briar issueshttps://code.briarproject.org/groups/briar/-/issues2020-11-19T15:15:13Zhttps://code.briarproject.org/briar/briar/-/issues/958Importing RSS Feed, UX considerations2020-11-19T15:15:13ZErnir ErlingssonImporting RSS Feed, UX considerations1. We should close the keyboard after the user has pressed the import button
2. One user imported a large RSS feed and before it finished his screen turned off, he had a short setting for an active screen but we should maybe consider met...1. We should close the keyboard after the user has pressed the import button
2. One user imported a large RSS feed and before it finished his screen turned off, he had a short setting for an active screen but we should maybe consider methods to keep the screen on while something is loading, there the device is usually not really idle but the user is simply waiting for the loading to finish before continuing.https://code.briarproject.org/briar/briar/-/issues/952Use external IP address in LocationUtils if available2020-11-19T15:17:31ZakwizgranUse external IP address in LocationUtils if availableIf we can discover a routable IP address from a network interface then we can look it up in Tor's GeoIP library and use that as one of the sources to determine whether Tor's likely to be blocked in our current location.If we can discover a routable IP address from a network interface then we can look it up in Tor's GeoIP library and use that as one of the sources to determine whether Tor's likely to be blocked in our current location.https://code.briarproject.org/briar/briar/-/issues/947Bluetooth address is empty in LineageOS guest mode2020-11-19T15:19:18ZTorsten GroteBluetooth address is empty in LineageOS guest modeThis happens on a device with Privacy Guard (even if disabled) when starting Briar (or when trying to add a contact):
![signal-2017-05-09-213424](/uploads/304cd58b9dd6bd7596a9b606143949c5/signal-2017-05-09-213424.png)
Since the user ca...This happens on a device with Privacy Guard (even if disabled) when starting Briar (or when trying to add a contact):
![signal-2017-05-09-213424](/uploads/304cd58b9dd6bd7596a9b606143949c5/signal-2017-05-09-213424.png)
Since the user can not even log in, there is no way this report gets send out via Tor, so it is attached as a screenshot here.https://code.briarproject.org/briar/briar/-/issues/944WiFi Transport layer dead when device has been offline for long2020-11-19T15:20:50ZErnir ErlingssonWiFi Transport layer dead when device has been offline for longBriar was running for two days in flight mode but failed to connect when device internet connectivity was restored per WiFi. I failed to check other transports due to a crash ~~that I'm still investigating, it might be that Briar's stabi...Briar was running for two days in flight mode but failed to connect when device internet connectivity was restored per WiFi. I failed to check other transports due to a crash ~~that I'm still investigating, it might be that Briar's stability was compromised.~~
Edit: Unrelated crash due to an error in my save/restore branchhttps://code.briarproject.org/briar/briar/-/issues/942Compare Briar's Notification behaviour with other chat applications2020-11-19T15:21:55ZErnir ErlingssonCompare Briar's Notification behaviour with other chat applications> @ernir it would be great if you could look into the notification behaviour of other apps in detail (if i had to pick one, i guess it would be whatsapp) and see how they're handling all the corner cases. for example, if a conversation i...> @ernir it would be great if you could look into the notification behaviour of other apps in detail (if i had to pick one, i guess it would be whatsapp) and see how they're handling all the corner cases. for example, if a conversation is open and a message arrives, does it show a notification/vibrate/make a sound/blink the led? same question if the screen is off, same question if the list of conversations is open instead of the conversation itself, etchttps://code.briarproject.org/briar/briar/-/issues/935Hostname of feed URL is logged during RSS Feed Import2020-11-19T15:22:32ZTorsten GroteHostname of feed URL is logged during RSS Feed ImportPrivacy leak?
```
04-10 15:14:04.602 D/libc-netbsd: [getaddrinfo]: hostname=www.schneier.com; servname=(null); cache_mode=(null), netid=0; mark=0
04-10 15:14:04.602 D/libc-netbsd: [getaddrinfo]: ai_addrlen=0; ai_canonname=(null); ai_flag...Privacy leak?
```
04-10 15:14:04.602 D/libc-netbsd: [getaddrinfo]: hostname=www.schneier.com; servname=(null); cache_mode=(null), netid=0; mark=0
04-10 15:14:04.602 D/libc-netbsd: [getaddrinfo]: ai_addrlen=0; ai_canonname=(null); ai_flags=4; ai_family=0
```https://code.briarproject.org/briar/briar/-/issues/922Emoji in forum and group names2020-11-19T15:24:18ZakwizgranEmoji in forum and group namesA tester asked to be able to use emoji in forum and group names. (This is possible with an emoji keyboard, but not otherwise.)A tester asked to be able to use emoji in forum and group names. (This is possible with an emoji keyboard, but not otherwise.)https://code.briarproject.org/briar/briar/-/issues/921Contact seemed to remain online after phone was reused2020-11-19T15:25:24ZakwizgranContact seemed to remain online after phone was reusedThis issue arose in user testing when one of the devices was reused by another tester.
User A with device X and user B with device Y added each other as contacts. Then user C took over device Y and created a new account. User A continue...This issue arose in user testing when one of the devices was reused by another tester.
User A with device X and user B with device Y added each other as contacts. Then user C took over device Y and created a new account. User A continued to see user B as online.
This may have been caused by a Bluetooth channel remaining open between the devices, causing user A to think that a connection to user B was still open. Perhaps a subsequent connection between user A and user C either reused the channel or otherwise caused it to remain open rather than timing out, or perhaps the Bluetooth stack on device X simply doesn't time out connections in a reasonable time.
If any of those speculations are right, we should work out how to avoid relying on Bluetooth to time out the connection and time out after a reasonable time in the Bramble stack instead.
We should also check that Bluetooth connections are being disposed of properly when they're closed.https://code.briarproject.org/briar/briar/-/issues/917Testers did not understand who could be invited to private groups2020-11-19T15:34:00ZakwizgranTesters did not understand who could be invited to private groupsTesters asked whether they could invite users who weren't their contacts to a group, and whether an invited member could invite her contacts. They eventually worked out what was possible but were initially confused.
Related to #801, #81...Testers asked whether they could invite users who weren't their contacts to a group, and whether an invited member could invite her contacts. They eventually worked out what was possible but were initially confused.
Related to #801, #811 and #855.https://code.briarproject.org/briar/briar/-/issues/901Improve key binding in contact exchange protocol2020-11-19T15:35:33ZakwizgranImprove key binding in contact exchange protocolThe contact exchange protocol provides the following guarantees:
* Each party knows that the ephemeral and identity public keys she received are owned by the other party
* Each party knows that the ephemeral and identity public keys she ...The contact exchange protocol provides the following guarantees:
* Each party knows that the ephemeral and identity public keys she received are owned by the other party
* Each party knows that the ephemeral and identity public keys she received were used by the other party in the same run of the protocol - in other words it binds each party's ephemeral key pair to the same party's identity key pair and vice versa
* Each party knows that the ephemeral public key she received was used by the other party in the current run of the protocol - in other words it binds the parties' ephemeral key pairs to each other
To achieve this, each party uses her identity key pair to sign a nonce derived from the ephemeral shared secret, and authenticates the signed nonce using a symmetric key derived from the ephemeral shared secret.
Each party knows that the nonce she received is fresh, as it depends on her own ephemeral key pair, so the nonce itself proves that the other party owns the ephemeral public key received by the first party, while the signature proves that the other party owns the identity public key received by the first party.
The nonce is unique to this combination of ephemeral key pairs, so the signature represents a claim by the owner of the received identity public key that she took part in a protocol run involving both ephemeral key pairs. Authenticating the signed nonce with a symmetric key derived from the ephemeral shared secret represents a claim by the owner of the received ephemeral public keys that she took part in a protocol run involving both ephemeral key pairs and the identity key pair.
As far as I can tell, this construction is secure and achieves what we need, but it's unnecessarily convoluted. The binding and proof of ownership that's achieved by signing nonces could be achieved more straightforwardly by signing public keys:
* Each party signs both parties' ephemeral public keys and timestamps using her identity key pair
* Each party authenticates both parties' identity public keys, ephemeral public keys and timestamps, using a symmetric key derived from the ephemeral shared secret
If we're not concerned with deniability, each party can sign both parties' identity public keys, ephemeral public keys and timestamps. But as far as I can see, we get all the assurance we need without doing this.
Related to #902.https://code.briarproject.org/briar/briar/-/issues/848Cancelling a reblog darkens the blog2020-11-19T15:39:34ZErnir ErlingssonCancelling a reblog darkens the blog![blogs-weird-reblog-cancel-1](/uploads/ee561feb0ce02e1accf2fc2daf665cef/blogs-weird-reblog-cancel-1.mp4)
Note that it's important to type something into the input field before pressing the back button (for some reason)![blogs-weird-reblog-cancel-1](/uploads/ee561feb0ce02e1accf2fc2daf665cef/blogs-weird-reblog-cancel-1.mp4)
Note that it's important to type something into the input field before pressing the back button (for some reason)https://code.briarproject.org/briar/briar/-/issues/854Private groups: testers did not understand iconography2020-11-19T15:40:23ZMegaloxPrivate groups: testers did not understand iconographyThe "that is me"-icon (single person) and the verification icon didn't work at all without any explanation.The "that is me"-icon (single person) and the verification icon didn't work at all without any explanation.https://code.briarproject.org/briar/briar/-/issues/856Private group: Icon for creator2020-11-19T15:40:50ZMegaloxPrivate group: Icon for creatorOne tester liked the idea of having an extra icon for the creator of the group, a little crown for the "group master". I personally don't think that even more icons would improve the UX but maybe we want to discuss once more if the speci...One tester liked the idea of having an extra icon for the creator of the group, a little crown for the "group master". I personally don't think that even more icons would improve the UX but maybe we want to discuss once more if the special status of the group creator could be highlighted more prominently.https://code.briarproject.org/briar/briar/-/issues/886New workflow for adding contacts via QR codes2020-11-19T15:51:59ZakwizgranNew workflow for adding contacts via QR codesTesters have had trouble with the QR code workflow in the past. Some testers expected to be able to add multiple contacts by scanning a series of QR codes. We can get closer to meeting this expectation by dividing the workflow into two p...Testers have had trouble with the QR code workflow in the past. Some testers expected to be able to add multiple contacts by scanning a series of QR codes. We can get closer to meeting this expectation by dividing the workflow into two phases: scanning and showing.
In the scanning phase, the user scans any number of QR codes. In the background, her device connects to each scanned device and delivers a contact request. If the scanned device has already sent a contact request to the scanning device, the devices proceed with contact exchange.
In the showing phase, the user's device shows a QR code for other users to scan. A snackbar shows incoming contact requests. Touching the snackbar opens a list of contact requests sent, received and completed. Received requests are marked "scan to confirm". Touching a received request opens the scanning screen.
Pending requests are also indicated by a snackbar at the bottom of the contact list, so the user can leave the contact exchange feature to deal with other tasks, then come back and continue adding contacts.
Separating the initial contact request from the subsequent contact exchange allows users to scan each other's codes in any order. The list of contact requests allows them to keep track of which contacts need to be confirmed.https://code.briarproject.org/briar/briar/-/issues/880Forum topics2020-11-19T15:54:25ZakwizgranForum topicsThis is a suggestion for a different way to organise forum threads.
Each top-level post starts a new topic. The author picks a subject line for the topic. Descendents of the post that started the topic don't have subject lines of their ...This is a suggestion for a different way to organise forum threads.
Each top-level post starts a new topic. The author picks a subject line for the topic. Descendents of the post that started the topic don't have subject lines of their own.
Within each forum, we show a list of topics. These can be sorted by recent activity, so inactive topics fall to the bottom. Subject lines provide a summary of the topics currently being discussed. The user can open an existing topic or start a new topic. Within each topic we show a threaded view like the one we currently use for the forum as a whole.
The aim is to allow parallel conversations to happen within a single forum, while making it easy to navigate between different conversations or focus on the most interesting ones. Subject lines make it easy to collapse inactive conversations down to a summary.
The main disadvantage is adding another level of navigation. The distinction between the forum list and the topic list might not be clear.https://code.briarproject.org/briar/briar/-/issues/878Let contacts know that we've removed them2020-11-19T15:54:55ZakwizgranLet contacts know that we've removed themCurrently we don't tell contacts that we've removed them - we just stop connecting to them and close any connections they make to us, since we no longer recognise the tags.
The main advantage of the current approach is that we can remov...Currently we don't tell contacts that we've removed them - we just stop connecting to them and close any connections they make to us, since we no longer recognise the tags.
The main advantage of the current approach is that we can remove contacts tactfully: the contact can't necessarily tell whether we removed her or whether we just haven't signed in recently. However, if the contact sees us posting to forums, blogs or private groups, she may be able to tell that we've removed her. A second advantage is that we can immediately delete all state relating to the contact. Removing all *identifiable* state is important - it's the equivalent of forward secrecy for the social graph. But removing *all* state is just convenient.
The main disadvantage of the current approach is that the contact wastes battery and bandwidth trying to connect to us indefinitely. Depending on the transport this may expose metadata (#62). These problems will get worse over time as users accumulate defunct contacts.https://code.briarproject.org/briar/briar/-/issues/873Blogs: Reloading when changing orientation2020-11-19T15:55:20ZMegaloxBlogs: Reloading when changing orientationThe blog seems to reload (blank screen and spinner) when the user changes from portarait to landscape mode. Is this intentional?The blog seems to reload (blank screen and spinner) when the user changes from portarait to landscape mode. Is this intentional?https://code.briarproject.org/briar/briar/-/issues/872Blogs: RSS feed import order2020-11-19T15:57:41ZMegaloxBlogs: RSS feed import orderThe posts of the RSS feed were imported in a random order and all of them showed the same timestamp. Wouldn't it be better to (a) import the posts in the correct order (newest on top) and (b) add the timestamp of the original post (that ...The posts of the RSS feed were imported in a random order and all of them showed the same timestamp. Wouldn't it be better to (a) import the posts in the correct order (newest on top) and (b) add the timestamp of the original post (that would be more interesting than the import timestamp IMO)https://code.briarproject.org/briar/briar/-/issues/858Private groups: No feedback that user left2020-11-19T16:05:34ZMegaloxPrivate groups: No feedback that user leftB left the group that A created but A never got any feedback, so she could not reinvite B.B left the group that A created but A never got any feedback, so she could not reinvite B.https://code.briarproject.org/briar/briar/-/issues/859Reveal contacts: No feedback for the revealee2020-11-19T16:06:52ZMegaloxReveal contacts: No feedback for the revealeeA revealed her relationship to B but B did not get feedback (maybe exept the visibility indicator, but that is very subtle)A revealed her relationship to B but B did not get feedback (maybe exept the visibility indicator, but that is very subtle)