What about Tor Browser 7.0a1, normal, non-hardened version? Could you test that please?
It works on 7.0a1 when you disable xpinstall.signatures.required ,i havenât testet the addon-manager version though
2 Likes
Can you try please? Because perhaps that would be the safer advice than
disabling add-on signature check.
It doesnât work with the addon-manager version, it wants you to reboot TBB but after a reboot itâs still not enabled and âneeds a reboot to enableâ
2 Likes
Could you explain our use case and ask on how to enable add-ons from
addons.mozilla.org on the tbb-dev list please? @HulaHoop
I never got a reply for my first post but sent an update with testing results.
Meanwhile I think the best solution is to recommend @goldsteinâs work around of disabling sig verification to get the old unsigned version on Jessie to work until Stretch is released. I think by Stretch foxyproxy should include the Mozilla sig and this would no longer be needed.
1 Like
A reply has been sent by me just now.
Since we had the issue the foxyproxy installed from packages.debian.org did not work, we can be pretty sure that Tor Browser does add-on signature checking just like Firefox. (xpinstall.signatures.required)
Our trouble of installing add-ons from addons.mozilla.org is most likely not related to xpinstall.signatures.required. An add-on would either never be listed in Firefoxâs add-on manager or labeled as deactivated due to failed signature check.
I speculate, that Tor Browser is doing something to prevent users from the installation of add-ons which we can hopefully disable.
Good letâs see what the TBB devs say, btw has anyone confirmed the Problem on Virtualbox , KVM or TBB without virt. ?
Iâve only tested it on Qubes âŚ
I simplified the instructions considerably. We should keep an eye on 7.0 when it become stable and file a bug report then if it doesnât work.
Shouldnât matter as the hypervisor is very low level.
1 Like
To reverse this and restore the default Tor Browser fingerprint its best to use a VM snapshot taken before installing the add-on.
Reinstallation of Tor Browser would also do (in case there is no snapshot)?
1 Like
I was wondering why the TBB dev got it working ([tbb-dev] Tor Browser and Mozilla addon verification) thats why i asked the Question.
Did anyone test this ?
Edit: Just found GitHub - hrimfaxi/autoproxy-ng: the smart Firefox proxy management add-on which does work on 7.0a1 and could/should replace Foxyproxy as itâs open source
Here is the Site where i found it + instructions how to use it with I2P https://shebang.ws/autoproxy-i2p-eepsites-tor-onions-firefox.html
@HulaHoop what do you think about it ?
FoxyProxy is GPLâd otherwise I would never recommend it. I donât immediately see anything special autoproxy does that foxyproxy doesnât.
Also autoproxy:
- has not been updated since 2013
- has an auto subscribe feature for rule lists which I donât like because I donât know how securely this is implemented and we donât need it anyhow.
- is related to adblock which I distrust for running a racketeering service to force ad companies to pay up in return for whitelisting their stuff.
Latest commit 7df947d on May 24, 2016
this is Optional though
I know that ABP sucks , i dont think that it shares the same policy as ABP (going to check that)
On the good side it works with 7.0a1, i wouldnât write it off the list, but as long as Foxyproxy works we can stick with it.
1 Like
I looked at the addon version available from Mozilla. Realistically we canât expect users to compile a plugin just to get started.
https://addons.mozilla.org/de/firefox/addon/autoproxy-ng/
Thereâs no need to compile it, this is the version from the Github.
If you search for Autoproxy the -ng version should come up at the second place after the old version.
1 Like
Is this file still useful or can it be nuked? @HulaHoop
From 2016. Not documented in the wiki.
Default: nuked for now. Trivial to restore.
Why? Lintian warning:
P: usability-misc source: very-long-line-length-in-source-file 2425 > 512 [usr/share/usability-misc/tbb-foxyproxy/foxyproxy.xml:6]
Can be overwritten but not great if the file is outdated anyhow.
Yeah nuking is the way to go.
1 Like