TorBirdy 0.2.2 is released

We are pleased to announce the eighth beta release of TorBirdy: TorBirdy 0.2.2. This release adds support for Thunderbird 52 and also features improved security configuration settings for Thunderbird. All users are encouraged to update.

If you are using TorBirdy for the first time, visit the wiki to get started.

There are currently no known leaks in TorBirdy but please note that we are still in beta, so the usual caveats apply.

Here is the complete changelog since v0.2.1:

0.2.2, 03 April 2017
* Bug 20751: Enforce stronger ciphers in TorBirdy
* Bug 6958, 16935, 19971: Add support for already torified keyserver
communication using modern GnuPG
* The minimum supported Thunderbird version is 45.0 and the maximum is 52.*
* Update default keyserver to OnionBalance hidden service pool

We offer two ways of installing TorBirdy: by visiting our website (GPG signature; signed by [geshifilter-code]<a href="https://www.torproject.org/docs/signing-keys.html.en">0xB01C8B006DA77FA…]) or by visiting the Mozilla Add-ons page for TorBirdy.

Please note that there may be a delay -- which can range from a few hours to days -- before the extension is reviewed by Mozilla and updated on the Add-ons page.

The TorBirdy package for Debian GNU/Linux will be uploaded shortly by Ulrike Uhlig.

Anonymous

April 04, 2017

Permalink

Anyone have good "about:config" rules for Thunderbird lock down

Anonymous

April 04, 2017

Permalink

I updated the birdie from inside tb but the refferred page was not reacheable without a security exception from TB

Your connection is not secure

The owner of support.mozilla.org has configured their website improperly. To protect your information from being stolen, Tor Browser has not connected to this website.

Learn more…

support.mozilla.org uses an invalid security certificate.

The certificate is not trusted because the issuer certificate is unknown.
The server might not be sending the appropriate intermediate certificates.
An additional root certificate may need to be imported.

Error code: SEC_ERROR_UNKNOWN_ISSUER

When I used tb addons to search for tor-birdie it did not find anything, although the main add-on page opened up. When I clicked on "check for upgrades" it found an upgrade and once restarted it was on 0.2.2
The web-page itself seemed to be having certification issues but it could be a transition problem. I was just reporting the issue, my upgrade worked.

Anonymous

April 05, 2017

Permalink

Thanks, for all your work on Torbirdy.

Has someone thought of activating the new Enigmail feature that allows to encrypt the subject line, References, etc. ("Memory Hole Protected E-mail Headers"[1]), too? It works fine for me, maybe it's time too push this feature a bit by enabling it by default;-)

---------------------------------------

extensions.enigmail.protectHeaders       true

Protect sensitive headers of encrypted messages, such as the subject. The original header is moved into the encrypted message and replaced by a dummy value (such as "Encrypted Message"). This is part of the Memory Hole standard that is currently being developed.

extensions.enigmail.protectedSubjectText        Encrypted Message

Text to use as replacement for the subject, following the Memory Hole standard. If nothing is defined, then "Encrypted Message" is used.
[2, 3]

[1] https://github.com/ModernPGP/memoryhole
[2] https://enigmail.wiki/Advanced_Operations
[3] https://privacy-handbuch.de/handbuch_32w.htm