install Tor Browser by default in Qubes-Whonix

phabricator-migrator · February 19, 2024, 5:49pm

Information

ID: 337
PHID: PHID-TASK-7seydzfybccqgrbmb5r2
Author: Patrick
Status at Migration Time: resolved
Priority at Migration Time: Normal

Description

For better #usability.

Whonix’s #build script as well as #tb-updater already supports that. Build script command line switch:

## --tb none|closed|open
## none: Do not install Tor Browser.
## closed: Fail closed if Tor Browser cannot be installed.
## open: Fail open if Tor Browser cannot and installed.

Failing open vs closed:

Failing open: if Tor Browser download fails, the build continues without invoking the error handler.
Failing closed: if Tor Browser download fails, the build invokes the error handler.

Why not fix tb-updater and make sure it does not fail?

Economically impossible. In past, TPO kept changing download locations, links, verification scheme, version format and more. I would be surprised, if tb-updater won’t need to be updated in future again to cope up with their changes.

What are the reasons, why we didn’t do this earlier for Whonix 10? From Tor Browser Essentials.

Tor Browser is not installed by default anymore. If you are interested in the reasons why, […]

Licensing reasons:

Mozilla trademark: Mozilla trademarks still remain in some about: urls (#10888) · Issues · Legacy / Trac · GitLab

The Tor Project trademark: The Tor Project Trademark versus TorBOX / Whonix

If the distributor of Qubes-Whonix, the Qubes team doesn’t mind, I (@Patrick) won’t mind either.

Security reasons:

Forces the user to get an up to date version of Tor Browser. By the time users download Whonix, mostly the shipped version of Tor Browser would be already outdated.

Could be solved by frequent releases if you’re up for that. Or solved by having users manually upgrade. Then at least half of the time they have better usability.

Technical reasons:

Users who build Whonix from source code won’t have issues with a build script that is broken, just because of issues with downloading Tor Browser. [Although since Whonix 10 the build script has an option --tb open that would fail open, i.e let the build continue, even if Tor Browser download failed as opposed to --tb closed that would fail closed, i.e. invoke the usual error handler of the build script. (Default is --tb none.)]

What’s your thoughts on that… Do we want the build to fail open or closed by default?

Comments

nrgaway

2015-06-03 20:27:17 UTC

Patrick

2015-06-03 20:37:24 UTC

nrgaway

2015-06-03 20:47:28 UTC

Patrick

2015-06-03 21:15:28 UTC

! In T337#5182, @nrgaway wrote:
It should fail as the build would not be complete.

Ok.

I think it might be better for qubes-builder to download and verify the browser though, then it would be available to install after Whonix?

When you run whonix_build, just add below line ~175…
 --tb closed \
That’s all and this ticket will be implemented. [+ testing] It will be installed in the image. And therefore of course be available after first boot of the image.

(FYI: This is done by the chroot-script /usr/lib/anon-dist/chroot-scripts-post.d/70_torbrowser)

Whonix’s build script can do this. The ability to implement this ticket is one reason why I implemented this. I don’t know what benefit it would have to re-implement this in qubes-builder.

nrgaway

2015-06-03 22:36:07 UTC

Patrick

2015-06-03 22:42:52 UTC

Patrick

2015-08-15 00:39:25 UTC