zerotracepen (1.4)

  • Major new features

    • Upgrade Tor Browser to 4.5.1, based on Firefox 31.7.0 ESR, which
      introduces many major new features for usability, security and
      privacy. Unfortunately its per-tab circuit view did not make it
      into Zero Trace Pen yet since it requires exposing more Tor state to the
      user running the Tor Browser than we are currently comfortable
      with. (Closes: #9031, #9369)

    • Upgrade Tor to 0.2.6.7-1~d70.wheezy+1+zerotracepen2. Like in the Tor
      bundled with the Tor Browser, we patch it so that circuits used
      for SOCKSAuth streams have their lifetime increased indefinitely
      while in active use. This currently only affects the Tor Browser
      in Zero Trace Pen, and should improve the experience on certain web sites
      that otherwise would switch language or log you out every ten
      minutes or so when Tor switches circuit. (Closes: #7934)

    • Security fixes

    • tor-browser wrapper script: avoid offering avenues to arbitrary
      code execution to e.g. an exploited Pidgin. AppArmor Ux rules
      don't sanitize $PATH, which can lead to an exploited application
      (that's allowed to run this script unconfined, e.g. Pidgin)
      having this script run arbitrary code, violating that
      application's confinement. Let's prevent that by setting PATH to
      a list of directories where only root can write. (Closes: #9370)

    • Upgrade Linux to 3.16.7-ckt9-3.

    • Upgrade curl to 7.26.0-1+wheezy13.

    • Upgrade dpkg to 1.16.16.

    • Upgrade gstreamer0.10-plugins-bad to 0.10.23-7.1+deb7u2.

    • Upgrade libgd2-xpm to 2.0.36~rc1~dfsg-6.1+deb7u1.

    • Upgrade openldap to 2.4.31-2.

    • Upgrade LibreOffice to 1:3.5.4+dfsg2-0+deb7u4.

    • Upgrade libruby1.9.1 to 1.9.3.194-8.1+deb7u5.

    • Upgrade libtasn1-3 to 2.13-2+deb7u2.

    • Upgrade libx11 to 2:1.5.0-1+deb7u2.

    • Upgrade libxml-libxml-perl to 2.0001+dfsg-1+deb7u1.

    • Upgrade libxml2 to 2.8.0+dfsg1-7+wheezy4.

    • Upgrade OpenJDK to 7u79-2.5.5-1~deb7u1.

    • Upgrade ppp to 2.4.5-5.1+deb7u2.

    • Bugfixes

    • Disable security warnings when connecting to POP3 and IMAP ports.
      (Closes: #9327)

    • Make the Windows 8 browser theme compatible with the Unsafe and I2P
      browsers. (Closes: #9138)

    • Hide Torbutton's "Tor Network Settings..." context menu entry.
      (Closes: #7647)

    • Upgrade the syslinux packages to support booting Zero Trace Pen on
      Chromebook C720-2800. (Closes: #9044)

    • Enable localization in Zero Trace Pen Upgrader. (Closes: #9190)

    • Make sure the system clock isn't before the build date during
      early boot. Our live-config hook that imports our signing keys
      depend on that the system clock isn't before the date when the
      keys where created. (Closes: #9149)

    • Set GNOME's OpenPGP keys via desktop.gnome.crypto.pgp to prevent
      us from getting GNOME's default keyserver in addition to our
      own. (Closes: #9233)

    • Prevent Firefox from crashing when Orca is enabled: grant
      it access to assistive technologies in its Apparmor
      profile. (Closes: #9261)

    • Add Jessie APT source. (Closes: #9278)

    • Fix set_simple_config_key(). If the key already existed in the
      config file before the call, all other lines would be removed
      due to the sed option -n and p combo. (Closes: #9122)

    • Remove illegal instance of local outside of function definition.
      Together with set -e that error has prevented this script from
      restarting Vidalia, like it should. (Closes: #9328)

    • Minor improvements

    • Upgrade I2P to 0.9.19-3~deb7u+1.

    • Install Tor Browser's bundled Torbutton instead of custom .deb.
      As of Torbutton 1.9.1.0 everything we need has been upstreamed.

    • Install Tor Browser's bundled Tor Launcher instead of our
      in-tree version. With Tor 0.2.6.x our custom patches for the
      ClientTransportPlugin hacks are not needed any more. (Closes:

      7283)

    • Don't install msmtp and mutt. (Closes: #8727)

    • Install fonts-linuxlibertine for improved Vietnamese support in
      LibreOffice. (Closes: #8996)

    • Remove obsoletete #i2p-help IRC channel from the Pidgin
      configuration (Closes: #9137)

    • Add Gedit shortcut to gpgApplet's context menu. Thanks to Ivan
      Bliminse for the patch. (Closes: #9069).

    • Install printer-driver-gutenprint to support more printer
      models. (Closes: #8994).

    • Install paperkey for off-line OpenPGP key backup. (Closes: #8957)

    • Hide the Tor logo in Tor Launcher. (Closes: #8696)

    • Remove useless log() instance in zerotracepen-unblock-network. (Closes:

      9034)

    • Install cdrdao: this enables Brasero to burn combined data/audio
      CDs and to do byte-to-byte disc copy.

    • Hide access to the Add-ons manager in the Unsafe Browser. It's
      currently broken (#9307) but we any way do not want users to
      install add-ons in the Unsafe Browser. (Closes: #9305)

    • Disable warnings on StartTLS for POP3 and IMAP (Will-fix: #9327)
      The default value of this option activates warnings on ports
      23,109,110,143. This commit disables the warnings for POP3 and
      IMAP as these could be equally used in encrypted StartTLS
      connections. (Closes: #9327)

    • Completely rework how we localize our browser by generating our
      branding add-on, and search plugins programatically. This
      improves the localization for the ar, es, fa, ko, nl, pl, ru,
      tr, vi and zh_CN locales by localizing the Startpage and
      Disconnect.me search plugins. Following Tor Browser 4.5's recent
      switch, we now use Disconnect.me as the default search
      engine. (Closes: #9309)

    • Actively set Google as the Unsafe Browser's default search
      engine.

    • Build system

    • Encode in Git which APT suites to include when building Zero Trace Pen.
      (Closes: #8654)

    • Clean up the list of packages we install. (Closes: #6073)

    • Run auto/{build,clean,config} under `set -x' for improved
      debugging.

    • Zero-pad our ISO images so their size is divisible by 2048.
      The data part of an ISO image's sectors is 2048 bytes, which
      implies that ISO images should always have a size divisible
      by 2048. Some applications, e.g. VirtualBox, use this as a sanity
      check, treating ISO images for which this isn't true as garbage.
      Our isohybrid post-processing does not ensure this,
      however. Also Output ISO size before/after isohybrid'ing and
      truncate'ing it. This will help detect if/when truncate is
      needed at all, so that we can report back to syslinux
      maintainers more useful information. (Closes: #8891)

    • Vagrant: raise apt-cacher-ng's ExTreshold preference to 50. The
      goal here is to avoid Tor Browser tarballs being deleted by
      apt-cacher-ng's daily expiration cronjob: they're not listed in
      any APT repo's index file, so acng will be quite eager to clean
      them up.

    • Test suite

    • Bring dependency checks up-to-date (Closes: #8988).

    • Adapt test suite to be run on Debian Jessie, which includes
      removing various Wheezy-specific workarounds, adding a few
      specific to Jessie, migrating from ffmpeg to libav, and
      more. (Closes: #8165)

    • Test that MAT can see that a PDF is dirty (Closes: #9136).

    • Allow throwing Timeout::Error in try_for() blocks, as well as
      nested try_for() (Closes: #9189, #9290).

    • Read test suite configuration files from the features/config/local.d
      directory. (Closes: #9220)

    • Kill virt-viewer with SIGTERM, not SIGINT, to prevent hordes of
      zombie processes from appearing. (Closes: #9139)

    • Kill Xvfb with SIGTERM, not SIGKILL, on test suite exit to allow
      it to properly clean up. (Closes: #8707)

    • Split SSH & SFTP configs in the test suite. (Closes: #9257)

    • Improve how we start subprocesses in the test suite, mostly by
      bypassing the shell for greater security and robustness (Closes:

      9253)

    • Add Electrum test feature. (Closes #8963)

    • Test that Zero Trace Pen Installer detects when USB devices are
      removed. (Closes: #9131)

    • Test Zero Trace Pen Installer with devices which are too small. (Closes:

      9129)

    • Test that the Report an Error launcher works in German. (Closes:

      9143)

    • Verify that no extensions are installed in the Unsafe Browser
      using about:support instead of about:addons, which is broken
      (#9307). (Closes: #9306)

    • Retry GNOME application menu actions when they glitch. The
      GNOME application menus seem to have issues with clicks or
      hovering actions not registering, and hence sometimes submenus
      are not opened when they should, and sometimes clicks on the
      final application shortcut are lost. There seems to be a
      correlation between this and CPU load on the host running the
      test suite. We workaround this by simply re-trying the last
      action when it seems to fail. (Closes: #8928)

    • Work around Seahorse GUI glitchiness (Closes: #9343):

      • When Seahorse appears to be frozen--apparently due to network
        issues--it can often be worked around by refreshing the screen
        or activating a new window.
      • Open Seahorse's preferences dialog using the mouse.
      • Access menu entries with the mouse.
    • Wait for systray icons to finish loading before interacting with
      the systray. (Closes: #9258)

    • Test suite configuration: generalize local.d support to .d. We
      now load features/config/
      .d/*.yml.

    • Use code blocks in "After Scenario" hooks. This is much simpler
      to use (and more readable!) compared to hooking functions and
      arguments like we used to do.

    • Create filesystem share sources in the temporary directory and
      make them world-readable. (Closes: #8950)