Tor Browser: Login and device information lost when closing tab or browser

[CEbhNwPM]

Description

I am aware that this is normal with the default configuration of Tor Browser, please read on.

I use riot.im/app with matrix.org. Login and device ID do not persist in a well-configured Tor Browser (does not delete cookies or local storage on exit). The configuration as described below worked until recently. Downgrading Tor Browser (while also preventing auto update) did not help, so if I did not make any mistakes, this seems to be a regression in Riot 0.17.9.

Steps to reproduce

• Download, install and start Tor Browser for Windows (latest 8.0.5 or previous 8.0.4)
• Options -> Privacy and Security -> History: Uncheck "Always use private browsing mode", restart
• Options -> Privacy and Security -> History: Check "Clear history when Tor Browser closes", then uncheck "Cookies" and "Active Logins" under Settings
• Options -> Cookies and Site Data: Check "Keep until I close Tor Browser", click on "Exceptions" and add "riot.im" with status "Allow".
• Go to riot.im/app, log in and verify the new device from your other devices.
• Close and start Tor Browser (do not use "New Identity").
• Options -> Cookies and Site Data -> Manage Data: Verify that cookie and storage are still there.
• Go to riot.im/app and open the developer tools console.

You will no longer be logged in and one of the first few lines in the console shows "No previous session found.". The issue even occured when just closing the tab and not the entire browser. It also occurs on riot.im/develop.

Log: Not sent, didn't seem useful as this is easily reproduced.

Version information

• Platform: Windows PC
• Browser: Tor Browser 8.0.4 or 8.0.5 (32 or 64 bit)
• OS: Windows
• URL: riot.im/app and riot.im/develop

Thanks for looking into this. Overall I'm very happy with Riot and Matrix, but I need it to work via Tor without complicated workarounds such as trying to tunnel the desktop app completely (difficult on Windows) or running a tunneled VM.

[TieDyeKatz]

Tor Browser is meant for privacy and may clear all cookies on exit. Try using Riot with another browser, as chat rooms can be encrypted.

[CEbhNwPM]

Just updating that the issue persists on the develop branch as of today and that an existing session is not recognized even just after closing and reopening the Riot tab.

@dbkr could this be a regression in #7920 ?

[lampholder]

Hi @CEbhNwPM - I'm a little worried this issue will be starved of attention due to your (as far as I'm aware) relatively niche usecase - it would be a shame if a regression made Riot unworkable for your needs.

OOI what's the main motivator for maintaining your riot session over tor restarts? Is it device verification? E2E key persistence? Avoiding initial syncs?

[CEbhNwPM]

Thank you for replying. I also tested this with Firefox ESR, where everything works fine. So whichever code change caused this, the hardened settings of Tor Browser relied upon something that was previously in the code. If I run out of patience, I will either use the desktop client or try to identify the exact reason for this regression myself.

I use Riot for a small, end-to-end encrypted room. Everyone would have to re-verify me daily and most of the history fails to decrypt for me, obviously. It's important to note that this happens even when I just close the Riot tab, I don't even have to close the whole browser. The session data is stored and kept just fine, it's just never recognized again.

[jryans]

Thanks for this report. I have followed your steps using Tor Browser 8.0.6 on macOS and riot.im/develop, and I can reproduce the issue.

Using the Storage tab of the Developer Tools, it seems clear that the browser is still clearing IndexedDB, Local Storage, etc. despite the settings you've set. As you say, you don't even need to restart the browser, as it also happens by closing and opening the tab.

Unfortunately, I can't think of anything Riot itself can do about this issue. It seems to be related to Tor Browser's storage implementation, so something would need to be fixed there. I suggest filing a bug there instead.

If there is something Riot can do about this, please let us know!

[CEbhNwPM]

Here is an update on the issue and the situation with Riot's usability with Tor on Windows in general.

The Tor Browser setting below causes the problems described in this issue:

• Options -> Cookies and Site Data: Check "Keep until I close Tor Browser"

This setting causes Tor Browser to forget "Local Storage" data outside of the first Riot tab and does not properly clean up cookies on browser exit either, as it is supposed to. This has been reported to the Tor Browser team.

Riot works when disabling private browsing mode and not clearing cookies on exit. I would not recommend doing this, as keeping cookies over browser restarts enables tracking. Blocking all but Riot's cookies is also not an option, because the fact that you are blocking cookies also makes you more trackable.

As it is best not to mess with vanilla Tor Browser settings in general, Tor Browser would need a whitelisting feature to retain data from specific sites in order to make Riot with E2E usable in a proper way.

The next best option to use Riot over Tor is the desktop client with launch options --proxy-server and --no-update, but I'm not confident that Riot, or more specifically, Electron, will not try to make connections outside of Tor anyway (see e.g. element-hq/element-desktop#843). So you would still have to firewall off all Riot executables to be sure, which is made painful by the fact that the path changes with every update and Windows firewall needs absolute paths.