Feature #17281

Tell other privacy distributions how we replaced TorBirdy

Added by segfault 2019-12-01 11:45:34 . Updated 2020-03-10 12:08:11 .

Status:
Resolved
Priority:
Normal
Assignee:
Category:
Target version:
Start date:
Due date:
% Done:

0%

Feature Branch:
Type of work:
Communicate
Blueprint:

Starter:
Affected tool:
Deliverable for:

Description


Subtasks


Related issues

Related to Tails - Feature #17219: Replace TorBirdy Resolved

History

#1 Updated by segfault 2019-12-01 11:45:44

#2 Updated by CyrilBrulebois 2019-12-04 11:31:34

  • Target version changed from Tails_4.1 to Tails_4.2

#3 Updated by CyrilBrulebois 2020-01-07 18:00:43

  • Target version changed from Tails_4.2 to Tails_4.3

#4 Updated by anonym 2020-02-11 15:26:26

  • Target version changed from Tails_4.3 to Tails_4.4

#5 Updated by segfault 2020-02-12 10:02:04

I don’t know of any other privacy distributions that ship / used to ship Torbirdy. Qubes and Whonix do not (I thought that Whonix does, but I checked and it does not).

#6 Updated by cypherpunks 2020-02-12 10:23:30

It might be useful to document it for people who want to do that manually on their distribution.

#7 Updated by segfault 2020-02-12 17:08:24

  • Status changed from Confirmed to Resolved

cypherpunks wrote:
> It might be useful to document it for people who want to do that manually on their distribution.

Since this requires applying patches to Thunderbird and compiling it, I expect that very few users will actually do that. Also, we’re working on upstreaming those patches (see Feature #17283, one was already merged, the other is still WIP). So IMO for now it’s good enough to document this here and refer users to it:

We replaced TorBirdy by these two patches:

tails.git/config/chroot_local-includes/usr/share/tails/build/thunderbird-patches/Avoid-local-timestamp-disclosure-in-Date-header.patch
tails.git/config/chroot_local-includes/usr/share/tails/build/thunderbird-patches/Avoid-spellchecking-language-disclosure-in-Content-Language-header.patch

… and the Thunderbird preferences below the “Network settings adopted from TorBirdy”/“Enigmail preferences adopted from TorBirdy” comments in:

tails.git/config/chroot_local-includes/etc/thunderbird/pref/thunderbird.js
tails.git/config/chroot_local-includes/usr/lib/thunderbird/thunderbird.cfg

#8 Updated by intrigeri 2020-02-14 09:02:37

> Since this requires applying patches to Thunderbird and compiling it, I expect that very few users will actually do that. Also, we’re working on upstreaming those patches (one was already merged, the other is still WIP). So IMO for now it’s good enough to document this here and refer users to it:

Additionally, we’ve document most/all of this in our design doc: https://tails.boum.org/contribute/design/

#9 Updated by adrelanos 2020-03-02 13:00:14

segfault wrote:
> I don’t know of any other privacy distributions that ship / used to ship Torbirdy. Qubes and Whonix do not (I thought that Whonix does, but I checked and it does not).

Whonix used to ship torbirdy. And Whonix used to recommend torbirdy in documentation.

Was wondering too how to ship the same Thunderbird settings that Tails is now shipping to replace torbirdy.

https://forums.whonix.org/t/torbirdy-deprecated-replacement-required/8782/6

But did not mange to wrap my head around the implementation and port it over to Whonix yet.

#10 Updated by segfault 2020-03-06 01:08:24

adrelanos wrote:
> segfault wrote:
> > I don’t know of any other privacy distributions that ship / used to ship Torbirdy. Qubes and Whonix do not (I thought that Whonix does, but I checked and it does not).
>
> Whonix used to ship torbirdy. And Whonix used to recommend torbirdy in documentation.
>
> Was wondering too how to ship the same Thunderbird settings that Tails is now shipping to replace torbirdy.
>
> https://forums.whonix.org/t/torbirdy-deprecated-replacement-required/8782/6
>
> But did not mange to wrap my head around the implementation and port it over to Whonix yet.

Thanks for the link! It’s interesting to read that Whonix devs were actually following our work quite closely - even if they never got in touch with us, which probably would have been an easier way for them to find out which parts of our solution they could reuse and which parts are hard to reuse. Anyway, Patrick summarized it quite well in his latest post: Whonix could easily re-use the settings we adopted from TorBirdy in our config files:

tails.git/config/chroot_local-includes/etc/thunderbird/pref/thunderbird.js
tails.git/config/chroot_local-includes/usr/lib/thunderbird/thunderbird.cfg

But for two features of TorBirdy, we found no other way to preserve them than to patch Thunderbird, which Whonix can’t easily do, because they don’t build Thunderbird themselves. Note that we are working on upstreaming those patches, see Feature #17283.

#11 Updated by intrigeri 2020-03-06 07:27:32

> But for two features of TorBirdy, we found no other way to preserve them than to patch Thunderbird, which Whonix can’t easily do, because they don’t build Thunderbird themselves.

Note that we do not build Thunderbird ourselves either anymore: the files affected by these patches are plaintext JavaScript so we patch them in place after having installed the Debian package.

That works for a live system such as Tails, but I guess it won’t work for Whonix, which is probably what segfault meant :)

#12 Updated by adrelanos 2020-03-10 12:08:11

I guess readers of https://trac.torproject.org/projects/tor/ticket/31341 and https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=945456 might be interested in your solution too.