Official changelog for AnonSurf development discussion before Beta testing and further
Before main topic:
Version anonsurf 2.13.9 is arrived on stable repo. Any user is having problem with anonsurf can fix it by reinstall Tor. Full step if you are having old version which is having problem:
- Upgrade anonsurf to 2.13.9
- Start anonsurf. It has error.
- Stop anonsurf and reinstall tor
This problem happened because of a script in Debian packaging that Palinuro made before which remove/etc/tor/torrc
and create a symlink.
Note: Step 2 is required to fix the bug. I don’t know why.
Main topic
Core:
- Rework my IP. It is now using Tor server to check your IP and also under tor status. Address
https://check.torproject.org/
- Fix problem of AnonSurf enable / disable boot by syntax in system unit file.
- Rework the logic of AnonSurf so it is more simple: Remove ALL sleep command, optimized all functions so it can start at boot as well as start from terminal only
- Random password of Control Port. This is not actually an extra security feature but we don’t want to use a hard coded password for all users.
- Fix logic problems when restore DNS settings.
- Restart now restart only services (anonsurf daemon and tor). It works as same as start and stop but no more asking kill apps and annoying prompts
- Remove bridge mode (answer is in here anonsurf 2.13.9 - start-bridge 'disappeared after update). It will be added when we have better solutions. bridge was a unmaintained features when we added it by some configurations only and there was no actual monitoring and testing.
User interface
- Menu now uses
gksudo
and notification (by notify-send) only. No more boring terminal from the GUI. - Notification now use icon (i believe it increase UX and better for focusing on new events)
- A little change in terminal output: less useless space, different color output, … which is more friendly.
- A GUI application is out. Yes, GUI application. From GUI you can not only start / stop AnonSurf but can check IP, change ID, show status, … The GUI also check current control ports, DNS status to show core information about your Tor connection.
- Rewrite the way to install program: Change from Makefile to Debian standard. It is not only shorter, more simple way to maintain but it can clean old files when something is changed,…
GUI app
- The GUI is written by Nim lang and gintro which is GTK binding for Nim lang. Nim lang is a new language which has a good syntax as same as python but it is
statically typed compiled systems programming language
so it is not just easy to read and maintain but has performance like a beast (i’m not lying. Thelauncher-updater
ofparrot-menu
is written in Nim lang which is faster than old script which was written in golang x6-x8 times). Nim lang also means safe program, lightweight binary and small Ram usage. A big thank to Nim lang community and author of gintro, Stefan Salewski! They helped me a lot with syntax and problems i had. - This is the 3rd desgin for the GUI of AnonSurf (that is why it have been 6 months since i started working on GUI). So manything has been rewritten. This is not first program in Nim lang of mine but this is the first GUI program. There are still so many mistakes in code. Crashing and other problems are expected.
- GUI show status of AnonSurf in real time.
- The GUI is like Kaspersky design. I’m a fan of this security solution. The GUi is really simple:
Main page which shows core things that an user need about AnonSurf. It has 3 parts
- Details:
- Show current status of anonsurf by icons
- A label which show current status of anonsurf
- Button details which leads user to
full detail
widget. - Button Tor status that call program
nyx
to show everything about Tor connection and more
- 3 core buttons
- Start (stop): start or stop AnonSurf
- Change ID: Change Tor exit nodes
- My IP: Check your current IP (as same as function in bash but it is written in Nim lang with httpClient)
- Bottom bar for some extra buttons
The full detail
widget which is showing
- Status
- Status of services. It shows Tor and Anonsurf service
- Show status of current Tor Ports (Control Port, Socks Port and Transport port)
- DNS: Check current DNS setting from
/etc/resolv.conf
andDNSPort
from torrc
- Boot status
- Icon and label to show is AnonSurf is enabled with boot
- A Button to enable / disable start at boot
- Bottom bar
- A button to go back to main widget
- A button to restart AnonSurf.
More screenshot about the GUI
Security: apparmor and hardening
- This is a super headache problem. I am making the profiles but it is unstable and it can makes problem on different environment. Beta testing will not include it.
- I’m still working on making apparmor profile and using systemd hardening to make AnonSurf safer. It also mean i have to optimize the code, stop using command which can cause trouble / exploit / …
- This is first time i’m working with apparmor profile and i’m feeling it is not easy enough to config and use. And any wrong config can make AnonSurf can not be used with no reason and it is hard to check the actual problem.
Futher:
- Support save configurations which allow AnonSurf uses more settings from Torrc and support more complex features by users
- Support bridge, obfs4bridge, …, i2p
- How about a public location? Like coffee? MAC changer (again) and something to protect in LAN
- Firewall thing…