with a symmetric key derived from the ephemeral shared secret represents a claim by the owner of the received ephemeral public keys that she took part in a protocol run involving both ephemeral key pairs and the identity key pair.
As far as I can tell, this construction is secure and achieves what we need, but it's unnecessarily convoluted. The binding and proof of ownership that's achieved by signing nonces could be achieved more straightforwardly by signing public keys:
* Each party signs both parties' ephemeral public keys and timestamps using her identity key pair
* Each party authenticates both parties' identity public keys, ephemeral public keys and timestamps, using a symmetric key derived from the ephemeral shared secret
If we're not concerned with deniability, each party can sign both parties' identity public keys, ephemeral public keys and timestamps. But as far as I can see, we get all the assurance we need without doing this.
Related to #902.https://code.briarproject.org/briar/briar/-/issues/873Blogs: Reloading when changing orientation2020-11-19T15:55:20ZMegaloxBlogs: Reloading when changing orientationThe blog seems to reload (blank screen and spinner) when the user changes from portarait to landscape mode. Is this intentional?The blog seems to reload (blank screen and spinner) when the user changes from portarait to landscape mode. Is this intentional?https://code.briarproject.org/briar/briar/-/issues/862Blogs: Scrolling with low performance2020-11-19T16:07:38ZMegaloxBlogs: Scrolling with low performanceOne tester scrolled the blog up and down and it wasn't really smooth. @ernir suspected the emojis to be responsible for this.One tester scrolled the blog up and down and it wasn't really smooth. @ernir suspected the emojis to be responsible for this.https://code.briarproject.org/briar/briar/-/issues/834Optionally sign out when battery is low or power saving mode is enabled2021-10-27T14:09:40ZakwizgranOptionally sign out when battery is low or power saving mode is enabledListen for power manager events (ACTION_BATTERY_LOW, ACTION_POWER_SAVE_MODE_CHANGED) and [manufacturer-specific events](http://stackoverflow.com/a/25103642) and optionally sign out if the battery is low or power saving mode is enabled an...Listen for power manager events (ACTION_BATTERY_LOW, ACTION_POWER_SAVE_MODE_CHANGED) and [manufacturer-specific events](http://stackoverflow.com/a/25103642) and optionally sign out if the battery is low or power saving mode is enabled and the user's not currently interacting with Briar.https://code.briarproject.org/briar/briar/-/issues/827Transition from private conversation back to contact list affects wrong item2020-11-21T12:39:38ZakwizgranTransition from private conversation back to contact list affects wrong itemI ran into a couple of problems while testing the transition between the contact list and the private conversation. Reproducing them requires API 23 as the transition is disabled on older versions.
The first problem occurs when the cont...I ran into a couple of problems while testing the transition between the contact list and the private conversation. Reproducing them requires API 23 as the transition is disabled on older versions.
The first problem occurs when the contact moves to a new position in the list while the private conversation is open. This can happen if you select any contact except the one at the top of the list, send a message, and return to the contact list. The contact will now be at the top of the list. The problem is that the reverse transition moves the avatar from the toolbar to the contact's old position in the list, which is now occupied by a different contact.
The second problem occurs when you remove the contact, which automatically returns you to the contact list. The transition moves the avatar from the toolbar to the contact's old position in the list, which may now be occupied by a different contact or may be empty.https://code.briarproject.org/briar/briar/-/issues/780Temporarily leaked Activities on orientation changes2021-04-26T14:01:29ZErnir ErlingssonTemporarily leaked Activities on orientation changesWhile working on #725, I noticed something: we're leaking Activities temporarily.
We are using anonymous inner classes as callbacks for asynchronous tasks, during their execution it's possible that an orientation change occurs that des...While working on #725, I noticed something: we're leaking Activities temporarily.
We are using anonymous inner classes as callbacks for asynchronous tasks, during their execution it's possible that an orientation change occurs that destroys the old Activity/Fragment. The task stores a reference to the callback, and therefore implicitly to the Activity. This means that the initial Activity will be kept alive until the task finishes execution. Multiple orientation changes will might result in multiple Activities being temporarily leaked, although !415 relieves some of that by ensuring there is only one leaked Activity maximum.
Not sure what the best course of action here is, we could try to handle the orientation changes ourselves which re-uses the initial Activity but will require careful programming.
https://developer.android.com/guide/topics/resources/runtime-changes.html#HandlingTheChangehttps://code.briarproject.org/briar/briar/-/issues/775The LanTcpPlugin tries to create a KeyAgreementListener even if Wifi/mobile d...2020-11-21T16:20:28ZJulian DehmThe LanTcpPlugin tries to create a KeyAgreementListener even if Wifi/mobile data is disabledWhen adding a contact with only bluetooth enabled the LanTcpPlugin tries to bind a serversocket, which seems like a useless effort to me.
`org.briarproject I/LanTcpPlugin: Could not bind server socket for key agreement`
Maybe there sh...When adding a contact with only bluetooth enabled the LanTcpPlugin tries to bind a serversocket, which seems like a useless effort to me.
`org.briarproject I/LanTcpPlugin: Could not bind server socket for key agreement`
Maybe there should be a check if Wifi is enabled before attempting to open a socket.https://code.briarproject.org/briar/briar/-/issues/753Listener interfaces have mixed responsibilities2021-01-20T12:34:20ZakwizgranListener interfaces have mixed responsibilitiesThe UI makes heavy use of listener interfaces that inherit from either DestroyableContext or BaseFragmentListener. These are used for various purposes:
* Callbacks from a controller to the UI (e.g. `TransportStateListener#stateUpdate()`...The UI makes heavy use of listener interfaces that inherit from either DestroyableContext or BaseFragmentListener. These are used for various purposes:
* Callbacks from a controller to the UI (e.g. `TransportStateListener#stateUpdate()`)
* Injecting dependencies into fragments (`BaseFragmentListener#getActivityComponent()`)
* Manipulating other parts of the UI (e.g. `CreateGroupListener#showSoftKeyboard()`)
* Running tasks (`DestroyableContext#runOnUiThreadUnlessDestroyed()`, `BaseFragmentListener#runOnDbThread()` (deprecated))
These different purposes would ideally be separated into different interfaces. Maybe it would clarify things if communication from controllers back to the UI used the "listener" name and communication between fragments and their activities used some other name.
Listeners are usually provided by casting an Activity or Context (passed to `ActivityLifecycleController#onActivityCreate()` or `Fragment#onAttach()`) to an arbitrary listener interface. This is a bit of a hack - it would be nice if we could provide listeners in a type-safe way, for example by injection.
Related to #752.https://code.briarproject.org/briar/briar/-/issues/725Result handlers may not return results if the screen is rotated2020-11-21T16:36:20ZakwizgranResult handlers may not return results if the screen is rotatedThis issue came to mind while reviewing !354 - `SetupActivity#onClick()` uses the onResultUi() method of a UiResultHandler to start the next activity. If the screen's rotated before the handler returns, the original activity will be dest...This issue came to mind while reviewing !354 - `SetupActivity#onClick()` uses the onResultUi() method of a UiResultHandler to start the next activity. If the screen's rotated before the handler returns, the original activity will be destroyed, so the handler will never call onResultUi(). The outcome, as far as I can see, will be a progress wheel that spins forever.
Similar problems may exist elsewhere. Most of the time we use ResultHandlers to update the state of the current activity or fragment, and we reload everything if the activity or fragment's recreated, so it doesn't matter if results are lost during rotation. But there may be some places like this one where we depend on the result being returned.https://code.briarproject.org/briar/briar/-/issues/716Warn when entered text is too long2020-11-21T16:38:26ZakwizgranWarn when entered text is too longWe do this for forum posts, we should also do it for:
* Private messages
* Introduction messages
* Invitation messages
* Blog posts
* Blog commentsWe do this for forum posts, we should also do it for:
* Private messages
* Introduction messages
* Invitation messages
* Blog posts
* Blog commentshttps://code.briarproject.org/briar/briar/-/issues/689Line breaks entered in blog posts aren't displayed2022-11-23T14:44:51ZakwizgranLine breaks entered in blog posts aren't displayedWhen writing a blog post, I can use the enter key to create line breaks that are shown in the composition window. But they aren't shown when the blog post appears in the feed (presumably because it's rendered as HTML).When writing a blog post, I can use the enter key to create line breaks that are shown in the composition window. But they aren't shown when the blog post appears in the feed (presumably because it's rendered as HTML).