Tails support? #646
Labels
No Label
android
arch
backlog
blocked-on-external
bug
bugbash
component/bindings
component/bine
component/connectivity
component/cwtch
component/tapir
component/ui
cwtch-1.14
cwtch-1.15
cwtch-beta-1.1
cwtch-beta-1.10
cwtch-beta-1.11
cwtch-beta-1.12
cwtch-beta-1.13
cwtch-beta-1.2
cwtch-beta-1.3
cwtch-beta-1.4
cwtch-beta-1.5
cwtch-beta-1.5.x
cwtch-beta-1.6
cwtch-beta-1.7
cwtch-beta-1.8
cwtch-beta-1.9
design
duplicate
enhancement
flutter
funding-needed
help wanted
hybrid-groups
in-nightly
in-progress
invalid
ios
linux
mac
need-replication-or-investigation
ops
packaging
post-stable
question
questionable
requires-more-effort-than-we-can-spare
rust
scheduled
stable-blocker
tails
testing-needed
tests
tor
waiting-on-fix-confirmation
waiting-on-new-flutter-feature
whonix
windows
wontfix
No Milestone
No project
No Assignees
2 Participants
Notifications
Due Date
No due date set.
Dependencies
No dependencies set.
Reference: cwtch.im/cwtch-ui#646
Loading…
Reference in New Issue
No description provided.
Delete Branch "%!s(<nil>)"
Deleting a branch is permanent. Although the deleted branch may continue to exist for a short time before it actually gets removed, it CANNOT be undone in most cases. Continue?
Cwtch is already being promoted in anarchist communities, and these communities primarily rely on Whonix and Tails. I would argue that the users that would benefit the most from what Cwtch provides will be using Tails.
My understanding is that until the issues opened by nyxnor are closed, Cwtch isn't working on Whonix Workstation no matter the "Advanced Tor Configuration" settings (this understanding is based on this forum post).
Would Cwtch work on Tails between now and when those issues are closed? If so, what should the "Advanced Tor Configuration" be? Stream isolation in Tails also uses an implementation of onion-grater. If the only problem with Tails use is Stream Isolation, this could be mitigated by using Cwtch in a dedicated Tails session.
Hi,
Thanks for opening this.
I'm not sure as I don't think anyone has tested this and reported back - but my assumption would be that it won't currently work without some external configuration change, but I could be wrong - it is definitely work testing.
One of the main strands of work I have planned prior to the release of 1.12 is to get Cwtch to the point where it works seamlessly on Whonix (https://git.openprivacy.ca/cwtch.im/cwtch-ui/issues?q=whonix&type=all&state=open&labels=197&milestone=0&assignee=0&poster=0) / Qubes (cwtch.im/cwtch#492) and, indeed, Tails.
There are basically two main pieces of work that need to be done:
connectivity
to allow it to detect when it is in an environment with a system Tor that has additional restrictions like onion-grater.I am planning on getting to this work sometime in the next month or so. I'll update this thread when there is a nightly release available for testing.
Small update on this: I have Cwtch working on Tails: https://mastodon.social/@sarahjamielewis/110142886772978466
The changes needed:
With any luck I'll have a nightly available to test later this week.
Draft Walkthrough of running on Tails is now published here: https://docs.cwtch.im/docs/platforms/tails
This requires the changes in the 2023-04-05-18-28-v1.11.0-7-g0290 nightly: https://docs.cwtch.im/blog/availability-status-profile-attributes#downloading-the-nightly
As noted in the docs, the configuration can likely be tightened, and we likely want to make some additional changes (#550) to better handle the
ProxyAddress
- but hopefully this is a useful start and any feedback you (or anyone else reading this) can provide would be great!.So exciting!
On the current version of Tails (5.12), running the command
exec env CWTCH_TAILS=true LD_LIBRARY_PATH=~/.local/lib/cwtch/:~/.local/lib/cwtch/Tor ~/.local/lib/cwtch/cwtch
, gave the output:Attached a screenshot.
Thanks for testing. It looks like you have run into a current Flutter bug - I've seen one ad-hoc report of this recently, but it was assumed to be software/hardware issues. It looks like this might need a flutter SDK update on our end.
In the meantime, can you try launching with
LIBGL_ALWAYS_SOFTWARE=1
as well? This should bypass the GL issue.(Debugging note, this looks like it might be related to a long standing flutter issue related to graphics drivers https://github.com/flutter/flutter/issues/76178#issuecomment-1356657603)
Launching with
LIBGL_ALWAYS_SOFTWARE=1
as well outputs:After this message, it starts as you would expect. However, I noticed that the Tor icon does not have the checkmark. In the Tor network status page, it says "Tor status: 0% - rebooting". The Reset button doesn't do anything. Perhaps this is expected behavior using the system Tor?
Connecting with another Cwtch contact (me from another device) doesn't succeed. The contact appears to be offline when they are not (waited around 30 minutes, restarted the Tor circuit on the contact Cwtch instance, exited and reopened both Cwtch instances).
I think that once Cwtch is stable, Tails really needs it in default software. Currently, encrypted messaging is limited to PGP email or Pidgin XMPP.
The highest likelihood of this happening is if Cwtch approaches the Tails team directly, so I thought I would link some GitLab issues here that are relevant to packaging and other considerations:
Ok I loaded up Tails this morning and found two issues in the latest nightly. The main problem looks like the GETINFO oniongrater config is too restrictive, a provisional working version is here:
d6571d6ca4/linux/cwtch-tails.yml
(part of this PR: #669)With that fix and reloaded, I can get Cwtch up and running on my tails environment.
Thanks for this list. One of our major threads of work this next few months is packaging, and having this all in one place is helpful.
As a note: debian packaging is definitely high on our priority list.
Yay, for me too!
Is backing up
$HOME/.cwtch
totally equivalent to exporting a profile through the GUI, or does it back up data that the export feature doesn't?Awesome!
Backing up
$HOME/.cwtch
will back up all profiles, global app settings e.g. themes / experiments / language info etc. (and on other systems Tor config/data).Export profile only backups up individual profile information.
Cwtch 1.13 works on Tails. Configs are packaged. If any additional issues come up please open a new issue.
One laptop I'm using still requires the
LIBGL_ALWAYS_SOFTWARE=1
flag to launch properly. Is their further info I could give to help resolve this?