Feature #8577

Evaluate Tor Messenger in the context of Tails

Added by intrigeri 2015-01-07 12:12:17 . Updated 2018-04-10 08:29:27 .

Status:
Resolved
Priority:
Low
Assignee:
Category:
Target version:
Start date:
2015-01-07
Due date:
% Done:

100%

Feature Branch:
feature/8577-tor-messenger
Type of work:
Test
Blueprint:

Starter:
Affected tool:
Instant Messaging
Deliverable for:

Description

Files

tormessenger-apparmor.patch (2244 B) anonym, 2015-10-30 15:29:35

Subtasks

History

#1 Updated by sajolida 2015-01-08 12:37:31

  • Description updated

#2 Updated by intrigeri 2015-03-03 18:40:39

  • Description updated

#3 Updated by sycamoreone 2015-08-05 05:23:07

What exactly should “in the context of Tails” mean here? This could be about usability, security, necessary features, or about the way the software is distributed (i.e. official Debian packages vs. programs directly taken from the Tor Project like the TBB).

#4 Updated by intrigeri 2015-08-05 06:50:45

> What exactly should “in the context of Tails” mean here?

I would say: try it in Tails, see what works or not, and ideally evaluate how painful it would be to integrate it.

#5 Updated by anonym 2015-10-30 08:49:29

Tor Messenger has gone a bit more public now: https://blog.torproject.org/blog/tor-messenger-beta-chat-over-tor-easily

#6 Updated by anonym 2015-10-30 10:59:31

Potential problem: it seems one cannot add chats (e.g. IRC channels) without auto-join. So we cannot add #tails like we do in Pidgin unless we want users to auto-join there.

#7 Updated by anonym 2015-10-30 11:13:11

anonym wrote:
> Potential problem: it seems one cannot add chats (e.g. IRC channels) without auto-join. So we cannot add #tails like we do in Pidgin unless we want users to auto-join there.

Clarification: in Pidgin pre-configured chats can be marked persistent and auto-join. In Tor Messenger, the auto-join option corresponds to both of these — there’s no way to pre-configure a chat so it is only persistent, but without auto-join.

#8 Updated by anonym 2015-10-30 14:19:00

  • Assignee set to anonym
  • % Done changed from 0 to 30
  • Feature Branch set to feature/8577-tor-messenger

I’ve pushed a PoC integrating Tor Messenger into Tails. It turns out it’s pretty easy using similar techniques as was done for the Tor Browser, surprise-surprise. Some stuff that remains to do are:

  • code refactoring:
    • config/chroot_local-hooks/{11-tor-messenger,10-tbb}
    • config/chroot_local-includes/usr/local/bin/{tor-messenger,tor-browser}
  • Deduplicating of shared libraries used by both the Tor Messenger and Tor Browser. Hmm. Can we even remove some of them and use those we install via Debian? And what about now when we have Icedove?
  • Tor Messenger becoming stable :)

Also there’s the issue I mentioned in comments Feature #8577#note-6 and Feature #8577#note-7.

#9 Updated by anonym 2015-10-30 15:30:21

FWIW I also did some very low budget AppArmor testing. See attached patch, based on the torbrowser one.

Which reminds me: does Tor Messenger support file transfers (at least in some protocols)? I guess not, which is good vs AppArmor. Pidgin supports it in XMPP, for instance, but I think it works poorly with Tor. I guess we don’t care (?).

#10 Updated by anonym 2015-10-31 14:00:15

For any one that wants to have a look, there are nightly builds here: http://nightly.tails.boum.org/build_Tails_ISO_feature-8577-tor-messenger/lastSuccessful/archive/build-artifacts/

Please don’t report issues to the Tor Messenger developers unless you can reproduce it outside of Tails too!

#11 Updated by sycamoreone 2015-12-14 13:56:46

  • anonym, do you have plans to update the branch to 0.1.0b4 or should one test the existing branch?
  • Question/answer from the blog.torproject.org announcement of 0.1.0b4:

> On December 10th, 2015 Anonymous said:
>
> Will Tor Messenger be available as a Debian package? Maybe not now but when a
> first stable version will be released? (Tor is available in the repos unlike
> TBB)

> On December 11th, 2015 sukhbir said:
>
> Yes, that’s our goal as well. It’s just that we haven’t decided a timeline
> for that yet but it’s certainly on our priority list (something related is
> the updater.)

Maybe it would be less work (in the long term at least) to help the Tor Messenger project to bundle the program for Debian, if that is already a goal.

#12 Updated by anonym 2016-09-20 06:42:16

Sorry for the late reply! :S

sycamoreone wrote:
> * anonym, do you have plans to update the branch to 0.1.0b4 or should one test the existing branch?

Apparently I didn’t, but I went ahead and updated to version 0.2.0b2. I didn’t test it myself, so we’ll see if Jenkins managed to build something, and if the old integration work I did still works.

> * Pidgin supports XMPP file transfer, but these are not encrypted. From https://otr.cypherpunks.ca/README-pidgin-otr-4.0.1.txt:
> > This plugin only attempts to protect instant messages, not multi-party chats, file transfers, etc.

Right. Well, this encrypted file transfers is not a blocker, I suppose.

> * Question/answer from the blog.torproject.org announcement of 0.1.0b4:
>
> > On December 10th, 2015 Anonymous said:
> >
> > Will Tor Messenger be available as a Debian package? Maybe not now but when a
> > first stable version will be released? (Tor is available in the repos unlike
> > TBB)
>
> > On December 11th, 2015 sukhbir said:
> >
> > Yes, that’s our goal as well. It’s just that we haven’t decided a timeline
> > for that yet but it’s certainly on our priority list (something related is
> > the updater.)
>
> Maybe it would be less work (in the long term at least) to help the Tor Messenger project to bundle the program for Debian, if that is already a goal.

This will only be true if both Tor Browser and Tor Messenger are packaged — both use the same hacks in our build process, so as long as at least one of them are not packaged, we need to keep maintain these hacks.

#13 Updated by sycamoreone 2016-12-29 14:51:17

There is now another release of Tor Messenger: 0.3.0b1

@anonym Could you point to your scripts/hacks/config that is used to import Tor Messenger?

#14 Updated by anonym 2016-12-29 14:57:31

sycamoreone wrote:
> There is now another release of Tor Messenger: 0.3.0b1

Yeah! It should be easy to import.

> @anonym Could you point to your scripts/hacks/config that is used to import Tor Messenger?

In the feature branch it can be found in config/chroot_local-hooks/11-tor-messenger. With some luck, all that is needed to upgrade Tor Messenger is a commit similar to commit:55dc6098348246b7e23af9d7027ef2883d407f7d.

#15 Updated by Kurtis 2017-01-23 00:21:27

As the evaluation on whether or not to add Tor Messenger to Tails progresses, I just wanted to add that discussions are afoot to add OMEMO encryption support to both Tor Messenger and its upstream, InstantBird at the following links:

OMEMO+XMPP+InstantBird: https://bugzilla.mozilla.org/show_bug.cgi?id=1237416
OMEMO+XMPP+TorMessenger: https://trac.torproject.org/projects/tor/ticket/17457

A feature request ticket to add OMEMO encryption support for Tail’s messenger can be found here: https://labs.riseup.net/code/issues/11541

#16 Updated by anonym 2017-09-27 17:07:56

  • Status changed from Confirmed to In Progress

Applied in changeset commit:4e54dc45498e072b382ec1f82287a0ee5afb659d.

#17 Updated by anonym 2017-09-27 17:15:36

Kurtis wrote:
> discussions are afoot to add OMEMO encryption support to both Tor Messenger and its upstream, InstantBird

Any news on this front, Kurtis? The discussion on those tickets didn’t progress since then, 8 months ago.

In other news, the feature branch now installs Tor Messenger 0.4.0b3. Experimental Tails builds will be available here within the hour: https://nightly.tails.boum.org/build_Tails_ISO_feature-8577-tor-messenger/lastSuccessful/archive/build-artifacts/

#18 Updated by anonym 2017-09-28 14:58:36

anonym wrote:
> In other news, the feature branch now installs Tor Messenger 0.4.0b3.

And now it installs 0.5.0b1 and is confined by AppArmor. There’s also an automated test which verifies that the application starts and displays the expected windows. Tails ISO images can be found at the same place: https://nightly.tails.boum.org/build_Tails_ISO_feature-8577-tor-messenger/lastSuccessful/archive/build-artifacts/

#19 Updated by sajolida 2017-10-25 09:34:32

Sukhbir sent a mail to tor-project explaining the future of Tor Messenger. If I understand correctly, it might end up being merged in Thunderbird:

https://lists.torproject.org/pipermail/tor-project/2017-October/001521.html

#20 Updated by Kurtis 2017-12-11 03:22:33

I commented in the Tor Messenger and Instand Bird issues again to see if they can make some movement happen on the OMEMO front.

#21 Updated by denkxor 2018-04-09 16:50:13

According to
https://blog.torproject.org/sunsetting-tor-messenger
tor decided to discontinue supporting tor messenger.
Probably this means tor messenger is not a candidate for becoming shipped with tails anymore?

#22 Updated by intrigeri 2018-04-10 08:20:59

  • Status changed from In Progress to Resolved

> Probably this means tor messenger is not a candidate for becoming shipped with tails anymore?

Absolutely, which concludes this evaluation.

#23 Updated by intrigeri 2018-04-10 08:29:27

  • Assignee deleted (anonym)
  • % Done changed from 30 to 100