bitmask_android issueshttps://0xacab.org/leap/bitmask_android/-/issues2021-12-17T17:26:34Zhttps://0xacab.org/leap/bitmask_android/-/issues/9061Enforce TLS1.3 for API communication2021-12-17T17:26:34ZcybertaEnforce TLS1.3 for API communicationwe should ship our own SecurityProvider, Conscrypt: https://github.com/google/conscrypt
It allows us to enforce TLS1.3 on all devices.
Drawback: we're depending on another SSL lib (BoringSSL). Current OpenSSL implementations also sup...we should ship our own SecurityProvider, Conscrypt: https://github.com/google/conscrypt
It allows us to enforce TLS1.3 on all devices.
Drawback: we're depending on another SSL lib (BoringSSL). Current OpenSSL implementations also support TLS1.3 and we're shipping OpenSSL already, but I haven't figured out how to make use of it in conjunction with OkHTTP, our http client lib.https://0xacab.org/leap/bitmask_android/-/issues/9056Streamline build process of openvpn + tor2021-12-17T17:34:13ZcybertaStreamline build process of openvpn + tortor and openvpn partly depend on same libraries like openssl. Both, openvpn and tor are built independently from each other depending on 2 different openssl libs.
Maybe this is a good situation, to finally fix the openvpn build process...tor and openvpn partly depend on same libraries like openssl. Both, openvpn and tor are built independently from each other depending on 2 different openssl libs.
Maybe this is a good situation, to finally fix the openvpn build process, which has always been kind of hackish, by adding and adapting the [Makefiles](https://leap.se/git/ics_openvpn.git/tree/main/src/main/cpp/CMakeLists.txt?h=new_master) in our project instead of using ics-openvpn's gradle tasks to build it.
As a result, we would reduce the app size by some megabytes and have a easier to understand setup.https://0xacab.org/leap/bitmask_android/-/issues/4582remove providers from provider list2022-01-31T16:36:22Zmicahremove providers from provider lista little trash can next to each provider item?
*(from redmine: created on 2013-11-23)*a little trash can next to each provider item?
*(from redmine: created on 2013-11-23)*Android 1.1.0https://0xacab.org/leap/bitmask_android/-/issues/9080A3. Automation of the visual context for localization2022-05-02T14:33:48Zmcy100A3. Automation of the visual context for localizationhttps://0xacab.org/leap/bitmask_android/-/issues/9068Don't show Gateway Selection if there's only one location2022-05-09T11:35:15ZcybertaDon't show Gateway Selection if there's only one locationCurrently, if a provider only has one gateway location, it is still possible to open the gateway selection on Android. The user has the choice to select between best location and exact the same location by its name.
I would like to prop...Currently, if a provider only has one gateway location, it is still possible to open the gateway selection on Android. The user has the choice to select between best location and exact the same location by its name.
I would like to propose to just hide the gateway selection UI, if there is no real option so select from. On the main UI, we could disable the click listener that opens the gateway selection UI.
@mcnair @kali @SamWhited
Since we aim to keep UX similar, I would like to know your opinions about the proposal and whether we want this behavior on all platforms.https://0xacab.org/leap/bitmask_android/-/issues/8933Donation notification did not appear in the notification area2022-05-09T12:15:08ZmicahDonation notification did not appear in the notification areaHello, I'm trying out the riseupvpn android version and I noticed that I had not received any donation notification after some days. So I switched to the app itself, and there was a notification there! I was expecting to get a notificati...Hello, I'm trying out the riseupvpn android version and I noticed that I had not received any donation notification after some days. So I switched to the app itself, and there was a notification there! I was expecting to get a notification in the notification area, is that supposed to happen, or is that deliberately not supposed to happen?https://0xacab.org/leap/bitmask_android/-/issues/9090Move all strings in use to strings.xml2022-05-26T13:14:45ZcybertaMove all strings in use to strings.xmlCurrently we partly rely on strings used from ics-openvpn. While this had the benefit that we could reuse existing translations for a bunch of languages, it has the disadvantage that some languages or single strings in particular languag...Currently we partly rely on strings used from ics-openvpn. While this had the benefit that we could reuse existing translations for a bunch of languages, it has the disadvantage that some languages or single strings in particular languages are missing in ics-openvpn. If we move all used strings to our strings.xml the translators get a chance to fix these missing strings.
We got a concrete complaint about a missing greek translation of "Disconnect" and "Cancel", which cannot be resolved in the current situation.https://0xacab.org/leap/bitmask_android/-/issues/9092Draft-GSoC Project Description and Workflow2022-07-01T16:34:54ZPratik LagaskarDraft-GSoC Project Description and Workflow_This is a documentation/ introduction draft which will be edited later-on. Keeping this here till then._
**Implementing>** _Self-contained Go-Library to block ads using DNS filtering_
**Future Scope>** _Ad-Bloc..._This is a documentation/ introduction draft which will be edited later-on. Keeping this here till then._
**Implementing>** _Self-contained Go-Library to block ads using DNS filtering_
**Future Scope>** _Ad-Block Feature built in VPN; with toggling mode._
**Target Platform>** _Currently, focused on Android._
The project that was decided/chosen for implementation in **GSoC-2022** is based on the idea of creating a **client-side** blocker which is capable of blocking advertisements, trackers and malwares.
The project would be in the form of a self-contained Go-Library which can be easily integrated with **cross-platform** applications of the LEAP, i.e; Android apps, Desktop Apps.
Ad/trackers-block feature in-built in a VPN is helpful in avoid being tracked in the digital world.
**Existing Works:-**
There are similar/slightly similar projects that have same objective as ours. Some noteworthy are:-
1. [https://www.zenz-solutions.de/openvpn-for-personaldnsfilter/](https://www.zenz-solutions.de/openvpn-for-personaldnsfilter/)
2. [https://github.com/julian-klode/dns66/](https://github.com/julian-klode/dns66/)
3. [https://github.com/dbrodie/AdBuster](https://github.com/dbrodie/AdBuster)
**Research Conducted:-**
Rough Idea about how ads are fetched> When an end user visits a website, the browser loads the requested content from that website. The fetched content is not always free from ads,trackers. What our browser does is; it fetches all the scripts from the requested website along with the embedded tracking site scripts and ad-scripts.
_to be edited_
**Workflow:-**
_to be edited_
**Functional/Non-Functional Requirements:-**
_to be edited_
**Tasklists:-**
Get Bitmask running
- [x] get a Linux machine
- [x] compile Bitmask Android
How to use go on Android:
- [x] create a simple hello world go lib using gomobile
- [x] integrate and invoke the lib in a sample Android app
- [ ] adapt the build_core.sh to bundle the hello world go lib into Bitmask Android
Getting started with Go implementation
- [x] get a seperate repository called: ?try to keep it simple trackingblocker-lib 'vpn-hole-lib' analogus to 'pi-hole'?
- [x] check out https://github.com/davidepedranz/go-hole (how to use this as a lib on android)
- [x] figure out how to pass filedescriptors from java to go: https://pkg.go.dev/os?utm_source=godoc#NewFile
- [x] write a simple copy-loop that reads all packets from the filedescriptor and writes to it, add some logs, the loop should run in a background thread
- [ ] integrate the simple go lib into Bitmask, build a wrapper class for the golib JNI -> if everything works fine, you just can connect to any gateway and get a working internet connection and see some logs from the go lib
- [ ] verify that the go lib is closed correctly if the tun interface is destroyed
- [x] check the possibilities how to parse raw bytes to IP packets in go
- [x] parse and log UDP packets, write through all TCP packets, focus on IPv4 for now
- [x] implement a way to pass a list of strings from java to go
- [ ] integrate a file with urls on android, open the file and pass it to golang
- [ ] check UDP packets against list entries, drop matches
- [ ] create Android UI to enable/disable local DNS filtering
- [ ] create Android UI to show show file list entries
- [ ] create Android UI to add and remove list entries
stretch goals:
- [ ] investigate if we want to/can support DoH (DNS over HTTPS)Pratik LagaskarPratik Lagaskarhttps://0xacab.org/leap/bitmask_android/-/issues/9095Improve search in App Selection Fragments2022-07-02T11:29:51ZcybertaImprove search in App Selection Fragmentscurrently a rather ugly overlay is shown containing the entered search world. It is redundant and even buggy. If you delete all input the overlay doesn't disappear. We should remove the overlay completely.
When we're at it we should fix...currently a rather ugly overlay is shown containing the entered search world. It is redundant and even buggy. If you delete all input the overlay doesn't disappear. We should remove the overlay completely.
When we're at it we should fix it also for the app exclusion fragment.https://0xacab.org/leap/bitmask_android/-/issues/9097Move search bar in Tor Tunnel Selector to ActionBar2022-07-02T11:38:40ZcybertaMove search bar in Tor Tunnel Selector to ActionBarIn order to gain a little bit more visible space for the list entries, especially if the keyboard is opened (which happens if we trigger the search), we should move the search bar into the ActionBar. It is also more consistent with the a...In order to gain a little bit more visible space for the list entries, especially if the keyboard is opened (which happens if we trigger the search), we should move the search bar into the ActionBar. It is also more consistent with the app exclusion selector.https://0xacab.org/leap/bitmask_android/-/issues/9096Adapt banner in Tor Tunnel Selector2022-07-02T11:39:14ZcybertaAdapt banner in Tor Tunnel Selector- [ ] normal font size
- [ ] black font color
- [ ] add a linkable spannable to link to excluded apps, use the primary app color for the link (cmp. link in VPN-Hotspot dialog)- [ ] normal font size
- [ ] black font color
- [ ] add a linkable spannable to link to excluded apps, use the primary app color for the link (cmp. link in VPN-Hotspot dialog)https://0xacab.org/leap/bitmask_android/-/issues/9099Anonymization Settings improvements2022-07-02T11:56:30ZcybertaAnonymization Settings improvements- [ ] move Anonymization above Experimental Features
- [ ] use a shorter string for the title (Select apps to use Tor) so that the title is completely visible in one line. An more detailed explanation can be found in the Tor Tunnel Selec...- [ ] move Anonymization above Experimental Features
- [ ] use a shorter string for the title (Select apps to use Tor) so that the title is completely visible in one line. An more detailed explanation can be found in the Tor Tunnel Selector.
- [ ] use a different icon, preferably the onion iconhttps://0xacab.org/leap/bitmask_android/-/issues/9100Fix Back Button Behavior in Tor Tunnel Selector2022-07-02T11:59:47ZcybertaFix Back Button Behavior in Tor Tunnel SelectorInstead of moving to the main screen, move back to the app setting fragment.Instead of moving to the main screen, move back to the app setting fragment.https://0xacab.org/leap/bitmask_android/-/issues/9101Indicate Tor startup in EipFragment if tor starts in VPN Proxy mode2022-07-02T12:09:20ZcybertaIndicate Tor startup in EipFragment if tor starts in VPN Proxy modeCurrently, the OpenVPN setup needs to wait until tor is started, which results in a longer launch phase.
We have a info label in EipFragment we can use to inform the user about the fact tor is starting, so that they can conclude why it ...Currently, the OpenVPN setup needs to wait until tor is started, which results in a longer launch phase.
We have a info label in EipFragment we can use to inform the user about the fact tor is starting, so that they can conclude why it takes longer.https://0xacab.org/leap/bitmask_android/-/issues/9103Reduce cell-height for app selection fragments2022-07-02T12:31:22ZcybertaReduce cell-height for app selection fragmentsCurrently the cells are pretty large so that relatively few entries are shown in the list without scrolling.
Since the list of installed apps is normally pretty long, we could reduce the size to the height of the navigation drawer entrie...Currently the cells are pretty large so that relatively few entries are shown in the list without scrolling.
Since the list of installed apps is normally pretty long, we could reduce the size to the height of the navigation drawer entries.
We should do it for both, the app exclusion fragment as well as the tor tunnel selection fragment.https://0xacab.org/leap/bitmask_android/-/issues/9106intro screen layout for pads2022-07-04T21:15:24Zcybertaintro screen layout for pads![intro_pad](/uploads/c2729d479b801a5c1a05b8ce408768fd/intro_pad.png)
The text could be more vertically centered.
Also instead of using "\n" in strings for formatting we should define the allowed width for the text in the layout files...![intro_pad](/uploads/c2729d479b801a5c1a05b8ce408768fd/intro_pad.png)
The text could be more vertically centered.
Also instead of using "\n" in strings for formatting we should define the allowed width for the text in the layout files (e.g. in a ConstraintLayout)https://0xacab.org/leap/bitmask_android/-/issues/9105restart tor on snowflake settings change2022-07-04T21:56:41Zcybertarestart tor on snowflake settings changeif tor is running in vpn proxy mode, the app should restart tor on snowflake settings changesif tor is running in vpn proxy mode, the app should restart tor on snowflake settings changescybertacybertahttps://0xacab.org/leap/bitmask_android/-/issues/9107Add Stop-Action to Tor notification2022-07-05T00:29:30ZcybertaAdd Stop-Action to Tor notificationMainly to stop failing or endless tor bootstrapping attempts.
There's one case when there's no other way to stop tor at all:
If the vpn cert is expired but renewal fails (in the concrete case: due to ca cert transition). in that case ...Mainly to stop failing or endless tor bootstrapping attempts.
There's one case when there's no other way to stop tor at all:
If the vpn cert is expired but renewal fails (in the concrete case: due to ca cert transition). in that case tor+snowflake is started as a last resort, but only stopped on cert download failure, if no torified app is configured.
A simple cancel button fixes that issue (and probably similar issues).cybertacybertahttps://0xacab.org/leap/bitmask_android/-/issues/9032Language picker2022-08-08T16:34:31ZkwadronautLanguage picker> Have you all reconsidered in app language selection in future versions of Android?
> The in app language switch is important for a lot of languages that don't have widespread mobile OS support. Even though Android supports Burmese fo...> Have you all reconsidered in app language selection in future versions of Android?
> The in app language switch is important for a lot of languages that don't have widespread mobile OS support. Even though Android supports Burmese for example, a lot of people may have phones that don't offer it as an option. So they wont' be able to access any app translations that depend on system language.
I'm wondering if (where) there's some fund that helps us to enable us putting development hours to such a thing.n3k0n3k0https://0xacab.org/leap/bitmask_android/-/issues/9111Move Background tasks from JobIntentService to Workmanager2022-08-09T10:10:23ZcybertaMove Background tasks from JobIntentService to Workmanagerhttps://developer.android.com/topic/libraries/architecture/workmanager
Unfortunately JobIntentServices have been deprecated after it was already the replacement for IntentServices.https://developer.android.com/topic/libraries/architecture/workmanager
Unfortunately JobIntentServices have been deprecated after it was already the replacement for IntentServices.