Briar Desktop in Whonix

HulaHoop · May 18, 2020, 4:07pm

Information

ID: 994
PHID: PHID-TASK-eynuz74y3dkbgyjg5fgv
Author: HulaHoop
Status at Migration Time: invalid
Priority at Migration Time: Needs Triage

Description

This ticket tracks progress of upstream solving the Tor over Tor issue and/or supporting a Tor instance running on Whonix GW.

Also tracks packaging request in Debian.

Comments

HulaHoop

2020-05-18 16:07:32 UTC

Mentioned on Telegram. This ticket tracks progress of upstream solving the Tor over Tor issue and/or supporting a Tor instance running on Whonix GW.

Also tracks packaging request in Debian.

Patrick · August 5, 2020, 10:25pm

Any update?

HulaHoop · August 6, 2020, 7:48pm

Nothing yet

Whonixa · August 17, 2020, 4:41am

FYI here are some relevant info and links about the state of development of Briar Desktop / Briar GTK:

April 2020 - Briar has already been demonstrated to run on Debian based distros like Tails, Mint, PureOS.

July 2020 - there are now .deb packages available for download.

media.dorfbrunnen.eu/briar/debs/

https nitter .net /BriarApp/status/1286631244139302912

https nitter .net/i/status/1294656542831239168

https nico .dorfbrunnen .eu /posts/2020/briar-alpha/

https nico .dorfbrunnen .eu /posts/2019/briar-second-demo/

https nico .dorfbrunnen .eu /posts/2019/briar-first-demo/

https www .publish0x .com /fav/privacy-how-to-install-and-run-briar-in-linux-mint-xvreqod

https code .briarproject .org /briar/briar-gtk

https code .briarproject .org /briar/briar-gtk/issues

https code .briarproject .org /briar/briar-gtk/-/issues/38

https sourceforge .net /p/briar/mailman/briar-devel/thread/0d3371f0-17ad-b8be-b003-0ff63b8064fa@briarproject.org/

“If you want to stay informed about what happens to the outer Briar universe, make sure to subscribe to this rss feed which will keep you up-to-date on everything happening around Briar on this blog.”

https nico .dorfbrunnen .eu /tags/briar/index.xml

Whonix forum moderaters please update the link URLs to make them active links as I am not allowed to post actual links.

HulaHoop · August 17, 2020, 12:41pm

Awesome. Thanks for sharing. It wasn’t apparent on their main site and DDG searches turned up irrelevant results, but good to know and worth testing.

Patrick · August 18, 2020, 4:47pm

Upgraded your account. Please edit and make these real links.

Whonixa · August 19, 2020, 7:30am

I could not find a way to edit the post. Here is the post again but reformated with proper links.

FYI here are some relevant info and links about the state of development of Briar Desktop / Briar GTK:

April 2020 - Briar has already been demonstrated to run on Debian based distros like Tails, Mint, PureOS.

July 2020 - there are now .deb packages available for download.

https://media.dorfbrunnen.eu/briar/debs/

https://nitter.net/BriarApp/status/1286631244139302912

https://nitter.net/i/status/1294656542831239168

https://www.publish0x.com/fav/privacy-how-to-install-and-run-briar-in-linux-mint-xvreqod

https://sourceforge.net/p/briar/mailman/briar-devel/thread/0d3371f0-17ad-b8be-b003-0ff63b8064fa@briarproject.org/

“If you want to stay informed about what happens to the outer Briar universe, make sure to subscribe to this rss feed which will keep you up-to-date on everything happening around Briar on this blog.”

https://nico.dorfbrunnen.eu/tags/briar/index.xml

Whonixa · September 17, 2020, 9:37am

First Beta Release of Briar GTK

September 10, 2020

“Almost half a year after releasing the first alpha release of Briar GTK, today marks the day of its first beta release.”

“Beside being fully translated to German and Spanish and allowing to delete contacts, this beta release of Briar GTK also offers basic notification support.”

“Note that Briar GTK currently only supports private chats.”

“Updating to the new version is as easy as calling flatpak update or installing the new .deb files. If you’re new to Briar GTK, you might want to look at its installation instructions to learn how to install it.”

Beta blog post:

Beta screenshot:

Beta Twitter announcement:
https://nitter.net/BriarApp/status/1304464959334748160

README with Debian installation instructions:

https://media.dorfbrunnen.eu/briar/debs/README.txt

DEB files:
https://media.dorfbrunnen.eu/briar/debs
https://media.dorfbrunnen.eu/briar/debs/briar-gtk
https://media.dorfbrunnen.eu/briar/debs/briar-gtk/briar-gtk_0.1.0-beta1-1_all.deb
https://media.dorfbrunnen.eu/briar/debs/briar-gtk/briar-gtk_0.1.0-beta1-1_all.deb.sig

Whonixa · September 18, 2020, 5:57pm

For those wanting more info on the features and advantages of Briar for decentralized anonymous & secure messaging, with desktop + mobile compatibility & ease-of-use, I just made an informative overview post of the Briar system here…

nyxnor · September 12, 2022, 2:07pm

GTK is archived, now the link is briar / Briar Desktop · GitLab

Default briar settings:

$ cat ~/.briar/desktop/tor/torrc 
ControlPort 59051
CookieAuthentication 1
DisableNetwork 1
RunAsDaemon 1
SafeSocks 1
SocksPort 59050

Default initialization command:

$ pgrep -fa briar
1098551 briar-desktop
1099158 /home/user/.briar/desktop/tor/tor -f /home/user/.briar/desktop/tor/torrc __OwningControllerProcess 1098551

About __OwningControllerProcess
https://gitweb.torproject.org/torspec.git/tree/control-spec.txt#n1609

There is no option to change the torrc via the GUI.

$ tor-ctrl -m -s 59051 GETINFO config-text
250 OK
250+config-text=
ConnectionPadding 0
ControlPort 59051
CookieAuthentication 1
RunAsDaemon 1
SafeSocks 1
SocksPort 59050
.
250 OK
250 closing connection

I already have a briar hostname, that is the onion v3, but there is no onion on the controller:

$ tor-ctrl -m -s 59051 GETINFO onions/detached onions/detached
250 OK
250-onions/detached=
250-onions/detached=
250 OK
250 closing connection

This means that it was created on the file system.

Default desktop file:

$ cat /opt/briar-desktop/lib/org.briarproject.Briar.desktop

[Desktop Entry]
Name=Briar
Comment=Secure messaging, anywhere
Exec=/opt/briar-desktop/bin/Briar
Icon=/opt/briar-desktop/lib/Briar.png
Terminal=false
Type=Application
Categories=Network;Chat;InstantMessaging;
MimeType=

Their help message leads to core dumped, each means it is not properly handled, but anyway, here are the options:

$ /opt/briar-desktop/bin/Briar -h
Usage: briar-desktop [OPTIONS]

  Briar Desktop Client

Options:
  -d, --debug         Enable printing of debug messages
  -v, --verbose       Print verbose log messages
  --data-dir PATH     The directory where Briar will store its files. Default:
                      /home/user/.briar/desktop
  --socks-port INT    Tor Socks Port
  --control-port INT  Tor Control Port
  -h, --help          Show this message and exit
pure virtual method called
terminate called without an active exception
Aborted (core dumped)

Is this broken like ricochet because it uses a builtin tor on the datadir and uses torrc configuration file instead of controller commands?

Patrick · September 12, 2022, 2:53pm

Possibly.

Briar would need an option to not start its integrated to and to use the pre-existing Tor.
(Which is emulated in Whonix-Workstation.)

If not such option exists, a developer would have to submit a patch to Briar and hope that it gets merged upstream.

Maybe an onion-grater profile would be required (among other possible other required changes):

enable onion-grater debug mode: https://www.whonix.org/wiki/Dev/Control_Port_Filter_Proxy#onion-grater_enable_debug_mode
watch onion-grater debug log: https://www.whonix.org/wiki/Dev/Control_Port_Filter_Proxy#Debugging_Inspiration

nyxnor · September 12, 2022, 3:22pm

__OwningControllerProcess, which will later use tor controllers TAKEOWNERSHIP command to stop tor when the briar-desktop is killed.

So they are using the tor controller. Just need to later debug which commands they are requesting.

Maybe we could try symlinking the ~/.briar/desktop/tor/tor bin to /usr/bin/tor but not sure, for another day.

Patrick · September 12, 2022, 3:29pm

For a clean solution, it needs to be patched upstream.

Patrick · September 12, 2022, 3:32pm

You mean, Tor starts first and then something in Whonix-Workstation connects to their Tor, TAKEOWNERSHIP? Maybe I misunderstand but that seems rather hacky.

Patrick · September 12, 2022, 3:33pm

Something similar we are doing for Bisq:

https://www.whonix.org/wiki/Bisq#Tor_over_Tor_Prevention

nyxnor · September 12, 2022, 3:52pm

The first process lauched is briar-desktop, the parent pid, let’s say the pid it was assigned is 10.
The parent calls the tor binary in the briar data dir and sets __OwningControllerProcess 10, let’s say this process pid is 15.

From the spec:

TAKEOWNERSHIP:
…
This command instructs Tor to shut down when this control
connection is closed.

If you kill process by pid 10 or by process name briar-desktop, then the tor will shut down because the controller connection closed.

I think it is a clean way, it is just not suitable for Whonix because that command is hardcoded on the jar files and makes no difference on Whonix because tor is not on the Workstation.

I will later see if just touch a file there like for bisq before it is created can avoid that issue.

Patrick · September 12, 2022, 9:44pm

But there is Tor emulation. /usr/bin/tor /usr/sbin/tor

storms · June 2, 2023, 9:07pm

There is recent discussion at Briar about using Onion Grater config (similar to Cwtch approach) for Whonix support. If someone who knows more about Whonix needs could chime in over there, it would be appreciated.

nyxnor · June 5, 2023, 3:48pm

I registered to create an account on their Gitlab just know but new accounts needs to be approved by the administrator. If you know someone from there, I would appreciate the authorization to the username “nyxnor”.

Edit: account confirmed

nyxnor · June 5, 2023, 6:09pm

Replied to the issue above to see if they have interest in supporting Whonix. If they do, I will open more elaborate issues on the current problems and possible solutions.