New Release: Tor Browser 8.0.5
Tor Browser 8.0.5 is now available from the Tor Browser Project page and also from our distribution directory.
This release features important security updates to Firefox.
This new release updates Firefox to 60.5.0esr and Tor to the first stable release in the 0.3.5 series, 0.3.5.7.
It contains a number of backports from the alpha series, most notably the proper first-party isolation of range requests when loading PDF documents.
We also updated NoScript and HTTPS Everywhere to their latest versions and removed our donation campaign related code.
The full changelog since Tor Browser 8.0.4 is:
- All platforms
- Update Firefox to 60.5.0esr
- Update Tor to 0.3.5.7
- Update Torbutton to 2.0.10
- Update HTTPS Everywhere to 2019.1.7
- Update NoScript to 10.2.1
- Bug 26540: Enabling pdfjs disableRange option prevents pdfs from loading
- Bug 28740: Adapt Windows navigator.platform value on 64-bit systems
- Bug 28695: Set default security.pki.name_matching_mode to enforce (3)
Comments
Please note that the comment area below has been archived.
hello
hello
When will user agent…
When will user agent spoofing be fixed?
Is this update available for…
Is this update available for android to or just desktop?
Tor Browser for Android is…
Tor Browser for Android is still an alpha release while this one is a stable release. So, no. But we'll release a new alpha version today which will contain an update to Tor Browser for Android as well.
Can you offer any…
Can you offer any information on Android system requirements for the forthcoming stable release? E.g. you need a model later than a certain model...
The same as the respective…
The same as the respective Firefox on Mobile release has: https://www.mozilla.org/en-US/firefox/android/60.0/system-requirements/.
I wonder why I've never seen…
I wonder why I've never seen the "donation campaign". Or does this refer to text on the restart page (after a TBB update)?
a minor 'issue'...
GET https://blog.torproject…
GET https://blog.torproject.org/themes/tor_bootstrap/favicons/favicon-16x16… [HTTP/2.0 404 Not Found 0ms]
feature request: please…
feature request: please block the "your firefox browser is out of date" tab, since tor has a separate updater system
Where do you see this?
Where do you see this?
https://vk.com Tor Browser…
https://vk.com
Tor Browser 7 with native noscript open this page normally
But they are right. Tor…
But they are right. Tor Browser 7 is indeed out of date, please upgrade to Tor Browser 8 as soon as possible as there are numerous security holes in Tor Browser 7 which are unfixed.
> But they are right. TB7 >…
> But they are right.
TB7 > vk.com > normal view
TB8 > vk.com > badbrowser view
Aha, I see, I misunderstood…
Aha, I see, I misunderstood you, sorry. What do I need to do to reproduce that? On my Linux box when I just open vk.com I don't see this problem.
It contains a number of…
Patches from unstable to stable are uplifts (not backports) ;)
According to wikipedia …
According to wikipedia "Backporting is the action of taking parts from a newer version of a software system or software component and porting them to an older version of the same software". So it seems to me backports is the right word here.
Kidding? That's true for…
Kidding? That's true for released versions, e.g. backporting from stable to oldstable, but not for pre-release/alpha/beta/etc.
>>> Kidding? That's true for…
>>> Kidding? That's true for released versions, e.g. backporting from stable to oldstable, but not for pre-release/alpha/beta/etc.
Аre you from exUSSR probably?
Note that Backports cannot…
Note that
After restarting from 8.0.4…
After restarting from 8.0.4 into 8.0.5, "about:tor" and Menu --> Help --> "About Tor Browser" say "8.0.4". Each time I fully close TBB and reopen, a progress bar says, "Tor Browser is installing your updates and will start in a few moments..." before the progress bar for connecting to network.
NoScript says "10.2.1"
HTTPS-Everywhere says "2019.1.7"
Problem was solved by…
Problem was solved by freeing more space on the disk, according to later comment.
[The post about Tails 3.12…
[The post about Tails 3.12 does not allow user comments/queries so I am trying to post my question here.]
Urgent question about Tails 3.12:
Quite suddenly Tails Project introduced a new download procedure which is causing problems; some including me cannot DL the image at all. A few weeks ago Tails offered a testing version and without explanation said "there is no cryptographic signature for this release". The post introducing the production version of Tails 3.12 doesnt even mention cryptographic signatures.
Should we conclude that Tails was suddenly handed an NSL with a gag order saying that they cannot legally offer Tails anymore together with cryptographic authentication? So that Tails USB image is valid when it leaves the DL server but when it arrives, has been altered in transit by NSA?
Please, please, please explain how to cryptographically authenticate this USB image!
Please put the DL explanation in a single html page with no bells and whistles because my Tails 3.l1 (burned from the DVD which I authenticated using the signing key which I believe I have verified is authentic) somehow cannot handle that tutorial.
Not sure why they don't seem…
Not sure why they don't seem to be linking to the PGP signature on the download page, but you can get it by appending .sig to the URL of the .img or .iso file.
Thanks, I'll try that! The…
Thanks, I'll try that! The sig must be different for the USB image and the DVD image, yes?
Fortunately, Tails is still providing ISO images for burning to a DVD with a detached signature which verifies (but I'm having a problem authenticating the subkey used to make the signature).
Another thing which puzzles me is that their description of what appears to be the "standard method" of updating a Tails USB seems to differ from what I have been doing (use Tails Installer to make a USB from Tails booted from a verified DVD), and I suspect this might mean their description is ambiguous, not that I have been doing it wrong all along.
Tested using the verified…
Tested using the verified Tails 3.12 DVD ISO to burn a DVD, boot from that, and then using Tails Installer to make a Tails 3.12 USB stick with Persistent Volume the old way, and it works fine, and IMO is easier than the long method using dd etc. I hope Tails Project does not disable the old download, verification, and authentication methods, or remove Tails Installer.
This page has instructions…
This page has instructions for downloading and verifying the image with gpg:
https://tails.boum.org/install/expert/usb/index.en.html#download
Oh my goodness, thank you so…
Oh my goodness, thank you so much, this link is just what I needed!
The problem was that I somehow could not reach that page from the "step by step tutorial" (?) at tails.boum.org. If Tails Project had simply given that URL in the announcement post in the Tor Blog, I would have been able to read the instructions without any problems. IMO their tutorial causes more issues than it solves--- sometimes simpler methods of making required information easy to find are better than trying to do something fancy.
Happy to report everyone can…
Happy to report everyone can still use the tried and true old procedure to
o download the Tails 3.12 ISO image for a DVD
o verify the detached signature
o verify the signing subkey used to make same
Further, it seems "Tails installer" is still available in Tails 3.12. I hope to confirm that it can be used to upgrade a Tails USB the old easy way and also to try the new hard way to make a Tails USB.
I do not understand why Tails Project apparently deprecates Tails Installer.
PGP verification steps are…
PGP verification steps are suggested in multiple places. Plus browser extension is still encouraged as a basic verification step.
Suggestions: Optional…
Suggestions:
Optional latency would be an easy way to improve security. Opening pages on new tab (or file downloads) could be set non-urgent. Relays would delay these, especially guard would use "dam" to make traffic to client random or generic. User might hurry up these by activating any (color-marked) "slow tab". For uploads exit node would have a dam as well, or more like cache.
Another improvement, a costly one would be slave ideally for each relay, a small computer in sealed case with electronic antispy protection provided by a different organization. Incoming packages are given to slave which mixes them (and controls dams) before giving back, adding another layer of security without significant slow-down.
Maybe multiple and changing routes could also be considered?
Too bad the makers of the Pi…
Too bad the makers of the Pi did not adopt Debian for ARM as their OS, thus preventing Tor Project from being able to easily help Tails Project put the forthcoming Tails Server on a Pi.
It would be wonderful if community minded hardware people would try to launch something like the Pi Project, but using Debian for ARM devices, and ideally incorporating security seals (we don't want NSA to "interdict" and mess with shipments from the maker to individual device owners), paying attention to supply-chain concerns (we don't want CN government spooks to mess with the chips before they even reach the maker), etc.
TypeError: hostName is null…
TypeError: hostName is null[Learn More] security.js:55:9
_getSecurityInfo chrome://browser/content/pageinfo/security.js:55:9
securityOnLoad chrome://browser/content/pageinfo/security.js:179:14
onmessage chrome://browser/content/pageinfo/pageInfo.js:372:5
That's https://trac…
That's https://trac.torproject.org/projects/tor/ticket/29327, thanks.
05:57:23.786 this.browser is…
05:57:23.786 this.browser is null 1 ext-tabs-base.js:298
get frameLoader chrome://extensions/content/ext-tabs-base.js:298:5
get frameLoader chrome://browser/content/ext-browser.js:605:5
get width chrome://browser/content/ext-browser.js:678:5
convert chrome://extensions/content/ext-tabs-base.js:579:7
get chrome://browser/content/ext-tabs.js:572:18
next self-hosted:1214:9
get self-hosted:977:17
call/result< resource://gre/modules/ExtensionParent.jsm:772:57
withPendingBrowser resource://gre/modules/ExtensionParent.jsm:427:26
next self-hosted:1214:9
call resource://gre/modules/ExtensionParent.jsm:771:20
next self-hosted:1214:9
torbutton_send_ctrl_cmd chrome://torbutton/content/torbutton.js:753:10
torbutton_do_new_identity chrome://torbutton/content/torbutton.js:1126:10
torbutton_new_identity chrome://torbutton/content/torbutton.js:850:9
oncommand chrome://browser/content/browser.xul:1:1
Hm. I tried to reproduce…
Hm. I tried to reproduce that by doing "New Identity" after I started the browser on the
about:tor
page but was not able to trigger that exception. What else do I need to do to do so (reliably)?Open 'Get Involved' in a new…
Open 'Get Involved' in a new tab before NI.
That's https://trac…
That's https://trac.torproject.org/projects/tor/ticket/29334, thanks.
06:08:31.606 [NoScript]…
06:08:31.606 [NoScript] Could not run scripts on about:tor: privileged page? Error: Missing host permission for the tab Missing host permission for the tab 1 log.js:12:62
error moz-extension://[NoScript]/lib/log.js:12:62
moz-extension://[NoScript]/ui/popup.js:131:9
How does one trigger that …
How does one trigger that (and the other debug output that got posted here)? Without some context it's not really possible for us to work on those problems and they get ignored rather than fixed or logged in our bug tracker.
Oh, I thought they were…
Oh, I thought they were ignored as you didn't think they were real errors or errors worth fixing. Because if you'd logged them in our bug tracker, cypherpunks'd help you.
Helping is appreciated but a…
Helping is appreciated but a bug logged just with some weird exception without steps to reproduce is not helpful. I'd like to double-check whether I can reproduce those. We might be able to solve them faster that way.
It is on Windows with Safest…
It is on Windows with Safest settings: 1) Page Info of about:tor, 2) New Identity, 3) NoScript icon of about:tor.
Thanks. There is probably…
Thanks. There is probably other browser console output you pasted besides the three examples above. We need more context for them as well to deal with.
Mark those you're interested…
Mark those you're interested in.
This does not look like a…
This does not look like a bug for us. If at all then this is a NoScript issue. Please inform the NoScript author about it. Thanks!
06:10:15.298 Error: No…
06:10:15.298 Error: No handler registered for message "broadcastSettings" in context moz-extension://[NoScript]/ui/options.html 1 Messages.js
> Bug 27175: Add pref to…
> Bug 27175: Add pref to allow users to persist custom noscript settings
Instead of adding dangerous settings, maybe, you make NI clear the temp trusted domains finally?
TypeError: win.gBrowser is…
TypeError: win.gBrowser is undefined[Learn More] ProcessHangMonitor.jsm:412:9
Ignoring response to aborted listener for 3509
Hello, I replied to this…
Hello, I replied to this blog post a short time ago writing that my restart from 8.0.4 was saying 8.0.5, and the updater progress bar was reappearing. Turns out there was only 60 MB on the partition. When I made space, the "bugs" were gone. My first reply has not been approved by the comment moderator to show up yet, so you don't have to approve it since I guess the problem was resolved and my fault, not yours.
I watch with this update,…
I watch with this update, TorBrowser is more speed. This is my opinion.
Crash in doileak.com…
Crash in doileak.com test
https://i.imgur.com/PD4INSE.jpg
Is that reproducible? Which…
Is that reproducible? Which Windows version is that? 32bit or 64bit? Does that happen with older Tor Browser versions as well (see: https://archive.torproject.org/tor-package-archive/torbrowser/)? If so, which one is the first showing this problem?
Looks like Windows 7 64bit…
Looks like Windows 7 64bit. But what Tor Browser version is that? 32bit or 64bit?
Windows 7 Thin PC x86 …
Windows 7 Thin PC x86 (VirtualBox 6.0.4 guest OS)
Still crashes. Older version (7.x) has an application error. https://i.imgur.com/LOMmPJo.png
I don't know why this crash is happening. There is no other problem than that test.
I am not good at English so I cannot tell you more. Thank you.
Great. Let me prepare you a…
Great. Let me prepare you a debug build to test and find out more. Meanwhile, does this crash as well outside of the VirtualBox environment?
Crashes still occur outside…
Crashes still occur outside the virtualbox (Windows 7 Ultimate x64, i5-2500,16gb,wd blue 500 ssd,gtx1050ti)
https://i.imgur.com/ZlqNpdx.png
Thanks. Could you use the…
Thanks. Could you use the 64bit debug build from https://trac.torproject.org/projects/tor/ticket/27503#comment:36 (see the Note: in that comment) and report back whether the crash still occurs with it? If so, I'd be very interested to see possible assertions and MOZ_CRASH log messages in the output that might help us track this down.
https://trac.torproject.org…
https://trac.torproject.org/projects/tor/ticket/23390
Thanks for that link but…
Thanks for that link but that does not give me the assertions/MOZ_CRASH messages I need to look at it further.
I liked how per-site…
I liked how per-site settings in NoScript's old architecture were handled but after reading the cons stated in https://trac.torproject.org/projects/tor/ticket/27175 I have decided to embrace NoScript's new architecture and will not enable the pref to persist custom noscript settings.
I think the standard security setting in tor browser is too permissive so I have set the security slider to safest but that got me thinking: If I leave tor browser in its standard configuration and only adjust the security slider does that make me more fingerprintable (and are there actually any guidelines about which settings can be adjusted without making myself more fingerprintable)?
"More fingerprintable" is a…
"More fingerprintable" is a tricky concept. The recommended way is as you did to adjust the security slider and leave all the other settings and preferences alone. That gives you the fingerprint of the group of people using the slider level you chose. The idea is that you hide in the crowd that uses that particular level instead of sticking out with your homegrown customizations. The three crowds corresponding to the three security levels might not be equally sized but each particular crowd is very likely still a crowd and thus protecting you from getting singled out.
IMO "safest" should be the…
IMO "safest" should be the security slider default, with users advised to drop down a level if they have problems, and to consider dropping to the lowest level only if they have asked themselves whether they really need to look at that video, etc.
The idea is to make a safe…
The idea is to make a safe web, not to disable features maximally.
> make a safe web Right,…
> make a safe web
Right, that's what we all want. I was arguing that given the array of technical threats we face, of the following alternatives, the second makes more sense:
o start with slider at "standard" (least protections) and suggest users try increasing the setting whenever they "feel paranoid",
o start with slider at "safest" and suggest users try dropping down as required to make a particular website work, or to consider giving that website a pass.
The choice is between encouraging unthinking unsafe behavior, and encouraging users to make smart choices about how they use TB to surf the web. The second alternative is IMO more consistent with overall Tor Project guidance to users.
The linux version of the…
The linux version of the browser regularly freezes (eats up all available CPU and is not responsive) at higher security levels, with longest freezes by far occurring at the highest (safest) security level. The browser startup can also take much longer at higher security levels (about half a minute or more) while eating up all available CPU.
I've tried disabling NoScript to see if that's the source of the problem but the freezes keep occurring.
This issue has been present in previous 8.0.x versions.
How long does a startup take…
How long does a startup take for you on the default level? Do you see anything useful in the terminal if you start Tor Browser with
./start-tor-browser.desktop --debug
? Is that 32bit or 64bit? Which locale?I've figured out it's caused…
I've figured out it's caused by uBlock Origin, my apologies.
For what it's worth, with uBO enabled the startup takes about 4 seconds on the default ("Standard") level, and over 1 minute on the middle and highest security level. With uBO disabled the startup takes about 4 seconds on the lowest level and about 10 seconds on the highest level.
The debug output had the following line only when I ran it at higher security levels ("Safer" and "Safest") with uBO enabled:
JavaScript error: jar:file:///path/to/tor-browser/Browser/omni.ja!/components/nsPrompter.js, line 339: NS_ERROR_NOT_AVAILABLE: Component returned failure code: 0x80040111 (NS_ERROR_NOT_AVAILABLE) [nsIDOMWindowUtils.isParentWindowMainWidgetVisible]
This is on a 64bit system.
At least now I know to disable uBO at higher security levels.
Since I installed this new…
Since I installed this new version (8.0.5), the Telegram application doesn't work and it can not connect to its servers... I get used to use SOCKS when I use Telegram, but it doesn't work at all! So, please check the problem and solve it asap... THIS IS A MAJOR ISSUE!
Tor doesn't allow empty…
Tor doesn't allow empty passwords now. It will be fixed in the next version.
https://trac.torproject.org…
https://trac.torproject.org/projects/tor/ticket/29175
Can I access the social…
Can I access the social media like facebook without detection
Hello there and thanks for…
Hello there and thanks for this,
this new release works great, no problem for now.
However I have a question. I was wondering if you have any plan to solve the "problem" with screen dimensions fingerprinting. Do you think will ever be possible to surf the web with Tor Browser in full screen mode without being fingerprinted by trackers and third party actors? Many friends and relatives (whom I suggest to use Tor Browser) find this specific aesthetic aspect of TB pretty weird. I am not an expert in design and UX but I have the impression that this is a big hurdle for TB adoption on a mass scale.
Thanks for listening.
Hi there and thanks for your…
Hi there and thanks for your messages.
As you surmise browser fingerprinting by window resolution is a tricky topic. It might be more useful to consider the threat that your friends face, which in this case appears to be about hiding from advertisers and data slurpers. In that case I don't think that browser size poses a huge threat, especially if your friends don't link their true identities to their browsing sessions (like signing into Facebook).
If you think about it, it's more beneficial for them to use Tor and have some of the protection that it can afford, rather than not using it at all. Even if that means sharing a little more info which can be used for fingerprinting.
See https://bugzilla.mozilla…
See https://bugzilla.mozilla.org/show_bug.cgi?id=1407366 especially comment 30 on. The idea is that the chrome (which dictates the inner window size) doesn't matter because the inner window itself will letterbox the viewport
Thanks for TBB!! Surfing…
Thanks for TBB!!
Surfing with regular Firefox sucks with sites showing you being tracked even with privatebrowser enabled through multiple profiles, accounts on same computer. You can clear all your data/cookies etc and this site still tracks whatever name you throw at it. in normal and private mode.
I wonder how many Unique ID method's it uses to continue to track you even after rebooting your PC, clearing all data,cache,cookies,storage etc from browser.
Website can also track you across multiple profiles and across multiple accounts on your computer. Just thought it was pretty crazy bruh.
Before you say, yeah but u allowed javascript to run on that page.. well thats the point. IT shows just how much of what we do is being tracked, imagine when you not on Tor(or on tor with javascript running, alot do that). and you got that itch that u think u safe.
I tested Chrome,Firefox,Safari,MS Edge and they all vulnerable to it.
Website seems to be just a Proof of Concept to show just that.
https://www.nothingprivate.ml
Could you make it possible…
Could you make it possible for users to anonymize the platform string, e.g. in about:config or in "Security Settings" window? By "platform string" I mean the platform field that panopticlick reports, such as "Linux x86_64".
Looking at the comments for the last few releases it seems that a lot of users prefer smaller fingerprint over the "convenience" of websites automatically recognizing their platform. In most cases this automatic recognition is either insignificant to the user or the user can manually choose the platform (such as on the Tor browser download page). I have never come across a website where at the same time platform recognition would be vital and the user could not manually specify it in some way (whether via some menu or setting or by navigating to the appropriate URL).
I think that if only a few…
I think that if only a few users change the platform string, then those users will stand out more.
However some work is being done to be able to change it for all users:
https://trac.torproject.org/projects/tor/ticket/28290#comment:7
I'm not suggesting that you…
I'm not suggesting that you should let users manually enter any platform string whatsoever, but that there could be an option to switch between actual platform (as it is now) and an anonymized one i.e. whatever the Windows 64 bit version has (like the current user agent string).
Or what about websites asking the user for permission to read the platform string, like it's done currently with canvas? If the user rejects then the anonymized version is supplied.
It's not ideal since the permission dialog box would probably trigger too frequently, but at least the user would have control over which site/page gets to read the platform string.
If you get a chance, I think…
If you get a chance, I think there would be community interest in a post describing current thinking inside TP on the problem of making it harder for our enemies to easily differentiate Tor circuits from other TSL bitstreams, and making it harder to differentiate Tor Browser from Firefox. Last I heard, these are unsolved problems.
"Add pref to allow users to…
"Add pref to allow users to persist custom noscript settings"
Sorry, I'm a bit thick; but just exactly how do we select this NoScript persist pref? I can't find it anywhere...I think I'll go back to using the ScriptSafe addon instead.
BTW All this speculation that NoScript site-persistence gives rise to a usable fingerprinting risk is somewhat dubious and overblown--many easier ways of tracking TorBrowser users--and the risk of script-jacking is much greater and more dangerous, so why not just do away with script altogether if you're just worried about supposed fingerprinting... Has any researcher actually tried/proved tracking/fingerprinting users with their NoScript custom settings yet?
Why can I no longer access…
Why can I no longer access certain sites. eg Dream Network http://lchudifyeqm4ldjj.onion/profile
Maybe it's been down when…
Maybe it's been down when you tried?
how to get rid of the "Will…
how to get rid of the "Will you allow *.com to use your HTML5 canvas image data?" - dropdown
menu in urlbar (between i and the green icon)?
There is no permanent way to…
There is no permanent way to do that yet in the stable release, alas. We are currently testing a fix in the alpha which should make those doorhangers way less frequent as they are used to be. If this goes well you'll have that improvement in one of the next stable versions.
https://blog.torproject.org/…
https://blog.torproject.org/ is asking for canvas image data!
Works for me. Which URL…
Works for me. Which URL exactly is triggering that?
url is ok, tor blog, a grey…
url is ok, tor blog, a grey icon is visible.
page info - permissions - extract canvas data = always ask.
i tried to find out how to set permissions globally, but about:permissions is gone.
i think the icon appears because of my about:config settings. in another TBB installation it is
not reproducable.
(after posting here your website is in a reload loop.)
SOLVED - it seems to be…
SOLVED - it seems to be Video DownloadHelper extension:
Behavior tab --- Network probe - Scan network traffic to detect hits
it's my fault, sorry for any inconvenience.
jabber pidgin My jabber…
jabber pidgin My jabber client pidgin stopped connecting to the tor network after the last update.
That's https://trac…
That's https://trac.torproject.org/projects/tor/ticket/29175 and will be resolved in the next Tor release.
Can not connect to SOCKS…
Can not connect to SOCKS over port 9150.
I guess this is https://trac…
I guess this is https://trac.torproject.org/projects/tor/ticket/29175? If so, then it will be fixed in the next Tor release.
INSTEAD OF CHANGING THE OS…
INSTEAD OF CHANGING THE OS PLATFORM STRING FOR BROWSER WHY NOT JUST CONVERT ALL USERS TO UNKNOWN OS? OR BLANK? OR JUST SOMETHING THAT ANY SERVER CAN RECOGNIZE LIKE DOS? HAHA
I think that's a bad idea:…
I think that's a bad idea: it practically screams "we's coming from a Tor node! block us!". I don't see any benefit at all to that proposal.
Can't access https://www…
Can't access https://www.torproject.org/ via TOR Browser (previous version) for at least 24 hours. Anyone else having similar issues? (don't have any issues with accessing other sites, including this one)
Looks like some DNS issue, getting error:
"Unable to connect
Firefox can’t establish a connection to the server at www.torproject.org."
Still having that issue and…
Still having that issue and unable to update.
What error do you get if you…
What error do you get if you set
app.update.log
totrue
and check for an update while? You'll see the log output in your browser console (Ctrl + Shift + J).Thank you for reply! No…
Thank you for reply!
No update errors there since it downloading update from https://cdn.torproject.org/ and not from https://www.torproject.org/
But I need full new version "torbrowser-install-8.0.5_en-US.exe" and not "tor-browser-win32-8.0.4-8.0.5_en-US.incremental.mar"
I was trying to replace file name in URL to grab it from there, but got Error 404.
Is there any official verified alternative location for full version?
We have the latest bundles…
We have the latest bundles at https://dist.torproject.org/torbrowser/ as well, in case just www.torproject.org is blocked. However, if you already have a Tor Browser it should auto-update you to the latest version. Thus, I am a bit confused why you need a new version downloaded from the website to update.
Is www.torproject.org the only website that is blocked for you?
> However, if you already…
> However, if you already have a Tor Browser it should auto-update you to the latest version. Thus, I am a bit confused why you need a new version downloaded from the website to update.
I prefer to have multiple (separate) versions of TOR browser in case something went wrong with latest one or some issues will appear (had such problems in past). In that case I don't have to rollback and can simply run previous version for site which having issues with latest version while it fixed in next version.
Hope I explained clear enough. :)
> Is www.torproject.org the only website that is blocked for you?
Yep don't have any issues with reaching any other sites but still can't reach it through TOR Browser... (so confused why it can happened DNS queries comes through TOR as well).
But link you gave me working without any issues, thank you so much! :)
on Windows 7 (32 bit) is OK!…
on Windows 7 (32 bit) is OK! THNX!
https://www.whoishostingthis…
https://www.whoishostingthis.com/tools/user-agent/ reports different values for "screen resolution" and "browser window size" (e.g. 1000x700 and 989x700, respectively). I did not resize the browser window prior to this.
My guess is that it's because of the scrollbar, meaning that the website can detect the width of user's scroll bar. This width might be different on different systems, graphical toolkits, desktop environments, etc., increasing the fingerprint.
Yes we are aware of that and…
Yes we are aware of that and it is tracked in https://trac.torproject.org/projects/tor/ticket/22137.
Ooops! No 'Site Identity…
Ooops!
No 'Site Identity button' on the left side of the URL bar and nothing in 'customize' either. I haven't seen it it the last few iterations of the TBB and I thus thought it had been eliminated.
Please help...
What extensions do you see…
What extensions do you see if you open the
about:addons
page?I recently updated from Tor…
I recently updated from Tor 8.0.4 to 8.0.5 and can no longer add or delete bookmarks. I have been unable to restore html format or backups or json format bookmarks. This seems to be a bug in the 8.0.5 update.
How can I reproduce your…
How can I reproduce your findings? On which platform does this happen?
Tor doesn't start after…
Tor doesn't start after pressing 'Restart Tor' button on Windows (no AV/FW, just Tor Launcher bug):
[02-02 11:32:32] TorLauncher NOTE: _startTor error: [scrubbed]
[02-02 11:32:39] TorLauncher NOTE: failed to open authenticated connection: [scrubbed]
[02-02 11:34:48] TorLauncher NOTE: Event monitor read error [scrubbed]
[02-02 11:34:48] TorLauncher NOTE: Tor unexpectedly exited. This might be due to a bug in Tor itself, another program on your system, or faulty hardware. Until you restart Tor, the Tor Browser will not able to reach any websites. If the problem persists, please send a copy of your Tor Log to the support team.
Restarting Tor will not close your browser tabs.
[02-02 11:34:54] TorLauncher NOTE: failed to open authenticated connection: [scrubbed]
How can I reproduce this bug…
How can I reproduce this bug? On which platform does this happen?
Kill tor.exe, no? on Windows
Kill tor.exe while Tor Launcher is starting Tor Browser.
I tried that but Tor still…
I tried that but Tor still gets restarted and boostraps correctly. Here is what I did:
1) I launched Tor Browser
2) During the bootstrap process I clicked on "Cancel" to halt it and to have time to kill the Tor process
3) I killed the process and the restart button appeared
4) I clicked the button and Tor bootstrapped properly after a while.
If you can't kill tor during…
If you can't kill tor during tbb launch, try:
kill tor after tbb launch,
small window will appear with restart/OK, press restart and
during restart tor press Cancel,
kill tor again,
then press restart tor in a big window.
I get an error message. The…
I get an error message. The site doesn't allow me to view it. (purplebricks.ca). What is the use of your browner if sites don't allow me to view them?
If sites don't allow access…
If sites don't allow access with Tor there is not much we can do besides asking/pressuring them in doing so, alas. But you can use Tor Browser for getting its privacy and security features on sites that *do* allow it. And those are the vast majority on the web.
And if you really really…
And if you really really need to visit that particular site, you might consider buying a Raspberry Pi, a very inexpensive computer (the size of a package of cigarettes) which doesn't work with Tor but can be used to surf to the few places where Tor can't take you. You ISP and all the spooks will know where you surf with the Pi, but if you don't use it too much it might be safe.
Why is the default for…
Why is the default for NoScript allowing all options?.. that's now more relaxed than trusted!!
Switching from off by default to on by default is dangerous.. and resets to that each time tor is started; surely this is not intentional by those with Tor's core interest at heart.
=> Linux: Tor 8.0.5 + NoScript 10.2.1 => Tools.Add-ons.NoScript[Preferences]
Good!
Good!
HTTPSE doesn't update its…
HTTPSE doesn't update its rulesets during update. Now it is of version 2019.1.7, but rulesets are from 2018.9.19.
But your rulesets should get…
But your rulesets should get updated automatically between the HTTPS-Everywhere updates we ship and you get via the extension update channel, no? How can I reproduce your issue?
It was an outdated Tor…
It was an outdated Tor Browser 8.0.1 which updated automatically except rulesets.
Do you get ruleset updates…
Do you get ruleset updates later on, when you restart the browser? Or the next ruleset update check happens?
No. It doesn't depend on…
No. It doesn't depend on restarts or add-ons' updates. You even can't force it to update. But, yes, I got rulesets updates the next time its check happened.
How do you check that the…
How do you check that the rulesets are not updated during the browser update? The UI in HTTPS-Everywhere seems only to indicate when the last update via the HTTPS-Everywhere *built-in* functionality happened. At least that's how I would read it.
Press HTTPSE icon, no? It…
Press HTTPSE icon, no? It shows Version and Rulesets version for EFF.
Okay, I filed https://trac…
Okay, I filed https://trac.torproject.org/projects/tor/ticket/29454. Thanks for the report!
https://github.com…
https://github.com/TheTorProject/gettorbrowser/
Is still at version 8.0.2.
Please update.
It is safer to have multiple download links up.
Care more about humans living in bad countries.
Thanks.
Yes, we are aware of that…
Yes, we are aware of that shortcoming and are working on that. Stay tuned and sorry for the inconvenience of an update to the latest version after having downloaded this outdated one.
how disable java in tor
how disable java in tor
If you mean "how to disable…
If you mean "how to disable javascript in Tor Browser", left click on the onion icon (top left corner of TorBrowser window), choose "Security Settings", then choose "Safest".
Tor is compromised without…
Tor is compromised without blocking scripts. Default safe, not vulnerable?
Iam new here please help me…
Iam new here please help me how to use tor browser
The down side of using tor ~…
The down side of using tor ~" No adblocker"
The Torproject should create…
The Torproject should create a website that displays websites that block the Tor browser.
As an example Tunnblick was intially blocked and was not aware their ISP blocked Tor. Other sites like https://www.kbb.com "kelly bluebook" and https://www.lifewire.com/ "electornic magaizine block Tor but I cannot see a reason why.
NOT WORK, NOT JOB! Win 10, 7…
NOT WORK, NOT JOB!
Win 10, 7 64x
804, 805
803 Good.
It would be helpful if you…
It would be helpful if you could be a bit more specific in your error report. What does not work? What did you do and what happened. Is that reproducible on your system?
TBB needs update?
TBB needs update?