Tor Browser 6.0.4 is released
Tor Browser 6.0.4 is now available from the Tor Browser Project page and also from our distribution directory.
This release finally brings Tor Browser users the latest Tor stable, 0.2.8.6, and avoids pinging Mozilla's servers for system extensions.
Pinging Mozilla's servers was responsible for users getting an extension into their Tor Browser that resulted in annoying and confusing "Your Firefox is out of date" notifications on start-up (bug 19890). Thanks to Mozilla engineers, who fixed that issue as quickly as possible on their side, the extension is not shipped to Tor Browser users anymore since August 11 13:00 UTC. This takes care of getting the add-on removed as well in case it got installed into Tor Browser (as does the fix we ship in Tor Browser 6.0.4) which should have happened/is happening during the next extension update ping. For further information see the discussion in our bug tracker.
Users that are on the alpha channel or are using the hardened Tor Browser were not affected. The same goes for Tails users as far as we know.
The full changelog since Tor Browser 6.0.3 is:
Tor Browser 6.0.4 -- August 16
- All Platforms
- Update Tor to 0.2.8.6
- Update NoScript to 2.9.0.14
- Bug 19890: Disable installation of system addons
Comments
Please note that the comment area below has been archived.
So, the question is: Tor
So, the question is: Tor Browser 6.0.3 included in Tails is different? And why? Or what else?
Thanks for the hard work. It
Thanks for the hard work. It does not go unnoticed.
Yes, there appear to be a
Yes, there appear to be a few differences [1]. Mostly, just preference adjustments and adding the Add Block Plus addon. Most modifications appear to be required since the Tor daemon, which is responsible for connecting to the Tor network, and the browser are not intertwined. This allows for better security in tails by running the Tor daemon in as a different user. Also, it allows to connect to the Tor network before the browser is opened, speeding up things, and allows sharing one single tor daemon for all network traffic.
[1]: https://git-tails.immerda.ch/tails/tree/config/chroot_local-includes/et…
Thank you very much anon :)
Thank you very much anon :)
Is it normal that my tor
Is it normal that my tor wallet offline is?
Why i can visit amazon.de or
Why i can visit amazon.de or amazo.fr with Ror 6.0.4 ?
With 6.0.3 it's ok.
what should i do to enjoy
what should i do to enjoy Tor Browser
Hello All. My name is Don,
Hello All. My name is Don, and I am obviously new to TOR, but am finding the privacy features of this browser to be very usefull in maintaining my online privacy, which is a refreshing new status.I will do my best to make using TOR a part of my daily web surfing. Thank you for creating such a wonderful product!
You should thank the NSA,
You should thank the NSA, they made it.
Nope, they did not.
Nope, they did not.
Agreed. NSA did not make
Agreed. NSA did not make TOR.
I don't know who for sure to thank but another version I heard is the U. S. Navy created it. Probably just another Myth. Of course I'm sure HIV was actually created by CIA and was supposed to target only GAY's! RRRRIIIIIIGGGGHHHHT!!
what addon was it? specify
what addon was it? specify so i know what to remove
outofdate-notifications@mozil
outofdate-notifications@mozilla.org.xpi
LoL,
LoL, "outofdate-notifications@mozilla.org" !! once-upon-a-time found this in a situation (couldn't recall) & asked myself: What "Mozilla" has got to do with anything -OutOfDate- that is related =Exclusively= to TBB! .. Thought -even- it might leak usage practice --innocently- to an (agent) on the other end ;)
However, today -THANKFULLY- you answered my thoughts, but a bit sad: Why wasn't me who must report this"BUG" to you, ..Well, no-problem.. at least my thoughts were -almost- Right :)
Thanks again TBB team, & best of luck to you ALL..
You ask youself Why wasn't
You ask youself Why wasn't me who report this bug.
You say: I need to move the chair in the corner. You do not move the chair until maybe years later.
Same reason. No fault.
Is there going to be away of
Is there going to be away of using Tor with out agreeing to the new terms and conditions contract MS is going make everyone sign ?
. I refuse to sign anything I don't agree with .
How can I even have windows on my devices with out signing those intrusive agreements ?
MS Windows is not the only
MS Windows is not the only fruit. There are Apples too. Or GNUs with Linuxes, FreeBSDs, or Hurds. Or for more instant results, Tails (tails.boum.org), QubesOS (www.qubes-os.org), or Whonix (www.whonix.org).
вы меняете мир
вы меняете мир к лутшему )
Can I use privacy badger and
Can I use privacy badger and ublock origin addons? Or will that affect my anonymity?
Using either or both will
Using either or both will probably give you a more distinct fingerprint. Privacy Badger "learns" as it is used, changing the users fingerprint. Given that most use cases of ublock involve blocking specific sites, you're going to end up with a unique fingerprint there as well. There's a reason why NoScript in TB has been modified to not allow site-specific white/blacklisting.
Of course, installing any addon has standard risks involving fingerprinting and attack vectors. Privacy Badger and ublock are just particularly bad for specific reasons. They're good addons, but they fail to deal with specific concerns for most TB use cases.
Hi Tor Team, can you clarify
Hi Tor Team, can you clarify what "...NoScript in TB has been modified.." means, is it not an original NoScript add-on that comes with TBB? Thank you.
We don't modify NoScript
We don't modify NoScript code. We only tweak it's settings to optimize it for our use in Tor Browser (e.g. for the Security Slider).
Well, also never bookmark
Well, also never bookmark any site in your Torbrowser then because of the same reasons.
Great, so what am I supposed
Great, so what am I supposed to use to catalog pages I frequent? A pencil & paper? What the hell is this browser good for then? Or I should say FOOD for?
i don;t see how a webpage
i don;t see how a webpage could access bookmarks.
for small set of "bookmarks", you could drag urls into a text editor, then load that text file into tor browser as webpage.
but does this create a new privacy risk? (None seems obvious to me)
Can anyone confirm or infirm
Can anyone confirm or infirm that bookmarks are indeed a threat to anonimity ? Seems really unpractical...
bookmarks are not threat to
bookmarks are not threat to anonymity. They could only be used if your PC was taken by police and they opened your tbb. But you can have full disk encryption or just have your tor browser inside encrypted container. But don't forget to unmount it or shutdown PC when you exit home or open door.
afaik, those probably make
afaik, those probably make your TBB look different to webpages, than other TBB users look.
Well, as you know I do that,
Well, as you know I do that, you can too if fingerprint isn't too important to you.
sorry but i can see vidalia
sorry but i can see vidalia cant open
please help me
You need to update your Tor
You need to update your Tor Browser. Tor Browser with Vidalia is long gone.
Здравствуйте
Здравствуйте меня зовут Руслан Мне интересно можно перевдить в Тор веб -сайты на Русский язык если это возможно то как подскажите?Спасибо Удачи!!!
Could we get a heads up
Could we get a heads up before having the update forced on us? I prefer to download and reinstall myself.
You talk about freedom, how about that freedom?
Thank you for your great work!
There was a heads-up before
There was a heads-up before this version was getting out (as with basically all stable versions). Feel free to look at our tor-qa mailing list to convince yourself.
You can turn off automatic
You can turn off automatic updates. I believe it's app.update.enabled in about:config.
dude, a little humility goes
dude, a little humility goes a long way..just thank the Tor programmers like u would any soldier who's defending ur dignity and and move on.
^Yip, totally this. That guy
^Yip, totally this. That guy was speaking as if Tor is some consumer service.
Thanks for the hard work
Thanks for the hard work
It wasn't just annoying and
It wasn't just annoying and confusing. It also broke non-Tor Firefox browsers. Why you would thank Mozilla engineers for anything is suspicious. They intentionally created and included the extension. And it proves Tor is easily hacked by big brother.
Tor Browser will no longer
Tor Browser will no longer load such add-ons. Also, the list of add-ons Mozilla is deploying must be public so any malicious attempt would be caught easily.
Hi, are you able to explain
Hi, are you able to explain further how Tor maybe hacked hijack etc.
Privacy is important to me; I've no real knowledge of computers.
Is there a simple list of things not to do...
thanks for your time...
Cash
tor did not connect to dir
tor did not connect to dir auth servers successfully.
are there any changes fetching the consensus/descs at firstrun ?
Looking cool. Thanks for
Looking cool. Thanks for update :).
Here in Syria we must use
Here in Syria we must use TOR to avoid mass surveillance have here, my friend was sent to prison because internet surveillance.
I afraid but I will never stop to use internet to send photos of this awful government.
Thank you.
i just decided i ,m gonna
i just decided i ,m gonna set up a relay to help free! internet only thing is i am gonnna need some help with this if there is ANYONE OUTTHERE HELP me with this issue so how to set up a relay on a mac system. is nnot there a program for it Who knows pleAS REPLAY..............
The comments area to this
The comments area to this blog is a terrible place to ask for help, I'd expect no one to bother answering you here on this, especially when you can just read the documentation provided by the Tor Project itself.
You can find your starting point for how to set up a relay here:
http://expyuzz4wqqyqhjn.onion/docs/tor-relay-debian.html.en
I have deliberately given you the onion service link, which you can only reach using Tor itself. You look eager, but very fresh, and running a relay is serious work. Needing to use Tor to reach the onion service ensures you're actually using Tor yourself, otherwise you're likely to screw up.
You'll need to decide whether you'll just be a middle relay (fairly harmless, but helps), or an exit node (which can be a real headache if you are too naive about legal repercussions*).
* Hint: If you need to ask what legal repercussions, you're probably too naive!
Перестало
Перестало работать расширение NoSquint (((
Это очень
Это очень плохо, т.к. это часть браузера, скачай и поставь заново. Как так получилось?
NoSquint != NoScript.
NoSquint != NoScript.
ok
ok
Is my anonymity at risk when
Is my anonymity at risk when I use the add-on "HiddenEverywhere" ? Is it intented to integrate this add-on?
https://github.com/Someguy123/HiddenEverywhere
Without doing a detailed
Without doing a detailed code audit, it's impossible to know for sure. Any addon has risks involving fingerprinting and use as an attack vector.
i just wanna thank you to
i just wanna thank you to all you're great minds that brought this to us and one more thing if the CIA is tracking me how can i got it to stop lol off the record
all o akbar ...thank u from
all o akbar ...thank u from iran.....iranian fan
TBB Thanks for taking care
TBB Thanks for taking care of the recent MozFire update problem so quickly! That might of caused alot more sleepless nights for us that depend on your security and info to help make us feel safe! The new apps that were sent,with the new logo,are they safe to use with new version? or should those files be deleted! Thanks again congrats!
Not sure what you mean.
Not sure what you mean. There were no new apps sent and definitely no new logos involved. I guess starting with a clean Tor Browser again is a good idea.
WOW: "starting with a clean
WOW: "starting with a clean TBB"!!
I'am running my Dear>TBB with about 24 FF-Add-ons!
(+15 disabled: ..some Enabled if needed)
1-Are there any possibility of anonymity risks involved!
2- Is it a future-possibility that TBB team might create a new division that Checks & Approves most used add-ones as of (TBB Singed Add-ons)
3- Thank You Very much :)
Yes, there's a possibility
Yes, there's a possibility of anonymity risks with each addon; you can make your browser appear different to websites(fingerprinting) and you're increasing the attack surface for someone trying to find an exploit in your browser in order to hack into your computer. There's a reason it's recommended that you don't install 3rd party addons in Tor Browser. The Torproject is a small organization and has difficulty as it is supporting Tor Browser. Checking Addons for potential security exploits is a time consuming process that Mozilla doesn't even really do. The Torproject simply doesn't have the resources required to do code audits on 3rd party addons that may change their code at any time.
That was Well said &
That was Well said & understood, Yes i forgot most addons will change their code from time to time and can't be followed every time & then by The TBB Team.. Thank you for the good info ,, hope it's useful for others too :) ,, Bye--
dears all how can we install
dears all
how can we install the flash player on tor browser
noting that i dont have administration access to install any application
please help
my email is : m.ayoub250@gmail.com
regards
Never, never, never install
Never, never, never install the Flash Player in Tor Browsers.
It can reveal all the information that the Tor Browser is hiding.
It is why the flash player
It is why the flash player was created and adopted by the sites that try to force it as an only way to decode their information.
The moment you allow any scripts on a site that you are not absolutely sure you can trust youe anonymity has gone out of the window. You may as well use a regular connection.
No scripts, no plugins and you may have a chance
Never give an email address
Never give an email address in a public comment. People will abuse it.
Flash doesn't obey browser
Flash doesn't obey browser proxy settings, so traffic from the plugin won't go through tor even if you run it from inside TB.
Flash doesn't obey browser
Flash doesn't obey browser proxy settings, so traffic from the plugin won't go through tor even if you run it from inside TB.
That's correct.
If the original poster installs Flash Player on Tor, whether he is using Microsoft Windows or Linux OS, he is easily traceable on the internet.
He may wish to try to install Whonix operating system first and then install Flash Player. However there is no 100% warranty that Flash Player may not broadcast his true IP address.
Last week Shadow Brokers upload a 200+ MB of hacking tools stolen from the NSA. A few tools exploit zero-day vulnerabilities and unpatched vulnerabilities found in Flash Player and Java. Given this information, does the original poster still want to install Flash Player on Tor?
TY
TY
Yes but even with Whonix,
Yes but even with Whonix, there is flash fingerprinting. So each time he would use flash they would know it's same person.
Fingerprinting can be done with flash version, settings, flash history and PC settings too.
They may know it's the same
They may know it's the same person, making it pseudonymous as opposed to anonymous, but at least Flash isn't leaking your real IP as it would be in Tor Browser. Using Flash with Tor via Whonix may be shooting yourself in the foot with a pistol, but trying to use Flash with Tor Browser alone is shooting yourself in the foot with a rocket launcher.
try 1- a video downloader
try
1- a video downloader website (no flash plugin, but probably requires that noscript extension allow JavaScript.).
2- play downloaded video in media player that's blocked from connecting to the net, and, or lacks any streaming feature.
There is a better way than
There is a better way than 1
It is youtube-dl through tor socks proxy
how can we install the flash
how can we install the flash player on tor browser
You might like to install Whonix operating system first and then install flash player.
Thanks!
Thanks!
i noticed a lot of other
i noticed a lot of other sites still have 6.3 .
github ,filehippo .e.t.c
how to create and activate
how to create and activate google account using Tor ...it is not working ?
Google makes it pretty much
Google makes it pretty much impossible to create an account through tor. This is an issue on Google's side, not tor's.
how to create and activate
how to create and activate google account using Tor ...it is not working ?
Why do you want to create and activate a Google account using Tor?
In
In TBB6.0.4
extensions.torbutton.use_privoxy
is on(true).
Why?
Problem?
I guess this is due to cruft
I guess this is due to cruft in our Torbutton code. This should not be an issue for you.
For a number of months, my
For a number of months, my Tor Button was accompanied by "Tor Disabled." Finally I complained to Chief Counsel at my employer (a DoD Agency) and voila! Tor started working, I got my VPN connectiion from Avast back, and my iPhone also shed a while bunch of bugs. However, I have questions about incidents that I've been trying to get my Agency to answer for over a year, and they keep piling up. There is/are IT person(s) at my Agency who have hacked my life basically. Imagine a DoD stalker who can block references, and shift philanthropic choices. Last night I reported four more incidents of system issues to the help desk, including a 2nd mouse input whose buffer seemed to have preference over mine.
Do Tor folks have anywhere to point me?
Get a new job.
Get a new job.
Tor is still shutting down
Tor is still shutting down periodically and randomly as with 6.0.3, needing to be restarted without closing any windows. I have no idea whether it is something to do with my system or a bug. I mention it to see if others are experiencing this. This started for me on 6.0.3, and it is still doing it. Before that, Tor never closed down for no apparent reason, even if left without use.
That's the first time we
That's the first time we hear about that. On which operating system does this happen?
It is happening on Windows
It is happening on Windows 7. I thought it started happening in 6.0.3 possibly as a result of installing the Mozilla Archive Format add-on. Never before had any add-ons and I thought that one was safe. But I've since disabled that and it still happens.
It seems to me that it is some change since 6.0.3 that is causing it, rather than something else on my system, but I don't know that for a fact. It seems to happen most when I have been away from the PC for a while and left Tor open. I come back to find Tor needs to be restarted. This never happened for me prior to v 6.0.3.
Not OP, but on GNU/Linux TB
Not OP, but on GNU/Linux TB is a frequent victim of OOM-killer, an unfortunate kernel feature, triggered by a random memory leak.
wrong with the new kernel
wrong with the new kernel and a modern computer
Hi; Fantastic
Hi;
Fantastic
После
После обновления TOR перестал работать. Помогает только новая установка. Если после новой установки в файл TORRC добавить настройки для создания реле, TOR снова перестаёт работать, приходится снова устанавливать заново.
See:
See: https://trac.torproject.org/projects/tor/ticket/17875. I guess you are overwriting torrc-defaults which you should not do. torrc is preserved across updates.
У меня даже
У меня даже после установки чистой версии Tor Browser 6.0.4 работает хорошо пока в файл torrc не добавлю строки:
ORPort 443
Exitpolicy reject *:*
Nickname ididntedittheconfig
ContactInfo human@...
после этого TOR перестаёт работать. Появляется всплывающее окно "Управляющий сервер ненайден"
Is there a Tor option to NOT
Is there a Tor option to NOT automatically download and install new versions? I wouldn't mind an announcement that a new version is available, but I would like to make the installation decision myself.
Yes, me as well -
Yes, me as well - especially, since sometimes there are problems with specific options set (like Javascript in specific applications) or problems with access to my Hushmail, like today,
See app.update.enabled in
See app.update.enabled in about:config.
go into options (windows) or
go into options (windows) or preferences (linux) or paste this url address
about:preferences#advanced
click "Updates" in top row
see on this page http://www.ghacks.net/2015/07/13/what-you-need-to-do-if-firefox-is-not-…
update settings shown in this image
http://www.ghacks.net/wp-content/uploads/2015/07/firefox-automatic-upda…
i have only the second dot enabled
"Check for updates, but let me choose whether to install them."
for me, TBB is obeying this setting as firefox does.
Where is tor messenger?
Where is tor messenger?
https://trac.torproject.org/p
https://trac.torproject.org/projects/tor/wiki/doc/TorMessenger#Downloads
Hey, what's this? Can't get
Hey, what's this? Can't get to my Hushmail account via Tor, from Firefox it's possible, but I do wish to use Tor for access to my email. Please investigate ASAP!!
I don't have a Hushmail
I don't have a Hushmail account but looking at the changelog posted above we did not change anything in the Firefox code that could cause this. Looking at the NoScript changelog 2.9.0.14 should not be the culprit either. Thus, I guess the best explanation is that Hushmail changed things on their side.
Hi Dear gk :) Found that
Hi Dear gk :)
Found that Hushmail is pain in the A:$$, after a period of --pause-- (not using), & when it happens that it must be re-checked --say-- for FB or twitter email Re-verification, you're blocked, Damn :)
Thus, found --real free-- that best works with Tor- NO matter what geo-location changes you log from- It is >> [geshifilter-code]https://www.vfemail.net[/geshifilter-code]
also on other topic, Would like report a bug --if it is!-- (not sure it's a bug yet) so, When many tabs are opened that might make TBB using about 1.5 gb of memory, then when that ALL are closed; Memory will not auto-decrease (say to 0.5 gb) in fact: will've to restart TBB to look more refreshed,
Any idea please to sort this out without restarting TBB!
Thank you..
Thus, found --real free--
Thus, found --real free-- that best works with Tor- NO matter what geo-location changes you log from- It is >> https://www.vfemail.net
Your recommendation, vfemail.net, is bad.
According to that website, it states: You will need javascript enabled to log into this site from this page.
If one wishes to use Tor with a web-based email provider, the latter should allow non-Javascript.
You might wish to try bitmessage.ch
Do you work for bitmessage?
Do you work for bitmessage? The full text you're referring to ACTUALLY says:
You will need javascript enabled to log into this site from this page.
Otherwise you can go directly to:
The Horde interface [link]
or
The new RoundCube interface [link]
LOL ,, "vfemail.net is bad"
LOL ,, "vfemail.net is bad" Well! it might be not that BAD but quiet NOT-good,, ;)
My recommendation was not based on "javascript enabled" or not! it was rather based on:
1- Acceptance of frequent Geo-locations changes made by TBB, which is not always 'permitted' by most famous web email providers, unless [mobile Number] is entered ;)
2- Ease and quick registration (30 sec or less) so it most used for me as (Trash mail) --not black listed-- ,, websites wont see it "black-listed" like Ex: TRASHMAIL.com
3- Membership never expires (situation like when a website Ex: Twitter want to re-confirm your vfemail email)
4: etc ,, etc ,,
a quite (not so-good) in vfemail ""for non-paid members"" is that it has --sometimes-- a delayed Que to SEND mail .. That doesn't matter much for me because --as said-- use for Coming "confirmations" ..
Finally, "bitmessage.ch" on a fast glance might look GREAT, but not tested by me yet,, Wishing it could pass the above: 1's 2's & (3's: can see that website stated: Account is not deleted if inactive)
Thanks for your contribution and thanks again to our-dual BrainStorming that showed-up nice results :)
If you could use your
If you could use your webmail only by allowing scripts you must have been trusting hushmail greatly. If you are using hushmail by thunderbird/icedove with tor-birdy installed and now you can not reach the server this you need to clarify.
a different privacy
a different privacy topic.
Advice I have read says:
you should never access any same account in both tor and in a "plain net" browser.
so
- have a hushmail account you access only by tor
- and can have another hushmail account accessed otherwise.
"you should never access any
"you should never access any same account in both tor and in a "plain net" browser."
Shouldn't that be obvious? I mean, if someone logs into an account with their real IP, then it's pretty much game over, isn't it?
I wish it was obvious to
I wish it was obvious to everyone too, but it's not.
Most people don't even realise that their computers/routers get assigned an Internet Protocol Address upon connection to the internet. It all seems like magic to them.
Arther C Clarke once wrote: "Any sufficiently advanced technology is indistinguishable from magic."
For many, this is actually the case for computers and the internet. This is why privacy also requires being asked to change computer and internet habits too.
it is very interesting
it is very interesting browser .but it is not connected easily
Hello Folks: I would like to
Hello Folks: I would like to know your point of view, about using additional - Privacy and Security related add-ons, such as: Calomel SSL Validation, No resource uri leak, Self Destructing Cookies, Privacy Badger, uBlock Origin, Random Agent Spoofer, Decentraleyes and Blue Hell Firewall. Such add-ons are kind of first-class Citizens wherever I have Firefox installed. But I was wondering if they could interfere while using the Tor Browser. Thanks for your time.
Any/all add-ons pose another
Any/all add-ons pose another potential security risk. In other words, the more you install the more at risk you are that one of them may be phoning home all your browsing activity etc. Additionally, your unique combination of installed add-ons can potentially be probed by sites in order to track you. Using the default TBB with no additional add-ons is the best way to blend in with the crowd.
Some of the ones in your list seem redundant with the add-ons/configuration provided in TBB. For example, HTTPS Everywhere and Noscript are included and cookies are automatically deleted every session by default.
see above:
see above: https://blog.torproject.org/blog/tor-browser-604-released#comment-199545 and https://panopticlick.eff.org/
Thank you all for your work.
Thank you all for your work. <3
ok
ok
Thanks for the hard work
Thanks for the hard work
any one else struggling to
any one else struggling to connect? keep getting "could not connect to tor control port" had this issue since i have updated, i have not changed any setting. anyone able to help?
Seems there is maybe an old
Seems there is maybe an old Tor still running. Try to kill all old Tor processes first before restarting.
suddenly today I couldn't
suddenly today I couldn't connect either
I too faced this issue after
I too faced this issue after the update and had to revert to an older version. I'm running Windows and no old tor processes were running at the time.
same problem. HELP
same problem. HELP
help
help
I am on it
I am on it
Very good thanks !
Very good thanks !
Is is possible to prevent
Is is possible to prevent the automatic update untill I'm ready to engage the new version?
thanks
You do realize that using a
You do realize that using a deprecated version of TB is not safe, don't you?
If a failed version should
If a failed version should appear for a certain OS such as Linux, Mac OS or windows you can't use TOr as it will force the update to the version that may not run as expected/ This is why the user should have the ability to decide when to upgrade
something weird happened
something weird happened after i update to last version by update manager tor won't open at all!! Linux Mint 18 Sarah.
What do you mean with
What do you mean with "update manager"? Do you get an error message? If you open a terminal and change the directory to tor-browser_en-US (assuming you are using the en-US bundle) and start Tor Browser by "./start-tor-browser.desktop --debug" (without quotation marks) do you get any log output in your terminal which would help explain things?
amazing work, thanks to all
amazing work, thanks to all
Why has the size of tor.exe
Why has the size of tor.exe increased by 500K?
I line very much TOR
I line very much TOR browser. But lately it is working very slow. Please give me solution (if any).
many thanks for your hard
many thanks for your hard work.
Many had said it and i´ll
Many had said it and i´ll agree, please notify updates don´t make the browser inactive, lost a loot of info and documents for the documentary.
Ps By saying that, don´t mean I´m not grateful to TOR and the project but that is just a thing Goggle would do did not expect it from U.
Ty for update
Error: Failed to load script
Error: Failed to load script (nsresult = 0x805e0006) webworker.js:1:1
Why is TBB becoming more and
Why is TBB becoming more and more a bloating data dump and will it get fixed?
http://rixstep.com/2/2/20160817,00.shtml
Working as intended I'm not
Working as intended I'm not sure why the author of that thinks it's a problem when, "Not keeping data in the app bundle" is part of what is required to get Gatekeeper code signing working on OSX, and volatile data needs to go somewhere.
Any plans to enhance the
Any plans to enhance the circuit visualizer/controller in torbutton? Only shows circuit for main domain of site you are accessing, but many websites do cross-domain requests - I realize this would require the extension monitoring requests locally - unsure whether this could be implemented securely - but some ad blockers do the same thing. It would be good to know which circuits are used by the cross-domain requests in a given tab and be able to request a new tor circuit for each of these domains.
Example:
URL domain: google.com
Torbutton shows:
Tor circuit for this site: google.com
This browser
Node1
Node2
Node3
Internet
google.com also connects to the domain gstatic.com which tor will do using a different circuit. However, torbutton does not display this other circuit.
I think you are
I think you are misunderstanding how Tor Browser is working. The circuit visualizer is showing you which circuit is used for the domain in the URL bar and *all* other requests related to it (be them third or first party ones). That's the idea behind isolating everything to the URL bar domain which is one of our core ideas behind the Tor Browser design.
I cannot open flash videos,
I cannot open flash videos, Please note that I've already updated my flash adobe but still there is a massage appear saying that update your flash adobe every time. Please help
Flash and Tor Browser
Flash and Tor Browser shouldn't be used together. If you must use Flash with tor you need a solution like Whonix where everything is sent through tor including Flash.
US HANDING INTERNET TO THE
US HANDING INTERNET TO THE UNITED NATIONS FOR CONTROL!
Not working in Linux Mint 18
Not working in Linux Mint 18 after updated to version 6.0.4 .
If you open a terminal and
If you open a terminal and change the directory to tor-browser_en-US (assuming you are using the en-US bundle) and start Tor Browser by "./start-tor-browser.desktop --debug" (without quotation marks) do you get any log output in your terminal which would help explain things?
random in GnuPG
random in GnuPG buggy:
https://formal.iti.kit.edu/~klebanov/pubs/libgcrypt-cve-2016-6313.pdf
http://formal.iti.kit.edu/~klebanov/software/entroposcope/
csv : update&&upgrade
csv : update&&upgrade
hello, since i migrate to
hello,
since i migrate to the new version this tuesday , i can t no longer surf on the web because it takes a too long time before i can connect to sites. i used Tor since a long time and it is the first time that i got this problem
annie
Hello I have both a Imac and
Hello
I have both a Imac and a Windows based laptop. There are no issues with running TOR on the Imac. The latest version on it runs flawlessly and I expect the latest one to do as well. However, not so with my Windows laptop, which is running Windows 10.
When I downloaded the 6.0.2 version and installed it would quit, as the warning said - unexpectedly. I assumed it was a fluke happening until I attempted many times afterwards with same result. Thinking that the problem was isolated to .02, I downloaded .04 with like results. ???
I am not to technical oriented so if you have a suggestion please keep it as simple as possible. Lol. I am running my laptop clean with no virus or malware programs installed or running. No problem with previous versions.
Help.
hello all i am used tor
hello all
i am used tor since a long time , but just
after the install of the last version , the access to all sites became very very slow and this speed can t allow to use tor any longer . what is the matter please ?
Same here. With the same
Same here. With the same system & config the previous versions were much faster and had a much more constant speed.
ok
ok
Is it the case now that no
Is it the case now that no pluggable transports are supported, or simply that no bridges are being provided?
We still support a bunch of
We still support a bunch of different pluggable transports and vanilla bridges. There was any change in this regard.
Anon may have been referring
Anon may have been referring to something I noticed as well, that no bridges of any kind were being offered by the bridges server for about two weeks. (And the only ones I have been seeing since it's been repopulated are ones I'd marked some time back as stale/nonresponsive but of course some recycling is to be expected.)
Thank you very much. no
Thank you very much. no language for thank you. awosome
hmmm what to say.........
hmmm what to say......... well im pretty much brand new to tor ive read and read as much as i can but tbh im simply not a computer wiz and im getting tired of reading one thing and then i find another that seems to be completely different and it doesnt bloody help that i dont even know for sure what TBB stands for basically im as n00b as they come lol but i want to check if anyone has some valuable information they would like to share with me maybe links to great websites to start learning i just need a secure foundation to start research ive just spent too long getting lost in the maze of the world wide web
i love tor btw i was gonna list all the things i love but i dont have time need sleep
anyway thank you so much for all the hard work and thanks in advance to anyone that helps me ;)
Tor browser run faster after
Tor browser run faster after the update thanks
good job anonimouses..keep
good job anonimouses..keep the spirit up n going..
Sweden government and
Sweden government and swedish police are acting very similar to Stasi and old DDR... Its terrifying, I am greatful for TBB. Thank you.
uk & fr & germany gov/police
uk & fr & germany gov/police are acting too very nastly ...
thx for TBB.
thank you for this browser !
thank you for this browser ! //from Ukraine
Had this experience with the
Had this experience with the new Tor Browser.
The page https://check.torproject.org/ showed
"Sorry. You are not using Tor. Your IP address appears to be: 177.154.145.102"
Tor button showed me my exit node "Ukraine (185.61.138.124)".
There are two exit nodes on this IP:
$BAD729D970BB21759E9A8BA655416C23CFF9535C
$2F270CA7AC30F4C3F243E785822A519C9793F4AE
I am neither in Brazil nor do I use a VPN.
Might be related to
Might be related to https://bugs.torproject.org/19843.
I see a difference. One user
I see a difference. One user on the linked page pointed out that the IP in question there appears to be a Tor relay - just not showing up on the default check.torproject.org query.
Whereas in this instance I could not find the IP 177.154.145.102 being related to the Tor network.
CHASE USING TOR BROWSER You
CHASE
USING TOR BROWSER
You need to upgrade your browser to access your accounts and statements.
A newer browser will help make your chase.com experience even better, and
help keep your accounts and personal information secure.
Download a new version of your favorite browser here:
Internet Explorer > (download the latest version.) (Opens Overlay)
Firefox > (download the latest version) (Opens Overlay)
Chrome > (download the lastest version) (Opens Overlay)
Safari > (download the lastest version) (Opens Overlay)
You can also access your accounts and statements from your tablet, mobile device or the Chase Mobile® App Footnote 1 (Opens Overlay). If you have questions, contact us.
Some sites always say this
Some sites always say this simply because Javascript is disabled. Check if that was the case for you, and use NoScript's options to whitelist the relevant sites.
Or many sites don't even
Or many sites don't even know that ESR versions exist.
OK, but I thought since TBB
OK, but I thought since TBB sets the user agent to the very generic "Mozilla/5.0 (Windows NT 6.1; rv:45.0) Gecko/20100101 Firefox/45.0" those sites would even see that.
ADD LAST SOME GUYS WHO ARE
ADD LAST SOME GUYS WHO ARE DOING SOMETHING USEFULL ON THE NET OTHER THEN SEND SPAM Thanks boys and girls GREAT work !!
This update removed the
This update removed the ability for users to manage cookies, probably because you went to Mozilla 44.
Since you can no longer select "Ask me every time" regarding cookie policy you now have to chose between accepting no cookies at all, meaning logging in to any site is broken, or letting every tracking cookie on the net (except third party) crawl all over you browser.
You really shouldn't have done this without vetting a cookie manager and bundling it with the browser. It's not acceptable that a privacy suite should be broken in such a fundamental area without the user first of all noticing the problem and then also managing to find a manager that is safe to use.
I think you have a
I think you have a misunderstanding about Tor Browser's design. Have a look at our design document get an idea about what we are up to: https://www.torproject.org/projects/torbrowser/design/
TB has to update to newer
TB has to update to newer versions of Firefox on occasion because unsupported older versions don't get bug fixes for anything, including serious security vulnerabilities. It would be great if the Tor Project could fork Firefox and go its own way; even better might be a new browser designed from the ground up to work with Tor. However, The Tor Project doesn't have anywhere near the resources required support every part of a browser. It's a (relatively) small organization with a small number of staff, compared to the hundreds of people Mozilla/Google/Microsoft have dedicated to browser development.
NOTE: I accidentally deleted
NOTE: I accidentally deleted a blog post containing a criticism about me just pointing to the design document instead of mentioning the things I wanted to mention directly. I am sorry about that. Furthermore it noted that managing cookies should work nevertheless.
I agree with the latter. And it might indeed be the case that cookies managing broke for some reason while moving to ESR45. In that case filing a bug in our bug tracker (https://trac.torproject.org) mentioning steps to reproduce the problem would be a good thing.
I gave the pointer to the design document as Tor Browser is currently only concerned with cross-origin tracking. Which means we don't rely on managing first party cookies for achieving privacy goals and third party cookies are at the moment disabled (until we get them keyed to the URL bar domain). Hope this helps.
It has been many days
It has been many days perhaps coinciding with this release of TBB v6.0.4? since torproject ceased offering bridges for pluggable transports. Maybe admin can't speak directly to why that is (I have found no mention, and discussions are either being deleted or are failing to be approved for comment) but if one is needing to be circumspect about it, is there any acknowledgement possible, of the fact that it can't be addressed right now? If the project were in receipt of (another) FISA letter, it could not by law be revealed but, lacking any discussion it ought to be noted that speculation about such a letter will persist. Or, is there a simple technical reason why pluggable transports aren't being supported? This contradicts release notes.
As of a certain date,
As of a certain date, weren't all bridges ( unlisted relays ) given by Bridge DB, Obfs4?
Is it necessary to release a
Is it necessary to release a new TBB?
https://www.mozilla.org/en-US/firefox/48.0.1/releasenotes/
Looking at the bugs they
Looking at the bugs they mentioned there, I don't think so.
what are torproject's plans
what are torproject's plans with later versions of firefox in future torbrowser updates given e10s/move to web extensions and the plethora of new attack surfaces (features), trackable by default config options mozilla seem to be adding to their future browser releases?
Our plan has not changed: we
Our plan has not changed: we follow Mozilla, trying to get as many patches upstreamed as possible while making sure the new features/default config options are no harm for our users. If so, we patch them to our needs.
Considering Disconnect.me
Considering Disconnect.me search is not working with google and just redirects to duckduckgo, is there a reason why TB is using disconnect.me instead of duckduckgo as the main search engine?
Well, we hoped they got back
Well, we hoped they got back access to Google search results but that does not seem to be the case. We have made the switch to DuckDuckGo in the alphas to test it and assuming it sticks the next major stable update will have it, too.
Instead of Disconnect.me or
Instead of Disconnect.me or DDGo,
* why not include Searx?
Is it because Searx has many instances, and we can’t all use the same instance (same server)?
* why not include Lite Qwant?
DDGo doesn’t seem very trustworthy in terms of privacy — what they say may not be the whole truth.
As for Disconnect, their extension for FF is totally lame IMHO, so why should we trust them with a search engine safe from Google’s spying.
tried, and they work. qwant
tried, and they work.
qwant lite filters out nsfw. searx.net didn't.
there's another domain for searx. it seems to do POST searches
On windows, 6.0.3 connects
On windows, 6.0.3 connects fine, however 6.0.4 doesn't. Installed 6.0.4 in a fresh directory, still "could not connect to control port". Shut down, open 6.0.3, connects fine. No firewall. Weird. Disabling automatic updates for now.
Do you still have a tor
Do you still have a tor instance running somewhere? Or some Anti-Virus software that could be interfering with Tor?
No other tor instance
No other tor instance running when opening another. I close 6.0.3 to open 6.0.4. Running anti-virus, but no logs or notices about tor. Would the AV like 6.0.3 and not 6.0.4?
Not the OP but I experienced
Not the OP but I experienced the same problem (6.0.3 works but 6.0.4 can't connect) and I do not have any other Tor instances running.
I wonder whether you have
I wonder whether you have some antivirus/firewall software running that might not like the new Tor? Could you uninstall it for testing purposes (disabling is often not enough)?
Hi there, Is this version
Hi there,
Is this version (6.0.4) Revoke Trust in CNNIC Certificates?
No.
No.
If it updates from 5.0.4 ,
If it updates from 5.0.4 , Bangla font is not showing. That's why I had to reinstall 5.0.4 frequently. Is there any solution ?
maybe go into browser
maybe go into browser options (preferences)
content
fonts & colors, default font (pull down)
Runnig the TOR browser on a
Runnig the TOR browser on a Mac OS Yosemite. If I reinstall TOR after a connection is established and TOR browser is closed I get the message "A newer item named “TorBrowser.app” already exists in this location. Do you want to replace it with the older one you’re moving?" Even though the version is the latest 6.04 Aug-23-2016.
You mean you are getting
You mean you are getting this message only after you launched Tor Browser once but are not if you are trying to overwrite an unused TorBrowser.app?
Whether I launch the TOR
Whether I launch the TOR browser or not the latestest version of TOR reports a newer version exists when reinstalled even though 6.04 is the latest version. It appears the version value has been changed so when I try to install the same TOR version again the installer sees it as a newer version.
Is the tor software built
Is the tor software built with some sort of protection that will stop data from being transmitted when the internet connection suddenly breaks? Or when Tor browser suddenly needs to close sue to error?
A good question. Could we
A good question.
Could we please have a reply from GK or his/her colleagues?
Thanks
a killswitch must be done by
a killswitch must be done by setting a firewall or by your vpn provider
It doesn't need that. It's
It doesn't need that. It's not like VPNs
It won't send packets in clearnet by design. No tor connection = no internet in tor browser
Tor browser is the best I
Tor browser is the best I always use it and upgrade as nessasary
CloudFlare is going crazy
CloudFlare is going crazy again ?
Yep, seeing endless loop of
Yep, seeing endless loop of recaptcha at http://prntscr.com/ right now (no js).
Has Cloudflare even been
Has Cloudflare even been anything else than crazy? What difference have you recently noticed?
Is there anywhere we can
Is there anywhere we can find an accurate list of who runs a particular node?
According to https://www.browserleaks.com/whois 163.172.29.81 is run by the British Customs and Excise authorities!!!
According to http://torstatus.blutmagie.de/ it is run by tomhek.net.
It seems highly unlikely that a government which delights in spying on its people would support TOR.
I have also found a TOR node, which according to the same web-site, is run by the British Employment authorities!
Is there ANY site with accurate, VERIFIED information?
Any information gratefully received.
Thanks
This is such a silly post.
This is such a silly post. You sound like the Boys from Lagos.
There are no such things as "the British Customs and Excise authorities" or "the British Employment authorities". There is the UK's Her Majesty's Revenue and Customs (HMRC), or the UK's Department of Works and Pensions (DWP).
What exact terms did browserleaks.com report, and why couldn't you accurately paste them into your comment?
"It seems highly unlikely that a government which delights in spying on its people would support TOR."
Also, if you think Tor is compromised, why are you asking here for "ANY site with accurate, VERIFIED information"? You might as well go home with Windows 10 under your arm.
How could there be, given
How could there be, given that anyone can run a node? Also, a large part of Tor's funding comes straight from the US government. Governments aren't monolithic bodies; different parts have different goals and frequently come into conflict. To be honest, you probably have less to worry about governments running nodes and more in them spying on nodes run by third parties. The Tor Project specifically says that it's probably ineffective against a global adversary. That means that it'll probably only slow down the Five Eyes.
1° is it confidential ? 2°
1° is it confidential ?
2° is it safe ?
3° is it true ?
tor node are safe&true&confidential and i do not like your calumnies.
Is this supposed to be an
Is this supposed to be an answer to my quesion? If it is, pls explain how you are answering it.
Thank you
nsa troll
nsa troll
I've just checked
I've just checked https://www.browserleaks.com/whois. I find the information presented, whether accurate or not, is precise and detailed. Is there a reason why you couldn't have copied 'n' pasted the actual strings you saw? Were they against "Organization, or something else?
You see, there're no such things as "the British Customs and Excise authorities" or "the British Employment authorities". Those would be "Her Majesty's Customs and Revenue" or the "Department of Works and Pensions".
Perhaps if you were less vague in writing what you saw. Did you keep a complete record?
"Is this supposed to be an answer to my quesion?"
You expect an authentic answer, but we can't tell between a genuine spoof and your vagueness. Perhaps what you saw was a Tor relay runner spoofing "Organization" to protect their confidentiality. Do you think it's a good idea to make Tor relay runners fully identify themselves to you?
What is wrong with https://torstatus.blutmagie.de or https://atlas.torproject.org, anyway?
My question is: does this
My question is: does this version remove CNNIC certificate?
Cause firefox and chrome have revoked CNNIC certificate last year, so I am thinking that if it is possible for Tor to remove it. Thanks
THANKS
THANKS
There seems to be a memory
There seems to be a memory leak on win7 with both 6.0.3 and 6.0.4, can someone confirm this?
please develop tor browser
please develop tor browser for windows phone 8.1 too
Tor Browser is built on
Tor Browser is built on Firefox, and therefore it can only run where Firefox can run. Windows 8(.1) on Arm processors has a significantly limited API that the Firefox devs gave up on as the browser would be unusably slow.
How can we move an installed
How can we move an installed Tor Browser to a new drive letter and location under Windows without losing all of our bookmarks?
You should be able
You should be able to.
Bookmarks are in places.sqlite file in profile folder, as with firefox.
((folder))\Browser\TorBrowser\Data\Browser\profile.default\places.sqlite
To be safe, open bookmarks manager ctrl+shift+b
from menu, export bookmarks to html
from same menu, backup (to a .json file with date in filename, bookmarks-2016-08-30.json)
From Ksysguard network
From Ksysguard network history I can see the tbb making internet traffic even offline mode turned on unless you close tbb. What does it mean?
It's not possible as tbb
It's not possible as tbb doesn't make any internet traffic, by design. You probably meant tor.exe? I haven't tested offline mode in tbb, why would you need one? But yes it should work if there is such feature in firefox.
As a temporary solution instead of clicking offline mode you can suspend (pause) tor.exe
Now makes a connection to
Now makes a connection to UDP (discard) on start up. What's happening there ?
Does TOR interfere with the
Does TOR interfere with the files for a normal firefox version 48.01? I noticed on my Mac OS TOR sha256 e37826e4501e95f99029e1c9187c498cc9d1f5735384b37c7f5ae0d52dd3d326 that my Firefox reverted some how to duckduckgo search.
Not that we know of. Tor
Not that we know of. Tor Browser is meant to be portable. And should be able to get used with an other browser in parallel (although we don't recommend that setup).
Secure Connection Failed
Secure Connection Failed (always)
$DF3EEDE3CEBA425940F82E4C2268F4E4015C3010~TORminion BUILD_FLAGS=NEED_CAPACITY PURPOSE=GENERAL TIME_CREATED=2016-08-27 SOCKS_USERNAME="bug1259785.bmoattachments.org"
>> 650 STREAM 1216 CLOSED 115 63.245.215.122:443 REASON=END REMOTE_REASON=DONE
Exit, BMO or TBB?
https://bug1259785.bmoattachm
https://bug1259785.bmoattachments.org/attachment.cgi?id=8734814
doesn't work with Medium-High, but works with Medium-Low.
What do you mean?
What do you mean?
Click Start on that page and
Click Start on that page and see the difference.
Thanks for the bug report.
Thanks for the bug report. This is https://trac.torproject.org/projects/tor/ticket/20097.
Why don't you replace the
Why don't you replace the globe icon to the onion icon? It looks much more better and professional.
When will I be able to
When will I be able to select a word on a page and right click search it? Now noscript always thinks it's an xss attempt.
I guess once bugs like
I guess once bugs like https://bugs.torproject.org/16425 are getting fixed? Help is appreciated.
I don't experience that bug.
I don't experience that bug. tbb 6.0.4 windows vista x64
I don't get that warning when disconnect is torbrowsre default searchengine and I context click search some text on page.
I also have no disconnect in noscript options as suggested in first reply in trac bug:
"add a pattern like ^https://search.disconnect.me/[^"<>]+$ to NoScript (Advanced -> XSS)."
Use Medium-High settings.
Use Medium-High settings.
What is the difference
What is the difference between Tor 6.0.4 and Tor 6.5a2?
Hello TorBrowser team, Many
Hello TorBrowser team,
Many thanks for TB :-)
Your "canvas add-on" is great. I don’t seem to find it among Firefox Add-ons. On Firefox, I use Canvas Blocker, which isn’t as simple and elegant as your solution.
However, the Canvas Defender team (another FF-add-on) claims that blocking canvas fingerprinting is useless and counterproductive. Not very convincing, what do you think?
I think they meant that if
I think they meant that if 0-4% of firefox users will use the blocker, it will fingerprint them as most people don't use it. And if some other people will use other addon, it will be another fingerprint.
But in case of TBB it's not an issue because all TBB users will use this addon (will be bundled). Maybe there is small drawback because Firefox ESR users won't use it, but I don't now how many users does FF ESR have compared to TBB users.
But no, actually, firefox ESR users can be differentiated from TBB users by the fact that only latter use Tor nodes/ip. So it doesn't matter and there is no drawback in using canvas addon bundled in tbb.
Blocking canvas is an
Blocking canvas is an identifier, yes. However, Tor doesn't hide the fact that you're using it either. Tor Browser doesn't stop you from having a fingerprint; it simply makes your fingerprint identical to all other users of Tor Browser (that have the same security slider settings, more or less.) Canvas blocking is part of the fingerprint of Tor Browser; at most, all canvas blocking does is make it clear you're using Tor Browser as opposed to Firefox ESR through tor. Canvas Defender might make a good argument for not blocking the canvas for non-tor browsing, but in terms of the threat models Tor Browser is designed to combat it isn't that relevant.
Can only obtain 1 OBFS4
Can only obtain 1 OBFS4 bridge a day and the bridge repeats on the 3rd day.
Ever since I've installed
Ever since I've installed TBB 6.0.4 the entry node changes more often than previously.
I've read the entry was supposed to be the same for months but if I use TBB for several hours, there's a point when I've got a new entry node, and then another one. About 2 or 3 different entry nodes.
However, when I restart TBB the same "normal" guard node is back.
It's a bug?
HI. Please, The Ubuntu and
HI. Please, The Ubuntu and Debian versions from TOR Repository, Are these .deb files, How I can download them?
Mt tor now sits at "Loading
Mt tor now sits at "Loading network stauts" with about a 40% green bar. has been there for an hour now. Only happened after update
note: i also have gotten a new router i the past week, could that be it??