briar issueshttps://code.briarproject.org/briar/briar/-/issues2023-03-15T12:55:10Zhttps://code.briarproject.org/briar/briar/-/issues/1502Restart obfs4proxy if it crashes2023-03-15T12:55:10ZakwizgranRestart obfs4proxy if it crashesIf the obfs4proxy process is killed (e.g. due to low memory), Tor detects that it's died but doesn't restart it. Setting `DisableNetwork` to 1 and then back to 0 causes Tor to restart obfs4proxy.
Log message from Tor when obfs4proxy die...If the obfs4proxy process is killed (e.g. due to low memory), Tor detects that it's died but doesn't restart it. Setting `DisableNetwork` to 1 and then back to 0 causes Tor to restart obfs4proxy.
Log message from Tor when obfs4proxy dies:
```
TorPlugin: WARN The connection to the SOCKS5 proxy server at 127.0.0.1:42125 just failed. Make sure that the proxy server is up and running.
```https://code.briarproject.org/briar/briar/-/issues/1500Check PNGs for exploits before passing them to Android2021-11-04T11:03:44ZakwizgranCheck PNGs for exploits before passing them to AndroidWe need to find out how to detect PNGs that can exploit this vulnerability, so we can avoid passing them to Android:
https://www.zdnet.com/article/opening-this-image-file-grants-hackers-access-to-your-android-phone/
Subtask of #1237.We need to find out how to detect PNGs that can exploit this vulnerability, so we can avoid passing them to Android:
https://www.zdnet.com/article/opening-this-image-file-grants-hackers-access-to-your-android-phone/
Subtask of #1237.Android 1.4https://code.briarproject.org/briar/briar/-/issues/1495Consider network to be disabled when entering doze without being whitelisted2020-11-15T19:17:29ZakwizgranConsider network to be disabled when entering doze without being whitelistedIf the user removes us from the doze whitelist we may lose network connectivity when entering doze.
AndroidNetworkManager should check whether we're whitelisted for doze when entering doze, and if not (which must mean the user removed u...If the user removes us from the doze whitelist we may lose network connectivity when entering doze.
AndroidNetworkManager should check whether we're whitelisted for doze when entering doze, and if not (which must mean the user removed us from the whitelist), it should consider the network to be disabled and broadcast an event so the Tor plugin can disable Tor's network connectivity.https://code.briarproject.org/briar/briar/-/issues/1493Latest message isn't always fully visible after loading conversation2021-11-04T11:03:44ZakwizgranLatest message isn't always fully visible after loading conversationWhen opening a private conversation where the latest message contains multiple images, the bottom of the latest message is sometimes below the viewport, making it necessary to scroll down manually to see the whole message. This can happe...When opening a private conversation where the latest message contains multiple images, the bottom of the latest message is sometimes below the viewport, making it necessary to scroll down manually to see the whole message. This can happen regardless of whether the latest message has any text.
Logging shows that we're eagerly loading the text of the latest message, if it has any, and automatically scrolling to the bottom after adding the text and images to each message, as expected. But for some reason this scrolling doesn't make the whole of the latest message visible.
Steps to reproduce:
* Check out the 1242-display-image-attachments-fake-data branch (commit 54082209)
* Create a test contact with no messages
* Repeatedly send a message to the contact, close and reopen the conversation (fake attachments will be added to the message when the conversation's reopened)
* Once there's more than a screenful of messages and the latest message has multiple images, repeatedly close and reopen the conversation without sending any more messages
* It may take a lot of tries to reproduce the bug
The bug seems to be a race condition. I was able to reproduce it on the Nexus 5X and the Moto G 4G.
Subtask of #1237.Android 1.4https://code.briarproject.org/briar/briar/-/issues/1488Gradle witness pins platform specific dependency2020-11-15T19:21:52ZRonaldGradle witness pins platform specific dependencyNo dependency for integrity assertion 'javax.inject:javax.inject:1:javax.inject-1.jar:91c77044a50c481636c32d916fd89c9118a72195390452c81065080f957de7ff'No dependency for integrity assertion 'javax.inject:javax.inject:1:javax.inject-1.jar:91c77044a50c481636c32d916fd89c9118a72195390452c81065080f957de7ff'https://code.briarproject.org/briar/briar/-/issues/1486UI lifecycle callbacks may be called when not signed in2022-04-19T15:48:27ZakwizgranUI lifecycle callbacks may be called when not signed inIf the user relaunches Briar from the recent apps list, activities may be recreated, started and resumed before `BriarActivity#onResume()` checks whether the user's signed in and launches PasswordActivity.
Usually this only applies to N...If the user relaunches Briar from the recent apps list, activities may be recreated, started and resumed before `BriarActivity#onResume()` checks whether the user's signed in and launches PasswordActivity.
Usually this only applies to NavDrawerActivity, because it's on the top of the stack when the user signs out. But if Briar's killed without signing out, other activities may be on the top of the stack when the user relaunches Briar.
Some of our lifecycle callbacks start operations that could throw exceptions if the user isn't signed in, as in #1482.Android 1.4https://code.briarproject.org/briar/briar/-/issues/1481Show outgoing images differently depending on sent/seen state2022-04-19T11:29:25ZTorsten GroteShow outgoing images differently depending on sent/seen stateWhen the image isn't sent, it is shown blurred.
![Image_Attachment_Contact_Offline](/uploads/ea4a802a719627cc0cacf00c2c381329/Image_Attachment_Contact_Offline.png)
When the contact is online and the message was requested, we might show...When the image isn't sent, it is shown blurred.
![Image_Attachment_Contact_Offline](/uploads/ea4a802a719627cc0cacf00c2c381329/Image_Attachment_Contact_Offline.png)
When the contact is online and the message was requested, we might show progress bar:
![Image_Attachment_Sending](/uploads/9c7c01bb0b27677797b0ee6d40120715/Image_Attachment_Sending.png)
Subtask of #1237.https://code.briarproject.org/briar/briar/-/issues/1474Check for view recycling issues when language is changed2021-02-26T18:39:12ZakwizgranCheck for view recycling issues when language is changedIn a code review discussion (https://code.briarproject.org/briar/briar/merge_requests/997#note_33406) we identified the possibility of views being recycled without being bound to new view holders when the app or system language changes (...In a code review discussion (https://code.briarproject.org/briar/briar/merge_requests/997#note_33406) we identified the possibility of views being recycled without being bound to new view holders when the app or system language changes (especially when it changes from RTL to LTR or vice versa).
This seems to be prevented at the moment because we (always?) clear the adapter when the activity stops, and the language can't be changed without stopping the activity. The issue might become live in the future if we change our adapters, so this ticket exists to remind us to check for the issue if we do that.https://code.briarproject.org/briar/briar/-/issues/1470Message Timestamps not localized for all languages2021-02-09T14:05:03ZJulian DehmMessage Timestamps not localized for all languagesWe are currently using `DateUtils` to create the timestamp strings for messages/posts/statuses. Unfortunately the languages supported by it varies greatly across APIs.
I wrote a test application which dumps the strings for all our lang...We are currently using `DateUtils` to create the timestamp strings for messages/posts/statuses. Unfortunately the languages supported by it varies greatly across APIs.
I wrote a test application which dumps the strings for all our languages (fallback means it's falling back to the system language):
| API | 15 - 16 | 17 - 19 | 21 - 22 | 23 | 24 - 25 | 26 - 28 |
|-----|--------|---|---|---|---|---|
| Failed | br (fallback) <br> eu (fallback) <br> gl (fallback) <br> ms (fallback) <br> oc (fallback) <br> sq (fallback)| br (fallback) <br> eu (fallback) <br> gl (fallback) <br> he (fallback) <br> ms (fallback) <br> oc (fallback) <br> sq (fallback) | ast (fallback) <br>br (fallback) <br>eu (fallback) <br>fa (fallback)<br>gl(fallback)<br>he (fallback)<br>ms (fallback)<br>oc (fallback)<br>sq (fallback)<br> | ast <br> br <br> oc | ast <br> oc | oc |Julian DehmJulian Dehmhttps://code.briarproject.org/briar/briar/-/issues/1465Tor takes longer to start since upgrading to 0.3.42022-06-06T16:02:02ZakwizgranTor takes longer to start since upgrading to 0.3.4Tor 0.3.4.8 takes much longer to start than Tor 0.2.9.16 on the same hardware. The time to start the Tor process and create the auth cookie is pretty much unchanged (3 seconds on the Moto G 4G), but the time between logging "Auth cookie ...Tor 0.3.4.8 takes much longer to start than Tor 0.2.9.16 on the same hardware. The time to start the Tor process and create the auth cookie is pretty much unchanged (3 seconds on the Moto G 4G), but the time between logging "Auth cookie created" and logging "Creating hidden service" has increased (from 4 seconds to 19 on the Moto G 4G).
Results for 5 runs with each version:
|Tor version|Mean (seconds)|Standard deviation|
|---|---|---|
|0.2.9.16|3.9|0.3|
|0.3.4.8|19.0|1.8|https://code.briarproject.org/briar/briar/-/issues/1458Sign-in reminder isn't shown when phone starts2020-11-15T19:35:47ZakwizgranSign-in reminder isn't shown when phone startsA user reported that the sign-in reminder isn't show when their phone starts.
While looking into power management I found that many phones restrict which apps can receive the boot completed broadcast. As with other power management rest...A user reported that the sign-in reminder isn't show when their phone starts.
While looking into power management I found that many phones restrict which apps can receive the boot completed broadcast. As with other power management restrictions, there's sometimes an intent for opening the screen where this is managed:
https://stackoverflow.com/questions/48945300/how-to-open-window-of-autostart-application-for-all-devices/48945679#48945679
https://stackoverflow.com/questions/48166206/how-to-start-power-manager-of-all-android-manufactures-to-enable-background-and#
Related to #1260, #1292.https://code.briarproject.org/briar/briar/-/issues/1457IllegalArgumentException when resuming activity2021-11-04T11:03:44ZakwizgranIllegalArgumentException when resuming activity* Android version: 7.0
* Phone model: Motorola Moto G (5) Plus (potter)
* Briar version: 1.1.1 (9476782)
Stacktrace:
```
java.lang.RuntimeException: Unable to resume activity {org.briarproject.briar.android/org.briarproject.briar.androi...* Android version: 7.0
* Phone model: Motorola Moto G (5) Plus (potter)
* Briar version: 1.1.1 (9476782)
Stacktrace:
```
java.lang.RuntimeException: Unable to resume activity {org.briarproject.briar.android/org.briarproject.briar.android.contact.ConversationActivity}: java.lang.IllegalArgumentException
at android.app.ActivityThread.performResumeActivity(ActivityThread.java:3421)
at android.app.ActivityThread.handleResumeActivity(ActivityThread.java:3461)
at android.app.ActivityThread$H.handleMessage(ActivityThread.java:1523)
at android.os.Handler.dispatchMessage(Handler.java:102)
at android.os.Looper.loop(Looper.java:154)
at android.app.ActivityThread.main(ActivityThread.java:6123)
at java.lang.reflect.Method.invoke(Native Method)
at com.android.internal.os.ZygoteInit$MethodAndArgsCaller.run(ZygoteInit.java:867)
at com.android.internal.os.ZygoteInit.main(ZygoteInit.java:757)
Caused by: java.lang.IllegalArgumentException
at android.os.Parcel.readException(Parcel.java:1687)
at android.os.Parcel.readException(Parcel.java:1636)
at android.app.ActivityManagerProxy.isTopOfTask(ActivityManagerNative.java:5569)
at android.app.Activity.isTopOfTask(Activity.java:5969)
at android.app.Activity.onResume(Activity.java:1256)
at android.support.v4.app.FragmentActivity.onResume(FragmentActivity.java:485)
at org.briarproject.briar.android.activity.BriarActivity.onResume(BriarActivity.java:82)
at android.app.Instrumentation.callActivityOnResume(Instrumentation.java:1291)
at android.app.Activity.performResume(Activity.java:6776)
at android.app.ActivityThread.performResumeActivity(ActivityThread.java:3398)
... 8 more
java.lang.IllegalArgumentException
at android.os.Parcel.readException(Parcel.java:1687)
at android.os.Parcel.readException(Parcel.java:1636)
at android.app.ActivityManagerProxy.isTopOfTask(ActivityManagerNative.java:5569)
at android.app.Activity.isTopOfTask(Activity.java:5969)
at android.app.Activity.onResume(Activity.java:1256)
at android.support.v4.app.FragmentActivity.onResume(FragmentActivity.java:485)
at org.briarproject.briar.android.activity.BriarActivity.onResume(BriarActivity.java:82)
at android.app.Instrumentation.callActivityOnResume(Instrumentation.java:1291)
at android.app.Activity.performResume(Activity.java:6776)
at android.app.ActivityThread.performResumeActivity(ActivityThread.java:3398)
at android.app.ActivityThread.handleResumeActivity(ActivityThread.java:3461)
at android.app.ActivityThread$H.handleMessage(ActivityThread.java:1523)
at android.os.Handler.dispatchMessage(Handler.java:102)
at android.os.Looper.loop(Looper.java:154)
at android.app.ActivityThread.main(ActivityThread.java:6123)
at java.lang.reflect.Method.invoke(Native Method)
at com.android.internal.os.ZygoteInit$MethodAndArgsCaller.run(ZygoteInit.java:867)
at com.android.internal.os.ZygoteInit.main(ZygoteInit.java:757)
```Android 1.4https://code.briarproject.org/briar/briar/-/issues/1448Core API for observing group metadata2020-11-15T19:37:03ZakwizgranCore API for observing group metadataSimilarly to #1447, it would be useful if the core allowed an observer to register an interest in a group's metadata and receive an initial snapshot followed by an ordered series of updates. It should be possible to register multiple obs...Similarly to #1447, it would be useful if the core allowed an observer to register an interest in a group's metadata and receive an initial snapshot followed by an ordered series of updates. It should be possible to register multiple observers that are ordered with respect to each other, or alternatively a single observer that specifies multiple groups to watch. This would make it easier to maintain views like the contact list, which is based on metadata from multiple groups per contact.https://code.briarproject.org/briar/briar/-/issues/1444Show large emoji when no other text is included2020-11-15T19:46:01ZakwizgranShow large emoji when no other text is includedA user asked for emoji to be enlarged when the message contains no other text.A user asked for emoji to be enlarged when the message contains no other text.https://code.briarproject.org/briar/briar/-/issues/1441Expel members from forums2020-11-15T19:47:45ZakwizgranExpel members from forumsA user asked for the ability to expel members from forums.
This is less likely to be feasible than #1440, but I'm recording the request anyway.
Related to #512.A user asked for the ability to expel members from forums.
This is less likely to be feasible than #1440, but I'm recording the request anyway.
Related to #512.https://code.briarproject.org/briar/briar/-/issues/1440Expel members from private groups2021-10-21T15:47:37ZakwizgranExpel members from private groupsA user asked for the ability to expel members from private groups.A user asked for the ability to expel members from private groups.https://code.briarproject.org/briar/briar/-/issues/1439Notification light no longer shows when lockscreen notifications are disabled2020-11-15T19:49:18ZakwizgranNotification light no longer shows when lockscreen notifications are disabled* Android version: 6.0.1
* Phone model: Samsung SM-G900F (kltexx)
* Briar version: 1.1.3 (779d873)
* User feedback: "It was well before the update, ie if I turned off the notification on the lock screen, only the notification LED flashed...* Android version: 6.0.1
* Phone model: Samsung SM-G900F (kltexx)
* Briar version: 1.1.3 (779d873)
* User feedback: "It was well before the update, ie if I turned off the notification on the lock screen, only the notification LED flashed but no one knew because there was no information about where it came from but I knew that I had info from someone. Now how do I turn off I have no information about whether I have a message. Why you removed it?"
Presumably this is related to !925, which was released in version 1.1.2. (If I remember right, 1.1.2 was a beta-only release, so this user may have upgraded from 1.1.1 to 1.1.3, the version reported above.)https://code.briarproject.org/briar/briar/-/issues/1436AndroidLanTcpPlugin not picking up non-wifi connections2020-11-15T19:52:56ZJulian DehmAndroidLanTcpPlugin not picking up non-wifi connectionsWhen running Briar in Anbox the wifi icon never turns green and lan is not working because it's using `eth0` as interface. We currently only check if we are connected via Wi-Fi or run an AP. The plugin should pick up "wired" connections ...When running Briar in Anbox the wifi icon never turns green and lan is not working because it's using `eth0` as interface. We currently only check if we are connected via Wi-Fi or run an AP. The plugin should pick up "wired" connections if there's no wifi access.
> we just need to make sure it doesn't cause other android devices to treat the mobile data interface as a lan interface (it often gets assigned a lan address due to nat).https://code.briarproject.org/briar/briar/-/issues/1431Try not to show languages with unsupported scripts2020-11-15T19:55:56ZakwizgranTry not to show languages with unsupported scriptsThe language selector should try to exclude languages with scripts that aren't supported by the device.
We still want to offer languages that aren't supported by the device, as long as the script is supported (e.g. Occitan, Asturian).
...The language selector should try to exclude languages with scripts that aren't supported by the device.
We still want to offer languages that aren't supported by the device, as long as the script is supported (e.g. Occitan, Asturian).
One possibility would be to have a list of exceptions, containing languages with scripts that are likely to be supported on all devices. Only languages that are supported by the device or included in the list of exceptions should be shown in the language selector.https://code.briarproject.org/briar/briar/-/issues/1430Restrict access to Tor's SOCKS port2023-10-23T14:08:41ZakwizgranRestrict access to Tor's SOCKS portAny process on localhost can connect to the SOCKS port of our Tor process and use it to make connections via Tor. Without having any specific attack in mind, I guess malicious apps running on localhost (which are within our threat model ...Any process on localhost can connect to the SOCKS port of our Tor process and use it to make connections via Tor. Without having any specific attack in mind, I guess malicious apps running on localhost (which are within our threat model on Android) might be able to use this to undermine the user's anonymity.
Tor uses the SOCKS username and password for circuit isolation, so if we wanted to password-protect the SOCKS port we'd have to add a config option to treat the password as a credential, perhaps keeping the username for circuit isolation.
Tor already has password-hashing code for the control port, which we might be able to reuse for the SOCKS port.
If this feature request passes the smell test let's open a ticket upstream.