[Tor-BSD] Porting Tor Browser to the BSDs
attila
attila at stalphonsos.com
Thu Feb 19 10:28:57 EST 2015
Libertas <libertas at mykolab.com> writes:
>
>Has anyone looked into this? I talked to the maintainer of the OpenBSD
>Firefox port, but he wasn't very interested and pointed out the
>difficulty caused by the deterministic build system.
>
>I can verify that it doesn't work out of the box, but haven't had time
>to play with it much more than that. I think that the Tor Browser is an
>increasingly important tool, and that it's a problem that it isn't
>available on the BSDs.
>
>Thoughts? Suggestions?
I have been looking into this on and off for a little while. My focus
has been an OpenBSD port, but I'm sure a lot of what I've run into is
true across BSDs. My thoughts so far:
tor-browser development seems awfully Linux-centric; no thought is
given to portability outside of {Linux,OSX,Windows}. The gitian-based
build system must be ditched in a BSD context. Instead the right
thing to do is a set of ports, the most important of which is the
tor-browser. I have started on this by wading through the diffs
between the tor-browser-31.4.0esr-4.5-1 branch in the tor-browser git
repo and esr31.4.0, which is thankfully what happens to be in
OpenBSD-current ports. There are a lot of diffs, obviously, and the
end result is going to be a port with a huge honking patches/
subdir... a maintainability nightmare, at least on the surface.
There are many diffs that are all about the build system which I will
ditch; this will probably cause me problems elsewhere. There is also
the matter of tor-button, which, for the record, I consider an
abomination. I think I understand why the tor-browser ppl insist on
keeping it around but I am sorely tempted to find another way...
This last sentiment sort of saturates my thinking on moving forward
with tor-browser. There has been a lot of good work done, for
instance in anti-fingerprinting measures, but then a lot of what's
going on leaves me with a bad feeling, like this:
<https://trac.torproject.org/projects/tor/ticket/9387>
The amount of heat and steam expended on coming up with a slider that
says:
more usable <--------------> most secure
truly depresses me. I do not want to use a browser that has such a
thing in it. I don't think this is a good use of time. I think a
better use of time would've been doing something about the thousands
of remaining uses of sprintf, strcat and strcpy... at least there are
a few hundred uses of strl{cat,cpy}. My point is: if the idea is that
tor-browser is not just for tor but is a better, more secure,
standards-compliant and plugin-averse browser for the masses then
adding new (ridiculous) features when there are so many papercuts and
sucking chest-wounds to attend to first rubs me the wrong way. I
generally use the term "linux attitude" as a placeholder for this
approach to development in general, but then I'm typing this on a
thinkpad running OpenBSD, so...
Anyway, my status is that I'm still wading through the patches and
working my way towards a www/tor-browser port that is based on the
www/firefox-esr port. I will try to get a git repo up somewhere for
review and collaboration in the next day or two. There is still quite
a ways to go before a working tor-browser and that is only one
component of the tbb, which presents a whole 'nother kettle of fish
when it comes to porting...
More later. I am on the tor-bsd list, just slow to respond... sorry.
Pax, -A
More information about the Tor-BSD
mailing list