[HOME] [DOWNLOAD] [DOCS] [NEWS] [SUPPORT] [TIPS] [ISSUES] [DONATE]

torbirdy deprecated - replacement required

Shit. TorBirdy is EOL :frowning:

What do we do now? Recommend a less featured alternative? Try to tighten things using custom prefs? Where does one begin?

1 Like

HulaHoop via Whonix Forum:

Where does one begin?

With the research paper that resulted in creation of torbirdy?

1 Like

To keep track:

https://trac.torproject.org/projects/tor/ticket/31341

Clearly not going to be solved anytime soon.

Better solution, rip off the Tails configuration once they have that sorted @tempest (for your eventual guide update):

https://redmine.tails.boum.org/code/issues/17219

(Take note of this)

AFAICT TorBirdy does only the following:

It sets safe values for certain @pref@s, in particular the proxy settings
It offers an alternative (non-automated) account setup wizard
It enforces port 563 + SSL/TLS for NNTP
It changes some hardcoded account defaults for RSS to disable automatic fetching on startup/periodically

We never used 2 since we always patched Thunderbird’s automated setup wizard so it’s safe and used it. 3 is for NNTP which we could disable it (e.g. hide via userChrome.css) if we care enough. 4 doesn’t feel so very serious – if someone profiles you via your subscribed RSS feeds automatic fetching would leak your approximately uptime (btw, did we care about this with Liferea?). We really care about the result of 1, however.

So dropping TorBirdy could be as simple as:

Convince ourselves that losing 3-4 is ok
Import the resulting pref@s from a started Thunderbird with TorBirdy from an up-to-date Tails session (i.e. just copy its @prefs.js and manicure it)

So the simple solution might be to let the Tails dev do all the hard work, focus on the prefs that need changing (users can manually do that once sorted) then just copy whatever other instructions are necessary as above once they are done. Thereby avoiding TorBirdy completely in the future, since it’s not a Tor Project priority.

We should also deprecate most of the content of the existing wiki page and refer to the Tor bug until that is done.

1 Like

great. yet another hiccup and roadblock. i’m also dealing with some server issues at the onion. the hard drives were seized by law enforcement back a few months ago and permissions have yet to be set on new server to allow for proper ftp. in the mean time, if you want the old guide, it’s up here for 30 days. it has my verification sig with it. obviously, the torbirdy problem is not addressed.






1 Like

Thanks - got it.

PS don’t waste your talents on those Twitter trolls :slight_smile:

There are a host of manual fixes required - just changing a host of prefs probably won’t cut it. I see Tails devs talking about preventing having email drafts stored on the remote server and a bunch of other things.

All of this reminds me of why email is s**t. Protocol is weak, nobody uses PGP, too many security & anonymity holes, a ton of steps required, and in a world of 8 billion people we don’t have a single outfit with serious $ supporting basic development required (like TorBirdy updates) to implement necessary fixes…

1 Like

Dunno. Could be because Tails always did more than torbirdy. They fixed the account creation wizzard which torbirdy just disabled.

well, the tails devs have chosen imap as the default. so, i can see why they are spinning their wheels on drafts saved on server. obvious answer to me is to use pop3. but, for an amnesiac style system that doesn’t save to hd, i guess i can see why they may focus on imap. personally, i think leaving any messages on a server longer than necessary is an awful idea. but, perhaps i’m missing something.

as for twitter trolls, sometimes they are a fun distraction when obstacles block work progress. :wink:

1 Like

btw, i would also love to move away from email completely for instructions to users. unfortunately, since a number of services still require an email address for registration and recovery purposes, and using a temporary throw away account is not a great idea for securing access to such services, it appears to be an issue that is not going anywhere any time soon.

From Tails changelog:

  • Replace the _TorBirdy_extension with custom settings and patches in Thunderbird that provide equivalent privacy.

Is this code easily usable by us?

  • Mindless copy/paste job?
    • Unfortunately not. Needs someone look into it.
  • Difficulty?
    • Probably low-medium.
  • Re-usable?
    • Partially yes.
  • Partially re-usable sufficient?
    • Probably yes.
      • Why?
        • “Dunno. Could be because Tails always did more than torbirdy. They fixed the account creation wizard which torbirdy just disabled.”
  • Why only partially and not fully re-usable?
    • Because they patch Thunderbird as far as I understand. These patches don’t survive upgrading the Thunderbird Debian package. This is OKish for Tails since they release new ISOs while Whonix relies on APT for upgrades.

TODO:

  1. see this very post torbirdy deprecated - replacement required then read all these files, try to somewhat make head or tail of it
  2. Files from /etc/thunderbird/ can probably be copied over to anon-apps-config /etc/thunderbird/.
  3. Some adjustments may be needed. Reading above files is required.

This might be good enough or even if not perfect still be a superb enhancement.

Quote Tails ticket: Tell other privacy distributions how we replaced TorBirdy

Updated by adrelanos 8 days ago

Quote

segfault wrote:

I don’t know of any other privacy distributions that ship / used to ship Torbirdy. Qubes and Whonix do not (I thought that Whonix does, but I checked and it does not).

Whonix used to ship torbirdy. And Whonix used to recommend torbirdy in documentation.

Was wondering too how to ship the same Thunderbird settings that Tails is now shipping to replace torbirdy.

torbirdy deprecated - replacement required

But did not mange to wrap my head around the implementation and port it over to Whonix yet.

#10 Updated by segfault 4 days ago

Quote

adrelanos wrote:

segfault wrote:

I don’t know of any other privacy distributions that ship / used to ship Torbirdy. Qubes and Whonix do not (I thought that Whonix does, but I checked and it does not).

Whonix used to ship torbirdy. And Whonix used to recommend torbirdy in documentation.

Was wondering too how to ship the same Thunderbird settings that Tails is now shipping to replace torbirdy.

torbirdy deprecated - replacement required

But did not mange to wrap my head around the implementation and port it over to Whonix yet.

Thanks for the link! It’s interesting to read that Whonix devs were actually following our work quite closely - even if they never got in touch with us, which probably would have been an easier way for them to find out which parts of our solution they could reuse and which parts are hard to reuse. Anyway, Patrick summarized it quite well in his latest post: Whonix could easily re-use the settings we adopted from TorBirdy in our config files:

tails.git/config/chroot_local-includes/etc/thunderbird/pref/thunderbird.js
tails.git/config/chroot_local-includes/usr/lib/thunderbird/thunderbird.cfg

But for two features of TorBirdy, we found no other way to preserve them than to patch Thunderbird, which Whonix can’t easily do, because they don’t build Thunderbird themselves. Note that we are working on upstreaming those patches, see #17283.

#11 Updated by intrigeri 4 days ago

Quote

But for two features of TorBirdy, we found no other way to preserve them than to patch Thunderbird, which Whonix can’t easily do, because they don’t build Thunderbird themselves.

Note that we do not build Thunderbird ourselves either anymore: the files affected by these patches are plaintext JavaScript so we patch them in place after having installed the Debian package.

That works for a live system such as Tails, but I guess it won’t work for Whonix, which is probably what segfault meant :slight_smile:

#12 Updated by adrelanos less than a minute ago

Quote

I guess readers of https://trac.torproject.org/projects/tor/ticket/31341 and https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=945456 might be interested in your solution too.

1 Like
1 Like
[Imprint] [Privacy Policy] [Cookie Policy] [Terms of Use] [E-Sign Consent] [DMCA] [Investors] [Priority Support] [Professional Support]