Piero V.

Torbutton has retired!

Once upon a time, the Tor Browser Bundle was an actual bundle. It included Firefox, the Tor daemon, and Torbutton, the extension to turn on and off the Tor mode in the browser.

This toggle model was not great and extremely confusing to some users. This and other problems led to the creation of Tor Browser: this article contains more details about this story.

From a technical point of view, Torbutton did not really go away. The visible button disappeared, but much of the related code remained.

Part of the state isolation code was not necessary anymore because Tor Browser always runs in private browsing mode or was dropped over the years thanks to Firefox improvements and the Tor Uplift initiative. However, the circuit display, the first-party domain circuit isolation, and other parts of the existing code were still needed. As a result, Torbutton continued to live for many years as a Tor Browser-only built-in extension on its separate repository and included in the browser with git submodules (even though the browser was non-functional without it). New patches and functionalities were written in the Firefox code that constitutes Tor Browser, and the Torbutton code was changed only to fix existing bugs or to keep it working in new versions of Firefox. … [Leggi il resto]

How we develop Tor Browser

Ten days ago, Mullvad released Mullvad Browser. I was involved in its development, being part of the applications team at the Tor Project.

So, I would like to use this occasion to describe how we maintain Tor Browser and the similarities with Mullvad Browser.

Firefox ESR

Tor Browser is a fork of Firefox. However, we are a small team, and we cannot stay on pass with the rapid release channel of Mozilla.

Instead, our starting point is the extended support release, the version geared towards enterprises.

It is not an old Firefox, but a channel Mozilla actively supports for about one year. Like the rapid release, it receives monthly updates, typically only with security patches. It rarely receives new features.

This is an enormous advantage because we can quickly update Tor Browser without auditing the changes. Moreover, these few changes are unlikely to create conflicts to be manually merged and reviewed carefully. … [Leggi il resto]

I have become a professional FOSS developer

I had the luck to get to know free and open source software when I was still a kid. In this way, the willingness to share my knowledge became a part of my culture and personality.

If you browse this site, you will see that I have shared a lot of small projects, like FlatPress plugins. However, I have never been a long-time contributor to a big project.

Moreover, at the end of my University course of study, I had to do an internship to graduate. I went to a software company that creates proprietary programs for the enterprise. I remained for six months and then was hired as an employee, and I stayed for another two years.

I was on a small team developing a CAD, and I enjoyed working with my coworkers a lot (even though I worked remotely for most of the two years because of COVID).

But I did not like using proprietary libraries.

One of them was Parasolid, a geometry kernel developed by Siemens. It is powerful, but some functions are overly complicated to use. It comes with very prolific documentation, and its subscription includes technical support. But it is the only way to troubleshoot your problems: I could never find any public information online, which is extremely surprising in the 2020s! … [Leggi il resto]

Achievement unlocked: Tor T-Shirt

Poco più di due mesi fa scrivevo che avevo messo a disposizione una buona parte della banda della mia VPS per Tor e spiegavo che se fosse andato bene mi sarebbe arrivata la maglietta.

Ebbene, finalmente è arrivata 😀 .


Ad un certo punto pensavo di aver perso una cosa come 40 giorni di uptime perché OVH aveva riavviato il mio VPS per degli interventi di manutenzione, però si sono dimostrati flessibili e alla fine dopo 61 giorni da quando ho aperto il relay mi hanno inviato la mail. Hanno calcolato 1412KB/s di media!

Tra l’altro questo è il modello nuovo, infatti poco prima che potessi riceverla le hanno cambiate.

Grazie ancora, Tor Project 😊 .

Relay Tor

Tor (ovvero The Onion Router) è un progetto il cui scopo è difendere la privacy e l’anonimato degli utenti sul web.

Fondamentalmente si basa sull’aggiunta di step intermedi tra il client e il server, il cui scopo è cambiare origine della richiesta, che dovrà attraversare almeno 3 nodi prima di arrivare a destinazione.

In questo modo il servizio vede come origine della richiesta uno dei cosiddetti exit relay di Tor e questo a sua volta vede un altro nodo Tor e diventa difficile risalire a chi ha originato la richiesta.

I nodi sono gestiti da dei volontari, e anche io adesso ne faccio parte con il mio VPS, ormai da una settimana e finalmente ho ottenuto il flag di relay stabile.

Presso il mio host è perfettamente lecito farlo, purché non si faccia da exit relay, anche perché questi ultimi hanno grosse responsabilità legali.

È importante partecipare a Tor, più la rete è estesa meglio è, poiché aumenta la velocità, si riducono le latenze, nonché il grado di anonimato, quindi se ne avete la possibilità partecipate anche voi…

E se per 2 mesi riuscirete ad avere una media di 500KiB/s il progetto vi ringrazierà donandovi una maglietta di Tor 😊 .