OS X Vidalia Bundle Thoughts

A few weeks ago, I watched some non-technical OS X users attempt to install the Vidalia-Tor Bundle. Many of them tried to drag the installation package to Applications. A few were surprised it required an installation at all.

In Vidalia trunk I committed a different way to install Vidalia, Tor, and Polipo. In this new dmg, you just open it up and drag the Vidalia icon into Applications. You now have Tor, Vidalia, and Polipo pre-configured and running completely out of Applications. While this works well for users that never installed Tor/Vidalia before, it doesn't work so well for existing installations.

Is it smart to think users will un-install their existing Vidalia/Tor bundle before using the drag and drop installation method? My inclination is that it isn't smart. This installation method also removes the ability to automatically install Torbutton for Firefox.

In comparison, the current method is to ship a dmg which contains a metapackage. This metapackage contains a few scripts to run pre and post-installation, which do smart things to save current configurations, upgrade existing software binaries, and try to install Torbutton for Firefox. In general, this method has worked well for most users. I've heard from enough people to know they tried to drag and drop the metapackage into Applications at first, and when that didn't work, double-clicked the metapackage to start the installer.

I'm now leaning towards creating a Tor Browser Bundle for OS X; which can run out of the dmg or be installed via drag and drop. Much like the current Tor Browser Bundle (also, we should stop naming everything Tor), it would be self-contained and leave zero trace on the machine after closing.

Thoughts on ways to make the OS X install easier, ostensibly via drag and drop install? Or is the effort to create a TBB for OS X a better use of resources?

khled.8@hotmai.com

October 30, 2008

Permalink

Many OSX apps get installed via a package. Just set your .dmg so that it contains a graphical hint to double-click and install.
Drag-and-drop apps do a similar thing adding a graphic display to instruct the user to move the app to Application folder.

khled.8@hotmai.com

October 30, 2008

Permalink

i've been using the vidalia bundle for a while on my mac, but it has privoxy installed (and starting up with the machine). if i install a new version of tor that uses polipo, what happens to my privoxy then?

khled.8@hotmai.com

October 30, 2008

Permalink

Installers, while not uncommon, should be used only as a last resort when there is absolutely no way to have things run sensibly from within fully independent bundles. (An example of something that legitimately warrants the use of an installer would be the massive amount of code/resources shared among the apps in Adobe's creative suite.)

For Tor, ignoring the browser bundle option, I think the best route to go would be to redesign Vidalia as a .prefpane and include tor and polipo inside the bundle.
Preference panes are very user-friendly because double-clicking one opens it in System Preferences with the option of installing it on a per-user or system-wide basis. Uninstallation is also simple, as a user can remove a prefpane by control-clicking on it.

khled.8@hotmai.com

November 04, 2008

Permalink

"Much like the current Tor Browser Bundle (also, we should stop naming everything Tor), it would be self-contained and leave zero trace on the machine after closing."

I believe this would only work a) on OpenBSD or b) if you do not use swap or a pagefile.sys.

On OpenBSD, it can work because OpenBSD encrypts swap with highly volatile keys. That is, once the application is done using swap, the key is deleted, effectively deleted traces of the application in swap.
http://www.openbsd.org/papers/swapencrypt.ps
http://www.openbsd.org/papers/swapencrypt-slides.ps

In Linux, if you encrypt the swap partition (dm-crypt or loop-aes) with the random key option, it will at least choose a new random key each time the computer boots. So, as long as you remember to reboot the computer after use, this should be good enough.

khled.8@hotmai.com

November 04, 2008

Permalink

All versions of OSX say they encrypt swap files, but do not do so completely. strings your /var/vm/swapfile0 after opening Mail.app and notice all of the plaintext in there. I've opened a bug report for every version of OSX since 10.2 with this bug only to be ignored by Apple.

Not all versions. I have Mac OS X 10.2.8, and and I can't find any swap encryption or secure virtual memory feature in the Preferences. (Incidentally, Tor doesn't work on Mac OS X 10.2.8 either. Any chance of fixing that? Well, at least JAP works, and I have another computer on which Tor does work.)

I believe the bug you mentioned can occur if you switch to using swap encryption after not using it. Things that were in swap before it got encrypted stay unencrypted, unless you take additional measures like overwriting swap with 0s or, better yet, randomness, before encrypting it. At least that's what I'd guess based on what I've read.

But I can't find any sort of technical description on the implementation. They obviously don't bother deleting what's already there. What about the keys? Is there just one key you have to type in every time you boot? (Unlikely, not user friendly, but that is the case for Windows users using Truecrypt to access a partition containing their pagefile.sys.) If that were the case, the information would not be deleted, just unavailable to anyone who does not know the password when the computer is shut off. Does it generate a random key at each boot, like Linux? This is quite likely, but then the information is still available until the computer is shut down and the key deleted. Or does it use highly volatile keys like OpenBSD? That would be great, but considering they didn't even bother to automatically overwrite the swap file with random data when a user switches to encrypted swap, I doubt they thought it through that carefully.

The main reason tor no longer works in jaguar/10.2.8 is because we lack a copy of the OS and machine capable of running it. Feel free to report bugs, even better if you've tried to compile tor and vidalia and can report those bugs.

Tor is a non-profit and can accept donations. (hint hint)

The build machine for panther is an old imac dv (g3 power and all). Dual booting OSXes may be possible, too.

I downloaded the source for 0.2.0.31, the latest stable version at the moment. ./configure worked fine, but make did not. Here is the output from make:

  1. <br />
  2. make all-recursive<br />
  3. Making all in src<br />
  4. Making all in common<br />
  5. source='log.c' object='log.o' libtool=no \<br />
  6. DEPDIR=.deps depmode=gcc /bin/sh ../../depcomp \<br />
  7. gcc -DHAVE_CONFIG_H -I. -I../.. -I../common -g -O2 -Wall -g -O2 -c log.c<br />
  8. ./compat.h:276: undefined type, found `socklen_t'<br />
  9. cpp-precomp: warning: errors during smart preprocessing, retrying in basic mode<br />
  10. In file included from ./util.h:18,<br />
  11. from log.c:26:<br />
  12. ./compat.h:276: parse error before "socklen_t"<br />
  13. make[3]: *** [log.o] Error 1<br />
  14. make[2]: *** [all-recursive] Error 1<br />
  15. make[1]: *** [all-recursive] Error 1<br />
  16. make: *** [all] Error 2<br />

I have the same problem with Tor 0.2.1.7-alpha.

  1. <br />
  2. make all-recursive<br />
  3. Making all in src<br />
  4. Making all in common<br />
  5. source='address.c' object='address.o' libtool=no \<br />
  6. DEPDIR=.deps depmode=gcc /bin/sh ../../depcomp \<br />
  7. gcc -DHAVE_CONFIG_H -I. -I../.. -I../common -g -O2 -Wall -g -O2 -c address.c<br />
  8. compat.h:307: undefined type, found `socklen_t'<br />
  9. cpp-precomp: warning: errors during smart preprocessing, retrying in basic mode<br />
  10. In file included from address.c:15:<br />
  11. compat.h:307: parse error before "socklen_t"<br />
  12. make[3]: *** [address.o] Error 1<br />
  13. make[2]: *** [all-recursive] Error 1<br />
  14. make[1]: *** [all-recursive] Error 1<br />
  15. make: *** [all] Error 2<br />

Thanks; it looks like socklen_t was used before we defined a replacement for socklen_t for platforms that don't have one. I've checked fixes for 0.2.0.x and 0.2.1.x into the repository; does it build better for you now?

osx torbrowser would be great! I currently use it often on wxp but would love to use it within osx.

Yes, this is on the list to do. There is much research to figure out what and where updates are written to reflect usage of TBB on OS X. For what's committed to vidalia's svn, some minor tweaks to vidalia control code and you have an insecure TBB already.

I tried to install the Torbutton and my Firefox 3 hanged. Is there any new version of torbutton planned or is a downgrade of Firefox neccessary?

Thanks a lot
Andreas

Which torbutton version did you attempt to install? Torbutton 1.2.0-fx works with FF3 just fine.

I thought Mike Perry said TorButton was not fully functional in FF3 yet. I thought he said he would email or-talk when it was fully functional on FF3?

Yes, please! I recently downloaded the Vidalia bundle and installed it from the .dmg. The onion icon happily changes color and all seems to be humming along beautifully. Except... I don't know how to configure Firefox 3.0.4 so everybody plays nicely together. I considered replacing the whole shebang with the Tor Browser Bundle when I became aware it existed; alas, it's Windows. So, I'm almost there when almost isn't good enough. I'd happily buy a commercial version if it included a "Tor for Idiots" book. Meantime, any help would be appreciated.

installation failure message at the last stage:post flight script. We need to install fairly quickly due to my wife being a journalist and I am a Psychologist. Please help. Dr. Baker

I bet it installed fine, and something unimportant failed to load.

I've had the same difficulty (post flight script) installing the tor bundle with OS 10.5.5 and Firefox 3.0.5. Any update?

open a bug at bugs.torproject.org. most likely, the installation completed fine but some sub-part of the postflight script failed. apple only has the binary ALL GOOD or ALL BAD status, so if anything produces an error, it's ALL BAD according to apple. In my testing, even with these ALL BAD reports, everything works fine.

What about computers that require a password. If we could drag n' drop vidalia right into the applications folder or on the desktop would we still have to enter the pass? It's really annoying with my school computers, the windows zero-install pack. looks good for this but my school uses macs. Any hope of that type of thing?

We'd like to do a Tor Browser Bundle for OS X. It's in the 3-year roadmap, but it needs some research so as to not leave a trace it was used, analyze anonymity and security issues, and put together so it works on computers running 10.3 and newer the same way.

I'm also working on a drag-and-drop vidalia installer. I'll post an alpha test of the package soon.

I am having problems downloading the file for OSX, could my IP block me from doing so?

Yes, but most likely not your IP, but rather a firewall or something in between you and our server. https://www.torproject.org/finding-tor may suggest alternatives.

I had the same problem and it was the firewall. The finding-tor Document was helpful in that case

I downloaded the OS x Vidalia bundle with no issues however once I had to configure it thats when I got stuck. It says "Vidalia was unable to start Tor. Check your settings to ensure the correct name and location of your Tor executable is specified." I'm not sire what to enter in. Any pointers would be greatly appreciated.

everything should have been pre-configured for you.

https://www.torproject.org/docs/tor-doc-osx.html.en

khled.8@hotmai.com

November 07, 2009

In reply to by phobos

Permalink

I need help installing tor on mac os x snow leopard i keep getting the message "Vidalia was unable to start Tor. Check your settings to ensure the correct name and location of your Tor executable is specified" need ideas on what to do????

I downloaded the Vidalia bundle 0.2.0.34 mac universal and it installed fine. But isnt privoxy supposed to be included in the bundle? Anyway when i run the program and hit the "use a new identity"-button it still shows the same IP when i type seemyip.com in my firefox browser. What am i doing wrong? I dont see privoxy anywhere in the bundle and its not mentioned anywhere in the help function. Any help would be deeply appreciated.

phobos

February 27, 2009

In reply to by Anonymous (not verified)

Permalink

Privoxy installs as a system service. You should be able to reach it via http://localhost:8118/

Did you configure firefox to use tor? See https://www.torproject.org/docs/tor-doc-osx.html.en for more details.

i think i have the same problem like anonymous, and i cannot reach the system service via http://localhost:8118/ Could it be a firewall problem?

is privoxy running?

khled.8@hotmai.com

March 24, 2009

In reply to by phobos

Permalink

I'm also having the same issues as a couple of the guys: nothing on localhost:8118. When I run "ps -elf" from a terminal window I can see a privoxy process running.

I took a look at the post install log, and I see:

Privoxy was installed here: /Library/Privoxy
Running the following AppleScript:
tell application "Finder"
set myURLFile to POSIX file "/Library/Privoxy/ConfigPrivoxyURL.webloc"
set creator type of myURLFile to "MACS"
set file type of myURLFile to "ilht"
end tell
Results (stack overflow error is expected on OSX 10.x):
/tmp/fixurl:99:138: execution error: Finder got an error: Canít set creator type of file "Macintosh HD:Library:Privoxy:ConfigPrivoxyURL.webloc" to "MACS".
(-10006)
Done.

I am running 10.5.6, and I installed with the defaults from vidalia-bundle-0.2.0.34-0.1.10-universal.dmg

Firewall is turned off.

I'll try to reinstall.

khled.8@hotmai.com

March 24, 2009

In reply to by NinjaCoder (not verified)

Permalink

eh, I think I misunderstood. I was expecting an admin webpage at localhost:8118. Pointing my browser at that url as a proxy works.

I had the same problem with it. After a while I found out, that it was a firewall-problem. Thank you for you documentation.

Yes, a drag and drop install is nice to have. Sometimes I like the easy way, and it's great to have this on a OS X machine (in contrast to Windows).

I had no trouble installing Tor at all on my Mac

I have downloaded Tor and Privoxy. Both signal they are working, but even after downloading the Torbutton onto Firefox, nothing shows up, unless the TorButton is the onion icon on the toolbar at the bottom. In addition, how does one go through Tor to surf the internet? I have repeatedly checked my IP address, and it is the same, i.e. my real one, so I am obviously not doing something right.

The help is not helpful. I have read it several times now, and nothing points to how you actually use Tor. It is just basically, download it and you are going through the relays, which is not true.

juli

Ok, just went through all the FAQs on TorButton. Nothing is helping me. I checked the message blog, it is up and running, but I checked checktor and I am not on Tor. What is the preventing TorButton from appearing on Firefox?

juli

Problem solved. No need to reply to that part, but please confirm though, what the TorButton looks like, is it the onion icon at the bottom toolbar?
juli

Torbutton is a plugin for firefox. You need to install it into your firefox setup. By default, it says "Tor Enabled" or "Tor Disabled".

I downloaded the Torbutton but I have nothing that says Tor Enabled or Tor Disabled. I find that only if I go to Tools and then to Add-ons on Firefox, where I find this as an extension, not a plugin. Is the Torbutton supposed to appear anywhere on Firefox as a "button"?

Also, I have gone through FAQ and all the other info, and put in "toggle" in the search box but cannot find the answer to the following problem. (I realise that you give preference in answering questions to relayers, but I just started using Tor.)

When I toggle off Tor and Privoxy it doesn't just turn them off, it locks up Firefox preventing my netsurfing at all. I get only 404s. I can now surf the net only if I enable Tor and Privoxy. What is the problem here?

i was install vidalia-bundle-0.2.0.35-0.1.15 but it dose not work!!!! this error was in Message log " Error from libevent: evsignal_init: socketpair: No error" please help me

my os is WinXp Ver2002 SP3. I was install Bundle Ver."vidalia-bundle-0.2.0.35-0.1.15" but it dose not work. I had an error in Message log, that is "Error from libevent: evsignal_init: socketpair: No error". OLder bundle Ver. "vidalia-bundle-0.1.2.19-0.0.16" was work in my pc but I had some warning in message log same >>>>>>>>>"[Warning] Please upgrade! This version of Tor (0.1.2.19) is obsolete, according to 3/3 version-listing network statuses. Versions recommended by at least 1 authority are: 0.2.0.33, 0.2.0.34, 0.2.0.35, 0.2.1.11-alpha, 0.2.1.12-alpha, 0.2.1.13-alpha, 0.2.1.14-rc, 0.2.1.15-rc, 0.2.1.16-rc, 0.2.1.17-rc" please help me.

my Os.pc is WinXp Ver2002 SP3. I was install Bundle Ver."vidalia-bundle-0.2.0.35-0.1.15" but it dose not work. I had an error in Message log, that is "Error from libevent: evsignal_init: socketpair: No error". OLder bundle Ver. "vidalia-bundle-0.1.2.19-0.0.16" was work in my pc but I had some warning in message log same this message >>>>>>>>>"[Warning] Please upgrade! This version of Tor (0.1.2.19) is obsolete, according to 3/3 version-listing network statuses. Versions recommended by at least 1 authority are: 0.2.0.33, 0.2.0.34, 0.2.0.35, 0.2.1.11-alpha, 0.2.1.12-alpha, 0.2.1.13-alpha, 0.2.1.14-rc, 0.2.1.15-rc, 0.2.1.16-rc, 0.2.1.17-rc" Please help me.

I had previously had problems with Vidalia being unreliable. I decided to try the bundle again when the latest version of tor was released. Uninstalled every last trace of tor and privoxy that I had been using and then dragged the Vidalia bundle to Applications, changed the settings in Network prefs and all is well .....

with Safari.

However, with Firefox, even with torbutton installed via the script, I keep getting an error when I click Test Settings. Says "Internal Error." I am unable to reach any website with Tor Enabled.

This is with FF 3.5.5. Help!!!!!!!!!!!!!!!!

khled.8@hotmai.com

December 02, 2009

In reply to by Anonymous (not verified)

Permalink

Torbutton does not work out of the box or otherwise. Tried it out with Firefox 3.0.15 and 3.5.5. Tor and polipo connect up fine under VIdalia but I can find no possible way to make the Tor button work. Turn it on and you cannot connect to the internet. Use the Test Settings button and you will always get "Tor proxy test: Internal error." Does no one have a solution for this? I saw a bug opened for this issue but then mysteriously closed with no work, no work around, and no solution. Is anyone in the world actually using this thing?