briar issueshttps://code.briarproject.org/groups/briar/-/issues2021-02-17T19:06:53Zhttps://code.briarproject.org/briar/briar/-/issues/86Explain the app's privacy properties2021-02-17T19:06:53ZakwizgranExplain the app's privacy propertiesA user asked for a screen to be shown when the app was first run, explaining what privacy properties the app could and couldn't provide.A user asked for a screen to be shown when the app was first run, explaining what privacy properties the app could and couldn't provide.CleopatraCleopatrahttps://code.briarproject.org/briar/briar/-/issues/85Edit or delete forum and blog posts2021-10-26T10:35:44ZakwizgranEdit or delete forum and blog postsUsers asked for the ability to edit or delete forum posts after posting them.
The group discussed the censorship implications and the inability to force every subscriber to edit or delete their copy of the post. It was suggested that a ...Users asked for the ability to edit or delete forum posts after posting them.
The group discussed the censorship implications and the inability to force every subscriber to edit or delete their copy of the post. It was suggested that a request to edit or delete an earlier post could be posted, which would mark the post as edited or deleted in the UI while providing an option to show the original version.https://code.briarproject.org/briar/briar/-/issues/84Notifications for new messages while signed out2020-11-21T20:02:31ZakwizgranNotifications for new messages while signed outA user asked for notifications to be shown when messages or forums posts are received while the user is signed out.
We can't do this with the current architecture, but this ticket exists to document the demand for the feature.A user asked for notifications to be shown when messages or forums posts are received while the user is signed out.
We can't do this with the current architecture, but this ticket exists to document the demand for the feature.https://code.briarproject.org/briar/briar/-/issues/83Highlight replies to the user's posts2020-11-21T20:04:46ZakwizgranHighlight replies to the user's postsA user asked for some kind of visual indication when their forum posts had been replied to -- perhaps similar to the indication for new posts.A user asked for some kind of visual indication when their forum posts had been replied to -- perhaps similar to the indication for new posts.https://code.briarproject.org/briar/briar/-/issues/81Quote parent when replying to a forum post2020-11-21T20:04:59ZakwizgranQuote parent when replying to a forum postUsers asked for the ability to quote a post when replying to it, as is common in web-based forums.Users asked for the ability to quote a post when replying to it, as is common in web-based forums.https://code.briarproject.org/briar/briar/-/issues/79Mark certain contacts as trusted2020-11-21T20:05:20ZakwizgranMark certain contacts as trustedA user asked for the ability to mark certain contacts as trusted. Trusted contacts might be treated differently - for example they might be allowed to invite people to a private group shared with them, or they might be allowed to initiat...A user asked for the ability to mark certain contacts as trusted. Trusted contacts might be treated differently - for example they might be allowed to invite people to a private group shared with them, or they might be allowed to initiate introductions.https://code.briarproject.org/briar/briar/-/issues/74Descriptions for forums2020-11-21T20:05:47ZakwizgranDescriptions for forumsA user asked to be able to add descriptions to forums.
This would be a longer piece of text attached to the forum by its creator that potential subscribers could read when deciding whether to subscribe.A user asked to be able to add descriptions to forums.
This would be a longer piece of text attached to the forum by its creator that potential subscribers could read when deciding whether to subscribe.https://code.briarproject.org/briar/briar/-/issues/71Explain why adding a contact failed2021-01-13T13:25:21ZakwizgranExplain why adding a contact failedA user asked to be shown the reason for a connection failing when adding a contact (e.g. timeout, Bluetooth disabled, wrong invitation code).
We can't distinguish a timeout from a wrong invitation code (entering the wrong code will caus...A user asked to be shown the reason for a connection failing when adding a contact (e.g. timeout, Bluetooth disabled, wrong invitation code).
We can't distinguish a timeout from a wrong invitation code (entering the wrong code will cause a timeout), but we may be able to distinguish some other reasons, e.g. Bluetooth discoverability timing out.https://code.briarproject.org/briar/briar/-/issues/70Sign out automatically2020-11-21T20:07:17ZakwizgranSign out automaticallyA user requested the option to sign out automatically after a configurable amount of time.
This was also suggested by a UX reviewer.A user requested the option to sign out automatically after a configurable amount of time.
This was also suggested by a UX reviewer.https://code.briarproject.org/briar/briar/-/issues/69"Minimise" inactive forum threads2020-11-21T20:07:46Zakwizgran"Minimise" inactive forum threadsFeedback from a user: "It would be nice to be able to minimise less active threads to reduce clutter."
~~We don't currently display forum messages in threads, but we should bear this in mind.~~Feedback from a user: "It would be nice to be able to minimise less active threads to reduce clutter."
~~We don't currently display forum messages in threads, but we should bear this in mind.~~https://code.briarproject.org/briar/briar/-/issues/66Tor plugin reports NOROUTE but network is available2020-11-21T20:08:10ZakwizgranTor plugin reports NOROUTE but network is availableA user submitted this debugging log. Mobile data is shown as available, enabled and connected, but Tor can't connect to the network.
```
Device type:
HTC One_M8 (Htc)
Android version:
4.4.4 (19)
Architecture:
armeabi-v7a, armeabi
Sys...A user submitted this debugging log. Mobile data is shown as available, enabled and connected, but Tor can't connect to the network.
```
Device type:
HTC One_M8 (Htc)
Android version:
4.4.4 (19)
Architecture:
armeabi-v7a, armeabi
System memory:
1827 MiB total, 505 MiB free, 96 MiB threshold
Virtual machine memory:
12 MiB allocated, 1 MiB free, 192 MiB maximum
Internal storage:
2641 MiB total, 380 MiB free
External storage:
25432 MiB total, 9201 MiB free
Mobile data:
Available, enabled, connected
Wi-Fi:
Not available, not enabled, not connected
Address: 0.0.0.0
Bluetooth:
Available, enabled, connectable, not discoverable
Address: XX:XX:XX:XX:XX:XX
Tor plugin:
Enabled, not running
Address: xxxxxxxxxxxxxxxx.onion
LAN plugin:
Enabled, not running
Bluetooth plugin:
Enabled, running
Address: XX:XX:XX:XX:XX:XX
Debugging log:
04-28 19:52:40.351 I/PollerImpl( 3821): Polling DroidtoothPlugin
04-28 19:52:40.561 I/TorPlugin( 3821): OR connection LAUNCHED
04-28 19:52:40.561 I/TorPlugin( 3821): OR connection FAILED
04-28 19:52:40.561 I/TorPlugin( 3821): WARN Problem bootstrapping. Stuck at 80%: Connecting to the Tor network. (Network is unreachable; NOROUTE; count 152; recommendation warn)
04-28 19:52:41.651 I/TorPlugin( 3821): OR connection LAUNCHED
04-28 19:52:41.651 I/TorPlugin( 3821): OR connection FAILED
04-28 19:52:41.651 I/TorPlugin( 3821): WARN Problem bootstrapping. Stuck at 80%: Connecting to the Tor network. (Network is unreachable; NOROUTE; count 153; recommendation warn)
04-28 19:52:42.691 I/TorPlugin( 3821): OR connection LAUNCHED
04-28 19:52:42.691 I/TorPlugin( 3821): OR connection FAILED
04-28 19:52:42.691 I/TorPlugin( 3821): WARN Problem bootstrapping. Stuck at 80%: Connecting to the Tor network. (Network is unreachable; NOROUTE; count 154; recommendation warn)
04-28 19:52:43.671 I/TorPlugin( 3821): OR connection LAUNCHED
04-28 19:52:43.671 I/TorPlugin( 3821): OR connection FAILED
04-28 19:52:43.671 I/TorPlugin( 3821): WARN Problem bootstrapping. Stuck at 80%: Connecting to the Tor network. (Network is unreachable; NOROUTE; count 155; recommendation warn)
04-28 19:52:44.721 I/TorPlugin( 3821): OR connection LAUNCHED
04-28 19:52:44.721 I/TorPlugin( 3821): OR connection FAILED
04-28 19:52:44.721 I/TorPlugin( 3821): WARN Problem bootstrapping. Stuck at 80%: Connecting to the Tor network. (Network is unreachable; NOROUTE; count 156; recommendation warn)
04-28 19:52:45.631 I/TorPlugin( 3821): OR connection LAUNCHED
04-28 19:52:45.631 I/TorPlugin( 3821): OR connection FAILED
04-28 19:52:45.631 I/TorPlugin( 3821): WARN Problem bootstrapping. Stuck at 80%: Connecting to the Tor network. (Network is unreachable; NOROUTE; count 157; recommendation warn)
04-28 19:53:01.891 I/DroidtoothPlugin( 3821): Scan mode: Connectable
04-28 19:53:06.861 I/AddContactActivity( 3821): Loading setting took 0 ms
04-28 19:53:06.881 W/ResourceType( 3821): No package identifier when getting name for resource number 0x00000001
04-28 19:53:06.881 I/InputMethodManager( 3821): [startInputInner] EditorInfo { packageName=org.briarproject, inputType=0x2, imeOptions=0x4006, privateImeOptions=null }, windowGainingFocus=android.view.ViewRootImpl$W@41eb05a8, mServedView=org.briarproject.android.invitation.CodeEntryView$1{41eaabd0 VFED..CL .F....ID 168,0-623,150 #1}
04-28 19:53:07.971 I/ContactListActivity( 3821): Full load took 1 ms
04-28 19:53:11.641 I/TorPlugin( 3821): OR connection LAUNCHED
04-28 19:53:11.641 I/TorPlugin( 3821): OR connection FAILED
04-28 19:53:11.641 I/TorPlugin( 3821): WARN Problem bootstrapping. Stuck at 80%: Connecting to the Tor network. (Network is unreachable; NOROUTE; count 158; recommendation warn)
04-28 19:53:12.651 I/TorPlugin( 3821): OR connection LAUNCHED
04-28 19:53:12.651 I/TorPlugin( 3821): OR connection FAILED
04-28 19:53:12.651 I/TorPlugin( 3821): WARN Problem bootstrapping. Stuck at 80%: Connecting to the Tor network. (Network is unreachable; NOROUTE; count 159; recommendation warn)
04-28 19:53:12.751 I/SettingsActivity( 3821): Loading settings took 2 ms
04-28 19:53:13.591 I/TorPlugin( 3821): OR connection LAUNCHED
04-28 19:53:13.591 I/TorPlugin( 3821): OR connection FAILED
04-28 19:53:13.591 I/TorPlugin( 3821): WARN Problem bootstrapping. Stuck at 80%: Connecting to the Tor network. (Network is unreachable; NOROUTE; count 160; recommendation warn)
04-28 19:53:13.811 I/System ( 3821): exec(logcat -d -v time *:I @ org.briarproject.android.TestingActivity.getStatusMap:433)
04-28 19:53:14.581 I/TorPlugin( 3821): OR connection LAUNCHED
04-28 19:53:14.581 I/TorPlugin( 3821): OR connection FAILED
04-28 19:53:14.581 I/TorPlugin( 3821): WARN Problem bootstrapping. Stuck at 80%: Connecting to the Tor network. (Network is unreachable; NOROUTE; count 161; recommendation warn)
04-28 19:53:15.671 I/TorPlugin( 3821): OR connection LAUNCHED
04-28 19:53:15.671 I/TorPlugin( 3821): OR connection FAILED
04-28 19:53:15.671 I/TorPlugin( 3821): WARN Problem bootstrapping. Stuck at 80%: Connecting to the Tor network. (Network is unreachable; NOROUTE; count 162; recommendation warn)
04-28 19:53:15.711 I/DatabaseCleanerImpl( 3821): Checking free space
04-28 19:53:15.711 I/DatabaseComponentImpl( 3821): 9753812992 bytes free space
04-28 19:53:16.681 I/TorPlugin( 3821): OR connection LAUNCHED
04-28 19:53:16.681 I/TorPlugin( 3821): OR connection FAILED
04-28 19:53:16.681 I/TorPlugin( 3821): WARN Problem bootstrapping. Stuck at 80%: Connecting to the Tor network. (Network is unreachable; NOROUTE; count 163; recommendation warn)
04-28 19:53:31.611 W/KeyCharacterMap( 3821): Load KCM of non-default device may incur unexpected result
04-28 19:53:31.611 I/PhoneWindow( 3821): <VOLUME> Handle volume key by audio manager in PhoneWindow.java, keyCode = 24
04-28 19:53:32.111 W/KeyCharacterMap( 3821): Load KCM of non-default device may incur unexpected result
04-28 19:53:32.111 I/PhoneWindow( 3821): <VOLUME> Handle volume key by audio manager in PhoneWindow.java, keyCode = 24
04-28 19:53:32.151 W/KeyCharacterMap( 3821): Load KCM of non-default device may incur unexpected result
04-28 19:53:32.151 I/PhoneWindow( 3821): <VOLUME> Handle volume key by audio manager in PhoneWindow.java, keyCode = 24
04-28 19:53:32.201 W/KeyCharacterMap( 3821): Load KCM of non-default device may incur unexpected result
04-28 19:53:32.201 I/PhoneWindow( 3821): <VOLUME> Handle volume key by audio manager in PhoneWindow.java, keyCode = 24
04-28 19:53:32.251 W/KeyCharacterMap( 3821): Load KCM of non-default device may incur unexpected result
04-28 19:53:32.251 I/PhoneWindow( 3821): <VOLUME> Handle volume key by audio manager in PhoneWindow.java, keyCode = 24
04-28 19:53:32.301 W/KeyCharacterMap( 3821): Load KCM of non-default device may incur unexpected result
04-28 19:53:32.301 I/PhoneWindow( 3821): <VOLUME> Handle volume key by audio manager in PhoneWindow.java, keyCode = 24
04-28 19:53:32.361 W/KeyCharacterMap( 3821): Load KCM of non-default device may incur unexpected result
04-28 19:53:32.361 I/PhoneWindow( 3821): <VOLUME> Handle volume key by audio manager in PhoneWindow.java, keyCode = 24
04-28 19:53:32.411 W/KeyCharacterMap( 3821): Load KCM of non-default device may incur unexpected result
04-28 19:53:32.411 I/PhoneWindow( 3821): <VOLUME> Handle volume key by audio manager in PhoneWindow.java, keyCode = 24
04-28 19:53:32.461 W/KeyCharacterMap( 3821): Load KCM of non-default device may incur unexpected result
04-28 19:53:32.461 I/PhoneWindow( 3821): <VOLUME> Handle volume key by audio manager in PhoneWindow.java, keyCode = 24
04-28 19:53:32.511 W/KeyCharacterMap( 3821): Load KCM of non-default device may incur unexpected result
04-28 19:53:32.511 I/PhoneWindow( 3821): <VOLUME> Handle volume key by audio manager in PhoneWindow.java, keyCode = 24
04-28 19:53:32.561 W/KeyCharacterMap( 3821): Load KCM of non-default device may incur unexpected result
04-28 19:53:32.561 I/PhoneWindow( 3821): <VOLUME> Handle volume key by audio manager in PhoneWindow.java, keyCode = 24
04-28 19:53:32.611 W/KeyCharacterMap( 3821): Load KCM of non-default device may incur unexpected result
04-28 19:53:32.611 I/PhoneWindow( 3821): <VOLUME> Handle volume key by audio manager in PhoneWindow.java, keyCode = 24
04-28 19:53:32.661 W/KeyCharacterMap( 3821): Load KCM of non-default device may incur unexpected result
04-28 19:53:32.661 I/PhoneWindow( 3821): <VOLUME> Handle volume key by audio manager in PhoneWindow.java, keyCode = 24
04-28 19:53:32.711 W/KeyCharacterMap( 3821): Load KCM of non-default device may incur unexpected result
04-28 19:53:32.711 I/PhoneWindow( 3821): <VOLUME> Handle volume key by audio manager in PhoneWindow.java, keyCode = 24
04-28 19:53:32.761 W/KeyCharacterMap( 3821): Load KCM of non-default device may incur unexpected result
04-28 19:53:32.771 I/PhoneWindow( 3821): <VOLUME> Handle volume key by audio manager in PhoneWindow.java, keyCode = 24
04-28 19:53:32.811 W/KeyCharacterMap( 3821): Load KCM of non-default device may incur unexpected result
04-28 19:53:32.821 I/PhoneWindow( 3821): <VOLUME> Handle volume key by audio manager in PhoneWindow.java, keyCode = 24
04-28 19:53:32.871 W/KeyCharacterMap( 3821): Load KCM of non-default device may incur unexpected result
04-28 19:53:32.871 I/PhoneWindow( 3821): <VOLUME> Handle volume key by audio manager in PhoneWindow.java, keyCode = 24
04-28 19:53:32.931 W/KeyCharacterMap( 3821): Load KCM of non-default device may incur unexpected result
04-28 19:53:32.931 I/PhoneWindow( 3821): <VOLUME> Handle volume key by audio manager in PhoneWindow.java, keyCode = 24
04-28 19:53:32.971 W/KeyCharacterMap( 3821): Load KCM of non-default device may incur unexpected result
04-28 19:53:32.971 I/PhoneWindow( 3821): <VOLUME> Handle volume key by audio manager in PhoneWindow.java, keyCode = 24
04-28 19:53:33.011 W/KeyCharacterMap( 3821): Load KCM of non-default device may incur unexpected result
04-28 19:53:33.011 I/PhoneWindow( 3821): <VOLUME> Handle volume key by audio manager in PhoneWindow.java, keyCode = 24
04-28 19:53:33.071 W/KeyCharacterMap( 3821): Load KCM of non-default device may incur unexpected result
04-28 19:53:33.071 I/PhoneWindow( 3821): <VOLUME> Handle volume key by audio manager in PhoneWindow.java, keyCode = 24
04-28 19:53:33.121 W/KeyCharacterMap( 3821): Load KCM of non-default device may incur unexpected result
04-28 19:53:33.121 I/PhoneWindow( 3821): <VOLUME> Handle volume key by audio manager in PhoneWindow.java, keyCode = 24
04-28 19:53:33.171 W/KeyCharacterMap( 3821): Load KCM of non-default device may incur unexpected result
04-28 19:53:33.171 I/PhoneWindow( 3821): <VOLUME> Handle volume key by audio manager in PhoneWindow.java, keyCode = 24
04-28 19:53:33.221 W/KeyCharacterMap( 3821): Load KCM of non-default device may incur unexpected result
04-28 19:53:33.221 I/PhoneWindow( 3821): <VOLUME> Handle volume key by audio manager in PhoneWindow.java, keyCode = 24
04-28 19:53:33.271 W/KeyCharacterMap( 3821): Load KCM of non-default device may incur unexpected result
04-28 19:53:33.271 I/PhoneWindow( 3821): <VOLUME> Handle volume key by audio manager in PhoneWindow.java, keyCode = 24
04-28 19:53:33.331 W/KeyCharacterMap( 3821): Load KCM of non-default device may incur unexpected result
04-28 19:53:33.331 I/PhoneWindow( 3821): <VOLUME> Handle volume key by audio manager in PhoneWindow.java, keyCode = 24
04-28 19:53:33.371 W/KeyCharacterMap( 3821): Load KCM of non-default device may incur unexpected result
04-28 19:53:33.371 I/PhoneWindow( 3821): <VOLUME> Handle volume key by audio manager in PhoneWindow.java, keyCode = 24
04-28 19:53:33.421 W/KeyCharacterMap( 3821): Load KCM of non-default device may incur unexpected result
04-28 19:53:33.431 I/PhoneWindow( 3821): <VOLUME> Handle volume key by audio manager in PhoneWindow.java, keyCode = 24
04-28 19:53:33.481 W/KeyCharacterMap( 3821): Load KCM of non-default device may incur unexpected result
04-28 19:53:33.481 I/PhoneWindow( 3821): <VOLUME> Handle volume key by audio manager in PhoneWindow.java, keyCode = 24
04-28 19:53:35.471 W/KeyCharacterMap( 3821): Load KCM of non-default device may incur unexpected result
04-28 19:53:35.511 W/KeyCharacterMap( 3821): Load KCM of non-default device may incur unexpected result
04-28 19:53:35.561 W/KeyCharacterMap( 3821): Load KCM of non-default device may incur unexpected result
04-28 19:53:35.611 W/KeyCharacterMap( 3821): Load KCM of non-default device may incur unexpected result
04-28 19:53:35.661 W/KeyCharacterMap( 3821): Load KCM of non-default device may incur unexpected result
04-28 19:53:35.711 W/KeyCharacterMap( 3821): Load KCM of non-default device may incur unexpected result
04-28 19:53:35.761 W/KeyCharacterMap( 3821): Load KCM of non-default device may incur unexpected result
04-28 19:53:35.811 W/KeyCharacterMap( 3821): Load KCM of non-default device may incur unexpected result
04-28 19:53:35.861 W/KeyCharacterMap( 3821): Load KCM of non-default device may incur unexpected result
04-28 19:53:35.911 W/KeyCharacterMap( 3821): Load KCM of non-default device may incur unexpected result
04-28 19:53:35.971 W/KeyCharacterMap( 3821): Load KCM of non-default device may incur unexpected result
04-28 19:53:36.021 W/KeyCharacterMap( 3821): Load KCM of non-default device may incur unexpected result
04-28 19:53:36.071 W/KeyCharacterMap( 3821): Load KCM of non-default device may incur unexpected result
04-28 19:53:36.121 W/KeyCharacterMap( 3821): Load KCM of non-default device may incur unexpected result
04-28 19:53:36.171 W/KeyCharacterMap( 3821): Load KCM of non-default device may incur unexpected result
04-28 19:53:36.221 W/KeyCharacterMap( 3821): Load KCM of non-default device may incur unexpected result
04-28 19:53:36.271 W/KeyCharacterMap( 3821): Load KCM of non-default device may incur unexpected result
04-28 19:53:36.321 W/KeyCharacterMap( 3821): Load KCM of non-default device may incur unexpected result
04-28 19:53:36.371 W/KeyCharacterMap( 3821): Load KCM of non-default device may incur unexpected result
04-28 19:53:36.431 W/KeyCharacterMap( 3821): Load KCM of non-default device may incur unexpected result
04-28 19:53:36.491 W/KeyCharacterMap( 3821): Load KCM of non-default device may incur unexpected result
04-28 19:53:36.531 W/KeyCharacterMap( 3821): Load KCM of non-default device may incur unexpected result
04-28 19:53:36.581 W/KeyCharacterMap( 3821): Load KCM of non-default device may incur unexpected result
04-28 19:53:42.621 I/TorPlugin( 3821): OR connection LAUNCHED
04-28 19:53:42.621 I/TorPlugin( 3821): OR connection FAILED
04-28 19:53:42.621 I/TorPlugin( 3821): WARN Problem bootstrapping. Stuck at 80%: Connecting to the Tor network. (Network is unreachable; NOROUTE; count 164; recommendation warn)
04-28 19:53:43.631 I/TorPlugin( 3821): OR connection LAUNCHED
04-28 19:53:43.631 I/TorPlugin( 3821): OR connection FAILED
04-28 19:53:43.631 I/TorPlugin( 3821): WARN Problem bootstrapping. Stuck at 80%: Connecting to the Tor network. (Network is unreachable; NOROUTE; count 165; recommendation warn)
04-28 19:53:44.761 I/TorPlugin( 3821): OR connection LAUNCHED
04-28 19:53:44.761 I/TorPlugin( 3821): OR connection FAILED
04-28 19:53:44.761 I/TorPlugin( 3821): WARN Problem bootstrapping. Stuck at 80%: Connecting to the Tor network. (Network is unreachable; NOROUTE; count 166; recommendation warn)
04-28 19:53:45.721 I/TorPlugin( 3821): OR connection LAUNCHED
04-28 19:53:45.721 I/TorPlugin( 3821): OR connection FAILED
04-28 19:53:45.721 I/TorPlugin( 3821): WARN Problem bootstrapping. Stuck at 80%: Connecting to the Tor network. (Network is unreachable; NOROUTE; count 167; recommendation warn)
04-28 19:53:46.581 I/TorPlugin( 3821): OR connection LAUNCHED
04-28 19:53:46.581 I/TorPlugin( 3821): OR connection FAILED
04-28 19:53:46.581 I/TorPlugin( 3821): WARN Problem bootstrapping. Stuck at 80%: Connecting to the Tor network. (Network is unreachable; NOROUTE; count 168; recommendation warn)
04-28 19:53:47.681 I/TorPlugin( 3821): OR connection LAUNCHED
04-28 19:53:47.681 I/TorPlugin( 3821): OR connection FAILED
04-28 19:53:47.681 I/TorPlugin( 3821): WARN Problem bootstrapping. Stuck at 80%: Connecting to the Tor network. (Network is unreachable; NOROUTE; count 169; recommendation warn)
04-28 19:53:57.711 I/PollerImpl( 3821): Polling AndroidLanTcpPlugin
04-28 19:54:08.151 I/System ( 3821): exec(logcat -d -v time *:I @ org.briarproject.android.TestingActivity.getStatusMap:433)
```https://code.briarproject.org/briar/briar/-/issues/65Two-factor authentication2020-11-21T20:09:51ZakwizgranTwo-factor authenticationAdd optional two-factor authentication to the Android app via NFC -- to log in, the user must tap a particular NFC tag as well as entering their password. Data from the NFC tag is incorporated into the PBKDF. This prevents brute force pa...Add optional two-factor authentication to the Android app via NFC -- to log in, the user must tap a particular NFC tag as well as entering their password. Data from the NFC tag is incorporated into the PBKDF. This prevents brute force password cracking if the Android device is captured but the NFC tag is not.
NFC tags may be readable at long distances, so this won't prevent password cracking by an attacker who can read the NFC tag in advance.
This is weaker than 2FA protocols based on public keys, such as U2F, but those require a trusted server that can deny access to the account if the signature doesn't match.https://code.briarproject.org/briar/briar/-/issues/64Upgrade jSSC to 2.8.02022-04-18T09:40:48ZakwizgranUpgrade jSSC to 2.8.0jSSC, the serial port library used by the dialup modem plugin, is at version 2.8.0 but we're still using version 0.9. Upgrade to the current version, amending or discarding our thread safety patch as appropriate.jSSC, the serial port library used by the dialup modem plugin, is at version 2.8.0 but we're still using version 0.9. Upgrade to the current version, amending or discarding our thread safety patch as appropriate.https://code.briarproject.org/briar/briar/-/issues/63Prevent tag length from being used for active probing2021-01-25T17:55:11ZakwizgranPrevent tag length from being used for active probingOn some transports it may be possible to use the fixed tag length to probe a transport endpoint to determine whether it's likely to be accepting BTP traffic: the endpoint will always accept (tag length - 1) random bytes but close the tra...On some transports it may be possible to use the fixed tag length to probe a transport endpoint to determine whether it's likely to be accepting BTP traffic: the endpoint will always accept (tag length - 1) random bytes but close the transport connection after (tag length) bytes.
It may be possible to address this by picking a random number for each incoming transport connection and reading that many bytes before deciding whether to accept the connection. The number could be anywhere between (tag length) and (tag length + stream header length). The number could be drawn from a distribution supplied by the TAP profile, allowing the distribution to be tailored to the transport.https://code.briarproject.org/briar/briar/-/issues/62Reduce information leaked by polling2022-01-26T13:47:24ZakwizgranReduce information leaked by pollingPolling for connections to contacts may reveal the number of contacts and their identities to a local observer. For example, anyone monitoring Bluetooth traffic near a Briar device will see periodic bursts of connection attempts from the...Polling for connections to contacts may reveal the number of contacts and their identities to a local observer. For example, anyone monitoring Bluetooth traffic near a Briar device will see periodic bursts of connection attempts from the device's MAC address to certain other MAC addresses. The observer will learn how many contacts the device has, and if the observer knows who owns any of the other MAC addresses then contact relationships will be revealed.
There are several techniques we can use to reduce information leaks.
1) Poll at random intervals
Instead of polling all contacts at regular intervals, poll each contact at exponentially distributed intervals.
This should reduce the information about contacts leaked to a local observer. The shorter the observation period, the less likely it is that connection attempts to all contacts will be observed.
2) Don't poll unreachable contacts
Plugins should store contextual information to help them decide which contacts may be reachable, and contacts who are unreachable should not be polled. Contacts who are rarely reachable via a given transport may be polled less frequently.
3) Don't poll at all
Polling probably contributes to Briar's battery and bandwidth consumption, and for short-range transports it may not be the most efficient way of connecting to nearby contacts. The user knows when contacts are nearby, and may be able to connect to them more quickly by triggering a scan manually than by waiting for the next poll.
To reduce the amount of information leaked by a manual or automatic scan, the scan should detect nearby contacts and then try to connect to any that are nearby, as opposed to the current approach of trying to connect to all contacts. The rationale for the current approach is that we can't make an Android device permanently discoverable via Bluetooth, and making the device temporarily discoverable requires confirmation from the user each time. But if the scan is triggered manually, user confirmation may be acceptable. It may be possible to make a device permanently discoverable via Bluetooth LE or Wi-Fi Direct, in which case we could scan multiple transports with a single manual trigger.https://code.briarproject.org/briar/briar/-/issues/61Ratcheting2020-11-21T20:16:11ZakwizgranRatchetingBriar's forward secrecy is based on periodic key rotation rather than ratcheting because we need to ensure forward secrecy even if no communication occurs for a long period, or communication only occurs in one direction. However, we coul...Briar's forward secrecy is based on periodic key rotation rather than ratcheting because we need to ensure forward secrecy even if no communication occurs for a long period, or communication only occurs in one direction. However, we could also use ratcheting opportunistically, so that the exposure of a transport key doesn't expose all future transport keys (the reverse of forward secrecy).
It would make sense to have a separate ratchet for each transport so that the ratchets for low-latency transports can advance quickly, but the ratchet keys for each transport could be synced over any transport.https://code.briarproject.org/briar/briar/-/issues/60Close idle transport connections2020-11-21T20:16:40ZakwizgranClose idle transport connectionsFor some transports keeping a connection open is expensive (especially if we're sending padding) -- but for other transports creating a new connection may be expensive. Idle connections should be closed after a transport-dependent amount...For some transports keeping a connection open is expensive (especially if we're sending padding) -- but for other transports creating a new connection may be expensive. Idle connections should be closed after a transport-dependent amount of time.https://code.briarproject.org/briar/briar/-/issues/59Traffic analysis prevention layer2022-11-01T14:51:18ZakwizgranTraffic analysis prevention layerThe traffic analysis prevention (TAP) layer is responsible for preventing an observer from determining the volume and timing of data carried by a BTP stream.
What should the interfaces between BTP, TAP and the transport plugin look like...The traffic analysis prevention (TAP) layer is responsible for preventing an observer from determining the volume and timing of data carried by a BTP stream.
What should the interfaces between BTP, TAP and the transport plugin look like? Does the plugin need to be able to ask for a specific stream length, other than setting an upper bound? Are there any transports for which sending data as quickly as possible is preferable (from a TAP point of view) to sending it at a limited rate?
The TAP layer could adjust the transmission rate, increasing it if there's data waiting and decreasing it if not. What could the adversary learn by observing changes in the transmission rate and/or manipulating congestion?
Padding could be handled at the BTP layer by choosing a padding multiplier for each stream. The TAP layer would then sit between BTP and the transport and handle chopping and delaying the stream -- that is, segmenting the encrypted, padded stream according to some segment size distribution, and writing segments to the transport according to some inter-segment delay distribution.
The padding, size and delay distributions can be used to produce a characteristic traffic 'shape' for each device or pair of devices:
http://www.cs.kau.se/philwint/pdf/wpes2013.pdf
We can conceal traffic bursts by throttling the output of the TAP layer so that bursts are smoothed out. However, we should make good use of intermittently available transports -- if we send too slowly, the transport connection may be lost before we finish.https://code.briarproject.org/briar/briar/-/issues/58Use double MAC technique for checking MACs2020-11-21T20:17:47ZakwizgranUse double MAC technique for checking MACsComparing a received MAC to the expected MAC in constant time is tricky in high-level languages because the compiler, runtime and JIT may optimise the comparison code so that it no longer runs in constant time. The adversary may be able ...Comparing a received MAC to the expected MAC in constant time is tricky in high-level languages because the compiler, runtime and JIT may optimise the comparison code so that it no longer runs in constant time. The adversary may be able to use the timing of the comparison to discover how many bytes of the received MAC match the expected MAC.
To avoid revealing this information, the recipient can calculate another MAC over each MAC and compare the outer MACs. The adversary can use the timing of the comparison to learn the position at which the outer MACs differ, but that doesn't reveal the position at which the inner MACs differ.
https://www.isecpartners.com/blog/2011/february/double-hmac-verification.aspx
The MAC is being used as a PRF. It seems like this technique could also be used for validating signatures -- the validator can use any MAC key (not necessarily shared with the signer) to calculate MACs over the received and expected signatures, then compare the MACs.https://code.briarproject.org/briar/briar/-/issues/56Handle fatal errors2020-11-21T20:18:34ZakwizgranHandle fatal errorsWe should decide how to handle various errors that prevent the app from starting or continuing. Right now these are handled in ad hoc ways such as throwing an Error, which crashes the app. Situations we need to handle include:
* Can't o...We should decide how to handle various errors that prevent the app from starting or continuing. Right now these are handled in ad hoc ways such as throwing an Error, which crashes the app. Situations we need to handle include:
* Can't open the database
* Services fail to start
* Out of disk space
* Clock moves backwards
* Database state is inconsistent (DbStateException)
This is a UX issue as much as a programming issue. How do we communicate these errors to the user and what do we advise them to do?