[qubes-users] qubes-split-browser issues

I have installed and enabled the qubes-split-browser. I would like to check if the behavior of the qubes-split-browser is as intended.

My surfer VM is based on Fedora-32, with networking disabled. Its disp-VM is set to whonix-ws-15-disp, that itself is based on whonix-ws-15.

In the surfer VM I open the Split Browser (TB Security level: Safest). This is what happens:

- TB opens up in disp-VM whonix-ws-15-disp. The welcome page is not Whonix Welcome Page as normally when I open the TB in the disp VM directly, but instead it opens up the About Tor welcome page. Is this intended?

- TB opens up in the Security Level: Standard, instead of Safest, as mentioned in the name of the link (Split Browser (TB Security level: Safest). It should open up in the Safest I guess?

- once I close the TB, the disp VM remains active and needs to be stopped manually. Normally, if I launch TB in the whonix-ws-15-disp directly, and than close that TB, whole disp VM gets killed by itself. How can I set the qubes-split-browser to kill the whole disp VM once the TB is closed?

- At the end, if I save a bookmark in the disp VM TB, launched from the surfer VM, the bookmark doesnt survive the killing of the disp VM and is not available from the another disp VM launched from the surfer VM.

This behavior is the same if I execute split-browser in the terminal, or through the GUI as Split Browser or as Split Browser (TB Security level: Safest). Can anyone help me with the setup?

taran1s:

- TB opens up in disp-VM whonix-ws-15-disp.

In a VM named like disp1234 though, right?

The welcome page is not Whonix Welcome Page as normally when I open
the TB in the disp VM directly, but instead it opens up the About
Tor welcome page. Is this intended?

Yes, so far so good.

I've configured about:tor as the homepage, because Tor Browser has
been plagued by a bunch of obscure bugs on first startup (which should
be every startup for DisposableVMs) when it's blank or a file:// URL.

- TB opens up in the Security Level: Standard, instead of Safest, as
mentioned in the name of the link (Split Browser (TB Security level:
Safest). [...]

- once I close the TB, the disp VM remains active and needs to be
stopped manually.

Those two are strange. Anything interesting in 'sudo journalctl' on
the DisposableVM?

- At the end, if I save a bookmark in the disp VM TB, launched from
the surfer VM, the bookmark doesnt survive the killing of the disp
VM and is not available from the another disp VM launched from the
surfer VM.

Did you use the hotkeys? Ctrl-d to save a persistent bookmark, and
Alt-b to open the persistent bookmarks list. Other methods (like
clicking the star outline in the address bar, etc.) unfortunately
won't work.

This behavior is the same if I execute split-browser in the
terminal, or through the GUI as Split Browser or as Split Browser
(TB Security level: Safest).

So 'split-browser --safest' also opens up on Standard?

Hmm, maybe try with a freshly created DisposableVM template instead of
whonix-ws-15-disp? I'm definitely interested in debugging this.

Rusty

Rusty Bird:

taran1s:

- TB opens up in disp-VM whonix-ws-15-disp.

In a VM named like disp1234 though, right?

Right.

The welcome page is not Whonix Welcome Page as normally when I open
the TB in the disp VM directly, but instead it opens up the About
Tor welcome page. Is this intended?

Yes, so far so good.

I've configured about:tor as the homepage, because Tor Browser has
been plagued by a bunch of obscure bugs on first startup (which should
be every startup for DisposableVMs) when it's blank or a file:// URL.

- TB opens up in the Security Level: Standard, instead of Safest, as
mentioned in the name of the link (Split Browser (TB Security level:
Safest). [...]

- once I close the TB, the disp VM remains active and needs to be
stopped manually.

Those two are strange. Anything interesting in 'sudo journalctl' on
the DisposableVM?

Can you navigate me how to open the terminal in the active dispvm please?

- At the end, if I save a bookmark in the disp VM TB, launched from
the surfer VM, the bookmark doesnt survive the killing of the disp
VM and is not available from the another disp VM launched from the
surfer VM.

Did you use the hotkeys? Ctrl-d to save a persistent bookmark, and
Alt-b to open the persistent bookmarks list. Other methods (like
clicking the star outline in the address bar, etc.) unfortunately
won't work.

Yes I did. Clicking ctrl-d saves the bookmark with blue Saved to library! popup in the active TB dispVM. alt-b opens up the bookmarks menu and I can see the bookmark. It doesn't but survive the reboot.

This behavior is the same if I execute split-browser in the
terminal, or through the GUI as Split Browser or as Split Browser
(TB Security level: Safest).

So 'split-browser --safest' also opens up on Standard?

Both open on Standard and don't kill the dispvm once switched off. It needs to be stopped manually.

taran1s:

Rusty Bird:
> Anything interesting in 'sudo journalctl' on
> the DisposableVM?

Can you navigate me how to open the terminal in the active dispvm please?

In the Domains Widget (system tray Q button), there's 'Run Terminal'
inside the disp1234 submenu.

The logs in the *persistent* VM would be relevant too:

    journalctl -t qubes.StartApp+split-browser-dom0 \
               -t qubes.StartApp+split-browser-safest-dom0

> > - At the end, if I save a bookmark in the disp VM TB, launched from
> > the surfer VM, the bookmark doesnt survive the killing of the disp
> > VM and is not available from the another disp VM launched from the
> > surfer VM.
>
> Did you use the hotkeys? Ctrl-d to save a persistent bookmark, and
> Alt-b to open the persistent bookmarks list. Other methods (like
> clicking the star outline in the address bar, etc.) unfortunately
> won't work.

Yes I did. Clicking ctrl-d saves the bookmark with blue Saved to library!
popup in the active TB dispVM. alt-b opens up the bookmarks menu and I can
see the bookmark. It doesn't but survive the reboot.

Ah, for some reason the hotkeys aren't intercepted. Can you start a
new Split Browser, and post the full contents of Tor Browser's Browser
Console? (Ctrl-Shift-j)

Rusty

Rusty Bird:

taran1s:

Rusty Bird:

Anything interesting in 'sudo journalctl' on
the DisposableVM?

Can you navigate me how to open the terminal in the active dispvm please?

In the Domains Widget (system tray Q button), there's 'Run Terminal'
inside the disp1234 submenu.

Sorry, in the Domains Widget there is no active disp12... available. I can see the dispvm only in the Qube Manager.

The logs in the *persistent* VM would be relevant too:

     journalctl -t qubes.StartApp+split-browser-dom0 \
                -t qubes.StartApp+split-browser-safest-dom0

- At the end, if I save a bookmark in the disp VM TB, launched from
the surfer VM, the bookmark doesnt survive the killing of the disp
VM and is not available from the another disp VM launched from the
surfer VM.

Did you use the hotkeys? Ctrl-d to save a persistent bookmark, and
Alt-b to open the persistent bookmarks list. Other methods (like
clicking the star outline in the address bar, etc.) unfortunately
won't work.

Yes I did. Clicking ctrl-d saves the bookmark with blue Saved to library!
popup in the active TB dispVM. alt-b opens up the bookmarks menu and I can
see the bookmark. It doesn't but survive the reboot.

Ah, for some reason the hotkeys aren't intercepted. Can you start a
new Split Browser, and post the full contents of Tor Browser's Browser
Console? (Ctrl-Shift-j)

split-browser-safest

[02-08 11:25:56] Torbutton NOTE: Initializing security-prefs.js
[02-08 11:25:56] Torbutton NOTE: security-prefs.js initialization complete
Content Security Policy: Couldn’t parse invalid host 'wasm-eval'
[Exception... "Component returned failure code: 0x80520001 (NS_ERROR_FILE_UNRECOGNIZED_PATH) [nsIXPCComponents_Utils.readUTF8URI]" nsresult: "0x80520001 (NS_ERROR_FILE_UNRECOGNIZED_PATH)" location: "JS frame :: resource://gre/modules/L10nRegistry.jsm :: L10nRegistry.loadSync :: line 661" data: no] 14 L10nRegistry.jsm:661:19
Bootstrapped manifest not allowed to use 'resource' directive. chrome.manifest:2
Content Security Policy: Couldn’t parse invalid host 'wasm-eval'
[Exception... "Component returned failure code: 0x80520001 (NS_ERROR_FILE_UNRECOGNIZED_PATH) [nsIXPCComponents_Utils.readUTF8URI]" nsresult: "0x80520001 (NS_ERROR_FILE_UNRECOGNIZED_PATH)" location: "JS frame :: resource://gre/modules/L10nRegistry.jsm :: L10nRegistry.loadSync :: line 661" data: no] L10nRegistry.jsm:661:19
Content Security Policy: Couldn’t parse invalid host 'wasm-eval'
[Exception... "Component returned failure code: 0x80004001 (NS_ERROR_NOT_IMPLEMENTED) [nsIAppStartup.secondsSinceLastOSRestart]" nsresult: "0x80004001 (NS_ERROR_NOT_IMPLEMENTED)" location: "JS frame :: resource:///modules/BrowserGlue.jsm :: _collectStartupConditionsTelemetry :: line 1743" data: no] BrowserGlue.jsm:1743:9
Error: setevents stream -> 510 Command filtered tor-control-port.js:237:19
[02-08 11:25:59] Torbutton NOTE: no SOCKS credentials found for current document.
Unchecked lastError value: Error: Could not establish connection. Receiving end does not exist. store.js:135
a11y.sitezoom - Unknown scalar.
[02-08 11:26:02] Torbutton WARN: Your Tor Browser is out of date.
Key event not available on GTK2: key=“u” modifiers=“accel shift” id=“torbutton-new-identity-key” browser.xhtml
Key event not available on some keyboard layouts: key=“r” modifiers=“accel,alt” id=“key_toggleReaderMode” browser.xhtml
Key event not available on some keyboard layouts: key=“i” modifiers=“accel,alt,shift” id=“key_browserToolbox” browser.xhtml

taran1s:

Rusty Bird:
> taran1s:
> > Rusty Bird:
> > > Anything interesting in 'sudo journalctl' on
> > > the DisposableVM?
>
> > Can you navigate me how to open the terminal in the active dispvm please?
>
> In the Domains Widget (system tray Q button), there's 'Run Terminal'
> inside the disp1234 submenu.

Sorry, in the Domains Widget there is no active disp12... available. I can
see the dispvm only in the Qube Manager.

Are you maybe confusing the Domains widget (Q on the upper right of
the screen - next to the Clipboard widget, Devices widget, etc.) with
the Applications button (Q on the upper left corner)?

Qube Manager can also open a terminal: Right click on disp1234, "Run
command in qube", enter "qubes-run-terminal".

Once you've got a terminal in the DisposableVM, can you please also
post (after the Tor Browser window has appeared) the full contents of:

    /home/user/.tb/tor-browser/Browser/sb.js
    /home/user/.tb/tor-browser/Browser/defaults/pref/sb-load.js

And the output of:

    ps -efH | grep -i browser

> The logs in the *persistent* VM would be relevant too:
>
> journalctl -t qubes.StartApp+split-browser-dom0 \
> -t qubes.StartApp+split-browser-safest-dom0

> Ah, for some reason the hotkeys aren't intercepted. Can you start a
> new Split Browser, and post the full contents of Tor Browser's Browser
> Console? (Ctrl-Shift-j)

split-browser-safest

[02-08 11:25:56] Torbutton NOTE: Initializing security-prefs.js
[...]
[02-08 11:25:56] Torbutton NOTE: security-prefs.js initialization complete
Content Security Policy: Couldn’t parse invalid host 'wasm-eval'
[Exception... "Component returned failure code: 0x80520001
(NS_ERROR_FILE_UNRECOGNIZED_PATH) [nsIXPCComponents_Utils.readUTF8URI]"
nsresult: "0x80520001 (NS_ERROR_FILE_UNRECOGNIZED_PATH)" location: "JS
frame :: resource://gre/modules/L10nRegistry.jsm :: L10nRegistry.loadSync ::
line 661" data: no] 14 L10nRegistry.jsm:661:19
Bootstrapped manifest not allowed to use 'resource' directive.
chrome.manifest:2
Content Security Policy: Couldn’t parse invalid host 'wasm-eval'
[Exception... "Component returned failure code: 0x80520001
(NS_ERROR_FILE_UNRECOGNIZED_PATH) [nsIXPCComponents_Utils.readUTF8URI]"
nsresult: "0x80520001 (NS_ERROR_FILE_UNRECOGNIZED_PATH)" location: "JS
frame :: resource://gre/modules/L10nRegistry.jsm :: L10nRegistry.loadSync ::
line 661" data: no] L10nRegistry.jsm:661:19
Content Security Policy: Couldn’t parse invalid host 'wasm-eval'
[Exception... "Component returned failure code: 0x80004001
(NS_ERROR_NOT_IMPLEMENTED) [nsIAppStartup.secondsSinceLastOSRestart]"
nsresult: "0x80004001 (NS_ERROR_NOT_IMPLEMENTED)" location: "JS frame ::
resource:///modules/BrowserGlue.jsm :: _collectStartupConditionsTelemetry ::
line 1743" data: no] BrowserGlue.jsm:1743:9
Error: setevents stream -> 510 Command filtered tor-control-port.js:237:19
[02-08 11:25:59] Torbutton NOTE: no SOCKS credentials found for current
document.
Unchecked lastError value: Error: Could not establish connection. Receiving
end does not exist. store.js:135
a11y.sitezoom - Unknown scalar.
[02-08 11:26:02] Torbutton WARN: Your Tor Browser is out of date.

Unremarkable log spam except for this^ line: Somehow the Split Browser
prefs from sb.js (which would disable Torbutton's broken update check)
aren't being applied.

Key event not available on GTK2: key=“u” modifiers=“accel shift”
id=“torbutton-new-identity-key” browser.xhtml
Key event not available on some keyboard layouts: key=“r”
modifiers=“accel,alt” id=“key_toggleReaderMode” browser.xhtml
Key event not available on some keyboard layouts: key=“i”
modifiers=“accel,alt,shift” id=“key_browserToolbox” browser.xhtml

Rusty