bitmask_android issueshttps://0xacab.org/leap/bitmask_android/-/issues2023-01-27T19:13:41Zhttps://0xacab.org/leap/bitmask_android/-/issues/9131update snowflake bridges2023-01-27T19:13:41Zcybertaupdate snowflake bridgesThere are snowflake 2 bridges now, check https://bridges.torproject.org/moat/circumvention/builtin to get the FPs.
We should proably also switch the broker and streamline the settings to what Tor Browser uses.There are snowflake 2 bridges now, check https://bridges.torproject.org/moat/circumvention/builtin to get the FPs.
We should proably also switch the broker and streamline the settings to what Tor Browser uses.https://0xacab.org/leap/bitmask_android/-/issues/9128Automate screenshotting CI2023-05-06T13:36:15ZkwadronautAutomate screenshotting CIBuild another docker image (manually triggered) for screengrab after tests
- [x] build docker image including fastlane, imagemagick, ruby… registry.0xacab.org/leap/bitmask_android/android-fastlane
- [x] add screengrab in test stage of g...Build another docker image (manually triggered) for screengrab after tests
- [x] build docker image including fastlane, imagemagick, ruby… registry.0xacab.org/leap/bitmask_android/android-fastlane
- [x] add screengrab in test stage of gitlab ci, manual trigger
- [x] set docker build to manual trigger
- [ ] research if, how and where to upload to: transifex, google play, f-droid ?
see !241 as wellhttps://0xacab.org/leap/bitmask_android/-/issues/9126handle java.lang.OutOfMemoryError error2023-01-11T02:19:02Zcybertahandle java.lang.OutOfMemoryError error<3 to the pen testers ;)
```
Exception java.lang.OutOfMemoryError:
at java.lang.StringFactory.newStringFromBytes (StringFactory.java:81)
at java.lang.StringFactory.newStringFromBytes (StringFactory.java:54)
at java.lang.StringFact...<3 to the pen testers ;)
```
Exception java.lang.OutOfMemoryError:
at java.lang.StringFactory.newStringFromBytes (StringFactory.java:81)
at java.lang.StringFactory.newStringFromBytes (StringFactory.java:54)
at java.lang.StringFactory.newStringFromBytes (StringFactory.java:46)
at se.leap.bitmaskclient.base.utils.InputStreamHelper.inputStreamToJson (InputStreamHelper.java:40)
at se.leap.bitmaskclient.base.utils.InputStreamHelper.extractKeyFromInputStream (InputStreamHelper.java:29)
at se.leap.bitmaskclient.providersetup.ProviderManager.providersFromFiles (ProviderManager.java:129)
at se.leap.bitmaskclient.providersetup.ProviderManager.addCustomProviders (ProviderManager.java:119)
at se.leap.bitmaskclient.providersetup.ProviderManager.<init> (ProviderManager.java:65)
at se.leap.bitmaskclient.providersetup.ProviderManager.getInstance (ProviderManager.java:52)
at se.leap.bitmaskclient.providersetup.activities.ProviderSetupBaseActivity.onCreate (ProviderSetupBaseActivity.java:82)
at se.leap.bitmaskclient.providersetup.activities.ProviderListBaseActivity.onCreate (ProviderListBaseActivity.java:72)
at android.app.Activity.performCreate (Activity.java:7023)
at android.app.Activity.performCreate (Activity.java:7014)
at android.app.Instrumentation.callActivityOnCreate (Instrumentation.java:1215)
at android.app.ActivityThread.performLaunchActivity (ActivityThread.java:2734)
at android.app.ActivityThread.handleLaunchActivity (ActivityThread.java:2859)
at android.app.ActivityThread.-wrap11
at android.app.ActivityThread$H.handleMessage (ActivityThread.java:1592)
at android.os.Handler.dispatchMessage (Handler.java:106)
at android.os.Looper.loop (Looper.java:164)
at android.app.ActivityThread.main (ActivityThread.java:6518)
at java.lang.reflect.Method.invoke
at com.android.internal.os.RuntimeInit$MethodAndArgsCaller.run (RuntimeInit.java:438)
at com.android.internal.os.ZygoteInit.main (ZygoteInit.java:807)
```https://0xacab.org/leap/bitmask_android/-/issues/9124Incorrect indicator: not blocking2022-12-13T16:10:06ZkwadronautIncorrect indicator: not blockingWhen not being connected to the VPN, you still get in the indicator bar that '* blocks all outgoing internet traffic. ![image](/uploads/d5fc8d76f23f9229858af6d547eeeb76/image.png) This is not true, it's just an insecure connection over y...When not being connected to the VPN, you still get in the indicator bar that '* blocks all outgoing internet traffic. ![image](/uploads/d5fc8d76f23f9229858af6d547eeeb76/image.png) This is not true, it's just an insecure connection over your regular network. Tickbox in Android settings of 'always on vpn' is not set.
![Screenshot_20221212-145546](/uploads/adb4160cb1c951058da47dac535e474b/Screenshot_20221212-145546.png)https://0xacab.org/leap/bitmask_android/-/issues/9123'Stop blocking' or 'connect automatically to the best location?'2022-12-13T01:59:35Zkwadronaut'Stop blocking' or 'connect automatically to the best location?'Situation: I couldn't use bridges to connect to Amsterdam, got the feedback if I want to 'connect automatically to the best location?'
Different situations are now possible:
1. Automatically try another location
1. I want to manually c...Situation: I couldn't use bridges to connect to Amsterdam, got the feedback if I want to 'connect automatically to the best location?'
Different situations are now possible:
1. Automatically try another location
1. I want to manually choose another location
1. Use advanced settings to disable/enable snowflake, switch bridges on or off
1. keep network traffic blocked ^^
1. ok, whatever, I'll use plain network, unblock.
Propose to have 1. and 4. and 5. Not showing or suggesting advanced or other manual settings is good, but pushing users back to plain network is not always a good idea.https://0xacab.org/leap/bitmask_android/-/issues/9120Block non-VPN incoming traffic in lockdown mode2024-03-01T12:26:39ZcybertaBlock non-VPN incoming traffic in lockdown modesee https://github.com/leapcode/bitmask_android/pull/235see https://github.com/leapcode/bitmask_android/pull/2352024.05 LEAP VPN Releasehttps://0xacab.org/leap/bitmask_android/-/issues/9113Cancel the cancellation2022-12-15T23:24:38ZkwadronautCancel the cancellationWhen disconnecting, you get a dialog box if you're sure you want to do that. Some people find it confusing: cancel the connection or cancel the cancellation?
![cancel-cancel](/uploads/298d18d67652bb47d5633ac8166c4b0c/cancel-cancel.png)
...When disconnecting, you get a dialog box if you're sure you want to do that. Some people find it confusing: cancel the connection or cancel the cancellation?
![cancel-cancel](/uploads/298d18d67652bb47d5633ac8166c4b0c/cancel-cancel.png)
I think we can either leave the extra prompt or [keep connected] [disconnect].https://0xacab.org/leap/bitmask_android/-/issues/9112support --tls-crypt2022-10-11T16:45:34Zcybertasupport --tls-cryptclient counterpart of leap/container-platform/openvpn#4
# [client changes](https://0xacab.org/leap/container-platform/openvpn/-/issues/4)
1. preship ta.key
2. pass tls-crypt ta.key parameter to openvpn invocation.
3. implement fetch ta....client counterpart of leap/container-platform/openvpn#4
# [client changes](https://0xacab.org/leap/container-platform/openvpn/-/issues/4)
1. preship ta.key
2. pass tls-crypt ta.key parameter to openvpn invocation.
3. implement fetch ta.key from /certhttps://0xacab.org/leap/bitmask_android/-/issues/9111Move Background tasks from JobIntentService to Workmanager2022-08-09T10:10:23ZcybertaMove Background tasks from JobIntentService to Workmanagerhttps://developer.android.com/topic/libraries/architecture/workmanager
Unfortunately JobIntentServices have been deprecated after it was already the replacement for IntentServices.https://developer.android.com/topic/libraries/architecture/workmanager
Unfortunately JobIntentServices have been deprecated after it was already the replacement for IntentServices.https://0xacab.org/leap/bitmask_android/-/issues/9109Change source flow2022-11-30T11:53:48ZkwadronautChange source flowcurrently transifex useses different places for automatic updates:
![transifex-sourcesScreenshot_from_2022-07-28_16-32-10](/uploads/cc33c1efa2462a34ff324a2ac7e4350d/transifex-sourcesScreenshot_from_2022-07-28_16-32-10.png)
For Android, ...currently transifex useses different places for automatic updates:
![transifex-sourcesScreenshot_from_2022-07-28_16-32-10](/uploads/cc33c1efa2462a34ff324a2ac7e4350d/transifex-sourcesScreenshot_from_2022-07-28_16-32-10.png)
For Android, currently we push to 0xacab, then once in a while push to leap.se/git; which overwrites what's on 0xacab again.
My proposal is to:
* push regularly to a beta branch, so people can test, try and *give feedback on source strings*
* merge that into main/master on 0xacab, which pushes to leap.se/git - or we push there manually. But deactivate the push from leap.se to 0xacab.cybertacybertahttps://0xacab.org/leap/bitmask_android/-/issues/9107Add Stop-Action to Tor notification2022-07-05T00:29:30ZcybertaAdd Stop-Action to Tor notificationMainly to stop failing or endless tor bootstrapping attempts.
There's one case when there's no other way to stop tor at all:
If the vpn cert is expired but renewal fails (in the concrete case: due to ca cert transition). in that case ...Mainly to stop failing or endless tor bootstrapping attempts.
There's one case when there's no other way to stop tor at all:
If the vpn cert is expired but renewal fails (in the concrete case: due to ca cert transition). in that case tor+snowflake is started as a last resort, but only stopped on cert download failure, if no torified app is configured.
A simple cancel button fixes that issue (and probably similar issues).cybertacybertahttps://0xacab.org/leap/bitmask_android/-/issues/9106intro screen layout for pads2022-07-04T21:15:24Zcybertaintro screen layout for pads![intro_pad](/uploads/c2729d479b801a5c1a05b8ce408768fd/intro_pad.png)
The text could be more vertically centered.
Also instead of using "\n" in strings for formatting we should define the allowed width for the text in the layout files...![intro_pad](/uploads/c2729d479b801a5c1a05b8ce408768fd/intro_pad.png)
The text could be more vertically centered.
Also instead of using "\n" in strings for formatting we should define the allowed width for the text in the layout files (e.g. in a ConstraintLayout)https://0xacab.org/leap/bitmask_android/-/issues/9105restart tor on snowflake settings change2022-07-04T21:56:41Zcybertarestart tor on snowflake settings changeif tor is running in vpn proxy mode, the app should restart tor on snowflake settings changesif tor is running in vpn proxy mode, the app should restart tor on snowflake settings changescybertacybertahttps://0xacab.org/leap/bitmask_android/-/issues/9104Torified apps: add support for IPv62022-09-11T21:57:56ZcybertaTorified apps: add support for IPv6Currently only IPv4 is supported. We need to check if IPv6 works out of the box, then we just need to adapt the check in StreamCapture.Currently only IPv4 is supported. We need to check if IPv6 works out of the box, then we just need to adapt the check in StreamCapture.cybertacybertahttps://0xacab.org/leap/bitmask_android/-/issues/9103Reduce cell-height for app selection fragments2022-07-02T12:31:22ZcybertaReduce cell-height for app selection fragmentsCurrently the cells are pretty large so that relatively few entries are shown in the list without scrolling.
Since the list of installed apps is normally pretty long, we could reduce the size to the height of the navigation drawer entrie...Currently the cells are pretty large so that relatively few entries are shown in the list without scrolling.
Since the list of installed apps is normally pretty long, we could reduce the size to the height of the navigation drawer entries.
We should do it for both, the app exclusion fragment as well as the tor tunnel selection fragment.https://0xacab.org/leap/bitmask_android/-/issues/9102Error handling for torified apps requiring UDP / protocols not supported by tor2022-09-11T21:57:56ZcybertaError handling for torified apps requiring UDP / protocols not supported by torCurrently UDP streams of torified Apps are routed over Openvpn. This is breaks the anonymization feature.
Instead we should
* inspect all packets for it's uid, not only TCP packets
* unconditionally handle DNS Requests over openvpn
* d...Currently UDP streams of torified Apps are routed over Openvpn. This is breaks the anonymization feature.
Instead we should
* inspect all packets for it's uid, not only TCP packets
* unconditionally handle DNS Requests over openvpn
* drop all UDP (discuss alternatively: all non-TCP packets?) packets that belong to a torified app
* in case a UDP (alternatively: non-packet packet) from a torified app was detected, inform the user in an AlertDialogFragment that the torified app requires a protocol Tor doesn't support and shouldn't be routed over tor, as will likely be malfunctioning. Offer an direct option to remove the app from the list of torified appshttps://0xacab.org/leap/bitmask_android/-/issues/9101Indicate Tor startup in EipFragment if tor starts in VPN Proxy mode2022-07-02T12:09:20ZcybertaIndicate Tor startup in EipFragment if tor starts in VPN Proxy modeCurrently, the OpenVPN setup needs to wait until tor is started, which results in a longer launch phase.
We have a info label in EipFragment we can use to inform the user about the fact tor is starting, so that they can conclude why it ...Currently, the OpenVPN setup needs to wait until tor is started, which results in a longer launch phase.
We have a info label in EipFragment we can use to inform the user about the fact tor is starting, so that they can conclude why it takes longer.https://0xacab.org/leap/bitmask_android/-/issues/9100Fix Back Button Behavior in Tor Tunnel Selector2022-07-02T11:59:47ZcybertaFix Back Button Behavior in Tor Tunnel SelectorInstead of moving to the main screen, move back to the app setting fragment.Instead of moving to the main screen, move back to the app setting fragment.https://0xacab.org/leap/bitmask_android/-/issues/9099Anonymization Settings improvements2022-07-02T11:56:30ZcybertaAnonymization Settings improvements- [ ] move Anonymization above Experimental Features
- [ ] use a shorter string for the title (Select apps to use Tor) so that the title is completely visible in one line. An more detailed explanation can be found in the Tor Tunnel Selec...- [ ] move Anonymization above Experimental Features
- [ ] use a shorter string for the title (Select apps to use Tor) so that the title is completely visible in one line. An more detailed explanation can be found in the Tor Tunnel Selector.
- [ ] use a different icon, preferably the onion iconhttps://0xacab.org/leap/bitmask_android/-/issues/9097Move search bar in Tor Tunnel Selector to ActionBar2022-07-02T11:38:40ZcybertaMove search bar in Tor Tunnel Selector to ActionBarIn order to gain a little bit more visible space for the list entries, especially if the keyboard is opened (which happens if we trigger the search), we should move the search bar into the ActionBar. It is also more consistent with the a...In order to gain a little bit more visible space for the list entries, especially if the keyboard is opened (which happens if we trigger the search), we should move the search bar into the ActionBar. It is also more consistent with the app exclusion selector.