New Release: Tor Browser 8.0.4
Tor Browser 8.0.4 is now available from the Tor Browser Project page and also from our distribution directory.
This release features important security updates to Firefox.
Tor Browser 8.0.4 contains updates to Tor (0.3.4.9), OpenSSL (1.0.2q) and other bundle components. Additionally, we backported a number of patches from our alpha series where they got some baking time. The most important ones are
- a defense against protocol handler enumeration which should enhance our fingerprinting resistance,
- enabling Stylo for macOS users by bypassing a reproducibility issue caused by Rust compilation and
- setting back the sandboxing level to 5 on Windows (the Firefox default), after working around some Tor Launcher interference causing a broken Tor Browser experience.
Moreover, we ship an updated donation banner for our year-end donation campaign.
The full changelog since Tor Browser 8.0.3 is:
- All platforms
- Update Firefox to 60.4.0esr
- Update Tor to 0.3.4.9
- Update OpenSSL to 1.0.2q
- Update Torbutton to 2.0.9
- Update HTTPS Everywhere to 2018.10.31
- Update NoScript to 10.2.0
- Bug 1623: Block protocol handler enumeration (backport of fix for #680300)
- Bug 25794: Disable pointer events
- Bug 28608: Disable background HTTP response throttling
- Bug 28185: Add smallerRichard to Tor Browser
- Windows
- OS X
- Linux
- Build System
- All Platforms
- Bug 27218: Generate multiple Tor Browser bundles in parallel
- All Platforms
Comments
Please note that the comment area below has been archived.
Alas, after the update from…
Alas, after the update from 8.0.3 to 8.0.4 no text will work. This persists on any website.
What do you mean with "no…
What do you mean with "no text will work"?
I looked into it more. One…
I looked into it more. One or several fonts don't work correctly in 8.0.4. It isn't a particular website and not on every website. 8.0.3 works flawlessly. Here are the screenshots to explain better. I don't think it's the tor protocol.
https://postimg.cc/fVYv19s4
https://postimg.cc/jwDn0pfW
https://postimg.cc/1Vc9LBvn
https://postimg.cc/hXhXdFC2
https://postimg.cc/Yvmp7tDB
https://postimg.cc/N5331mDZ
What is the cause for this?
Hard to say. My guess is…
Hard to say. My guess is some software on your system interfering with Tor Browser. Looking at the Changelog for 8.0.4 I somehow doubt this is caused by any of our changes. But maybe that's some weird sandboxing related thing. Does opening
about:config
and settingsecurity.sandbox.content.level
to2
(and restarting) solve this problem?security.sandbox.content…
security.sandbox.content.level is and was set to 2 already for many reboots and TorBrowser restarts as well. I didn't ever change it. My guess is this setting was and is set to 2 all along. After reading the Changelogs i also doubt if those changes could be the cause. Windows can't be the problem. All TorBrowsers since 4.0.0 and all versions before that run very good. It isn't very likely that some software could pose a problem. 8.0.3 runs. It is only 8.0.4 that suddenly has a bit of a difficulty.
Some software interfering with Tor Browser i would have noticed and would have cleared the problem. I would have happened in previous versions, but it did't.
Did the compiler say anything? Perhaps messages different between 8.0.3 and 8.0.4?
But the sandbox level should…
But the sandbox level should be on "5" now after the update. So, I wonder what went wrong in your case, or did you set that preference to "2" yourself?
Additionally, it would not be the first time that minor version updates, especially if they contain updates to Tor as well (which this version does), causes issues with installed Antivirus/Firewall software. So, I would not dismiss that option right from the beginning.
Found the problem. 8.0.4…
Found the problem. 8.0.4 works on bare metal but not in Virtualbox. Previous versions work both ways, including 8.0.3.
Ah, interesting, thanks. I…
Ah, interesting, thanks. I wonder why that is the case. Is that related to the sandboxing level 5 now? Or is there something else that comes to mind?
Doubtfully if vb can support…
Doubtfully if vb can support alternate desktop.
Tried both sandboxing levels…
Tried both sandboxing levels 5 and 2. 8.0.4 won't run correctly inside of a VirtualBox VM. Seems sandboxing isn't the problem. No Antivirus. Guest Additions installed. Flashplayer installed, not as plugin or addon.
But aside from that, 8.0.3 and previous versions prevail.
Tried the partial update from 8.0.3 to 8.0.4 and the complete new download of 8.0.4. Doesn't work both ways.
But overwriting the old \Tor directory with the new one, it works with all versions up to 8.0.3.
Interesting. Can you test…
Interesting. Can you test some alpha bundles and report back the first one that contains the bug (assuming it manifests there as well)? Relevant alphas are 8.5a1-8.5a6 (inclusive) and bundles can be found at: https://archive.torproject.org/tor-package-archive/torbrowser/. Thanks!
TorBrowser 8.5a3 is the 1st…
TorBrowser 8.5a3 is the 1st version that contains the bug.
That's a bit mysterious as…
That's a bit mysterious as none of the changes in 8.5a3 made it into 8.0.4, but thanks a lot. We'll need to investigate more, which will be done in https://trac.torproject.org/projects/tor/ticket/29032 (please help if you can).
i love this blog
i love this blog
My issue with fonts is kind…
My issue with fonts is kind of similar but I get a mirror image of the text a lot, even on Torproject.org, this has been happening for a little while not just 8.0.4 maybe since 8.0
imagine the text but when looking in the mirror, it will be upside down and backwards. a lot of time it will refresh by itself and looks fine.
Hm. I wonder whether that is…
Hm. I wonder whether that is https://trac.torproject.org/projects/tor/ticket/28482.
crappy av?
crappy av?
Fix OS leak with javascript
Fix OS leak with javascript
You can't fix js with js
You can't fix js with js
He means: don't expose Linux…
He means: don't expose Linux with js.
I am using Windows 32Bit.
I am using Windows 32Bit.
How to use windows 32bit.
How to use windows 32bit.
I noticed that the Tor…
I noticed that the Tor manual "https://tb-manual.torproject.org/transports/' has a pluggable transport called snowflake. When I go to bridges "https://bridges.torproject.org/options" I do not see this pluggable transport available.
This pluggable transport…
This pluggable transport works differently than the ones based on bridges. You don't get snowflake bridges out of BridgeDB. You need to have this transport available in your Tor Browser to use it. See: https://trac.torproject.org/projects/tor/wiki/doc/Snowflake for how it works.
OK. so snowflake is not…
OK. so snowflake is not available for Mac OS as the only built in transports are obfs4, obfs3 and meek azure.
We are still testing it in…
We are still testing it in the alpha series. So, yes, for now it's not available on any of our platforms if you are running Tor Browser stable.
This realease is for Android…
This realease is for Android too?
No, there is no Android…
No, there is no Android version is the current stable series. However there is in the alpha:
https://blog.torproject.org/new-release-tor-browser-85a6
Tor often wont work and is…
Tor often wont work and is incredibly slow. Has this upgrade addressed these issues - or is it a censorship issue in New Zealand.
Also I understand 'Brave' works with Tor - how can I configure this as preferences greyed out.
Thanks a bunch -This crone is not well versed in tech world - but endeavoring to stay ahead of the game.
> or is it a censorship…
> or is it a censorship issue in New Zealand
I haven't had any problem connecting to Tor so I'd say definitely not.
"... incredibly slow. Has…
"... incredibly slow. Has this upgrade addressed these issues - or is it a censorship issue in New Zealand"
Maybe your ISP has implemented a biased policy against Tor users? (an imaginative guess)
"I understand 'Brave' works with Tor - how can I configure this as preferences greyed out"
I've never tried Brave browser. Are you saying that Brave's preferences won't allow you to set proxy connections (to connect through Tor)?
"stay ahead of the game"
reminding me of the joke about needing only to be faster than someone else, when running from a bear.
Every new open tab freezes…
Every new open tab freezes the tor browser until it charges. Also, until now, tor browser no integrates with the desktop theme.
Linux
8.0.4 seems to be working…
8.0.4 seems to be working fine for me! As always, thanks to TB team for all your hard work!
Tip for everyone: If you use…
Tip for everyone:
If you use a bridge, occasionally check which version of tor that the bridge is running, and check whether or not the bridge's version is "Recommended" anymore. Go to the Relay Search on https://metrics.torproject.org/rs.html and paste the bridge's fingerprint into the search box.
For developers:
It would help if bridges in torrc were automatically checked for "Recommended" tor versions and notice was supplied instead of neglectfully assuming they are all updated.
The bridge check should be…
The bridge check should be in Tor Browser? Or is that supposed to be a check in Tor itself? That said: how should the check happen if one is currently using that bridge? And what is supposed to happen in case the bridge is not "Recommended" anymore?
I'd like to see in Browser…
I'd like to see in Browser Console that guard/bridge is not recommended!
The tor binary could check…
The tor binary could check them itself, and then Tor Browser reads a warning from an output of the tor binary so a warning would be sent to the user regardless of their setup. Users explicitly choose bridges and manually edit connection settings for them, so warnings about bridge status or a reminder to check their flags should at least be displayed to the user.
The network can start its part by removing "Not Recommended" bridges from the BridgeDB request services after a reasonable window of time for operators to update their bridges so the DB is sure to give out "Recommended" and recently expired versions from the start. Next, stronger emphasis could be given to bridge operators in the tor console and to their contact addresses to update in a reasonable window after their version becomes "Not Recommended" or possibly face rejection somehow from the network. Lastly, if taking the extreme step of rejecting very old versions is wise (it might not be for some edge cases), the network could somehow disallow "Not Recommended" bridges from connecting to the network after a reasonable window of time for the operators to update or for the users to find another bridge.
If the user is currently using that bridge, the check could be performed through that possibly old version bridge or optionally accepted by the user through a standard Guard node. Or instead of an automatic check, a periodic reminder (the delay of which could be, say, the length of time that standard Guard nodes are changed) could be displayed to the user to manually visit the Relay Search page and explicitly accept whatever the "Recommended" status of their bridges is. The reminder to check or the response from the program to an explicit "No" answer could include a link to the BridgeDB or related help for the user to find a new bridge if they want.
Is the version value trivial…
Is the version value trivial to edit? Can someone take old, "Not Recommended" code, modify the version data to an arbitrary Recommended value, rebuilt it, and pass as Recommended? For that matter, is it trivial to pass as any other flags?
On Tor Browser 8.0.4 (Apple…
On Tor Browser 8.0.4 (Apple MacOS), screen resolution should be 1000 x 1000, but it is 1000 x 0990.
(On Tor Browser 8.0, 8.1, 8.2, and 8.3 (Apple MacOS), screen resolution should have been 1000 x 1000, but it was 1000 x 0998. On Tor Browser 7.5.6 (Apple MacOS), screen resolution was 1000 x 1000.)
Ticket #27845
Really (?), it seems there…
Really (?),
it seems there never has been a fixed window size in Mac OS X (for except one time the window was always really fixed to the same size and many people objected to that).
The standard size of an opening window seems to depend on your computer size, screen size and resolution setting, but above all it depends on the setting and place of your applications doc, visible or not?
So:
- Doc visible gives a smaller window
- Doc invisible gives a bigger window
- Using Tails on the same monitor gives (almost?) the same size as in mac os x when having the doc collapsed.
- There are also different sizes between historical versions in combination with the doc settings.
A fast look at some previous browser versions gives at least 4 variation sizes, 1080x1080, 1080x1059, 1080x1044, 1080x989, do not know the exact tails version size right now, but seems to be something around 1080x1080 size.
Btw 1) I did not find the right setting to adjust the standard window size to another value in the about config, or xul file. (What is it?).
Btw2) Does anybody know how to make a screenshot in Tails?
I am having trouble finding…
I am having trouble finding the TBB button that normally appears near the URL. Isn't that needed to change the security settings (slider)? I am running in Whonix, if that matters.
Please ask the Whonix…
Please ask the Whonix project about that. They might have made some customizations that could be the reason for your trouble.
Thank you for such a great…
Thank you for such a great browser, job well done.
Bug 25794: Disable pointer…
Bye, bye, smooth scrolling/moving :( But it is finger-printable as hell! Why did you forget to disable it?
Mozilla's spoofing doesn't look great: it's easy to detect whether mouse or touch is used. So, spoofing to mouse is not an option, and https://trac.torproject.org/projects/tor/ticket/10286#comment:19
But having Touch and Pointer Events APIs is a must for Android/pads. But now you enabled autodetection (?) for Android only. So, there is a strong need in development of sane fingerprinting protection for those APIs in the next ESR.
it's awesome
it's awesome
Onboarding breaks about:tor…
Onboarding breaks about:tor after the tour completed and restart:
12:42:09.290 NS_ERROR_UNEXPECTED: Component returned failure code: 0x8000ffff (NS_ERROR_UNEXPECTED) [nsIPrefBranch.getIntPref] 1 OnboardingTourType.jsm:30
What is happening in that…
What is happening in that case (apart from the error getting emitted) and on which platform are you seeing the issue?
Links are no longer…
Links are no longer clickable on about:tor. Win7.
I tried that with a clean,…
I tried that with a clean, new Tor Browser 8.0.4 (32bit) on a Windows 7 machine and did the full onboarding (until the globe got greyed out), then restarted. I could neither see the error in the browser console, nor links not functioning. So, I am wondering what I am missing in my steps to reproduce your issue. Hrm.
Indeed, hrm. Donation banner…
Indeed, hrm. Donation banner might interfere. Did you test with alpha?
So, some progress here. I…
So, some progress here. I can reproduce a bug which might be this one with the alpha. But I don't have to complete the onboarding. The links on about:tor don't work right from the beginning. Is that what you are seeing, too? Where do you see the onboarding related exception? I don't see anything like that in the browser console.
Yes. The exception is…
Yes. The exception is probably from the corrupted pref file, sorry.
Okay, I've opened https:/…
Okay, I've opened https://trac.torproject.org/projects/tor/ticket/28836. We should have this fixed in the next release.
Hello! I have some problem…
Hello!
I have some problem with Tor. I up-dated Mozilla Firefox and also Tor.
After this Tor doesn't work and I see this communication:
"Failed to bind one of the listener ports."
Do you know what can I do?
Thanks in advance
12/12/18, 04:09:07.537 [WARN] You specified a public address '92.126.156.60:8800' for SocksPort. Other people on the Internet might find your computer and use it as an open proxy. Please don't allow this unless you have a good reason.
12/12/18, 04:09:07.541 [NOTICE] DisableNetwork is set. Tor will not make or accept non-control network connections. Shutting down all existing connections.
12/12/18, 04:09:23.768 [WARN] You specified a public address '92.126.156.60:8800' for SocksPort. Other people on the Internet might find your computer and use it as an open proxy. Please don't allow this unless you have a good reason.
12/12/18, 04:09:23.768 [NOTICE] DisableNetwork is set. Tor will not make or accept non-control network connections. Shutting down all existing connections.
12/12/18, 04:09:23.768 [WARN] You specified a public address '92.126.156.60:8800' for SocksPort. Other people on the Internet might find your computer and use it as an open proxy. Please don't allow this unless you have a good reason.
12/12/18, 04:09:23.769 [NOTICE] DisableNetwork is set. Tor will not make or accept non-control network connections. Shutting down all existing connections.
12/12/18, 04:09:23.769 [WARN] You specified a public address '92.126.156.60:8800' for SocksPort. Other people on the Internet might find your computer and use it as an open proxy. Please don't allow this unless you have a good reason.
12/12/18, 04:09:23.769 [NOTICE] DisableNetwork is set. Tor will not make or accept non-control network connections. Shutting down all existing connections.
12/12/18, 04:09:23.770 [WARN] You specified a public address '92.126.156.60:8800' for SocksPort. Other people on the Internet might find your computer and use it as an open proxy. Please don't allow this unless you have a good reason.
12/12/18, 04:09:23.770 [NOTICE] Opening Socks listener on 92.126.156.60:8800
12/12/18, 04:09:23.771 [WARN] Could not bind to 92.126.156.60:8800: Can't assign requested address
12/12/18, 04:09:23.771 [WARN] Controller gave us config lines that didn't validate:
12/12/18, 04:09:47.232 [WARN] You specified a public address '92.126.156.60:8800' for SocksPort. Other people on the Internet might find your computer and use it as an open proxy. Please don't allow this unless you have a good reason.
12/12/18, 04:09:47.232 [NOTICE] DisableNetwork is set. Tor will not make or accept non-control network connections. Shutting down all existing connections.
12/12/18, 04:09:47.232 [WARN] You specified a public address '92.126.156.60:8800' for SocksPort. Other people on the Internet might find your computer and use it as an open proxy. Please don't allow this unless you have a good reason.
12/12/18, 04:09:47.232 [NOTICE] DisableNetwork is set. Tor will not make or accept non-control network connections. Shutting down all existing connections.
12/12/18, 04:09:47.232 [WARN] You specified a public address '92.126.156.60:8800' for SocksPort. Other people on the Internet might find your computer and use it as an open proxy. Please don't allow this unless you have a good reason.
12/12/18, 04:09:47.232 [NOTICE] DisableNetwork is set. Tor will not make or accept non-control network connections. Shutting down all existing connections.
12/12/18, 04:09:47.232 [WARN] You specified a public address '92.126.156.60:8800' for SocksPort. Other people on the Internet might find your computer and use it as an open proxy. Please don't allow this unless you have a good reason.
12/12/18, 04:09:47.232 [NOTICE] Opening Socks listener on 92.126.156.60:8800
12/12/18, 04:09:47.232 [WARN] Could not bind to 92.126.156.60:8800: Can't assign requested address
12/12/18, 04:09:47.233 [WARN] Controller gave us config lines that didn't validate: Failed to bind one of the listener ports.
12/12/18, 04:10:06.289 [WARN] You specified a public address '92.126.156.60:8800' for SocksPort. Other people on the Internet might find your computer and use it as an open proxy. Please don't allow this unless you have a good reason.
12/12/18, 04:10:06.289 [NOTICE] DisableNetwork is set. Tor will not make or accept non-control network connections. Shutting down all existing connections.
12/12/18, 04:10:06.290 [WARN] You specified a public address '92.126.156.60:8800' for SocksPort. Other people on the Internet might find your computer and use it as an open proxy. Please don't allow this unless you have a good reason.
12/12/18, 04:10:06.290 [NOTICE] DisableNetwork is set. Tor will not make or accept non-control network connections. Shutting down all existing connections.
12/12/18, 04:10:06.290 [WARN] You specified a public address '92.126.156.60:8800' for SocksPort. Other people on the Internet might find your computer and use it as an open proxy. Please don't allow this unless you have a good reason.
12/12/18, 04:10:06.290 [NOTICE] DisableNetwork is set. Tor will not make or accept non-control network connections. Shutting down all existing connections.
12/12/18, 04:10:06.290 [WARN] You specified a public address '92.126.156.60:8800' for SocksPort. Other people on the Internet might find your computer and use it as an open proxy. Please don't allow this unless you have a good reason.
12/12/18, 04:10:06.290 [NOTICE] Opening Socks listener on 92.126.156.60:8800
12/12/18, 04:10:06.291 [WARN] Could not bind to 92.126.156.60:8800: Can't assign requested address
12/12/18, 04:10:06.291 [WARN] Controller gave us config lines that didn't validate: Failed to bind one of the listener ports.
What do you mean with "you…
What do you mean with "you updated Tor"? Are you using Tor Browser as we ship it from our website? And it is giving you the output above? Or where is the log coming from?
sorry my english is not that…
sorry my english is not that well..
Have you uploaded a new version of the Tor Browser? Yesterday? I have been using Tor since July..
Last night my system macOS Mojave 10.14.2 updated Firefox afterward Tor browser stopped working. I downloaded from this page Tor and again I see that information in the Tor browser window.. and on the bottom left in the browser window is also information that for help I can visit this website or contact support...
Hello, current tbb 8.04 is…
Hello, current tbb 8.04 is inaccesible for screen reader for Microsoft Windows. Please fix it.
Yes, we know. We have a…
Yes, we know. We have a series of patches that seems to be promising. However, there seems to be one missing that deals with multi-process mode. See: https://bugzilla.mozilla.org/show_bug.cgi?id=1430149 and https://trac.torproject.org/projects/tor/ticket/27503 for the details.
Defect seems to be fixed. …
Defect seems to be fixed.
Earlier, after installing Tor Browser 8.0.4 (Apple macOS), the browser screen resolution was 1000 Wide x 990 High, with all browser settings affecting screen resolution at their default-standard settings, but with configuration View/Toolbars/✓Bookmarks Toolbar.
Apparently, bokim, gk, and/or the tbb team implemented a fix because now the browser screen resolution is correctly 1000 Wide x 1000 High with all Tor Browser settings affecting screen resolution at their default-standard settings, except for configuration View/Toolbars/✓Bookmarks Toolbar.
Thank you very much for this fix.
Ticket #27845
Actually we did not…
Actually we did not implement a fix directly. But maybe enabling Stylo (the style system written in Rust) "solved" this?
No, it does not look like it…
No, it does not look like it is fixed.
Still counting different sizes, like these on retina screen with different resolution settings possible (dock visible or not does not matter anymore in case of renewing cricuits).
2000 x 1148, 2000 x 1348, 2000 x 1548, 2000 x 1948 (cut them out by hand so maybe one or two pixels difference could be possible.)
Still (at least) 4 different standard windows sizes depending on your resolution settings.
Maybe someone else can test them on a non-retina macbook with all the 5 different standard resolution settings.
Huh, interesting. Could you…
Huh, interesting. Could you describe the steps you did with a clean, new Tor Browser to get those results?
Hi GK, Let's take some…
Hi GK,
Let's take some pictures with it, see this apple reference page (2 images)
https://support.apple.com/en-us/HT202471
Like Torbutton slider, Apple has an easy slider function available to adjust screen settings.
It will give 4 or 5 options.
It'll be usually in the middle 'default' option.
But not everybody will have the eyes of an 'american eagle', so it can be that someone is taking one of the options left for "larger text" while others (with good eyes, or glasses) take the "More space" (higher resolution) on the right.
I tested them all (5) and made many screenshots (forgot to write down which window size was matching witch screen res) and got different size results as reported earlier (with clean 8.04, and in earlier earlier post with a historic torbrowserversion).
Steps: Adjust screen resolution, renew torcircuit (or open new window) in torbrowser after every resolution change (make screenshots " shift cmd 4 spacebar on windows selection and click).
And you will end up with different sizes.
I guess the biggest difference will be in comparison lowest res and highest res.
Lowest res will off course give you less space on the screen (mine were tested on a 15inch retina) but you can imagine that you will get different results on an 11 inch macbook air (or 12 inch) with a 1366 by 768 native resolution.
Or even on a 13 inch macbook with a 1440 by 900 native resolution.
Apple has a lot of (supported) models that are still working , macbook air, macbook, macbook pro, 11inch, 12inch, 13inch, 15inch, and last but at least with or without retina resolutions.
So sometimes the size of the mac does not allow to have a vertical screen resolution of 1000 or even 1080 pixels because it is just not available and you will get a landscape sized torbrowser window.
When you do have enough pixels in the 'macbag' (with retina and highest resolution available) then you will get a portrait mode torbrowser window.
But, yes, it does not matter anymore if you have the dock collapsed or visible.
It'll give the same window size anyway which was not the case with older versions.
Hope you have enough Mac's around, :-)
Other remarks
1) Your security and privacy is not only depending on Torbrowser.
It depends on your system, your behavior and Apple.
The basic one 'everyone always everywhere forgets' (in any situation) is 'the beginning situation' : just starting using that Mac (or any program or app) right out of the box.
Most problems are created by this out-of-the-box behavior instead of this technical torbrowser issues or windows size fingerprinting.
Please people : open your system preferences pane and look at all the privacy settings!
It will be good for your privacy and security (if you do something with it).
There is (was) a lot of Bing (Microsoft search on your system), or Google around and on top of it all (!) the real time syncing with the iCloud.
It just does not (totally) make sense to anonymously download or save information with torbrowser and directly/automatically put all these documents and information on apple (icloud)servers and then syncing it with all your other (more insecure?) devices.
The weakest point is not your torbrowser but one of your easier accessible other devices or even some sort access to iCloud or just a copy of the iCloud files ('Hi apple may we have a copy of that iCloud backup?).
I, should say ; leave your privacy important files on your protected mac, disable iCloud syncing and look at all the available privacy and security settings on your mac (they are there and waiting for you to do something useful with it!).
Same story with using other programs : look at the preference settings!
Same story with apps : look at the preference settings and what they are allowed to, otherwise they (maybe) steal that information that you got with torbrowser on the mac and synced with iCloud to that device with all these information stealling apps on it.
Mac's are quite safe but the devil is in the iphone/ipad app's details, or even fake app details.
I think you should worry about this (iCloud syncing and spy-app's stealing) above window-size fingerprinting.
Please : never forget anymore, look at what you are allowing programs and app's by at least looking at the preference settings before use (or otherwise asap afterwards).
I'ts better for your privacy, security and even will save you some money because you do not have to hire someone else to fix things again (but what you have lost cannot be fixed! Gone with the wind).
2) Tails Torbrowser question, does anyone know how to make a screenshot of a torbrowser window in Tails with a mac keyboard?
Huh, no answer? Interesting…
Huh, no answer?
Interesting.
Non issue or insolvable issue?
So, am I understanding you…
So, am I understanding you right that non of the 5 Apple settings you choose give you a properly rounded Tor Browser window? Or are there just some of those that behave that way? Like: do the default settings work and just the scaled ones not?
updated today doesn't open…
updated today doesn't open browser, missing shortcut to firefox.exe was working fine till the new update
Does clean, new Tor Browser…
Does a clean, new Tor Browser 8.0.4 downloaded from our website work for you? What do you mean with "missing shortcut to firefox.exe was working fine"?
After installing the update…
After installing the update the Tor Browser did not restart. When I tried to open it via my shortcut, I received a notification that the shortcut no longer exists.
I uninstalled everything and downloaded from the website. I used the "run tor browser" option as the update completed and the browser would again not open.
I restarted my laptop and this time tried the shortcut, and again was told it did not exist.
I reinstalled 8.03 and the shortcut works fine. I again updated and once again the browser would not open.
Okay, we have https://trac…
Okay, we have https://trac.torproject.org/projects/tor/ticket/28835 for that now. Could you follow-up there, so we can track this down in our bug tracker?
I have the same issue. New…
I have the same issue. New install of torbrowser-install-win64-8.0.4_en-US on a Win10 machine.
The error I get is "The item 'firefox.exe' that this shortcut refers to has been changed or moved."
My install folder for Tor Browser does not have firefox.exe.
https://trac.torproject.org…
https://trac.torproject.org/projects/tor/ticket/28835#comment:3 found the problem I think. I assume you have an McAfee tool which thinks your firefox.exe is bad and quarantines it. But that's very likely just a false positive. Thus, I suggest getting rid of McAfee to get your Tor Browser working.
There is known issue that …
There is known issue that tor-browser detects system. E.g. in ip-check.info with JS enabled it is:
Mozilla/5.0 (X11) 20100101 Netscape (en-US)
However, now also 32/64 bit is detectable, localtime is detectable, and, I suspect, also timzone:
Linux x86_64 Linux x86_64 (Wed Dec 12 2018 18:51:57 GMT+0000 (UTC))
Is it a new feature?
Second question: is it safe to disable NS if JS is disabled in about:config and security slider is at safest value?
It does not detect your…
It does not detect your local time. It always returns UTC (wherever you are). And the difference between 32/64 is not detected by that test. The values are set to always x86_64.
We need NoScript for a bunch of features on the slider. So, no, just disabling JavaScript in
about:config
and getting rid of NoScript is not a good idea.UA Win 6.1 32-bit, and then…
UA Win 6.1 32-bit, and then Linux x86_64, hah.
Buttons on web page that has…
Buttons on web page that has flash don't work, please update soon
Do you have an example for…
Do you have an example for us to reproduce your problem? On which platform does this happen?
I'm not sure what I'm doing…
I'm not sure what I'm doing wrong but I can't keep orbot connected it will connect for like a minute then it disconnects I've tried everything I can think of I'm no pro I'm still learning some tricks but I'm all out now I need some pro help
We need NoScript for a bunch…
We need NoScript for a bunch of features on the slider. So, no, just disabling JavaScript in
about:config
and getting rid of NoScript is not a good idea.Is it described somewhere? I am shocked.
javascript.enabled
is about disabling JS on pages loaded from internet. NS is about filtering these JS requests from pages loaded from internet. Why do you use NS for your internal purposes when JS is disabled in the browser completely? I cannot understand your design choice. It breaks natural logic.Another question: If I put my security slider at "safest", is it ok to set
javascript.enabled
tofalse
to be sure? Can it be harmful at "safest" setting?We strongly disencourage…
We strongly disencourage flipping
javascript.enabled
and similar preferences in yourabout:config
as there is the risk that users are ending up with unique preferences combinations that make them stick out for fingerprinting purposes or they forget about those and wonder why the browse is broken.Rather we introduced the security slider idea quite a while ago which is using NoScript functionality to provide 3 different levels of security settings to a) provide a more secure environment for users that feel they need that while b) avoiding the fingerprinting risk as good as possible.
Sure, this is documented on our design doc (which we still need to update for 8.0, though :( ): https://www.torproject.org/projects/torbrowser/design/#other-security.
Sure, this is documented on…
Sure, this is documented on our design doc
So, it says:
High: This security level inherits the preferences from the Medium level, and additionally disables remote fonts (noscript.forbidFonts), completely disables JavaScript (by unsetting noscript.globalHttpsWhitelist), and disables SVG images (svg.in-content.enabled).
I'm not so newbie, I know what I'm doing & I will not forget about it. I have separate tor-browser with safest slider value. I wonder what it will change if I additionally also disable
javascript.enabled
. I shouldn't get any new fingerprinting issues if I disable JS on "JS-disabled" (slider=safest) browser, isn't it? If not, what's the difference?Hey! Answer to this question…
Hey! Answer to this question deserves to be documented!
Some exitnodes let the…
Some exitnodes let the download disappear in the last ending second.
Tor Browser does not…
8.0.x
Tor Browser does not terminate correctly. After closing the prog RAM consuming is still increasing and finally it crashes with a system message. This happens since 8.0.0, happend on some earlier versions too. Happens in vmware ws and win host, doesn't matter. Have to stick on 7.5.6.
Is that behavior…
Is that behavior reproducible (if so, how)? Does that happen with an unmodified Tor Browser and running it as we ship it?
Tor Browser is unmodified,…
Tor Browser is unmodified, no changes in about:config, no add-on. Reproducible ? Of course it is, any time. I just start the browser, wait until it gets connected, then close, wait several seconds and then the unwanted system messages appears.
After termination with process explorer one can see memory is still increasing beyond +250k.
As I said, same problem with some 6.x. and 7.x versions. Cant remember which ones.
7.5.6 works fine.
Do you mind testing old…
Do you mind testing old bundles to find out the one(s) that solved the problem for you? That might be the fastest way to understand what is going on. You can find them in our archive: https://archive.torproject.org/tor-package-archive/torbrowser. Thanks!
I knew it.
I knew it.
I've noticed some alarming…
I've noticed some alarming things about 8.0.4.
I thought TBB shipped with all the settings set to their safest, but I had to change all these:
1. uncheck all Allow boxes on NoScript's Default tab to ensure nothing is allowed. All boxes had been checked.
2. change TBB's Security setting to SAFEST, it had been on the lowest setting.
3. in about:config change javascript.enabled from True to False.
Aside from having three issues, the most alarming aspect is that ALL the Allow boxes were checked on NoScript's default tab when I installed TBB. Clicking on NoScript's Reset (to change it's settings back to their defaults) results in only three boxes being checked (frame, fetch and other) on the Default tab.
So the default for the Default tab is to allow 3 things, but TBB shipped with all boxes checked. This means that it's not like the plain vanilla NoScript just accidentally shipped in TBB, someone had to check all those boxes.
Does anyone else see this as a major issue? Many people could be endangered by this.
The default level in Tor…
The default level in Tor Browser means that it is the most permissive to minimize breakage on the web. Because as a reaction of breakage users typically think that the browser is not working properly and they take a different one, eg. Firefox and that's bad news for them with respect to tracking and anonymity. That's why NoScript on that level is basically doing nothing. We use NoScript however to adjust security settings on the higher levels ("safer" and "safest").
NoScript should reset to Tor…
NoScript should reset to Tor Browser's defaults.
Since 8.0.x I'm often…
Since 8.0.x I'm often getting "400 Bad request" when searching with DuckDuckGo (the default search provider in Tor Browser). This usually happens when searching for the first time in a session, or after some time has passed since the last search. I don't know if this is a fault with the DDG search plugin in the Browser (client-side), or with their server. But if my memory is right this issue appeared only with 8.0.x, so I assume something is not "lined up" properly anymore.
Does anyone else experience this?
I also experience this issue.
In the last few versions Tor…
In the last few versions Tor Browser (Linux) has performance issues at higher security settings. The problem appears in at least two ways: 1) the browser takes quite longer to start while consuming all of the available CPU resources; 2) while running it randomly freezes for a few or more seconds, also consuming all of the available CPU resources. The issue becomes apparent at the "Safer" setting, and becomes more annoying at the "Safest" setting (much longer starts as well as freezes).
I am sorry that I have to…
I am sorry that I have to comment on this matter again but what you say users of 8 0 4 will see when checking according to your own instructions is NOT what I have found.
When I pointed out this phenomenon under 8 0 2 or 8 0 3 I was told that the differences were attributed to my computer (I think). However, to my mind, no matter how my computer is set up I believe that there is certain information that should not vary between what you say I will see and what I do see.
For example, you say:
“After importing the key, you can verify that the fingerprint is correct:
gpg.exe --fingerprint 0x4E2C6E8793298290
You should see:
pub rsa4096/0x4E2C6E8793298290 2014-12-15 [C] [expires: 2020-08-24]
Key fingerprint = EF6E 286D DA85 EA2A 4BA7 DE68 4E2C 6E87 9329 8290
uid [ unknown] Tor Browser Developers (signing key)
sub rsa4096/0xD1483FA6C3C07136 2016-08-24 [S] [expires: 2018-08-24]
Key fingerprint = A430 0A6B C93C 0877 A445 1486 D148 3FA6 C3C0 7136
sub rsa4096/0xEB774491D9FF06E2 2018-05-26 [S] [expires: 2020-09-12]
Key fingerprint = 1107 75B5 D101 FB36 BC6C 911B EB77 4491 D9FF 06E2
What I do see is:
pub rsa4096 2014-12-15 [C] [expires: 2020-08-24]
EF6E 286D DA85 EA2A 4BA7 DE68 4E2C 6E87 9329 8290
uid [ unknown] Tor Browser Developers (signing key)
sub rsa4096 2018-05-26 [S] [expires: 2020-09-12]”
In your (above) wording there are two Key Fingerprints which do not appear at all in the text I get.
Why, I downloaded gpg version 3.1.5 from the site you specified?
ALSO
When verifying the package signature, you say that users should see:
“gpg: Signature made Wed 15 Nov 2017 05:52:38 PM CET
gpg: using RSA key 0xD1483FA6C3C07136
gpg: Good signature from "Tor Browser Developers (signing key) " [unknown]
gpg: WARNING: This key is not certified with a trusted signature!
gpg: There is no indication that the signature belongs to the owner.
Primary key fingerprint: EF6E 286D DA85 EA2A 4BA7 DE68 4E2C 6E87 9329 8290
Subkey fingerprint: A430 0A6B C93C 0877 A445 1486 D148 3FA6 C3C0 7136
Currently valid subkey fingerprints are:
1107 75B5 D101 FB36 BC6C 911B EB77 4491 D9FF 06E2”
What I and no doubt others get is:
“gpg: Signature made 12/10/18 15:19:22 GMT Standard Time
gpg: using RSA key EB774491D9FF06E2
gpg: Good signature from "Tor Browser Developers (signing key) " [unknown]
gpg: WARNING: This key is not certified with a trusted signature!
gpg: There is no indication that the signature belongs to the owner.
Primary key fingerprint: EF6E 286D DA85 EA2A 4BA7 DE68 4E2C 6E87 9329 8290
Subkey fingerprint: 1107 75B5 D101 FB36 BC6C 911B EB77 4491 D9FF 06E2”
In the above even the RSA keys do not tally! Surely, irrespective of a user’s machine, when the user gets the verification software (GPG) from the indicated source, something as basic as the signing key should match what you say it will be.
It is only with Tor 8 that I have seen this problem. Whenever I checked a download of TOR 6 or 7 what I got always tallied exactly with what you said. I have not changed machines between TOR 6 and 7 and TOR 8.
Anyway, thanks for the work done by you and your colleagues in helping internet users.
The subkeys that you don't…
The subkeys that you don't see printed out, it could be due to how gpg works on different operating systems? (just a guess) You could run the command with --verbose.
In your second problem, there is this part:
and that's exactly the key you see being used - you quoted it yourself:
Notice that this is the same key as above, just displayed in shorter form (start comparing them from the end)
Thanks for your guesses but…
Thanks for your guesses but I don't follow what you say or its logic.
In the first part could you pls clarify what you mean by: You could run the command with –verbose?
I was pointing out that in my first part the two Key Fingerprints are missing and in the second part that the RSA keys do not match.
Are you saying (and could GK please confirm this) that the “Key Fingerprints” and the RSA keys are irrelevant and that the Subkey fingerprints matching is the only thing to check for in order to verify that the downloaded package is OK?
Thanks
hi so i loged on my computer…
hi so i loged on my computer one day and tor refused to work i undownloaded and reinstalled it and then my mcafee says its trying to change something in my computer and it has been quarentened for safety, why is this? it was working perfectly fine not even a week ago
Hard to say but it seems…
Hard to say but it seems McAfee is mistaken here. https://trac.torproject.org/projects/tor/ticket/28835 is a bug with probably the same issue.
How can I visit this website…
How can I visit this website?
http://a810-bisweb.nyc.gov/bisweb/my_community.jsp
What happens for you? It…
What happens for you? It works for me.
Security / anonymity bug? Go…
Security / anonymity bug?
Go to some site with graphics ( I have tested only images on Instagram )
Click "i" icon
Go to "Show connection details" ( right arrow > )
Then click "More Information"
Select "Media" tab
Double click on an image
Standard Firefox runs and starts connection to some service ( google ? ).
This version of TBB on x64 Linux ( with standard Firefox installed as default browser, obviously ).
How did you get your Tor…
How did you get your Tor Browser on your system? I can't reproduce your findings. I opened https://torproject.org and double-clicked on a bunch of those images shown but nothing happens for me.
I have tried again and again…
I have tried again and again but I have done some step I don't remember, sorry for mistake.
Just got the TOR browser…
Just got the TOR browser updated to 8.0.4 and nothing works and I mean nothing. Get message that there is an error and that is all with the "restart browser" which then just comes back with the same. Windows 8 OS.
What message are you …
What message are you getting?
Im sorry to say but i cannot…
Im sorry to say but i cannot access any website on this new version of tor I've tried the usual uninstall /reinstall but the problem persists. I've been using since 7.5 and have never experienced this issue. Please look into it thanks.
What is the error you get?…
What is the error you get? Is this new with 8.0.4 and older 8.x versions work? What operating system are you on and which version?
I have this issue too when…
I have this issue too when you type a .onion address into duckduckgo it says I'm using a normal firefox browser to access an onion/hidden service
this needs to be fixed
Yes, DuckDuckGo is a search…
Yes, DuckDuckGo is a search engine. You need to enter the .onion URL into the address bar (correctly) instead.
Why has the Torbrowser…
Why has the Torbrowser project, for several iterations now, deliberately sabotaged their NoScript plugin to automatically forget NoScript settings and subject users to massive script exposure without them being aware of it? By simply reinstalling NoScript from the official NoScipt site, this issue goes away; ergo, this is sabotage coming from within the Tor project itself. We've heard the lame excuses so far (NoScipt settings allow fingerprinting; silly nubes not liking their websites not working out of the box, etc.) and yet the problem persists...
You can test the alpha…
You can test the alpha release where we implemented this option. (You have to flip a pref to activate it, though). It will be available in the next major stable, Tor Browser 8.5, or earlier if we think we should backport it.
Everytime i tried to open…
Everytime i tried to open the website of SCMP, the tor browser crashed
The link is
https://www.scmp.com/frontpage/hk
Please fix this problem as Tor is my favour brower.
Thanks a lot!
Is this new with this…
Is this new with this version of Tor Browser? If not do you know when this started? On which operating system does this happen (and which version of it)? Do you get an error message when the crash happens? Which language has your Tor Browser you downloaded?
NoScript is so bad now, and…
NoScript is so bad now, and so pointless, I always uninstall it and use ScriptSafe instead. Its the only way to get rid of NoScript's self-defeating settings, which now have all scripts on by default, ignores your own settings, and ignores your own whitelists. What's the point of it anymore. Probably not safe to uninstall, but its soooo bad that it's now useless from a user's point of view. Sort NoScript out. Make it remember settings. Make sure it switches most scripts off by default. Like it was. Otherwise I and many others will keep on uninstalling it and replacing it regardless of the techy consequences.
after the update no .onion…
after the update no .onion link will work as duckduckgo says "You are trying to reach an onion/hidden service. (link) via web you will have to use the Tor Browser" wheni am using the tor browser this has completely ruined tor for me any suggestions?
What operating system (+…
What operating system (+ version) are you using? Does installing a completely new Tor Browser from our website into a different location work for you?
OMG, he pastes .onion…
OMG, s/he pastes .onion addresses in DDG oO
Greetings, I have recently…
Greetings,
I have recently upgraded my os from windows xp sp3 to windows 7 pro (64). In this process I copied the tor browser directory in its entirety to the windows 7 disk which was the tor build based on firefox 52.9.0. Tor fired up as usual and performed fine. I used it several times and let it upgrade to 8.0.3 (32 bit). Again all was well. A day or so later I updated to 8.0.4 (64)
The first time it ran I got a window about choosing running in a censored area or not. I chose 'continue'. The tor connection screen came up for a time and the firefox window loaded but in a very small size with no tor related buttons. It would not accept text input. I closed it down. After a minute or so a window opened saying tor.exe had stopped. After a time I tried it again. The tor connection screen did not load and again the firefox window was very small. I did a fresh install of 8.0.4 (32) which did the same thing.
What I think I'm seeing is that the tor related modules are not loading or are damaged. The following are the windows error messages I'm seeing:
[TORBROWSER-INSTALL-WIN64-8.0.4_EN-US.EXE]
Problem signature:
Problem Event Name: APPCRASH
Application Name: firefox.exe
Application Version: 60.4.0.6609
Application Timestamp: 00000000
Fault Module Name: xul.dll
Fault Module Version: 60.4.0.6609
Fault Module Timestamp: 00000000
Exception Code: c0000005
Exception Offset: 00000000029efb10
OS Version: 6.1.7601.2.1.0.256.48
Locale ID: 1033
Additional Information 1: e41f
Additional Information 2: e41fefa4070dd5768c6bd4c2e727562d
Additional Information 3: 01dd
Additional Information 4: 01dd2105e69f9c2f62c308c990b32510
Running depends gives me this:
"System can not these files on the system"
API-MS-WIN-CORE-WINRT-ERROR-L1-1-0.DLL
API-MS-WIN-CORE-WINRT-L1-1-0.DLL
API-MS-WIN-CORE-WINRT-ROBUFFER-L1-1-0.DLL
API-MS-WIN-CORE-WINRT-STRING-L1-1-0.DLL
DCOMP.DLL
IESHIMS.DLL
I can confirm that these files are not on the win 7 os disk. I've googled this and found several 'solutions' (which did not work) but no definition as to why this situation should exist. Oh, and the three files listed in the dependicies.txt are all the same build as the firefox.exe.
So, I have a tor setup that does not work. I'd appreciate some thoughts. I'm going to go back to a 32 bit setup before 8.0.3 until it will work again.
TIA
Okay, so 8.0.3 32bit and…
Okay, so 8.0.3 32bit and 64bit are working on your computer but 8.0.4 is crashing? Have you tried installing a fresh 8.0.4 on a different location, not using your old profile to check whether the issue might be located there?
8.0.3 is not working on this…
8.0.3 is not working on this machine, it crashes also. And, yes I did a clean install of 8.0.4. I haven't had a chance yet to go backwards through the older installs. Thanks for the reply.
Well I'm not going to get…
Well I'm not going to get very far with this! I can not find tor browser 7.6. It is not in the archive directories. I need to get back to the older firefox esr. Do you have any old installers online before 8.? Need some help here.
https://archive.torproject…
https://archive.torproject.org/tor-package-archive/torbrowser/ has all the Tor Browser versions.
Thanks gk! I'll give it a…
Thanks gk! I'll give it a try in an hour or so.
the list of tor relays hasn…
the list of tor relays hasn't been showing up since v8.0.3. I only get:
Tor Circuit
this browser
How do you have your Tor…
How do you have your Tor Browser configured? On which platform are you on?
open browser console (ctrl…
open browser console (ctrl+shift+j) and see what errors are visible when you open tor circuit display.
When I try to acquire a IPV6…
When I try to acquire a IPV6 bridge from "https://bridges.torproject.org/bridges?transport=obfs4&ipv6=yes" I always get the message "Uh oh, spaghettios!
There currently aren't any bridges available... Perhaps you should try going back and choosing a different bridge type! "
Is there IPV6 bridges?
There might be, but BridgeDB…
There might be, but BridgeDB doesn't have those yet, see: https://trac.torproject.org/projects/tor/ticket/26542 and the parent ticket.
Hi, do you plan to fix/bring…
Hi, do you plan to fix/bring back support for MacOS ? after latest update to 10.14.2 Tor simply crashes :
Do you have more info about…
Do you have more info about that? Which Tor Browser version are you using? When does it crash? Do you get error messages and, if so, which?
Hello. First time here and…
Hello. First time here (and first time joining a blog). So the question may be far too simple for the experts. I've just installed this release. Once clicking on the Tor onion allowed to see the circuit/relays. Is that feature still available? If positive where is it now? thanks
Yes, it is still there. It's…
Yes, it is still there. It's behind the "i" icon on your URL bar.
"View x more comments" which…
"View x more comments" which is https://www.facebook.com/veyon.io# on https://www.facebook.com/veyon.io website doesn't work in a clean new Tor Browser! NoScript 10.2.1 bug?
Hm, maybe you just need to…
Hm, maybe you just need to wait? I got this annoying popup about signing up after a while and then scrolling to the bottom loaded new comments...
And how can that pupup be…
And how can that pupup be closed on 'safer'?
I have a new MacBook Pro,…
I have a new MacBook Pro, and I had Tor up and running, but after the new software update and the the tor update, it will no longer run. I have tried uninstalling and reinstalling Tor on my computer to no avail. What am I doing wrong?
What error do you get? Which…
What error do you get? Which Tor Browser version are you running?
Strange thing happened. When…
Strange thing happened. When on blog.torproject.org, NoScript switched ITSELF from default/blocked to (temporarily) trusted.
I wish I had a time zone…
I wish I had a time zone matching function.
Beginning with upgrading to…
Beginning with upgrading to tor browser 8.0, a warning about having javascript enabled flashes up for a brief moment when visiting http://dreadditevelidot.onion, despite having the security slider set to safest. Is this a general bug in Tor Browser/NoScript, like having javascript enabled for a short time before being blocked (couldn't find anything related to this on your bug tracker, or better: Nothing I could relate to this, which is not necessarily the same), or just a problem with the website itself?
Implementation of the warning:
Warning!
You have JavaScript enabled, you are putting yourself at risk!
Please disable it immediately!
.jsWarning { display: none !important; }
Works for me on Linux. Can…
Works for me on Linux. Can you reproduce the issue?
Yes, every time straight…
Yes, every time straight after bypassing the chapter, same when clicking on a thread there, visiting a different sub, changing to the next site or whatever..
It's not my personal problem either, and I'm flat out stunned that it worked for you, there are several threads about this issue over there:
http://dreadditevelidot.onion/post/1def1de2bdde152b2a0d
http://dreadditevelidot.onion/post/da8125d0bb936e7e6b7a
http://dreadditevelidot.onion/post/70cd3127de06e831e179
http://dreadditevelidot.onion/post/5c1fcd0539a3a5484eb3
http://dreadditevelidot.onion/post/4be277ae5aa98048062d
to name just a few of them.
I don't care too much about the forum itself, I'm more interested to know whether this is a bug in noscript/tor browser which should be addressed.
I'm on linux as well and run tor browser without any modification.
Also, sorry for not using codeblocks in my previous comment, the formatting got messed up completely - that's definitely not the way the warning is implemented as you might have guessed.
Thanks, I opened https:/…
Thanks, I opened https://trac.torproject.org/projects/tor/ticket/29044.
Thank you! For what it's…
Thank you!
For what it's worth it: The issue stays the same when using regular Firefox routed through tor with noscript enabled. Disabling javascript in about:config however will get rid of the warning, in Tor Browser as much as in regular Firefox.
Final note: Retesting with…
Final note: Retesting with tor browser 7.5.6 gives the expected result: The warning shows up as intended when the security slider is set to standard or safer, no warning on the safest level.
Disregard my last two…
Disregard my last two comments, I saw the outcome on trac.
Thank you very much for reassuring that this is purely a cosmetic thing rather than a weakness in NoScript/Torbutton! Also thanks to ma1 for the detailed explanation.
Windows 10, Tor Browser 8.04…
Windows 10, Tor Browser 8.04, I get no bookmarks toolbar visible. I can add bookmarks and go to them by clicking on bookmarks and then navigating to my favorites folder.
Does this happen with a…
Does this happen with a clean, new Tor Browser installed to a different location compared to the one you are currently using?
An error occurred during a…
An error occurred during a connection to www.boot-us.com. Peer reports it experienced an internal error. Error code: SSL_ERROR_INTERNAL_ERROR_ALERT
Help!
Works for me. Are you still…
Works for me. Are you still experiencing this problem?
No.
No.
It would be nice to end this…
It would be nice to end this problem of every time I start Microsoft Windows 7 again, connect using OpenVPN (doesn't matter the service provider, happens with all) I always get, the first time I try to connect, the error window explaining that TorBrowser is not properly protecting the session. The only way to bypass the error is to close, and execute TorBrowser all over again. The second time I can always connect without problems.
This is happening at least since these new 8 version based on Firefox 60, in previous version I never had any problem.
I've read the same problem from other users in the past here in the Blog so I'm sure I'm not the only one having these problem.
But I don't know it they were connecting to normal Internet or to a OpenVPN service provider first like I'm doing it, to conceal the use of TorBrowser/ Onion use from the ISP (they don't have any problem with the use of ONION, they don't attempt to block it, but one can only guess that should the local government changes their mind in the future I would be immediately in their gray/ red/ black list for using Onion network).
Could you explain your setup…
Could you explain your setup in more detail and give some steps to reproduce your problem? Right now I am not sure what exactly you are doing and where the error could be.
Why does the TorBrowser…
Why does the TorBrowser seems to only connect to EUA, Canada, Russia and European country's? There aren't any Onion servers on South and Central America country's? And also none in Africa?
It seems that almost all Onion servers are located in country's in 14 eyes (EUA promoted spying network) or with strong bonds with these country's.
It is very strange!
14 eyes and very closed friends: Australia, Canada, New Zealand, United States of America, Denmark, France, Netherlands, Norway, Germany, Belgium, Italy, Sweden, Spain, Israel, Singapore, South Korea, Japan, United Kingdom (including: Akrotiri and Dhekelia, Anguilla, Bermuda, British Antarctic Territory, British Indian Ocean Territory, British Virgin Islands, Cayman Islands, Falkland Islands, Gibraltar, Montserrat, Pitcairn, Henderson, Ducie and Oeno Islands, Saint Helena, Ascension and Tristan da Cunha, South Georgia and the South Sandwich Islands, Turks and Caicos Islands)
Tier B countries with which the Five Eyes have “focused cooperation” on computer network exploitation, including:
Austria, Belgium, Czech Republic, Denmark, Germany, Greece, Hungry, Iceland, Italy, Japan, Luxembourg, Netherland, Norway, Poland, Portugal, South Korea, Spain, Sweden, Switzerland and Turkey.
Yes, we need more relay…
Yes, we need more relay diversity right now the majority of the more powerful ones is in the areas you mentioned which is why Tor picks those more often.
https://www.eff.org/files…
https://www.eff.org/files/https-everywhere-2019.1.7-eff.xpi is out. No update?
https://www.eff.org/files…
https://www.eff.org/files/https-everywhere-updates.json still points to the old version. They might have forgotten to update that file. I'll send the EFF folks an email, thanks!
http://browserspy.dk/gecko…
http://browserspy.dk/gecko.php
User Agent Mozilla/5.0 (Windows NT 6.1; Win64; x64; rv:60.0) Gecko/20100101 Firefox/60.0
and should be
User Agent Mozilla/5.0 (Windows NT 6.1; rv:60.0) Gecko/20100101 Firefox/60.0
Why should that be wrong?…
Why should that be wrong? See: https://trac.torproject.org/projects/tor/ticket/26146 for some context.
Read carefully: https://trac…
Read carefully: https://trac.torproject.org/projects/tor/ticket/28290
I really don't get this…
I really don't get this aversion to adblockers! The "concept" of not wanting to break websites would suggest that all websites could be trusted equally. They fucking can't and the only two things achieved with dropping Ublock is that websites take longer to load and my anonymity gets broken because I'll have to install it myself for a proper browsing experience.
But hey, I shouldn't be surprised, after all the most secure tor browser setting still allows frames of untrusted sites in noscript instead of fully blocking them and deprecating any such objects. Hence the connections to the sites still appear in https everywhere.
To my mind, you should really put umatrix in here instead of noscript with a proper setting that only allows the bare minimum like text, frame and css by standard in safe mode.
HELP NEEDED!!! VERY URGENT!!…
HELP NEEDED!!! VERY URGENT!!!
keeps on loading. and when finally in only half of each page visible. I AM EXTREMELY AGITATED ABOUT THIS!!!
804 not work
804 not work
What do you mean? What is…
What do you mean? What is happening? Do you get errors If so, which? On which operating system are you on?
Are there any good search…
Are there any good search engines for Tor Browser?
SP and DDD suck, anyone knows ifGibiru is good?
Since Startpage changed their whole look, they are just inferior, results are just not what it used to be not displaying anything or slow, etc. etc...
DuckDuck is so slow, even their Onion version is even slower and buggy, all the time I get Error 400 or 500. and the CEO is all over the news, with BS, not sure if thats a good thing. THey are not saying they dont use supercookies for tracking, or scripts, fingerprints etc...
I have been searching for a while, and found 1 or 2
what do you guys think of this one www.gibiru.com ? seems fast, and claim the same as DDD or Startpage
no IP tracking no cookies. I wonder about supercookies, scripts etc.
another decent one is https://www.discretesearch.com/
any thoughts?
https://www.qwant.com is kind of slow and they are throttling traffic from TOR "too many searches from same IP"
I use 8.0.4. I faced an…
I use 8.0.4.
I faced an error in mega.nz. My setting is that security setting is safer and script is enabled in NoScript.
The error is that
MEGA failed to load because of
The file "lang/en_foo.json" could not be loaded.
Please click OK to refresh and try again.
If the problem persists, please try disabling all third-party browser extensions, update your browser and MEGA browser extension to the latest version.If that does not help, contact support@mega.nz
BrowserID: mozilla/5.0 (macintosh; intel mac os x 10.13; rv:60.0) gecko/20100101 firefox/60.0
Static server: https://eu.static.mega.co.nz/3/
OS was not Windows but intel mac os x 10.13. My OS was revealed. Is this a bug or not?
Right now this is expected…
Right now this is expected behavior, I think. But we have a plan to address this information leak, see: https://trac.torproject.org/projects/tor/ticket/28290.
I am looking forward to it.
I am looking forward to it.
"MEGA failed to load because…
"MEGA failed to load because of"
The same with k2s.cc, too?
This site isn't working with NoScript.