Since over a year, I have successfully been using /etc/torbrowser.d/user.js as least-invasive method to let TBB’s security slider default to “Hardest” mode (Qubes-Whonix):
With latest TBB update, this unfortunately does not work anymore. Some observations:
Setting seems to haved changed to browser.security_level.security_slider, hasn’t it?
, but still does not work.
The user.jsis successfully copied from /etc/torbrowser.d/user.js to ~/.tb/tor-browser/Browser/TorBrowser/Data/Browser/profile.default/user.js with disposable start. If Browser is closed and restarted (without killing the whole disposable), then security slider is set correctly to “Hardest”.
Hence I assume some sort of race condition between:
copy user.js over to TBB config folder
TBB start
Might anybody confirm, reject or suggest a possible fix?
That I find highly unlikely. The copy operation is “guaranteed” to have completed before Tor Browser is started. You could reproduce that manually to confirm.
Find out how to customize Tor Browser using a settings file prior ever a Tor Browser first start. Without Whonix being involved. For example on Debian.
Once potential bugs have been reported, fixed upstream in Tor Browser, once it’s clear how to do this manually, it would be likely be easy to update tb-updater to do the same.
Thanks for the quick reply @Patrick .
And you are right, this is a more general issue. I tested with vanilla Tor Browser wihout any Whonix participation.
On the first (fresh) start of Tor Browser, an existent user.js inside profile.default (which at this point is almost empty) is ignored. Any subsequent start of Tor Browser (with now fully initialized profile) will consider user.js though. I am wondering
if there had been a change since TBB 12
if TBB is supposed to support default configurations via user.js with fresh profile, which is important for Qubes disposable templates, as each time a new fresh profile is created
Before v12 everything worked for. Having had a look at an earlier post from you (*1) and the script in Whonix /usr/bin/torbrowser, I assume this basically is supposed to work?
Do you have more info on the topic? If helpful, will also request clarification in the tor forums.
How to pre-configure Tor Browser using a configuration file before Tor Browser’s first start?
How to set the Tor Browser security slider to maximum using a configuration file before Tor Browser’s first start?
I don’t know if upstream, the developers of Tor Browser are considering this the user.js / set security slider to maximum using a settings file use case. user.js is probably a feature by upstream’s upstream, which is Mozilla Firefox which hasn’t been considered / tested to not being broken by the Tor Browser developers.
It used to work but /usr/bin/torbrowser cannot do any black magic. It can only automate which at least in principle can also be done manually. If it cannot be done manually, then I cannot help to make it more comfortable / automated.
This could be related to the way the Tor Browser built-in (it’s no longer an add-on nowadays) security slider is initialized, it it respects user.js or Browser/defaults/pref.
Did anyone found a solution to this? I want to have safest security setting in DispVM by default, without the whole DispVM customization procedure that probably changes too much and makes the AppVM easily fingerprintable, at least in case of a compromise…
I have no idea at what point the initial settings of the browser are “initialized” and a user.js is actually read. As OP said, closing the browser, then starting it again starts reading settings from user.js correctly, including the security slider.
On non-Qubes Whonix with live mode, I resorted to a small script what waited for Tor Browser’s window to exist. It seems that when the window exists, default settings are already “initialized”, whatever that means (but just checking for firefox.real process to exist was not enough. It would have to go far enough for a TB window to open). So I then closed the window with wmctrl -c 'Tor Browser' command, then started TB again. It worked.
However, on Qubes the command wmctrl doesn’t work in AppVMs. Maybe it’s possible to detect when TB is firstly “initialized” by some other means, but who know what that could be…
Even if it all worked, you would have to probably create a custom .desktop file with a script wrapper in Exec= anyway. To reduce VM uniqueness, maybe just deleting it (as well as the script, so it would have to self-delete) as soon as TB is initialized, would suffice?
Most likely the only chance is for you to approach this as per Generic Bug Reproduction. Meaning, remove any Qubes / Whonix specific parts of your question for simplification and redirect these questions to the Tor Browser support as a general question as if using Tor Browser on Debian.
Without anyone doing this, no progress towards a solution should be expected.