New Stable Tor Browser Bundles

by erinn | August 17, 2012

The stable Tor Browser Bundles have all been updated to the latest Tor 0.2.2.38 stable release.

https://www.torproject.org/download

Tor Browser Bundle (2.2.38-1)

  • Update Tor to 0.2.2.38
  • Update NoScript to 2.5
  • Update HTTPS Everywhere to 2.1

Comments

Please note that the comment area below has been archived.

August 17, 2012

Permalink

Windows 7 (64), recently updated. After the update, tbb 2.2.36-1_en-US couldn't find tor.exe, so up updated to 2.2.38-1_en_US. After editing the path to tor.exe, I managed to get a good connection. However, Vidalia promptly errors with "unable to start configured web browser". This issue seems to have been addressed in previous versions, but mostly with XP SP3.

August 17, 2012

Permalink

hi
is it possible to use tor only for bypassing blocked websites?
i don't want to be anonymous i just want to open blocked content but with tor i can't watch videos properly
(i asked here since there wasn't a forum :< )

You can watch videos while using Tor to bypass country/institution filters, however you will have to disable some options and possibly reconfigure a setting in your operating system.

This is the optional part, but I'd strongly recommend changing your DNS from an automatic setting to manual. You can use 8.8.8.8 as a primary DNS server and 4.2.2.2 as a secondary DNS server. They're both fast, independent from each other, and not connected to your school/business/country. Though as a heads up, 8.8.8.8 belongs to Google (so does 8.8.4.4), and 4.2.2.2 (actually, the range from 4.2.2.1 to 4.2.2.6) belong to Level3/Verizon.

Changing DNS providers will ensure that your computer gets directed to the correct IP addresses when you lookup a website domain name. Now comes the part you will definitely have to do in order for you to watch videos through Tor (and by the way, you should use the Vidalia bundle, not the browser bundle (AKA TorBrowser) since TorBrowser doesn't come with Flash Player, Shockwave Player, or Java (plugins go against the safety ideals which are tightly held by the Tor developers and Tor community). Anyway, while you have Vidalia, Tor, and Firefox with Torbutton running, make sure you can connect to some remote website. After you know you have a working connection, go into the Torbutton settings by clicking the onion icon somewhere in the top of the browser. If a small warning popup comes up, click okay and try again until you are able to get into the settings panel...

Once Torbutton Preferences is opened, go to the Security Settings tab and uncheck/deselect the first 3 options that have to do with plugins, dynamic content, and javascript. This is NOT something you should do if you care about your privacy behind Tor, however you are only interested in bypassing filters so you aren't interested in the restricting--but very safe--options. Once you do that, make sure the settings are saved. Exit and reopen Firefox and check that Flash Player, Shockwave Player, and Java are installed and enabled. IF YOU HAVE NOSCRIPT INSTALLED you will need to disable it on the sites you want to watch videos on (or whitelist the sites and plugin sites within said sites).

Tor will still do a relatively good job of anonymizing you and it will bypass any filters set in place. Although if your Tor session uses an exit node that has a very restrictive country (like Iran or China), you'll be affected by that country's web filtering policies.

Good luck. Hope that helps!

LL

August 17, 2012

Permalink

Hi,

I've just downloaded the latest version 2.2.38-1 and Symantec Endpoint it's cracking down on Tor warning about a lot of issues and viruses.

Please correct.

August 18, 2012

Permalink

In TBB when I right-click on a link to download a file (such as a .zip file) for later offline viewing, I get a message saying "An external application is need to handle this file". Is there any way to just download a file in TOR without opening it (and no risk of being unmasked)?

This was addressed by one of the Tor devs not long ago.

The answer was that as long as you are merely downloading a file-- not opening/running it-- you can go ahead and ignore the warning.

Yes, AFAIK - there's always a difference in opening a file - online - & saving it to disk (downloading). As for Tor's warnings, It depends on HOW you're downloading the file.

If just using the TBB - R click / Save As (or Save, then browse to save location), you probably won't get the warning. Even if you did, you're not using an external app - you're using Tor Browser (modified Firefox).

If d/l a torrent file, or using a d/l manager in TBB, etc., may get such warnings.
Reason is, those other apps may / may NOT follow Tor's "rules" & *could* compromise your anonymity.

Many thanks for your replies.

I find that if I download a file with HTTP in TBB by right-clicking a link and selecting "Save Link As...", I still often (but not always) get a warning.

For example, I got the warning when attempting to download TBB itself from this link by the method described above:

https://www.torproject.org/download/download-easy.html

However, if I ignore the warning and just go ahead the download completes as expected. Although it is a little confusing when TBB talks about launching an application at all for just a download. Ideally, the warning should only be shown for when a file is to be opened by an external application, and not just downloaded within TBB.

I wonder if the latest release version will fix this (currently using the previous release version).

August 19, 2012

Permalink

I think the TBB is great when it works, thing is, I can only get it to work one time after I extract it. Then when I close the Tor browser, when I start it again and click on the green Start Tor Browser.exe, the Vidalia control panel starts up and I get a message to check settings because it can't anymore find Tor so I change the path to where it is in the extracted files, and then it starts up OK but the actual browser won't launch anyhow, automatically as well as if I try to manually click on the tbb.firefox.exe. It is awesome when it does work, just that one time though:)

August 19, 2012

Permalink

In addition, I find if I close all TBB components, re-extract the TBB and overwrite instead of deleting the earlier files it will also start tor and open the tor browser. But again, I need to re-extract and overwrite all the files -every time- I use the TBB.

August 19, 2012

Permalink

Something doesn't look right. In the previous bundle I had Noscript 2.51 which has gone backwards to 2.5 in this bundle. In the previous bundle I had HTTPS Everywhere 2.21 and this version has 2.1. Why are things going backwards? Were these extensions updated in the background without TorBrowser telling me? Is it a risk to have TorBrowser checking for updates and applying them without telling users?

August 19, 2012

Permalink

NOSCRIPT can't display and use the "temp allow..."& more optional features after update to v2.2.38.1, what's wrong?

August 19, 2012

Permalink

My antivirus program remove new version vidalia.exe

---------------------------------------------------------
Full Path: Not Available
____________________________
____________________________
On computers as of 8/18/2012 at 13:37:26
Last Used 8/18/2012 at 13:37:26
Startup Item No
Launched Yes
____________________________
____________________________
Few Users
Fewer than 50 users in the Norton Community have used this file.
____________________________
Very New
This file was released less than 1 week ago.
____________________________
High
This file risk is high.
____________________________
Threat Details
SONAR Protection monitors for suspicious program activity on your computer.
____________________________

Source File:
tor-browser-2.2.38-1_en-us.exe

File Created:
vidalia.exe
******************************************
File Actions
File: c:\users\.....\desktop\tor browser\app\vidalia.exe
Removed
******************************************

Network Actions
Event: Network activity (Performed by c:\users\....\desktop\tor browser\app\vidalia.exe, PID:5064)
No action taken
____________________________
System Settings Actions
Event: Process start: c:\Users\....\Desktop\tor browser\App\tor.exe, PID:4028 (Performed by c:\users\.....\desktop\tor browser\app\vidalia.exe, PID:4392)
No action taken
Event: Process start: c:\Users\....\Desktop\tor browser\firefoxportable\App\Firefox\tbb-firefox.exe, PID:5924 (Performed by c:\users\....\desktop\tor browser\app\vidalia.exe, PID:4392)
No action taken
Event: Process start: c:\program files (x86)\vidalia bundle\Tor\tor.exe, PID:4460 (Performed by c:\users\....\desktop\tor browser\app\vidalia.exe, PID:2192)
No action taken
Event: Process start: c:\program files (x86)\vidalia bundle\Polipo\polipo.exe, PID:4436 (Performed by c:\users\....\desktop\tor browser\app\vidalia.exe, PID:2192)
No action taken
Event: Process start (Performed by c:\users\.....\desktop\tor browser\app\vidalia.exe, PID:1980)
No action taken
Event: Process start: c:\users\....\desktop\tor browser\app\vidalia.exe, PID:4392 (Performed by c:\users\.....\desktop\tor browser\app\vidalia.exe, PID:4392)
No action taken
____________________________
File Thumbprint - SHA:
Not Available
____________________________
File Thumbprint - MD5:
Not Available
____________________________

The real problem is any software w/ name: *Norton* on it - not Tor. Get rid of Norton & save a world of headache (not just because of this incident).

For now, just add Tor, vidalia, TBB, & other files Norton objects to, into Norton's "Trusted applications / files" or what ever they call it now. If don't know how, read manual, go on Norton forums.

August 19, 2012

Permalink

My antivirus program remove new version vidalia.exe

---------------------------------------------------------
Full Path: Not Available
____________________________
____________________________
On computers as of 8/18/2012 at 13:37:26
Last Used 8/18/2012 at 13:37:26
Startup Item No
Launched Yes
____________________________
____________________________
Few Users
Fewer than 50 users in the Norton Community have used this file.
____________________________
Very New
This file was released less than 1 week ago.
____________________________
High
This file risk is high.
____________________________
Threat Details
SONAR Protection monitors for suspicious program activity on your computer.
____________________________

Source File:
tor-browser-2.2.38-1_en-us.exe

File Created:
vidalia.exe
******************************************
File Actions
File: c:\users\.....\desktop\tor browser\app\vidalia.exe
Removed
******************************************

Network Actions
Event: Network activity (Performed by c:\users\....\desktop\tor browser\app\vidalia.exe, PID:5064)
No action taken
____________________________
System Settings Actions
Event: Process start: c:\Users\....\Desktop\tor browser\App\tor.exe, PID:4028 (Performed by c:\users\.....\desktop\tor browser\app\vidalia.exe, PID:4392)
No action taken
Event: Process start: c:\Users\....\Desktop\tor browser\firefoxportable\App\Firefox\tbb-firefox.exe, PID:5924 (Performed by c:\users\....\desktop\tor browser\app\vidalia.exe, PID:4392)
No action taken
Event: Process start: c:\program files (x86)\vidalia bundle\Tor\tor.exe, PID:4460 (Performed by c:\users\....\desktop\tor browser\app\vidalia.exe, PID:2192)
No action taken
Event: Process start: c:\program files (x86)\vidalia bundle\Polipo\polipo.exe, PID:4436 (Performed by c:\users\....\desktop\tor browser\app\vidalia.exe, PID:2192)
No action taken
Event: Process start (Performed by c:\users\.....\desktop\tor browser\app\vidalia.exe, PID:1980)
No action taken
Event: Process start: c:\users\....\desktop\tor browser\app\vidalia.exe, PID:4392 (Performed by c:\users\.....\desktop\tor browser\app\vidalia.exe, PID:4392)
No action taken
____________________________
File Thumbprint - SHA:
Not Available
____________________________
File Thumbprint - MD5:
Not Available
____________________________

August 19, 2012

Permalink

what the fuck tor? .... vidalia.exe alerted my anti-virus program...

I cant trust you guys anymore.

August 19, 2012

Permalink

I am using intelOSX. There is no problem when I install an add-on and restart.
When I quit the TorBrowser instead of restart I am left with Vidalia only. How does one get the browser back in such a situation? At the moment to get it back I have to quit Vidalia and start the whole process again. Any assistance would be greatly appreciated. Thank you.

August 20, 2012

Permalink

Is it possible to use the tor browser as a normal browser for people who use the vanilla package?

August 20, 2012

Permalink

I've been unable to connect since I woke up this morning Aug 20th. Any chance it could be the new bundle? I had a hard time getting to the new TOR page after updating, in fact I had to update twice before I could get on last night.

I'm on the low end of intermediate so you'll have to respond as though I were a 10 year old (lol).

Seriously, any thoughts?

Thanks

Jack M

"But why are so much really old tor-versions on the net?"

If you mean on the official Tor web site, then I believe older versions are made available for those wish to use them for testing/research purposes.

If you mean on other sites, then there are likely malicious intents involved.

Never download any Tor file from anywhere else but an official Tor site.

August 20, 2012

Permalink

TorBrowser persists in displaying "There is a security update available for the Tor Browser Bundle.Click here to go to the download page" even after an update when the software shows it's the most recent version. This happened after the last update also. It took a while for it to disappear. There's some sort of bug or glitch in the version detection or something.

August 21, 2012

Permalink

I am wondering about censorship. Can they just block tor by blocking a particular persons ip from connecting to the dir servers or the initial servers tor contacts when starting the connections?

August 21, 2012

Permalink

I have a question regarding vidalia. I often notice strange behavior in the Tor Network Map Viewer. The relays on the right exhibit strange behavior sometimes. Usually, there are around 3000 relays. But sometimes I connect and there are only 1000. Other times, another 1000 relays seem to appear instantly, or disappear all at once. My concern is that there are 1000 rogue relays? Or my connection is hi-jacked? Or is this normal behavior as not all the descriptors are getting downloaded?

My other question is if a particular user is targeted by some adversary who is at the isp or controlling some gateway, can they not just block connections to the tor dir servers from particular ips? To keep you from connecting to tor? Is this what the obfsproxy bundles are for?

Thanks.

August 22, 2012

Permalink

Webconverger moves away from Firefox ESR

(something to ponder, Tor devs!)

http://www.h-online.com/open/news/item/Webconverger-moves-away-from-Fir…

http://h-online.com/-1671241

"The latest 14.0 release of Webconverger, a browser-only operating system for web kiosks, drops the extended support release (ESR) of Firefox in favour of the current major version of the browser, Firefox 14.0.1. The open source OS had previously used the mainline version of Firefox until Webconverger 11, but later switched to ESR in March with the release of version 12. Speaking to The H, project founder and lead developer Kai Hendry said that the change was the result of feedback from his paying customers and bugs encountered in the 10.x branch; his company, Webconverger Limited, sells custom-configured versions of the OS for use by, for example, banks, medical practices and libraries. "

August 23, 2012

Permalink

Cannot connect to the network Vidalia Control Panel stops at

"Establishing and encrypted directory connection"

August 24, 2012

Permalink

First crash on new build (.38). Hopefully it will be even more stable next build :P

Debugging Details:
------------------
BUGCHECK_STR: 0x1a_41287
CUSTOMER_CRASH_COUNT: 1
DEFAULT_BUCKET_ID: VISTA_DRIVER_FAULT
PROCESS_NAME: tor.exe
CURRENT_IRQL: 0

August 24, 2012

Permalink

First crash on .38, hopefully even more stable next build

Debugging Details:
------------------
BUGCHECK_STR: 0x1a_41287
CUSTOMER_CRASH_COUNT: 1
DEFAULT_BUCKET_ID: VISTA_DRIVER_FAULT
PROCESS_NAME: tor.exe
CURRENT_IRQL: 0

August 27, 2012

Permalink

It works as usual.
I'm running this latest version on Windows 7.
Thanks Tor developers!

August 27, 2012

Permalink

This might be an idiotic question... but please bear with me.

I've had three versions of TBB, and have updated it per the instructions each time the default home page https://check.torproject.org indicated there was a new version.

And with each update I installed, my bookmarks, add-ons, and settings were wiped. My add-ons are AddBlock Plus and Download Statusbar -- I realise I'm taking some risk with these but I believe the risks are small.

Perhaps I'm doing something wrong when installing? Or maybe there's some easy workaround?

I've been holding off on the latest bundle because manually setting up everything each time is a bit tedious. Ultimately it's still worth doing, but it seems like there must be a way to avoid losing my settings et al.

I agree, it's a little tedius to fine tune adblock and noscript each and every time.
But I really don't think there is anything we can do about that.

August 27, 2012

Permalink

I got this message second time after a while:

Sorry. You are not using Tor.
37.130.227.132

I quickly looked at the Tor network map a exit node seemed to be
37.130.227.134 (TorLand2)

Did anyone experience this? How is it possible that i got an exit node that was not listed on torstatus.all.de or atlas.torproject.org?

Thank you

I had a problem with TorLand1. A site's certificate was presented again and again in Firefox without loading the site. Other exit node had not this problem.

I got a XSS warning using Torland2 at 37.130.227.134 as an exit node
(Fingerprint $332895D092C2524A3CDE8F6E1498FFE665EBFC34)
while browsing a site that otherwise does not cause alerts.

Been experiencing this too on and off recently with check.torproject.org. Still experience it when not connecting through the browser bundle. Maybe a problem at the website's end.

August 28, 2012

Permalink

I've been unable to log into Disqus since I downloaded the latest Tor version. I can't type anything into the username and password boxes. I'm a new Tor user, so might have something set wrong, though I was able to access Disqus prior to the latest version.

Thanks if anyone has any suggestions.

August 30, 2012

Permalink

today i logged on, and i got a message telling me that there is a security update for my tor browser bundle..."click here to go to download page". will you lose your tor browser bundle if you do the security update?

September 03, 2012

Permalink

Hi,

until today I was using Tor 0.2.2.37 in Linux Opensuse 12.1, and it worked fine.

Today I have downloaded and extracted the latest version of Tor 0.2.2.38. When I start it, only the Vidalia control panel appears, but the browser doesn`t.

So I went back to the old version of Tor 0.2.2.37, and it works fine again. Of course, it would be better to use the latest version. Could you please take a look after the browser connection in the latest Linux version?

Thanks in advance.

September 03, 2012

Permalink

What's the point of using an "anonymous" filter to view something from outside the U.S.A. when you get a message such as:

SORRY!
This video is not available in your country.

I get that Tor is focused on users not being identified and I get that it's a big deal for those who want to perform secretive Internet research, or users who are located within nations that apply Internet censorship -- but Tor should get out of the nanny role for those who simply want to watch a video from a website that blocks viewership outside of its country.

Tor wants users to donate for its service, but Tor should perform the same services that other VPNs do for a price. It should allow users to select a country from which to generate an IP address and make websites think the user is located within its national boundaries. And if watching geo-restricted videos through a paid VPN service without incurring bugaboos is possible, it should also be possible with Tor.

Sure. The blog content is under the same license (CC-BY) as the rest of the Tor website. Send us mail to let us know what language you have in mind -- we might even be able to set you up like the fa-blog.torproject.org or ar-blog.torproject.org volunteers.

September 07, 2012

Permalink

Yes I saw that too. Personally I excluded all torland nodes, I think they are suspicious... Like the 149.9.x.x nodes, jalopy ninix etc... very suspicious !

September 08, 2012

Permalink

Hi all - Should I be able to use Vidalia bundle based on Firefox inside a Virtual PC window (32-bit XP) running under 64-bit Windows 7 Ultimate? - It just seems to freeze on a blank screen, and the Test mode never completes good or bad either :(

September 09, 2012

Permalink

Is it a coincidence that my IMac automatically shuts down when browsing the internet after I installed Tor and Vidalia? Since I installed Tor, the IMac shuts down when browsing. The shutoffs seem random. Please shed some light on this matter. Thanks.

September 15, 2012

Permalink

anyone else getting this?.....not-a-virus:NetTool.Win32.Tor.d.

October 11, 2012

Permalink

since ive updated tor it wont run!!! it gets stuck halfway loading. i look in the file and it says modified sept !!???

October 22, 2012

Permalink

Keep getting "Sorry. You are not using To" from Vidalia 0.2.20.

I'm running vidalia on a win7 platform. Tried to change my torrc file, but failed since the addition couldn't be saved. Open tor,exe and vidalia.exe to my ms win firewall, I've disabled my proxy, since it is in a script format and I failed to find out how to incorporate it in the tor configuration, but nothing changed.
I tried the tor bundle. A tor connection was established, but since no flash is allowed, this option doesn't serve my needs.

Is there anything else I can do?

November 10, 2012

Permalink

Hello...I am new to Tor and not too computer savy either...Is there any way that the IP address generated can be pinpointed to a specific country like Canada instead of being from across the ocean? I am trying to get info from a local site but they won't let me because my IP address is not "local." Thanks so much in advance for your help.