Allow the user to configure Tor before connecting to it

[anon88391]

Currently when installing Bisq for the first time and running it the software connects to the Tor network without letting the user configure it. Only after the initial connection is established the user is allowed to configure Tor. This is poses a significant risk to some users' privacy, anonymity and security. In some countries with widespread censorship just connecting to the Tor network can cause negative consequences from the government and put the user in a very bad light forever. It is therefore very important to let the user configure the Tor connection before it's established so that they can take necessary countermeasures against detection. Connecting to Tor before having the ability to configure it goes against Tor's philosophy. Tor Browser doesn't connect to Tor without letting the user configure the connection first. Please fix this and allow the user to configure Tor before connecting to it. Thank you.

[mrosseel]

do you have any examples of how other desktop apps handle this, particularly UI-wise ?

[ghost]

@anon88391 I suppose your concerns are about the /etc/tor/torrc proper tuning. Could you give some examples of some tuning(s) you think about.

[freimair]

Means of providing a torrc config file or even single config parameters have been introduced back in 2018 via https://github.com/bisq-network/bisq/pull/1893. Please give more details so we can enhance the software.

[anon88391]

@mrosseel A desktop instant messenger app called Ricochet utilizes Tor network to establish connections between user, althought it hasn't been updated in a while. When running Ricochet for the first time it asks the user to configure Tor connection settings before establishing any connection. Whonix, very good software that is a virtual machine used to route other virtual machines through Tor also does this. It doesn't establish any connections before the user configures the connection settings. @HarryMacfinned Yes indeed, by saying "configure Tor connection settings" I'm actually referring to the torrc settings, where the user can change them on a high-level (bridges, proxy settings, etc). @freimair That is not what I meant to address. I'm aware that Bisq has means of providing a torrc config file, however the issue stems from the fact that when launching Bisq for the first time, the user is never asked to configure the connection settings (set up necessary bridges or proxy settings) before the first connection is established. Bisq first establishes Tor connections and only then allows the user to change the settings, which is a significant risk for some users.

[freimair]

so what you are saying is you like to see

• the Tor connection settings dialog pop up on first start of Bisq?
• then, maybe transition some torrc configs to the GUI?
• and of course, the popup has to be reworked for usability in its new role?

[anon88391]

@freimair Yes, more or less, however:

• the Tor connection settings dialog doesn't have to be a pop up, I think it could incorporated right into the GUI and it could just ask the user if he wants to connect to Tor normally, or his country is censored and needs to configure the connection (the same dialog that Tor Browser uses). I'm not experienced in programming GUIs so I can't give my opinion on what'd be the best way to do it.
• I don't think there's much need for letting the user modify the torrc file through GUI, actually I'm against it. Tor Browser doesn't do it, an inexperienced user could mess things up, it's better to just do it the same way Tor Browser does (only a high level configuration).

Additionally since many applications incorporate the dialog in the same manner I'd expect the Tor documentation to provide some insight on how to do it properly, but I cannot be sure it does.

[GIJack]

Things of note: For users in some locales, as much as being caught running TOR can put them in significant risk to their person for merely this.

To help these users, TOR has implemented bridges. For particularly keen regimes, public bridges are also known and watched by authorities. These users need to enter custom bridges manually to use TOR.

If TOR starts, before a bridge is implemented PROPERLY it could leak the fact they are using TOR. This needs to be configured at first run.

For power users, tend to run a dedicated node on a separate host. This is to prevent correlation attacks, as the node stays online 24/7, and improves the strength of the network. Making these can be done with small computers like raspis, or virtual machines on cloud networks, and incorporate a wide array of other privacy technologies like various forms of VPN and proxy.

There should just be radio buttons asking users

1. Standard - just uses as now. Has a note that if someone doesn't know to use this option. This is the default.
2. Bridge - drops down a second set of radio buttons for "default" or "custom" allowing a user to enter their own bridge info
3. External - Drops down a hostname, port, username, password, dialog for an external TOR node. defaults are 127.0.0.1 9050 no username/pw

Big continue button at the bottom to save settings and continue loading. All it would take for newb users is just clicking one button, and everyone else can change settings.

[tangruixun]

My thoughts exactly, please add a torrc proxy setting UI before bisq launching or enable user edit the torrc file at least