New Release: Tor Browser 8.5a11

by boklm | April 16, 2019

Tor Browser 8.5a11 is now available from the Tor Browser Alpha download page and also from our distribution directory.

Note: this is an alpha release: an experimental version for users who want to help us test new features. For everyone else, we recommend downloading the latest stable release instead.

This new alpha release includes some bug fixes and improvements. Among other things, on the desktop side we improved the browser toolbar layout, replaced the security slider with a toolbar icon and added mechanisms to introduce new features to users. We also improved the screen reader accessibility on Windows and added the es-AR locale.

On the Android side, we started using the Tor Onion Proxy Library.

The full changelog since Tor Browser 8.5a10 is:

  • All platforms
    • Update Torbutton to 2.1.6
      • Bug 22538+22513: Fix new circuit button for error pages
      • Bug 29825: Intelligently add new Security Level button to taskbar
      • Bug 29903: No WebGL click-to-play on the standard security level
      • Bug 27484: Improve navigation within onboarding (strings)
      • Bug 29768: Introduce new features to users (strings)
      • Bug 29943: Use locales in AB-CD scheme to match Mozilla
      • Bug 26498: Add locale: es-AR
      • Bug 29973: Remove remaining stopOpenSecuritySettingsObserver() pieces
      • Translations update
    • Update NoScript to 10.6.1
      • Bug 29872: XSS popup with DuckDuckGo search on about:tor
    • Bug 29916: Make sure enterprise policies are disabled
    • Bug 26498: Add locale: es-AR
  • Windows + OS X + Linux
    • Update Tor to 0.4.0.4-rc
    • Update Tor Launcher to 0.2.18.2
      • Bug 26498: Add locale es-AR
      • Translations update
    • Bug 29768: Introduce new features to users
    • Bug 27484: Improve navigation within onboarding
    • Bug 25658: Improve toolbar layout for new security settings
  • Windows
    • Bug 27503: Improve screen reader accessibility
  • Android
    • Bug 27609 (and child bugs): Use Tor Onion Proxy Library
    • Bug 29312: Bump Tor to 0.3.5.8
    • Bug 29859: Disable HLS support for now
    • Bug 28622: Update Tor Browser icon for mobile
    • Bug 29238: Prevent crash on Android after update
    • Bug 29982: Add additional safe guards against crashes during bootstrap
    • Bug 29906: Fix crash on older devices due to missing API
    • Bug 29858: Load onboarding panels after bootstrapping is done
    • Bug 28329: Improve bootstrapping experience
    • Bug 30016: Localize bootstrap-/bridge-related strings for mobile
  • Build System
    • All platforms
      • Bug 29868: Fix installation of python-future package
      • Bug 25623: Disable network during build
    • Linux
      • Bug 29966: Use archive.debian.org for Wheezy images
    • Android
      • Bug 30089: Use apksigner instead of jarsigner

Comments

Please note that the comment area below has been archived.

Onion User (not verified) said:

April 16, 2019

Permalink

Thanks for the great work!

Anonymity protection feature request:
Like with a mixed HTTPS+HTTP content, consider warning the TB user when an Onion site opens a "clearnet" connection in background (onion+clearnet mix).

Example: during a search "DuckDuckGo Onion" [3g2upl4pq6kufc4m.onion] connects to its clearnet version duckduckgo.com (to load the search result document icons, etc.).

(DDG Onion: one might as well just use the clearnet DDG site... What info is transmitted outside of Tor? Possibly a traffic correlation risk for the Tor users?)

> during a search "DuckDuckGo Onion" [3g2upl4pq6kufc4m.onion] connects to its clearnet version duckduckgo.com (to load the search result document icons, etc.).

Can someone verify this behavior, please?

I don't have Wireshark. There is at least one connection when the security slider is on Safer. On the search results page, a complete version of the following tag is in a sidebar module that shows a summary of Wikipedia's page about the search term:
[geshifilter-code]<img class="module--about__img" source="https://duckduckgo.com/...">[/geshifilter-code]

Procedure:
1. Open the page. Right-click on the page -> Inspect Element -> Network tab. Refresh the page. Click the header of the Domain column to sort it. Look for duckduckgo.com.
2. Right-click on the page -> View Page Info -> Media tab. Click the header of the Address column to sort it. Look for duckduckgo.com.
3. Back in Developer Tools, change from the Network tab to the Inspector tab. In the search box of the Inspector tab, search for substrings of the addresses you found. Ignore "a" tags because prefetching is disabled in TBB's default about:config.

There's more. Single words sometimes display a horizontal bar of tiles above the results. The bar is in this tag:
 <div id="zero_click_wrapper" class="zci-wrap">

Images in the bar are in tags that look like this:
 <img class="tile__icon  js-lazyload" src="<a href="https://duckduckgo.com/i/....jpg&quot" rel="nofollow">https://duckduckgo.com/i/....jpg&quot</a>; data-src="<a href="https://duckduckgo.com/i/....jpg"&gt" rel="nofollow">https://duckduckgo.com/i/....jpg"&gt</a>;

Easy to verify-- temporarily install the Firefox uMatrix and do a search using DDG Onion; watch the uMatrix panel while the DDG Onion results load.
DDG search results now come with their corresponding document type icons. These icons are loaded from DDG clearnet site icons.duckduckgo.com even if .Onion is used.

BTW, uMatrix is an open-source addon that reveals way, way more junk than NoScript.
Also, (optional) you can make it remember your per-site rules.
Finally, its author doesn't have a known "privacy vs. allowed tracking ads" scandal in the past.

Anonymous (not verified) said:

April 16, 2019

Permalink

With the default WebGL 1 Driver Renderer Google Inc. -- ANGLE (Microsoft Basic Render Driver Direct3D11 vs_5_0 ps_5_0) you can see on about:support
15:50:14.841 Error: WebGL warning: Disallowing antialiased backbuffers due to blacklisting. 1 Troubleshoot.jsm:528:18
Does this make me more fingerprintable?

Anonymous (not verified) said:

April 16, 2019

Permalink

> Bug 29872: XSS popup with DuckDuckGo search on about:tor
It's time to revert it as:
This issue is verified as fixed on Firefox 60.6.2esr (20190416010130) under Win 7 64-bit and Mac OS X 10.14.1.

Oleg (not verified) said:

April 16, 2019

Permalink

Good Time of day! With installed bridges There is no browser loading. There is Also no image saving. Android 7

Anonymous (not verified) said:

April 17, 2019

Permalink

Android

Bug 27609 (and child bugs): Use Tor Onion Proxy Library
Bug 29312: Bump Tor to 0.3.5.8

HEY EVERYBODY! IT'S TIME TO TEST ANDROID VERSION!

Anonymous (not verified) said:

April 18, 2019

Permalink

Please be more specific. Read the changelog. The version in this post is an alpha version, denoted by the "a" in 8.5a11. Most people will want the standard version, 8.0.8, not the alpha development testing version.

Anonymous (not verified) said:

April 17, 2019

Permalink

I like the new icon on Android. But perhaps the color scheme should be changed to the regular Tor colors?

Making all users look the same is one of the main goals of Tor Browser, so we try hard to have all users (or at least large groups of users) with the same fingerprint, but this is not the case with other browsers which have other priorities. Firefox has a preference to resist fingerprinting, but it is currently not enabled by default as it has some consequences on usability.

The numbers given by Panopticlick are not really meaningful for Tor Browser users because most Panopticlick users are using other browsers.

But even if there was a "most common browser fingerprint", the fact that a user is connecting through Tor is already obvious by looking at the IP address, so there is not much point in trying to hide that the user is a Tor Browser user.

Anonymous (not verified) said:

April 22, 2019

Permalink

For the benefit of newcomers, I add this: not only does using Tor Browser benefit the individual user, but the more people who use Tor Browser, the more the entire world benefits, because it becomes harder for adversaries to identify more and more people, which might eventually make "surveillance capitalism" and "dragnet surveillance" (by governments) uneconomic.

As a long series of troubling news stories since 2013 or so suggests (e.g. Snowden leaks, Facebook scandals, etc), this would probably be a good thing.

Growing the Tor userbase (and geographic/device diversity) will no doubt continue to be a major goal of Tor Project over the next decade. Assuming NSA/FSB/FBI/GCHQ/etc do not succeed in making Tor effectively illegal for everyone everywhere, that is.

Anonymous (not verified) said:

April 26, 2019

Permalink

Realistically speaking, how different are fingerprints no the desktop version of Tor Browser on the standard security setting, across different operating systems and hardware? Can anonymity in the face of modern tracking techniques at all be expected on this setting?

Your questions and a comment in the v8.0.8 post would be great to turn into research projects based on data sets from fingerprint leak sites like EFF's panopticlick and others in replies to that comment. Those sites, themselves, are in the best position to find the answers and add those details and more relevancy to their sites. Anyone could work on it if the data sets are open. Your questions about Tor could be studied and placed on the metrics website.

Most of these sites show a very incomplete picture of what is really possible in terms of tracking and are quite outdated. Panopticlick's results are not meaningful in any way. They look at maybe 20 randomly chosen parameters, out of literally thousands of possible ways of tracking users.

If your goal is to blend in with everyone else, Tor Browser is one of the best tools. Exit nodes, like public proxies, mark your internet traffic with an IP address that's shared by many people simultaneously unlike your home or mobile IP address. The Tor Browser is set up to mark your browser traffic with one of three selectable configurations, so at the start of your session, you look like other people using Tor Browser on Tor.

Since your normal browser traffic is marked by your home or mobile IP that immediately makes your traffic stand out regardless of whether you're using a browser, and since Tor Browser is designed for its traffic never to be marked by your home or mobile IP, then the only way to compare the realistic significance of the fingerprints of Tor Browser versus normal browsers is for you to configure your normal browser to proxy as Tor Browser does. But setting a normal browser to use Tor is not recommended at all.

A user can modify their Tor Browser and make its fingerprint stand out, but many things they don't modify are reset by the security slider and New Identity functions. Some of the security choices made by developers of Tor Browser are passed back to developers of Mozilla Firefox. It definitely helps a general-purpose browser like Firefox to receive development feedback from security-privacy projects like this, and some of it pushes Firefox to look a little bit more like Tor Browser.

Name (not verified) said:

April 18, 2019

Permalink

How do I download the standalone tor only (non-browser bundle)? Can't find anything after the site redesign.

Nancey (not verified) said:

April 19, 2019

Permalink

How does one download this program and get it to work? I’ve had a brain injury and am not able to understand what I need to do. Thank you.

Anonymous (not verified) said:

April 22, 2019

Permalink

@ Nancey:

I thought you might appreciate more detailed instructions:

1. Point your browser at https://decvnxytmk.oedi.net/download/ by clicking on a link if this sentence contains one or by typing that URL into the "location pane" of your browser. You should see a green lock icon indicating that your connection is "secured" by TLS, i.e. you have reason to think your browser will receive files from the real torproject.org not a malicious imitator.

2. Once the download page loads you should see a row of four icons standing for four types of operating systems: Microsoft (Windows), Apple (MacOS), Linux, Google (Android). Below each of these is a smaller link marked "sig".

3. Click on the "sig" for your operating system. After a few minutes you should see that you have downloaded a file with a name like 8.0.8/tor-browser-linux64-8.0.8_en-US.tar.xz.asc

4. Click on the big icon for your operating system. After 5-30 minutes depending on your internet connection speed, you should see that you have downloaded a second file with a name like https://decvnxytmk.oedi.net/dist/torbrowser/8.0.8/tor-browser-linux64-8….

5. Verifying the authenaticity of code before you install is especially important for security critical applications like Tor, but if you can't make steps 6-8 work you can still install Tor Browser; see https://jqlsbiwihs.oedi.net/tbb/how-to-verify-signature/ for how to obtain the signing key and use GPG to verify the "detached" signature of the "tarball" ***.tar.xz

6. Once you have verified the tarball, make a directory, AKA folder, and move the tarball file ***.tar.xz there. Unpack it (this may be as simple as clicking on it). This will take a minute.

7. Once the tarball is unpacked, you should be ready to start launching Tor Browser, which will painlessly connect your computer to the worldwide Tor network. This will take a few minutes because the Tor "client" on your computer needs to download current information (up the the hour) about all the Tor nodes currently available, so it can start building Tor "circuits". When this is done the browser should launch itself and you can start surfing.

Hope this is all helpful. It's not as complicated as I am probably making it sound. If run into trouble, try asking a friend you trust to help you get TB installed.

They didn't hint what their OS is, so don't assume Linux. If you have to assume, assume the one with the most market share: Windows. Tar.xz will confuse most newbies. GPG is good to encourage but will definitely confuse and put off most newbies. Your file names aren't file names; they have slashes which denote folders, a path or a URL. Don't invent jargon like "location pane" when the overwhelming majority of people and help documents call it the "address bar". Include GetTor as an alternative. The rest looks good to me.

john clas (not verified) said:

April 20, 2019

Permalink

first time commenter....been playing with TOR for a short time and i like it. seems to have a nitch for what it does. one thing i have a hard time with as i am older, is the font sizes in the firefox url and tool bar areas. In the past i have used theme font and size changer and it really did the job for us vision-impaired folks. i hate to make system wide changes to fix this as i use other browsers also and dont want to change them...they use easy add-on fixes.
So is there any reasonably easy fix for this firefox problem or are we just left out.

Easy? Yes, the Theme Font & Size Changer is in the present. But I don't know if doing it will maintain privacy. Changing the browser's UI widgets can sometimes change values that are in your browser fingerprint. Tor Project cautions users who want to customize the browser and install other add-ons. There may be other ways of doing it, and the add-on may not affect privacy, but I personally don't know.

> one thing i have a hard time with as i am older, is the font sizes in the firefox url and tool bar areas.

You are not alone! I seem to have grown old using Tor :-) so I have similar issues.

Because Tor Browser is modified Firefox you can easily install Mozilla add-ons or plug-ins just like you would do with Firefox, and these will probably "work" like they do with Firefox. But there is a problem: installing plug-ins can make your Tor Browser more distinguishable from other Tor Browsers, i.e. you can become less anonymous.

I sometimes wish the TB team had the time and resources to test TB for usability with users who have some vision/hearing impairment, but at a time when Tor Project is fighting an existential battle with FBI/NSA/GCHQ/etc ("Going Dark"), we should probably accept that TP needs to have other priorities right now.

Anonymous (not verified) said:

April 20, 2019

Permalink

I'm getting an error when trying to connect to Tor on this Android app release on Android 4.4.4

  1. <br />
  2. - Set background service to FOREGROUND<br />
  3. - updating settings in Tor service<br />
  4. - updating torrc custom configuration...<br />
  5. - success.<br />
  6. - checking binary version: 0.3.5.8-rc-openssl1.0.2p<br />
  7. - Orbot is starting…<br />
  8. - Tor control port file not created<br />
  9. - Unable to start Tor: java.io.IOException: Control port file not created: /data/data/org.torproject.torbrowser_alpha/app_torservice/lib/tor/control.txt, len = 0<br />

I tried to navigate to this location manually with a terminal emulator but I did not have permission to enter the final part of the path. I could cd up to /data/data/org.torproject.torbrowser_alpha/app_torservice/ only. I suspect any attempt to create this file in the Java code might also be failing?

Lo (not verified) said:

April 23, 2019

Permalink

I did the latest Update for the TOR browser, now I cannot log into my proton mail account, it just spins and spins, then says "another page is making it slow", when I do not have anything else open. It is so frustrating, I need to get into my email. I have uninstalled and reinstalled 2 times, still the same issues. ???

Protonmail loads an entire encrypted interface in your browser using Javascript. Click "Wait" a few times. If it doesn't eventually complete, try lowering your security slider. Onion icon -> Security Settings.

Anonymous (not verified) said:

April 25, 2019

Permalink

Hello,
the last Tor Browser release for Android has not been uploaded yet on F-Droid. Is Tor Project relying on Guardian Project's repo? Or do you have your own and I missed something?

Cheers

randomguyorgirl (not verified) said:

April 25, 2019

Permalink

torbrowser currently unusable, suspect italian guard node is deliberately sabotaging traffic by restricting it to a trickle of bytes

AEM (not verified) said:

April 25, 2019

Permalink

When I start the installation of English (en) - 32-bit (https://decvnxytmk.oedi.net/dist/torbrowser/8.0.8/torbrowser-install-8.0…), it asks to choose between 2 languages ONLY (Arabic and Persian) although I clearly choose the English version, and the file indicates that it is an en_US version. It does the same when I choose the Arabic version, it asks to choose between the 2 same languages. I realize that it is reading the region and languages that I have installed, but It's very inconvenient for me cause I want to install it in English. Please look into this as I can't update to that version (or any new version if it keeps doing that) until that issue is fixed, thanks for your efforts.

It should show you quite a bunch of locales, regardless of your region (although it might make an educated guess and offer you one as the first option based on your desktop environment).

That said this is quite puzzling and you are the first one reporting this behavior. Some questions:

1) Does this happen with the 64-bit version as well (I hope you can run that one)?
2) Does it happen with older versions, too? If not with all older versions, could you pinpoint the one where this behavior started? You can find older versions here: https://archive.torproject.org/tor-package-archive/torbrowser/.

AEM (not verified) said:

April 30, 2019

Permalink

Thanks for your reply gk,

No, it only shows those 2 languages only (Arabic and Persian), I do speak Arabic and my locale is set to Arabic, but I don't know Persian, so I would understand that Arabic is given as a choice, but why Persian and not English?

To answer your questions:

1- I did download the 64-bit version, but not installed it yet as I don't use it much, this is happening on the 32-bit system which I use 24/7, and it shouldn't because as I pointed out it is the En_US version that I chose to download 1st, when that issue happened, I tried the Arabic version thinking maybe the files are cross-linked by error, but it gave me the same 2 languages choices.

2- I currently have version 8.0.3 installed and running fine in English, I haven't downloaded any versions between that and 8.0.8, so I will try to install the versions in between and reply to you.

Thanks, really appreciated. Regarding the 64-bit version: no need to install it if you need, just click on the installer and start it to see whether the locale issue is the same as with the 32-bit bundle or not.

AEM (not verified) said:

May 03, 2019

Permalink

Ok, this issue is only happening with all the 32-bit versions, even with v 8.0.1 which I still have, only those 2 languages options are given, this is new and weird since I installed 8.0.1, 8.0.2, and 8.0.3 before in English, but now all 32-bit versions only shows those 2 languages options.

On the 64-bit system, they give me all the languages options, and I just upgraded from 8.0.3 to 8.0.8 in English, so I ran the 32-bit installer on the 64-bit system to see what happens, and it does the same thing, only those 2 languages are given which is puzzling!

I'm scratching my head to what is causing this issue on the 32-bit versions (on both systems), and why now when there were a lot of languages options before!

Did you try to reproduce that issue on your end? Is the same issue happening, or is it just me?

It can't just be my systems, since it's happening on both the 32-bit and 64-bit, right?

Also, on the 64-bit system, I have noticed that when running the x64 installer (any version) it creates a *.tmp folder in the temp folder, in that *.tmp folder there are 2 file created during the installation process (langDLL.dll and system.dll).

That does NOT happen when I run the x86 versions on the x64 system.

I am sure that could be the issue, that langDLL.dll file is the key to choosing which language is chosen during installation. I need a developer to confirm this is what is causing the problem.

Thanks for your assistance.

Pasha (not verified) said:

April 26, 2019

Permalink

I use Tor Brawser for Android(Alfa).Taken from the Play Store.
Works well,BUT THERE is ONE BIG PROBLEM WITH a VERY IMPORTANT WEBSITE!
All sites open fine EXCEPT ONE.
From ~50-80(!) trial downloads site,TOR comes to www.important.website only 1-2 times... And at a very slow speed. Site loading is promoted only by 10% and stands still.Then he writes: "The connection has timed out
The server at important.website is taking too long to respond.
The site could be temporarily unavailable or too busy. Try again in a few moments.
If you are unable to load any pages, check your mobile device's data or Wi-Fi connection."
This situation with the website www.important.website not only me,but ALL TOR USERS.

I tried ALL kinds of bridges,made their request on the site - it's useless.

WHAT COULD IT BE???
The reason???
What exactly is tor or the site www.important..website wrong???
Can I change something in Togh to have a normal loading of the site? Please try personally to go to www.important.website with their Togas and tell the result.
I will be grateful for any help and advice!
Thank you!

It seems the site is somehow misconfigured or blocking Tor (fwiw: i replaced it with "important.website" to not leak that information). Alas, that's nothing we can fix on our side. Please contact the owner of that website to get that resolved on their end.

> I tried ALL kinds of bridges

Websites don't see your bridge or guard node. They see your exit node. There was nothing wrong with your bridge or guard node if all other sites were opening fine. In your situation, the problem could have been either the exit node or the website. But you tried other exit nodes, so the problem is the website, not you or Tor.

https://jqlsbiwihs.oedi.net/#censorship-2
https://2019.decvnxytmk.oedi.net/docs/faq.html.en#GoogleCAPTCHA

What is happening in that case? Like how does that render Tor unusable? Do you have a way to crash Tor in a reproducible fashion so that we can reproduce that bug (and investigate the Tor crashes)? If so, what are the steps for that?

Anonymous (not verified) said:

April 29, 2019

Permalink

Tor Launcher asks to Restart Tor, but it crashes again and again. You can crash tor.exe manually to test.

Anonymous (not verified) said:

April 27, 2019

Permalink

switching from built-in bridge to bridgedb doesn't work on Windows!
Tor WARN: Failed to find node for hop #1 of our path. Discarding this circuit.

Anonymous (not verified) said:

April 29, 2019

Permalink

This version. It is reproducible, but, probably, you need to select 'This computer goes through a firewall' as well....

Anonymous (not verified) said:

April 29, 2019

Permalink

that's fine for bridgedb, but moat gives you one bridge only, and what to do if it doesn't work?

Anonymous (not verified) said:

April 27, 2019

Permalink

trying to connect via bridgedb's bridge ends with nothing, but:
Tor NOTICE: Application request when we haven't used client functionality lately. Optimistically trying known bridges again.

Feature Request (not verified) said:

April 27, 2019

Permalink

What I am missing in TOR-browser is "middle-click-open" in Linux. (First select text and then paste it by middle-click.)

I would use it to open a link from my text-based reader. It is possible to middle-click-open by clicking the "info-icon" in front of the address bar. But where to click if there is no page open (then there is no info-icon).

I start TOR-browser using empty page and thus have no info-icon where to click.

I propose to make the big "+"-sign of new tab to be middle-clickable like it is in Opera-browser.

Middle-click paste works for me between Tor Browser and other programs, but you want middle-click open which is dangerous if done by accident. See bug ticket #10089. Developers of Mozilla Firefox patched it in Firefox in 2017.

Middle-click behaviors are configuration options between user-level programs and your OS. As far as Tor Browser goes, it's based on Firefox, so search for Firefox's preferences. Open a new tab in Tor Browser, and visit "about:config". Click "I accept the risk." In the search box there, type "middle" for example. You'll see one of the preferences named "middlemouse.paste" which is default true. Another named "middlemouse.contentLoadURL" is default false. "contentLoadURL" is the preference to open what is in your clipboard. Do web searches for these preferences for more information. To enable middle-click-open and accept its dangers, toggle "middlemouse.contentLoadURL" to "true".

Thank you for uncovering that "contentLoadURL = false" does not affect middle-clicking on the "Show site information" icon in the address bar in front of a loaded URL. Tor Browser developers, take a look at that.

Interesting. I am not sure whether we should block the "i" behavior here as well as we set the pref to "false" to prevent _accidentally_ leaking information. However, it seems to be pretty hard to accidentally hit the "i" icon and have a URL on the clipboard and middle-click. If you feel strongly, though, please open a bug (bonus points for actually opening a bug at Mozilla's bug tracker to get that on their radar).

Anonymous (not verified) said:

April 28, 2019

Permalink

Tor WARN: Failed to unlink C:\Tor Browser\Browser\TorBrowser\Data\Tor\unverified-microdesc-consensus: Permission denied

Okay, which Tor Browser version are you using? I suspect Tor Browser 8.5a11? If so, could you test whether you see the same problem with the current stable Tor Browser (8.0.8) downloaded from our website?

M R (not verified) said:

April 28, 2019

Permalink

I've been unable to find the version control, or even source code for "Tor Browser for Android". I believe it is derived from MPL-licensed source code, is it not?

3.2. Distribution of Executable Form

If You distribute Covered Software in Executable Form then:

such Covered Software must also be made available in Source Code Form, as described in Section 3.1, and You must inform recipients of the Executable Form how they can obtain a copy of such Source Code Form by reasonable means in a timely manner, at a charge no more than the cost of distribution to the recipient; and

Anonymous (not verified) said:

April 29, 2019

Permalink

still have the same issue with this release as well, the only difference is that there is no crash popup message from android, instead the tor settings page is white and torbrowser freezes. not a significant difference, I only have to terminate torbrowser manually now when its stuck in that white page.

https://trac.torproject.org/projects/tor/ticket/29982
https://vbdvexcmqi.oedi.net/comment/280338#comment-280338 (original thread)

Could you jump on that Trac ticket and help us tracking the issue down? Otherwise I can try to give you instructions to get us the necessary info here in the thread (that has the disadvantage, though, that a lot of the devs would miss that conversation).

Micio (not verified) said:

May 03, 2019

Permalink

After updated last version on Android, addons like Noscripts and Httpeverywhere are detected by Mozilla as corrupted. Even if I tried reinstalling them ,they are blocked. Else Tap to Translate addons and Spoffing User Agent. So using a simple check browser, the site reported everything about my system. BROWSER ,AND MOBILE DIVECE. ANONIMYTE AND PRIVACY ARE FUCKED WITH THIS LAST VERSION ON ANDROID. SORRY.

Anonymous (not verified) said:

May 03, 2019

Permalink

13:44:13.793 TypeError: event.originalTarget.getAttribute is not a function 1 tabbrowser.xml:1977:13
onxblmouseout chrome://browser/content/tabbrowser.xml:1977:13

Anonymous (not verified) said:

May 03, 2019

Permalink

After opening the TorBrowser, I get the following message: "NoScript could not be verified for use in the Torbrowser and has been disabled."

I`m using macOS Mojave 10.14.4

makk (not verified) said:

May 04, 2019

Permalink

Why was the NoScript extension disabled in my Tor Browser? It says that NoScript is obsolete and no longer supported by Tor Browser.

Anonymous (not verified) said:

May 04, 2019

Permalink

I just installed TBB 8.5a11 x64 bit to test a disabled Noscript problem that I discovered today in the stable TBB 8.0.8. The newer version of Noscript is also disabled in TBB 8.5a11. The hamburger>Add-ons>Legacy comment is the same as for TBB 8.0.8 x64bit: "Noscript could not be verified for use in Tor Browser and has been disabled". Scripts are being allowed in the safest security level. Twitter has previously failed to load in "safest", but has loaded in "safer". Now ... boom! It loads with security level set at safest. I wonder if this is a Mozilla problem. I'm using Windows 7 Pro x64bit. Thank you.

Sloan (not verified) said:

May 06, 2019

Permalink

When is Tor going to put out a fix that is going to stop the ddos attack from happening.
Currently there are many sites on the tor nework that are under heavy ddos attacks.

We need a solution, we need a patch....

WHen?