At the Tor developers meeting that is celebrated these days in Stockholm some topics related to working together with Firefox began to be discussed, among which is to discuss a proposal for a «Tor mode» plugin for Firefox and another is the selection of Tor browser patches that are candidates for Firefox.
The key tasks are to create a plug-in that provides work over the anonymous Tor network in standard Firefox, as well as to transfer patches developed for the Tor Browser to the main Firefox staff.
To track the status of the patch transfer, a special torpat.ch site was prepared. 13 patches were transferred until 22 patches were launched in Mozilla's bug handler (more than 100 patches suggested).
About the Tor mode plugin proposal for Firefox
Basically the main idea of the integration with Firefox is to use Tor when working in private mode or to create an additional super private mode with Tor.
There is an idea for, in the future, to make Firefox use Tor in private browsing mode, or a new extra private mode, that will take a lot of engineering and purchasing work.
To help smooth the way, there is a proposal for a "Tor Mode" plugin. This would not be packaged with the browser by default, but it would be something that users could download from addons.mozilla.org to give them a "Tor Mode" button or similar.
This would allow users to experience what a full integration with Tor could look like. It could also help measure interest by counting downloads etc.
Given that including Tor support in the core Firefox composition requires a lot of work, it was decided to start with the development of an external plugin.
As the developers said, this plugin will be delivered through the addons.mozilla.org catalog, this delivery in plugin form will allow users to evaluate the general concept of what Tor's built-in support can look like with the browser.
The code for working with the Tor network is not intended to be rewritten in JavaScript, but rather compiled from C to the WebAssambly view, which will allow you to include all the necessary tested Tor components in the plugin without linking them to external executable files and libraries.
Forwarding to Tor will be arranged by changing your proxy settings and using your own controller as a proxy.
When switched to Tor mode, the plugin will also change some security related settings.
En particular, similar settings will apply to Tor Browser, intended to block possible proxy circumvention routes and oppose the identification of the user's system.
At the same time, the work of the plugin will require extended privileges that go beyond the usual plugins to the WebExtension API base and are inherent in system plugins (for example, the plugin will call XPCOM functions directly).
Mozilla must digitally sign such privileged pluginss, but since the add-on is intended to be developed together with Mozilla and delivered on behalf of Mozilla, there should be no problem obtaining additional privileges.
The Tor mode interface is still under discussion. For example, when clicking the Tor button, it is suggested to open a new window with a separate profile.
In Tor mode, it is also proposed to completely prohibit the sending of requests via HTTPas the contents of unencrypted traffic can be intercepted and modified on outgoing Tor nodes.
Protection against HTTP traffic change substitution by using NoScript is recognized as insufficient, making it easier to restrict Tor mode to only requests over HTTPS.
Finally, it remains to hope that it is what is finally planned for this new proposal that many users will find great.