briar issueshttps://code.briarproject.org/groups/briar/-/issues2023-09-29T11:44:31Zhttps://code.briarproject.org/briar/tor-reproducer/-/issues/17Upgrade Tor to 0.4.7.152023-09-29T11:44:31ZakwizgranUpgrade Tor to 0.4.7.15Tor 0.4.7.15 contains a major bugfix for onion services.
https://forum.torproject.org/t/stable-release-0-4-7-15-and-0-4-8-6/9292
> This version contains an important fix for onion service regarding congestion control and its reliabil...Tor 0.4.7.15 contains a major bugfix for onion services.
https://forum.torproject.org/t/stable-release-0-4-7-15-and-0-4-8-6/9292
> This version contains an important fix for onion service regarding congestion control and its reliability. Apart from that, very minor bugfixes. We strongly recommend all onion service operators to update immediately.
>
> Major bugfixes (onion service):
> - Fix a reliability issue where services were expiring their
> introduction points every consensus update. This caused
> connectivity issues for clients caching the old descriptor and
> intro points. Bug reported and fixed by gitlab user
> @hyunsoo.kim676. Fixes bug 40858; bugfix on 0.4.7.5-alpha.akwizgranakwizgranhttps://code.briarproject.org/briar/public-mesh-research/-/issues/22Write report2023-09-12T12:22:53ZSebastianWrite reporthttps://code.briarproject.org/briar/briar/-/issues/2387Add links to manual, quick start guide and FAQ from Google Play2023-08-28T16:11:48ZakwizgranAdd links to manual, quick start guide and FAQ from Google PlaySponsor 6 usability improvementshttps://code.briarproject.org/briar/briar/-/issues/2388Add links to manual, quick start guide, FAQ and privacy policy from GitHub2023-08-28T16:11:24ZakwizgranAdd links to manual, quick start guide, FAQ and privacy policy from GitHubSponsor 6 usability improvementshttps://code.briarproject.org/briar/public-mesh-research/-/issues/19Investigate whether Android devices can connect via internet when no internet...2023-08-28T16:02:46ZakwizgranInvestigate whether Android devices can connect via internet when no internet access is detectedDuring a partial internet shutdown where a national network is disconnected from the internet but routing still works within the national network, Android devices may report that they don't have internet access because they can't fetch t...During a partial internet shutdown where a national network is disconnected from the internet but routing still works within the national network, Android devices may report that they don't have internet access because they can't fetch the URL that's used for detecting internet access (see https://stackoverflow.com/questions/33431931/how-does-android-know-if-the-wifi-connection-has-internet-access-or-not/39475588#39475588).
In this situation it would be useful to know whether an app can still route traffic to addresses on the national network. We might be able to simulate this situation by blocking access to the captive portal detection URL and perhaps also blocking DNS.Public mesh researchSebastianSebastianhttps://code.briarproject.org/briar/briar/-/issues/2266Check for API/behaviour changes in Android 13 that could affect Briar2023-07-03T11:21:13ZTorsten GroteCheck for API/behaviour changes in Android 13 that could affect Briar* https://developer.android.com/about/versions/13/behavior-changes-13
* https://blog.esper.io/android-13-deep-dive/
* https://commonsware.com/blog/2022/02/12/random-musings-android-13-dp1.html
* https://commonsware.com/blog/2022/03/19/ra...* https://developer.android.com/about/versions/13/behavior-changes-13
* https://blog.esper.io/android-13-deep-dive/
* https://commonsware.com/blog/2022/02/12/random-musings-android-13-dp1.html
* https://commonsware.com/blog/2022/03/19/random-musings-android-13-dp2.html
Changes that may affect us:
* [Low power standby](https://developer.android.com/reference/android/os/PowerManager.html#isLowPowerStandbyEnabled()) is a new power saving mode (apparently distinct from doze, light doze and power save mode) in which apps with foreground services lose network access and their wake locks are ignored. It's not clear whether doze exemption affects this mode. We should look for ADB commands that can be used to test this mode
* [Light idle mode](https://developer.android.com/reference/android/os/PowerManager#isDeviceLightIdleMode()) has also been added to the PowerManager API, although this may just be exposing the "light doze" mode that was [added in Android 7](https://developer.android.com/about/versions/nougat/android-7.0-changes#doze)
* [Apps are placed in the "restricted" app standby bucket](https://developer.android.com/about/versions/13/changes/battery#restricted-bucket) if they "drain a significant amount of device battery during a 24-hour period". This is likely to apply to Briar and Briar Mailbox. Apps are also placed in the "restricted" bucket if the user doesn't interact with them for 8 days. This is very likely to apply to Briar Mailbox and may also apply to Briar. Running a foreground service isn't enough to meet definition of "interaction" being used here. The [docs for app standby buckets](https://developer.android.com/topic/performance/appstandby#buckets) say "Apps that are on the Doze exemption list are exempted from the App Standby Bucket-based restrictions." We should test whether this remains true for the new restrictions. We should also add code to [log which bucket we're in](https://developer.android.com/reference/android/app/usage/UsageStatsManager#getAppStandbyBucket()) periodically
* [Apps need to ask permission to show notifications](https://developer.android.com/about/versions/13/changes/notification-permission) - if the app doesn't target API 33 then the permission prompt will be shown automatically when the notification channels are created, which in Briar's case happens after signing in
* The new [foreground services task manager](https://developer.android.com/about/versions/13/changes/fgs-manager) enables the user to stop foreground services. Stopping an app in this way is [roughly equivalent](https://developer.android.com/about/versions/13/changes/fgs-manager#compare-swipe-up-force-stop) to force-stopping the app, but just different enough to make sure we'll have to test both workflows. Related to #2010
* [New rules for intent filters](https://developer.android.com/about/versions/13/behavior-changes-13#security) could affect our use of intents to open other apps (such as manufacturer-specific power management apps). These rules apply if the app receiving the intent targets API 33 or higher, so it could take a while for any effects to be noticeable
Article: https://medium.com/androiddevelopers/making-sense-of-intent-filters-in-android-13-8f6656903dde
* We should check whether the [`RECEIVER_NOT_EXPORTED`](https://developer.android.com/reference/android/content/Context.html#RECEIVER_NOT_EXPORTED) flag is relevant to us (all our BroadcastReceivers are used for receiving system broadcasts)
* [`NEARBY_WIFI_DEVICES`](https://developer.android.com/reference/android/Manifest.permission#NEARBY_WIFI_DEVICES) permission - this replaces `ACCESS_FINE_LOCATION` for some wifi APIs. We should use the new permission and find out whether location services still need to be enabled for these APIs to work
* If the user places an app in the "restricted" state for background battery usage (which AFAICT is [unrelated](https://developer.android.com/topic/performance/power/power-details) to the "restricted" app standby bucket) then the app [can't run foreground services, schedule alarms or run jobs](https://developer.android.com/about/versions/13/changes/battery#restricted-background-battery-usage). If the app targets API 33 then it can't receive `ACTION_BOOT_COMPLETED` broadcasts either, which we use for the sign-in reminder
* [System notification for long-running foreground services](https://developer.android.com/about/versions/13/changes/battery#system-notification-long-running-fgs) ("APP is running in the background for a long time. Tap to review") - as CommonsWare says, the obvious response from developers is to add `FOREGROUND_SERVICE_TYPE_MEDIA_PLAYBACK` or `FOREGROUND_SERVICE_TYPE_LOCATION`, and the obvious response from Google is to restrict those flags in the next update
* [System notification for excessive background battery usage](https://developer.android.com/about/versions/13/changes/battery#system-notification-battery-usage) - the docs say this notification will be shown after our foreground service finishes, ie after the user signs out, which may cause confusion
* I'm sure [TARE](https://blog.esper.io/android-13-deep-dive/#tare) will produce great value for users and won't just be the equivalent of adding a dice roll to every attempt to queue a job or schedule an alarm. We should keep it in mind when debugging alarm issues
* [Apps can release unused permissions](https://developer.android.com/about/versions/13/features#developer-downgradable-permissions) - this looks useful for privacy-conscious users but some care will be needed to integrate this into our app lifecycle, as the system kills the app asynchronously at some point after the API is called
* There's a [new AndroidX API for implementing in-app language pickers](https://developer.android.com/about/versions/13/features/app-languages#api-impl), which is great. The user can also pick a per-app language [through the system settings app](https://developer.android.com/about/versions/13/features/app-languages#app-language-settings), in which case "The list of available languages might not reflect the languages that your app supports". This will need testing
* There's a new API for [opting out of screenshots in the recent apps list](https://developer.android.com/reference/android/app/Activity.html#setRecentsScreenshotEnabled(boolean)) without preventing the user from taking screenshots. This may be useful if it doesn't open some other horrendous information leak
* [SystemClock#currentNetworkTimeClock()](https://developer.android.com/reference/android/os/SystemClock.html#currentNetworkTimeClock()) may be useful for diagnosing whether clock sync issues are due to misconfiguration or [NTP tampering](https://gitlab.torproject.org/tpo/core/tor/-/issues/26359)
* Apps with the `ACCESS_FINE_LOCATION` permission are [exempt from most of the power management changes in Android 13](https://developer.android.com/about/versions/13/changes/battery#exemptions), as are media players that are actively playing media. Perhaps Google thinks media players and navigation apps (or exercise trackers?) should be allowed to run in the background, which would be consistent with the apparent intent of previous loopholesTorsten GroteTorsten Grotehttps://code.briarproject.org/briar/briar/-/issues/2156Upgrade OkHttp to 3.14.x2023-06-19T14:02:33ZakwizgranUpgrade OkHttp to 3.14.xhttps://square.github.io/okhttp/changelog_3x/#version-3130
OkHttp 3.12.x will receive critical bug fixes until the end of 2021. Newer versions drop support for Android 4, so when we upgrade we'll either need to drop support for Android ...https://square.github.io/okhttp/changelog_3x/#version-3130
OkHttp 3.12.x will receive critical bug fixes until the end of 2021. Newer versions drop support for Android 4, so when we upgrade we'll either need to drop support for Android 4 or restrict features that use HTTP (RSS feeds, mailbox) to Android 5+.
According to Google Play, 0.5% of devices running Briar use Android 4.
Depends on #2221.MailboxTorsten GroteTorsten Grotehttps://code.briarproject.org/briar/briar-mailbox/-/issues/169Add Briar Mailbox to our F-Droid repo2023-05-16T12:36:47ZakwizgranAdd Briar Mailbox to our F-Droid repoMailbox: Releaseakwizgranakwizgranhttps://code.briarproject.org/briar/briar-mailbox/-/issues/170Add Briar Mailbox to Google Play2023-05-16T12:36:27ZakwizgranAdd Briar Mailbox to Google PlayClosed testing initially, then open testing, then production.Closed testing initially, then open testing, then production.Mailbox: Releaseakwizgranakwizgranhttps://code.briarproject.org/briar/briar-mailbox/-/issues/132Check that system clock is reasonable when starting2023-05-16T12:36:04ZakwizgranCheck that system clock is reasonable when startingThe lifecycle manager should check that the system's clock is reasonable (eg between 1 Jan 2022 and 1 Jan 2122) and return a startup error if not.The lifecycle manager should check that the system's clock is reasonable (eg between 1 Jan 2022 and 1 Jan 2122) and return a startup error if not.Mailbox: Manage app lifecycleIvanaIvanahttps://code.briarproject.org/briar/briar/-/issues/2402Check that text in Briar's mailbox connection troubleshooter matches text in ...2023-04-24T13:05:32ZakwizgranCheck that text in Briar's mailbox connection troubleshooter matches text in Mailbox appMailbox: Releaseakwizgranakwizgranhttps://code.briarproject.org/briar/briar-mailbox/-/issues/185Add Gradle task for verifying translations2023-04-20T09:36:48ZakwizgranAdd Gradle task for verifying translationsAdd a Gradle task for verifying the translations, similar to the one we have for Briar.Add a Gradle task for verifying the translations, similar to the one we have for Briar.Mailbox: ReleaseTorsten GroteTorsten Grotehttps://code.briarproject.org/briar/briar-mailbox/-/issues/186Add support for Snowflake2023-03-29T13:41:38ZakwizgranAdd support for SnowflakeTorsten GroteTorsten Grotehttps://code.briarproject.org/briar/briar-mailbox/-/issues/171Reproducible builds2023-02-17T14:02:59ZakwizgranReproducible buildsBuild the mailbox app reproducibly, perhaps by modifying briar-reproducer. Set up CI hooks so that a reproducible build is triggered when a tag is pushed.Build the mailbox app reproducibly, perhaps by modifying briar-reproducer. Set up CI hooks so that a reproducible build is triggered when a tag is pushed.Torsten GroteTorsten Grotehttps://code.briarproject.org/briar/briar-mailbox/-/issues/184Add Mailbox strings to Transifex2023-02-07T13:24:02ZakwizgranAdd Mailbox strings to TransifexMailbox: ReleaseTorsten GroteTorsten Grotehttps://code.briarproject.org/briar/briar/-/issues/2395Check for Bluetooth timeout setting on stock Android 132023-02-01T14:36:46ZakwizgranCheck for Bluetooth timeout setting on stock Android 13CalyxOS 4.3.0 (based on Android 13) has a "Bluetooth timeout" setting that automatically turns off Bluetooth if no devices are connected for a configurable amount of time (the timeout can also be disabled). This setting could prevent Bri...CalyxOS 4.3.0 (based on Android 13) has a "Bluetooth timeout" setting that automatically turns off Bluetooth if no devices are connected for a configurable amount of time (the timeout can also be disabled). This setting could prevent Briar from connecting to contacts via Bluetooth if the timeout period elapsed with no contact connections.
We should check whether this setting exists upstream (stock Android 13) and whether a timeout is enabled by default.https://code.briarproject.org/briar/briar/-/issues/1854Provide Tor/obfsproxy arm binaries for Linux2023-01-25T11:44:13ZNicoProvide Tor/obfsproxy arm binaries for Linux_Let's properly document all the ARM binary stuff for Briar Headless._
Briar Headless currently only includes binaries for `linux-x86_64`. While Briar Android works on ARM, we need a special binary for (plain) Linux systems and [enable ..._Let's properly document all the ARM binary stuff for Briar Headless._
Briar Headless currently only includes binaries for `linux-x86_64`. While Briar Android works on ARM, we need a special binary for (plain) Linux systems and [enable them in code](https://code.briarproject.org/briar/briar/-/blob/8d735b30237aaf8212bb42d37783134a56d6e9b6/bramble-java/src/main/java/org/briarproject/bramble/plugin/tor/UnixTorPluginFactory.java#L99).
Here is a table with required flags for specified target devices:
| command | `-march=` | other flags | target devices |
| ------ | ------ | ------ | ------ |
| `arm-linux-gnueabi-gcc` | `armv6` | `-marm` | Raspberry Pi Model B Rev 2 |
| `arm-linux-gnueabi-gcc` | `armv6zk` | `-marm` | Raspberry Pi Model B Rev 2 |
| `arm-linux-gnueabi-gcc` | `armv6zk+fp` | `-marm` | Raspberry Pi Model B Rev 2 |
| `arm-linux-gnueabihf-gcc` | `armv7-a+fp` | `-mmusl` | Google Nexus 5 (postmarketOS) |
| `arm-linux-gnueabihf-gcc` | `armv7ve+simd` | `-marm` | Raspberry Pi 2 Model B (not tested) |
| `arm-linux-gnueabihf-gcc` | unknown | unknown | Raspberry Pi Model 3 (not tested) |
| `aarch64-linux-gnu-gcc` | `armv8-a+crc+simd` | `-marm` | Raspberry Pi 4 Model B (not tested) |
| `aarch64-linux-gnu-gcc` | `armv8-a+crypto+crc` | - | Purism Librem 5 (not tested) |
To add information on another device, the following commands are helpful:
```bash
cat /proc/cpuinfo
gcc -c -Q -march=native --help=target
gcc -v
```
Python also gives interesting information (enter these commands after starting `python3`; you can exit with ctrl + d):
```python
import platform
platform.architecture()
platform.machine()
```
For detecting your device properly, we depend on Java to tell us which is it:
```java
public class Arch {
public static void main(String[] args) {
System.out.println(System.getProperty("os.arch"));
}
}
```
Please compile it with `javac Arch.java` and post the output of `java Arch`.
Once you have that information, feel free to post the output to this issues. Your work will help getting Briar run on your device.
You can further help by trying to do a test compile. Using the following `briar.c`...
```c
#include <stdio.h>
int main() {
float a = 3.33 + 6.66;
printf("Briar rocks, %f!", a);
return 0;
}
```
...you can compile the program using e.g. `arm-linux-gnueabi-gcc test.c -o test.out -march=armv6zk+fp -marm`. Under Debian, there are `gcc-arm-linux-gnueabihf` and `gcc-arm-linux-gnueabi` available as cross-compilers. Please compile the program on your desktop device using the right compiler flags, copy the _test.out_ binary to your target device and try to execute it there. If it works, you can additionally provide the exact compile command that worked for you.NicoNicohttps://code.briarproject.org/briar/briar-mailbox/-/issues/166Investigate if in-progress uploads will be listed and are available for download2023-01-24T10:32:37ZTorsten GroteInvestigate if in-progress uploads will be listed and are available for downloadSee https://code.briarproject.org/briar/briar/-/merge_requests/1725#note_72023See https://code.briarproject.org/briar/briar/-/merge_requests/1725#note_72023Torsten GroteTorsten Grotehttps://code.briarproject.org/briar/briar/-/issues/2316Usability testing for Mailbox app2023-01-19T13:03:49ZakwizgranUsability testing for Mailbox appAfter setup and pairing (#2315), test that users understand the information provided on the Mailbox app's status screen, are aware that the Mailbox device needs to remain connected to power and internet, and can understand and use the st...After setup and pairing (#2315), test that users understand the information provided on the Mailbox app's status screen, are aware that the Mailbox device needs to remain connected to power and internet, and can understand and use the stop, restart and unlink actions.Mailbox: Usability testinghttps://code.briarproject.org/briar/public-mesh-research/-/issues/21Initial investigations: Bluetooth Mesh2022-12-16T13:08:29ZakwizgranInitial investigations: Bluetooth MeshInvestigate whether the Bluetooth Mesh standard could be useful.
https://www.bluetooth.com/wp-content/uploads/2019/03/Mesh-Technology-Overview.pdf
https://www.bluetooth.com/bluetooth-resources/controlling-bluetooth-mesh-networks-with-a...Investigate whether the Bluetooth Mesh standard could be useful.
https://www.bluetooth.com/wp-content/uploads/2019/03/Mesh-Technology-Overview.pdf
https://www.bluetooth.com/bluetooth-resources/controlling-bluetooth-mesh-networks-with-android-applications/Public mesh research