New Release: Tor Browser 9.0.1
Tor Browser 9.0.1 is now available from the Tor Browser download page and also from our distribution directory.
Tor Browser 9.0.1 is the first bugfix release in the 9.0 series and aims to mostly fix regressions and provide small improvements related to our 9.0 release. Additionally, we are adding a banner on the starting page for our fundraising campaign Take Back the Internet with Tor.
Known Issue
For each new release, two members from our team are building the release separately and compare the result to make sure that it is reproducible. For the 9.0 and 9.0.1 releases, however, an issue that we are still investigating is making our build not completely deterministic. As a workaround for this issue, we had to do multiple builds until we got matching builds. You might need to do the same if you are trying to reproduce our build.
Note: due to some delay with the signing, the Android version is not yet available. We expect to be able to publish the signed Android version in a few hours. Update: the Android version has been published.
ChangeLog
The full changelog since Tor Browser 9.0 is:
- All Platforms
- Windows + OS X + Linux
- Update Tor Launcher to 0.2.20.2
- Bug 32164: Trim each received log line from tor
- Translations update
- Bug 31803: Replaced about:debugging logo with flat version
- Bug 31764: Fix for error when navigating via 'Paste and go'
- Bug 32169: Fix TB9 Wikipedia address bar search
- Bug 32210: Hide the tor pane when using a system tor
- Bug 31658: Use builtin --panel-disabled-color for security level text
- Bug 32188: Fix localization on about:preferences#tor
- Bug 32184: Red dot is shown while downloading an update
- Update Tor Launcher to 0.2.20.2
- Android
- Bug 32342: Crash when changing the browser locale
Comments
Please note that the comment area below has been archived.
torbrowser-launcher…
torbrowser-launcher developer very bad. Must disable apparmor torbrowser.Browser.firefox for 9.01 upgrade for work.
sudo apparmor_parser -R /etc/apparmor.d/torbrowser.Browser.firefox
noscript and httpseverywhere plugin icon no show top bar. Please fix.
https://github.com/micahflee…
https://github.com/micahflee/torbrowser-launcher/pull/426
9.01 new bug. Not black…
9.01 new bug. Not black window bug. micahflee/torbrowser-launcher bad developer. micahflee/torbrowser-launcher bug not let 9.0 upgrade 9.01
micahflee/torbrowser-launcher still other bug. noscript and httpswhere icon no show on top bar with ubuntu apparmor. micahflee/torbrowser-launcher always lots bugs. Make bad look tor.
> still other bug. noscript…
> still other bug. noscript and httpswhere icon no show on top bar with ubuntu apparmor.
Are you sure apparmor is causing that? The icons for NoScript and HTTPS Everywhere were moved from the toolbar a long time ago. Open the 3-lines "hamburger" menu --> Customize --> Drag the icons you want into the toolbar.
Layman here, my Avira said…
Layman here, my Avira said it detected a trojan (TR/Crypt.XPACK.Gen3) in file qipcap.dll on updating. Kindly look into that!
>Avira detected a trojan (TR…
>Avira detected a trojan (TR/Crypt.XPACK.Gen3) in file qipcap.dll on updating to 9.0.1
Confirmed.
Could you lovely Tor developers please make sure to thoroughly scan all files with the major current virus scanners and make sure that everything is actually clean and also shows up as clean. You're completely ruining the reputation of Tor if you don't. Thank you
+1 Avira detected a trojan …
+1 Avira detected a trojan (TR/Crypt.XPACK.Gen3) in file qipcap.dll on updating to 9.0.1
Got the same avira message. …
Got the same avira message.
Is this a legit warning or not?
No.
No.
Anxious reports about a …
Anxious reports about a (false positive we presume) antivirus flag seem to be very common.
A post in this blog explaining how antivirus programs work and why they too often give a false positive for the latest version of Tor Browser might be helpful.
On a related point, someone said that if you DL TB from torproject.org, an antivirus flag should be a false positive which can be ignored, which reminds me of something I have been wondering about: how often to people DL "TB" (?) from a site other than torbrowser.org and why would they do that? Because censorship regimes prevent their reaching torproject.org?
> Anxious reports about a …
> Anxious reports about a (false positive we presume) antivirus flag seem to be very common.
Yes, unfortunately for many releases since the beginning.
> DL "TB" (?)
It means "download Tor Browser". (Also, TBB means "Tor Browser Bundle" which is technically the correct name and description of the combined package of tor.exe binary + browser application instead of simply the browser.) You asked good questions about other sites and censorship; I haven't seen them discussed. Users for whom this torproject.org website is censored are urged to use GetTor or a mirror.
> A post in this blog might be helpful.
We should point them to the Support FAQ and the Tor Browser manual:
If you want to help writing…
If you want to help writing such post for https://jqlsbiwihs.oedi.net/, here is the ticket:
https://trac.torproject.org/projects/tor/ticket/32456
> Could you lovely Tor…
> Could you lovely Tor developers please make sure to thoroughly scan all files with the major current virus scanners and make sure that everything is actually clean and also shows up as clean.
In an ideal world, this would clearly be a good idea. But in the real world, virus scanners cost money, as does developer time, and Tor Project does not have nearly as much money as it would in an ideal world. (If you happen to be a billionare, I guess you can help change that!)
> You're completely ruining the reputation of Tor if you don't.
I hope it's not as bad as that. I use Linux so am spared from worrying about antivirus (partly because in principle Linux is somewhat "immune" to viruses, partly because Linux security tools tend to lag behind--- hopefully because there is less need!) but you have my sympathy because I often feel frustrated by cybersecurity shortcomings. I try to keep in mind that cybersecurity is a process, not a state, and that we are all involuntarily engaged in an arms race. Some days we get a bit ahead, other days we fall behind.
We used to upload new Tor…
We used to upload new Tor Browser releases to https://www.virustotal.com/ which scans them with many anti-virus. However it's unclear whether that really helps. It allows us to see that some antivirus detect it as a virus, but then there is not much we can do to fix that. Some antivirus also flag as suspicious any program that has not been seen by many of their users. Maybe uploading to virustotal helps with that, but not sure how much.
Knowing what antivirus…
Knowing what antivirus researchers do with the files that get uploaded there, I'd be surprised if it didn't help false positives get fixed.
> partly because Linux…
> partly because Linux security tools tend to lag behind--- hopefully because there is less need!
Linux and BSD are basically developed by hackers -- as in the general tinkering definition of the word. I find that most people interested in bugs in Linux spend their time sharing their findings and actually fixing them precisely because it has a usually welcoming share-alike community that accepts their energy and reciprocates it for usually positive general interests. It's organic and inviting. Further, the licenses they and other free-libre open source developers invented have played a huge role in refining general attitudes and ideals over time.
+1
+1
I have the same issure…
I have the same issure. qipcap.dll = trojaner warning from program Antivirus.
My Avira too!
My Avira too!
xpack.gen3 warning too -…
xpack.gen3 warning too - both with the in-browser-update and (after deinstallation) via the German website CHIP - what's happening?
+1 Avira discovers xpack…
+1 Avira discovers xpack.gen3 in both the in-browser-update and new installation pack from German website CHIP - please react asap to reinstate credibility!
why have you released 9.0…
why have you released 9.0 and 9.0.1 if the builds are not reproducible? the point of building by two different persons is to not release anything and investigate if the builds are different
also you could consider having more than two people and two builds, two are easy to bribe
The build is still…
The build is still reproducible. The issue is that it can take more than one build to get a matching build. That's not ideal as it makes reproducing the build more difficult, but not releasing anything would not be a good idea as 9.0 includes important security fixes, and fixing the build issue is going to take some time.
As for having more than two people building, anybody is welcome to build the releases too.
> The issue is that it can…
> The issue is that it can take more than one build to get a matching build. That's not ideal as it makes reproducing the build more difficult, but not releasing anything would not be a good idea as 9.0 includes important security fixes, and fixing the build issue is going to take some time.
That makes sense.
Sometimes critical comments denigrating Tor devs seem to be over-reaching, which makes me think of an acronym similar to IRS but not IRS.
For me two things are a…
For me two things are a little inconvenient in TB9:
1. Cookie preference is no more in Tools | Options. Though you can still edit network.cookie.cookieBehavior manually, I think there are many users who disable all cookies by default and enable cookies temporarily only when they have to.
2. You can no longer open a new window as Blank page & go to your Home page by hitting the Home page button. This change has rendered the Home page button totally useless.
Thank you very much for your hard work. I'll keep trying to support you via donations etc.
1. If there really are many…
1. If there really are many users customizing their cookie permissions, they are making other users less safe and should be dissuaded. Cookies are enabled by default because many websites don't work properly without them. Many other patches such as first-party isolation have been developed and applied to mitigate most of the dangers of enabled cookies. More patches are coming soon for per-tab security levels. I think they include Javascript isolation. If you have ideas, please tell the developers.
2. Do you mean a New Window opens a page different from your Home button? I have never heard of them being different in any browser. If it was possible before, then it's from Firefox and Mozilla is who changed it. Tor Project most likely would not change that sort of thing. Be careful setting an uncommon URL because it could be noticed by exit eavesdroppers to discover your traffic in a new identity. Every site goes through a new circuit, so an uncommon URL probably is safe, but if a bug is found that makes it unsafe, it's better if chance favors Tor Browser's principles. The Home button was not rendered useless, it opens your home page at any time no matter what is open in your tab.
Orbot VPN is not working on…
Orbot VPN is not working on Android Oreo 8.1
Can you please fix that?
Am I correct in guessing…
Am I correct in guessing that Tor Browser 9.1 is immune to the following bug affecting Windows versions of Firefox?
arstechnica.com
Actively exploited bug in fully updated Firefox is sending users into a tizzy
Fraudulent tech-support sites cause Firefox to freeze while displaying scary message.
Dan Goodin
5 Nov 2019
No, I don't think Tor…
No, I don't think Tor Browser is immune to that bug. This is the Mozilla ticket:
https://bugzilla.mozilla.org/show_bug.cgi?id=1571003
Crap. Bad news but thanks…
Crap. Bad news but thanks for the link.
It's closed.
It's closed.
I opened https://trac…
I opened https://trac.torproject.org/projects/tor/ticket/32481 for this.
No it is not. www…
No it is not. www.distillvideo.com is currently showing the bug most times if you click anywhere on the screen, even the scrollbars, or the search box. Only way out is the Vulcan nerve pinch (Ctrl+Alt+Del)
Windows 10 1903 fresh…
Windows 10 1903 fresh install of 9.0 a week ago then updated to 9.0.1 several hours ago is running rock solid.
torbirdy update please
torbirdy update please
> Bug 21004: Don't block…
> Bug 21004: Don't block JavaScript on onion services on medium security
http://zsolxunfmbfuq7wf.onion/rc/
Warning: This webmail service requires Javascript! In order to use it please enable Javascript in your browser's settings.
Which security level are you…
Which security level are you using?
I can't reproduce this in the "Safer" security level.
hm, seems to work after the…
hm, seems to work after the restart
This might be related to…
This might be related to this issue:
https://trac.torproject.org/projects/tor/ticket/32362
very minor:http:/…
very minor:
http://yjuwkcxlgo7f7o6s.onion/
The connection has timed out
No circuit display (bcs it can't find a path), but some users are worrying.
That is https://archive…
That is https://archive.torproject.org Its onion was changed. Bookmark this: https://onion.torproject.org/
XHRGEThttps://www.torproject…
XHRGEThttps://decvnxytmk.oedi.net/projects/torbrowser/RecommendedTBBVersions
[HTTP/1.1 301 Moved Permanently 1729ms]
> Bug 32321: Don't ping…
> Bug 32321: Don't ping Mozilla for Man-in-the-Middle-detection
hah https://bugzilla.mozilla.org/show_bug.cgi?id=1538644#c0
> Bug 31764: Fix for error…
> Bug 31764: Fix for error when navigating via 'Paste and go'
mozilla seems to have a different fix...
Do you have more infos about…
Do you have more infos about this fix?
The link is in your ticket.
The link is in your ticket.
https://trac.torproject.org…
https://trac.torproject.org/projects/tor/ticket/32470
Thanks so much for fixing…
Thanks so much for fixing Bug 27307!
Bug 27268: Preferences clean…
"-pref("datareporting.healthreport.service.enabled", false); // Yes, all three of these must be set"
pref was removed, because now it is enabled unconditionally.
"pref("browser.fixup.alternate.enabled", false); // Bug #16783: Prevent .onion fixups"
remove
What makes you think so?…
What makes you think so?
This ticket did not remove the prefs only:
https://bugzilla.mozilla.org/show_bug.cgi?id=1234526
https://bugzilla.mozilla.org…
https://bugzilla.mozilla.org/show_bug.cgi?id=1234526#c2 didn't remove FHR.
https://reports.exodus…
https://reports.exodus-privacy.eu.org/en/reports/org.torproject.torbrow…
disable telemetry properly
The code is there, but it is…
The code is there, but it is disabled. Completely deleting all telemetry code is not something we are going to do.
Turn off MOZ_SERVICES…
Turn off MOZ_SERVICES_HEALTHREPORT https://searchfox.org/mozilla-esr68/source/toolkit/components/telemetry…
https://trac.torproject.org…
https://trac.torproject.org/projects/tor/ticket/32493
https://vbdvexcmqi.oedi.net…
https://vbdvexcmqi.oedi.net/comment/284653#comment-284653
NoScript now is 11.0.7 and…
NoScript now is 11.0.7 and still sucks!
Great stuff 9.0.1 …
Great stuff 9.0.1 ...... only one problem, it doesn't fucking work Blank screen, or a window that is transparent with nothing in it, I've tried to go back to a previous version 4 times but every time it keeps updating the damn thing. So what is going wrong?
Which version were you using…
Which version were you using before?
Does it work better if you do a new install of 9.0.1 instead of doing an update?
same - Fixed by adding/dev…
same -
Great. That was https://trac…
Great. That was https://trac.torproject.org/projects/tor/ticket/32215
after a quick look i noticed…
after a quick look i noticed the black dark theme, i had nothing against the purple one.
however since you guys have minimized the full window size there are white edges on the sides, those two i would happily and much appreciate to see as black rather than white. it really kills the eyes when sitting in the dark and the only white/light thing are those two edges.
the website theme itself is alright with green and purple :)
thanks in advance!
We have this ticket about…
We have this ticket about changing letterboxing color when dark theme is enabled:
https://trac.torproject.org/projects/tor/ticket/32220
me too
me too
> it really kills the eyes…
> it really kills the eyes when sitting in the dark
https://vbdvexcmqi.oedi.net/comment/284968#comment-284968
restart after this update:…
restart after this update:
Error: listener not re-registered 8 ExtensionCommon.jsm:2318:24
it's a new regression
it's a new regression
Why the duck it updates…
Why the duck it updates NoScript 11.0.7 to 11.0.4?
"For the 9.0 and 9.0.1…
"For the 9.0 and 9.0.1 releases, however, an issue that we are still investigating is making our build not completely deterministic."
Windows builds are not affected, because they're still -O2, right?
No, Windows builds have been…
No, Windows builds have been affected by this.
Oh shit, you mean we have…
Oh shit, you mean we have RUSTC_OPT_LEVEL=2 everywhere, so that all builds are still affected, right?
https://searchfox.org/mozilla-esr68/source/build/moz.configure/toolchai…
What if we enable LTO as in…
What if we enable cross-language LTO as in esr68, and it strips the non-deterministic parts?
https://bugzilla.mozilla.org…
https://bugzilla.mozilla.org/show_bug.cgi?id=1486042
lowering to -O1 has…
lowering to -O1 has implications: https://searchfox.org/mozilla-esr68/source//build/moz.configure/toolcha…
George here, my Avira also…
George here, my Avira also said it detected a trojan (TR/Crypt.XPACK.Gen3) in file qipcap.dll on updating. What about this?
I watch youtube's video over…
I watch youtube's video over https://invidio.us. When I have security lever "SAFER" cannot view the video.Noscript unblock invidio.us site but do NOT unblock from youtube.com
For watching videos, you…
For watching videos, you might want to look at Tails (see tails.boum.org), a free open source Linux distribution which provides current Tor Browser and many other useful things in an amnesia way. I think this may provide a significantly safer way to watch videos or do anything else which possibly requires dropping to "Standard" setting in Tor Browser.
(I am not affiliated with either Tails Project or Tor Project, but I use both Tails and Tor Browser.)
> Noscript unblock invidio…
> Noscript unblock invidio.us site but do NOT unblock from youtube.com
I don't understand what you mean. Is that an observation or a request? Anyway, Invidio simply embeds videos from googlevideo.com, AKA YouTube's CDN. In NoScript, you have to allow "media" from invidio.us and googlevideo.com. Hamburger menu -> Customize -> Drag the NoScript icon to your toolbar. -> Refresh an invidio player page. -> Click the NoScript icon -> Click "Temp. Trusted" for both sites, or click "Custom" and allow "media" for both sites.
NoScript's click-to-play…
NoScript's click-to-play blue popup might not allow them to play because its Options enable "Cascade top document's restrictions to subdocuments." On youtube.com, you only have to enable "media" for youtube.com. But on domains that embed youtube videos, you have to enable "media" on the first-party domain. Click-to-play might not offer an option for the first-party domain and therefore be misleading and not work.
> Click-to-play might not…
> Click-to-play might not offer an option for the first-party domain and therefore be misleading and not work.
I just had that happen on a different site. This is important, developers. "Cascade top" and click-to-play are incompatible when media is embedded. Click-to-play should allow the embedded third-party and first-party together if "cascade" is checked. It doesn't play unless you allow both parties.
about:tor crashes Tor…
about:tor crashes Tor Browser 9.0.1 on Windows:
"Gah. Your tab just crashed. We can help! Choose Restore This Tab to reload the page."
I have same problem, is…
I have same problem, is there a fix?
I think we don't know about…
I think we don't know about this issue.
Is this an issue that is new with version 9.0.1, or did you have it with previous versions too? Is it an issue that happens every time you open the browser, or only sometimes? Do you have the issue on other pages than about:tor?
Also, are you using the en…
Also, are you using the en-US browser, or an other locale?
this happens everytime i…
this happens everytime i open tor on every page. it should says "Gah, your tab just crashed"older version works fine but as soon as i update to this version it gives out error.
Which version of Windows are…
Which version of Windows are you using?
https://searchfox.org…
https://searchfox.org/mozilla-esr68/source/browser/config/mozconfigs/wi…
just navigator.userAgent …
just
navigator.userAgent
"Mozilla/5.0 (X11; Linux x86_64; rv:68.0) Gecko/20100101 Firefox/68.0"
8.0 bug
fix https://trac.torproject.org/projects/tor/ticket/28290
Why should Tor Browser…
Why should Tor Browser report the real OS to sites? In terms of privacy, it doesn't make sense, and I don't care if the GNU/Linux "market share" "shrinks" as a result of more protection against fingerprinting.
May someone please answer…
May someone please answer about "Trojan Positive" in this release? I've tested on VM in Ubuntu, with two pro AV, both gave the same result.
Tested on VM - Windows10 - Avira AV - Detected Trojan on - "qipcap.dll"
Tested on VM - Windows7 - Norton AV - Detected Unsafe File -"qipcap.dll" (norton didn't detected as trojan, but as unsafe file, which mean it could be false-positive, or not...)
Many users have reported this but still no answer from anyone, and there are many answers on less important questions. This is something that should be tested and explained to users why it's happening, if that is false positive then why. As someone said, this totally ruin a TOR reputation, and I am sure nobody want's that. Thanks for your time and hard work to keep the online privacy possible for regular users.
"if that is false positive…
"if that is false positive then why"
false positive
because AV is a piece of crap
"but still no answer from anyone"
because they are tired answering stupid questions
same security warning with…
same security warning with me. Avira sanitized qipcap.dll. Trojan or false positive?
If you downloaded Tor…
If you downloaded Tor Browser from the torproject website, then this is a false positive. Some antivirus consider that files that have not been seen by a lot of users are suspicious.
Please bring back the "Do…
Please bring back the "Do not check for updates"
Very tired of having to rebuild a previous version thanks to bugs in latest release e.g. Noscript does not work in 9.01
It should be possible to…
It should be possible to select in the preferences: "Check for updates but let you choose to install them".
Do you have more details about the noscript issue?
I have checked the…
I have checked the preference for "Check for updates but let you choose to install them".
Tor still automatically installs 9.01, and wipes out all my settings as well.
"should be possible to…
"should be possible to select in the preferences: "Check for updates but let you choose to install them"."
Is 9.0.1. still Phoning Home everytime you open the Preferences menu?
When yes this would be .....very ...inconvenient.
If you really wan#T to bring…
If you really wan't to bring back "Do not check for updates",
"Check for updates but let you choose to install them" is in NO way
the same.
Everytime the user is opening about:preferences/Tools->Options, 'Security Level',
TBB is phoning home! This isn't funny. Do you wanna have the user is trusting you?
The same s..t you have with vanilla Firefox.
+1 - "Do not check for…
+1 - "Do not check for updates" much appreciated.
i don't wanna ping you every launch of TBB!
i've tried different settings in about:config and there's still this update prompt.
how to disable TBB version check?
extensions.torbutton.versioncheck_enabled;false does not work!
See how Tails is disabling…
See how Tails is disabling the updates:
https://redmine.tails.boum.org/code/projects/tails/repository/revisions…
"See how Tails is disabling…
"See how Tails is disabling the updates"
Ok -i hope it works.
But, why torproject and Mozills Corp. think all Torbrowser users, all
Firefox users want to ping yourand their servers, everytime they open Options
or 'About Tor Browser'?
Without loosing trust because it's US-software under US-law?
Can you explain that, why there is no simple No Update option? Logically(-:?
You can read the discussions…
You can read the discussions in the mozilla ticket where they implemented this:
https://bugzilla.mozilla.org/show_bug.cgi?id=1420514
+1: how to?
+1: how to?
>Can you explain that, why…
>Can you explain that, why there is no simple No Update option? Logically(-:?
>You can read the discussions in the mozilla ticket where they implemented this
Clap, clap (-:, i have read it. If the distributors don't want explain, don't want discussion, they shouldn't pretend they wan't.
They don't want because there is NO logical explanation why users should accept they have no choice. Manually update shouldn't be sport.
The spirit of Tor - you should know this. It is not much space between trust and distrust.
We did not decide to remove…
We did not decide to remove this option. Mozilla did it, and they explained why.
I don't really like it myself, but there are still some ways to do it, although not as easy as before. I think it's not perfect, but we don't have unlimited time, and already many other things to work on, so if someone who think that's important wants to spend the time to investigate this and document the best way to do it, then that would be useful.
ok, i surrender. i've copied…
ok, i surrender.
i've copied an edited pref.js file into .../tor-browser_en-US/Browser/TorBrowser/Data/Browser/profile.default
before firstrun of a TBB 9.0 and tried to disable 'check for updates' with this varying settings:
user_pref("app.update.auto", false);
user_pref("app.update.disabledForTesting", true); boolean; DOES NOT EXIST in TBB 9.0
user_pref("app.update.doorhanger", false);
* user_pref("app.update.enabled", false); boolean; DOES NOT EXIST in TBB 9.0
user_pref("app.update.url", "https://non-existent.org"); or "/dev/null"
* user_pref("app.update.url.details", ""); or "/dev/null"
* user_pref("app.update.url.manual", ""); or "/dev/null"
* user_pref("extensions.torbutton.versioncheck_url", ""); or "/dev/null"
* user_pref("browser.policies.testing.disallowEnterprise", false);
there is no update prompt anymore but still showing the
'Update to 9.0.1' button in about:preferences and the best:
it downloads (!) the update from somewhere even if ALL urls in about:config are deleted.
is there a hidden fallback url or WHAT IS IT that still checks and even downloads an update?
exact advices please!
NoScript does work on 9.0.1…
NoScript does work on 9.0.1 but it is not displayed on toolbar and has to be added manually
Xpack.gen3 discover in…
Xpack.gen3 discover in update by several antivir applications!
хорошее обновление
хорошее обновление
Where are my bookmarks, I've…
Where are my bookmarks, I've tried all the steps that are supposed to restore them, I can't even restore from a back up
Open hamburger menu -->…
Open hamburger menu --> Library --> Bookmarks --> Show All Bookmarks (Ctrl+Shift+O). Click things in the folder tree to find them after you restored. Restoration does not put them in the normal places so you can edit/merge them as you wish. Or are you talking about Android?
Hey Tor Project, i'm french…
Hey Tor Project, i'm french.
Your wallpaper take back the internet with Tor & theme are ++++ beautifull!!
Thank for the général évolution of Tor!
French user
There seems to be a bug…
There seems to be a bug where launching tor from the gui shortcut in Ubuntu hangs for the longest time. Sometimes as long as 10 minutes before the connection dialog begins. It's affected me since at least 2 or 3 updates ago.
Do you mean Tor Browser? …
Do you mean Tor Browser? "Tor" (capital T, the network), "tor(.exe)" (the network daemon), and "Tor Browser Bundle" are different things. Did you install Tor Browser from torproject.org? (Don't use tor from Ubuntu's repository.) Are you trying to use the torbrowser-launcher package? Did you configure to connect through a bridge that could be down? Is your network known to censor traffic? Are applications besides Tor Browser having the problem?
AFTER RENAME FOLDER - TOR…
AFTER RENAME FOLDER - TOR BROWSER NOT WORK!!!
We have this ticket for this…
We have this ticket for this issue:
https://trac.torproject.org/projects/tor/ticket/27604
This should be fixed in the next alpha.
Why sometimes using Tor…
Why sometimes using Tor Browser, it's window size suddenly change? Please fix this.
Do you have some steps we…
Do you have some steps we can use to reproduce this issue ?
I've seen the same thing a…
I've seen the same thing a few times while using Tor Browser 9.0 in Tails 4.0.
Kinda irreproducible but it seems to happen when I am trying to click on some button or something and just miss, possibly causing an almost invisible change in window size which possibly (?) invokes letterboxing. I am seeing only a slight *decrease* in window size.
That sounds possible if the…
That sounds possible if the button/link is at the edge of the webpage content, and the window is accidentally made larger or smaller.
If that is the reason, it…
If that is the reason, it could be related to this:
https://trac.torproject.org/projects/tor/ticket/32308
I had to manually install…
I had to manually install the noscript browser extension to use noscript. Should this have been necessary and why was Noscript removed from the new tor release?
noscript is still included…
noscript is still included. What has been removed is the toolbar button, as not all options from this button are safe to use. It is however possible to add it back by selecting "Customize" in the hamburger menu.
We have some plans to implement per-site security settings support which should remove the need for the noscript button:
https://trac.torproject.org/projects/tor/ticket/30570
Which options are not safe…
Which options are not safe and why?
Could I request that, if you or your colleagues are going to state such things, esp. warnings, in the future could you/they expand on what they are saying so that users are better informed and can take action?
Thank you
> in the future could you…
> in the future could you/they expand on what they are saying so that users are better informed
The post for version 8.5(.0), when NoScript's icon was hidden, did not contain a paragraph explaining where the icons had gone, so it ended up being repeatedly discussed in comments in every release post since version 8.5. It was mentioned in an onboarding card inside Tor Browser, the "What's New" circle icon on
about:tor
that many users don't notice or read. During development (Bug 25658), antonela repeatedly brought up the need to inform users but appears to have been forgotten. From this lowly user, thank you, unsung antonela.The "about:tor" page crashes…
The "about:tor" page crashes even on fresh install of Tor Browser 9.0.1 on Windows 10 Release 1903 32-bit :
"Gah. Your tab just crashed. We can help! Choose Restore This Tab to reload the page."
Sadly Tor Browser has become really frustrating :
network.http.referer.XOriginPolicy = 0
!Did you have this issue in…
Did you have this issue in previous versions of Tor Browser, or is it new with 9.0.1?
Crash is new to 9.0.1, right…
Crash is new to 9.0.1, right after update, fresh install (new profile) also crashes. I didn't encounter any crash on 9.0.
versions prior to 9.0 YES…
versions prior to 9.0 YES were translated into Spanish
> Permanent letterboxing,…
> Permanent letterboxing, when Firefox does it right, only on page load.
Where does Firefox do any letterboxing whatsoever? I don't see
privacy.resistFingerprinting.letterboxing
in the most recent version 70.0.1 at all.> Obscure management of cookies.
Cookie preferences affect the browser's fingerprint but also collateral damage. The functionality of many websites depends on cookies even more than JavaScript. In the Preferences UI, "Cookies and Site Data" management buttons are there, identical to Firefox, for advanced users.
> Low privacy settings, example: network.http.referer.XOriginPolicy = 0!
That is the default in Firefox. Tor Project may have left it alone if its other values cause collateral damage, but I don't know their reasoning. Unfortunately, some login forms and other functionality of some websites depend on cross-origin referer headers. I don't know if patches were created that lower the risk.
> NoScript is garbage and has an awful UI. Should be replaced with uBlock Origin by default.
Its UI was forced to change a long time ago because of Mozilla's move to WebExtensions. Its important features from before are all there. Its menu sometimes is a little slow to render, but I don't have any major dislikes of it.
> NoScript and HTTPS Everywhere icons are hidden by default on fresh install.
That's because customizing them gives your traffic a unique fingerprint, so doing so is for advanced users. NoScript in particular has always been complicated and confused newbies who are better served by changing the security level.
because versions 9.0 and 9.0…
because versions 9.0 and 9.0.1 on android are not translated into Spanish..?
My proxy settings are…
My proxy settings are getting reset with every manual update. Slightly annoying.
> qipcap.dll Avira The…
> qipcap.dll
Avira
The definition file was updated, and it was determined that there was no problem.
Thank you! I wish you had…
Thank you! I wish you had replied to the first virus comment, though, so people would see you.
Bring back do not check for…
Bring back do not check for updates! I don't want to be reminded of a new version every 5 minutes!
Tell that to Mozilla. Tor…
Tell that to Mozilla. Tor Project wasn't involved. According to about:config, the most frequently it prompts you is once every 3600 seconds (1 hour).
To disable all reminders of updates,
https://support.mozilla.org/en-US/questions/1197474
app.update.silent;false
Or to disable certain types of reminders,
app.update.badge;false - for the green dot on the 3-bar menu icon
app.update.doorhanger;false - for the Yes/No prompt that drops down from the menu icon
Thanks
Thanks
Hey, EFF consistently…
Hey, EFF consistently forgets to update https://www.eff.org/files/https-everywhere-updates.json
I have a somewhat disturbing…
I have a somewhat disturbing issue with NoScript.
I don't like it's not automatically in the browser tab so after setting Tor's security to high it's always my second step to customize it that way.
Lately though it disappeared from there all of a sudden after a restart, was obviously disabled even though Tor was set to high security and it's icon nowhere to be found in the customizer, so I had to install everything completely anew. The same happened already with 9.0 once. I'm on a linux system if that is a factor.
In that regard, I've found the security level button to be completely insufficient in indicating the security status of Tor. It's just a little bit of different gray at the border of one's field of vision. Easy to overlook. Maybe it could be changed to a colored traffic light-like system, though in my case it would've probably not helped at all so this is more a general suggestion.
In any event I would suggest moving back the NoScript button to the browser tab by default so there's no ambiguity here if it's just an issue with customization or worse should it be missing. I really think routines are extremely important here since I didn't notice for some minutes it wasn't there anymore. In fact I noticed only because the site I was surfing was obviously displaying elements not possible with Java script disabled.
Please consider the matter and thanks for reading.
> and it's icon nowhere to…
> and it's icon nowhere to be found in the customizer
Did you accidentally right-click on its icon --> Remove Extension? Did you accidentally drag it into the overflow ">>" menu? Was it still listed in the hamburger menu --> Add-ons --> Extensions where it should always be? Please continue monitoring it for steps to reproduce it and details to report if it happens again. Thank you.
> It's just a little bit of different gray at the border of one's field of vision.
Is it that hard to rotate eyeballs a few degrees to look at it straight on for a split second? The different shadings take up most of the icon's visual size. Colors have been proposed several times in years past but are more ambiguous in meaning and have accessibility issues for colorblind users.
> I would suggest moving back the NoScript button to the browser tab by default
It was hidden in 8.5 because it's complicated and confused or, worse, endangered newbies. Advanced users can drag it back.
Error when using Tor-bridge…
Error when using Tor-bridge DB request, when using TB 9.0.1 with torbrowser-launcher v0.3.2, running at Debian 10.1
Tor Network Settings about:preferences#tor
[x] Tor is censored in my country
○ Select a built-in bridge
● Request a bridge from torproject.org
[Request a Bridge...]
After pressing the request button:
Error message:
Unable to obtain a bridge from BridgeDB.
Failed to execute command "/home/$USER/.local/share/torbrowser/tbb/x86_64/tor-browser_en-US/Browser/./TorBrowser/Tor/PluggableTransports/obfs4proxy"
Do you have an error if you…
Do you have an error if you run this command from the tor browser directory?
./Browser/TorBrowser/Tor/PluggableTransports/obfs4proxy --help
TB on Android 9 System…
TB on Android 9
System language is German but TB settings etc. are in English except the one setting "Sicherheitseinstellungen" (where you find the Security Slider. The Slider options are in German too). Everything else is in English. Problem since TB 9.0.
Even if I change the language in the settings from "System default" - which is German - TB 9.0.1 is still in English.
This problem doesn't occur on Linux and Windows. Android only.
This looks similar to this…
This looks similar to this ticket:
https://trac.torproject.org/projects/tor/ticket/32365
Is it possible that making a…
Is it possible that making a SSL bridge which based on source code of Openconnect & Ocserv?
I am Roxie trying to reach…
I am Roxie trying to reach the dark web. I am on an Android phone and i just cant figure it out. Needing help
"reach the dark web" doesn't…
"reach the dark web" doesn't really mean anything. The dark web is mostly a myth, not something you can "reach".
If what you want to do is use Tor to browse the web, then you can follow the links on https://decvnxytmk.oedi.net/download/#android to install Tor Browser.
"Dark web" is a…
"Dark web" is a fearmongering term mostly used by willfully ignorant non-techie reporters who are not properly doing their jobs, because they are not fact-checking government punted misinformation.
You probably mean that you want to use Tor on your Android phone to visit "onion sites" (formerly called "hidden services sites"), which can only be reached via the Tor network, which you can join by downloading, installing, and using Tor Browser.
A few points to bear in mind:
o "Tor Browser for Android" may not work with older or cheaper Android phones
o only download it from torproject.org
o verify the detached signature with GPG if at all possible
o only use the latest version
If you also have a laptop or desktop, you may also want to consider using the latest version of Tails. Unfortunately Tails is not available for smart phones but it enables you to boot a computer with a 64 bit CPU from a DVD or USB. Tails is an "amnesiac" operating system which comes with Tor Browser and much more useful software. It provides extra protections while using Tor Browser so it is a good tool for anyone who is politically active, a government official, scientist, doctor, lawyer, journalist (or maybe I should say: who requires oxygen, water, or food in order to continue to exist). See tails.boum.org.
And speaking of onion…
And speaking of onion services, Tor Browser includes the DuckDuckGo search engine's optional onion service. Here are some more to get you started:
https://trac.torproject.org/projects/tor/wiki/org/projects/WeSupportTor
https://onion.torproject.org/
11.0.8: [NoScript] Policy…
11.0.8:
[NoScript] Policy was undefined, retrying in 1/2 sec...
I am new to Tor. Could you…
I am new to Tor. Could you tell me if it is able to block ad's on websites I'm viewing please?
Welcome! Yes, Tor Browser is…
Welcome! Yes, Tor Browser is able to block some ads and trackers if you click the shield icon to raise the security level. It is not bundled with a normal type of adblocker. Please read the Tor Browser User Manual as well as the Support FAQ and Documentation pages linked in the top header of torproject.org. Near the top of the Documentation page, you can find the old Overview and old General FAQ.
Tor was running fine. Now…
Tor was running fine. Now when i open Tor all i get is 'Gah! Your tab just crashed'. I uninstalled, reinstalled Tor. Problem still exists every attempt to use Tor.
We have this ticket to track…
We have this ticket to track this issue:
https://trac.torproject.org/projects/tor/ticket/32454
I am getting error "firefox…
I am getting error "firefox.exe"
"Te application was unable to start correctly (0xc000007) Click OK to close the application"
Does this mean the Tor Browser 9.01 is not portable anymore?
I am running Windows 7
I tried both
torbrowser-install-9.0.1_en-US
and torbrowser-install-win64-9.0.1_en-US
Tor Browser 9.0.1 is…
Tor Browser 9.0.1 is supposed to work on Windows 7.
A possibility is that a missing Windows update is causing this issue. At least that's what searching this error in a search engine seems to indicate. You can try to install the latest Windows updates if they are not installed yet.
Someone mentioned that Avira…
Someone mentioned that Avira is a piece of ....
Please can you recommend a good Antivirus.
maybe Windows Defender? read…
maybe Windows Defender? read about its reputation!
It's not that Avira isn't…
It's not that Avira isn't good, per say. When this happens, it's usually the case that the Tor Browser version was too new for scanners to recognize it. A few days after this version was released, the scanner providers updated their virus definitions and found that Tor Browser, while it may contain what looks like it could be something suspicious to a heuristic scanner, is actually clean. Its first incorrect reaction is called a "false positive". Most of the time, it is resolved simply by waiting a few days and then scanning it again. Regardless, it is recommended to always verify Tor Browser's cryptographic signature for integrity and authenticity which you can do immediately.
If you still want to change you scanner, look at professional research comparisons of them:
https://www.av-comparatives.org/
https://www.av-test.org/
https://www.virusbulletin.com/testing/
Request to access cookie or…
Request to access cookie or storage on “https://....” was blocked because we are blocking
all third-party storage access requests and content blocking is enabled.
...many websites still not loading properly, especially thumbnails are missing.
This looks like:https://trac…
This looks like:
https://trac.torproject.org/projects/tor/ticket/32238
image.http.accept ; */*…
image.http.accept ; */*
image.webp.enabled ; false
...seems to be the solution.
How can I configure settings…
How can I configure settings (torrc) for strict exit country?
It is not recommended to…
It is not recommended to select your exit countries.
That being said, find the manual:
you could try to RTFM - or -…
you could try to RTFM - or - if you followed this blog you would have stumbled upon this:
https://vbdvexcmqi.oedi.net/comment/283682#comment-283682
add limited svg support on…
add limited svg support on safest as tbb has
SVGSupport: true
Why isn't this release…
Why isn't this release available for download on GitHub or GitLab?
How to join in anonymous
How to join in anonymous
Lurk moar. Don't feed the…
Lurk moar. Don't feed the trolls. Stay classy. Be an hero for great justice.
How can I export TBB's…
How can I export TBB's bookmark without internet? Before version run /tor-browser_en-US/Browser/firefox --safe-mode, but now can't
You can backup the SQLite…
You can backup the SQLite bookmarks database and later overwrite the database in Tor Browser when you want to restore from your backup. When you restore the backup, this procedure overwrites all bookmarks in Tor Browser with your backup copy. Tor Browser must be closed before these procedures, or the database file could become corrupted. I don't know of an easy way to export and import bookmarks by HTML in Tor Browser without internet.
Backup:
Close Tor Browser. Open the folder where tor-browser was installed. Go to
./Browser/TorBrowser/Data/Browser/
Copyplaces.sqlite
to a folder outside of the Tor Browser folder.Restore:
Close Tor Browser. Go to that folder inside the tor-browser folder. Copy your backup
places.sqlite
into that folder and overwrite the file there.Why not use the built-in…
Why not use the built-in functionality? Menu -> Library -> Bookmarks -> Show All Bookmarks [at the bottom] -> Import and Backup [at the top] -> Export Bookmarks to HTML...
because they said it wouldn…
because they said it wouldn't run (TB doesn't open) without internet. the library UI is not accessible.
please, raise the prio of…
please, raise the prio of https://trac.torproject.org/projects/tor/ticket/32238
seems to be a cloudflare crap again
When you open it in full…
When you open it in full screen, there are empty areas around the edges, how to remove them?
This is intentional. Please…
This is intentional. Please see the section "Letterboxing" on the 9.0 release blog post: https://vbdvexcmqi.oedi.net/comment/284595#comment-284595 and the reply here: https://vbdvexcmqi.oedi.net/comment/284595#comment-284595
There is weird gap on…
There is weird gap on borders if you resize the window.
https://send.firefox.com/download/a1aff537aced2415/#22XDeL5DV4X1Fc1WTOA…
https://postimg.cc/jCL0rJCF
The is the letterboxing…
The is the letterboxing feature. See the section about this in the 9.0 blog post:
https://vbdvexcmqi.oedi.net/new-release-tor-browser-90
Hello torproject, what's…
Hello torproject,
what's the reason for, everytime clicking on the Security level icon, want to see Optoins,
the tor Logs, the Tor Browser is Phoning Home to torproject. For what? Why? Is phoning home, telemetry the new must have?
What do you mean exactly by …
What do you mean exactly by "phoning home"? There should not be phoning home when changing the security level.
I'm not you(-: but i have…
I'm not you(-: but i have the same problem.
All updates within about:config are off but Torbrowser is phoning home in the same form to aus1.torproject.org .
Phoning home is ALL unwanting automated connection, all unwanted automatic updating to a server/machine you don't want and you can't switch it off. Switch it off without tricks, without hack the programm. Try to switch off all phoning home -unwanted telemetry- in MicrosoftWindows10, and you know what i mean with phoning home, hardcore.
Torbrowser/FirefoxESR should not going the same way. I am really not the only one who think so. A lot of professionals think so too, because its logic.
Tor Browser includes an…
Tor Browser includes an internal updater, and connects to aus1.torproject.org to find if an update is available.
"find if an update" Thats…
"find if an update"
Thats Ok when you want it, automated updating. But it's not you can't switch off. Normal browser interaction start this updating -not ok.
In other words, you all want…
In other words, you all want it to "phone home" as you call it, only when you tell it to phone home? There are too many misunderstandings here to sort through. Your traffic is mixed in the Tor network. It's not like regular internet routing. "Phoning home" implies sending your data to them, but it doesn't do that. The worst I see from it is a regular timed heartbeat through the exit relays that, if all exits in all countries are ever monitored by the same group which is not feasible anyway, could merely estimate how long that browser has been open and predict when the next beat will occur. The heartbeat looks exactly like everyone else's except shifted by a unique phase time. I don't know if its phase shifts when the browser starts a new identity or how much randomness is added by the browser, the Tor protocol, and the network. If it's triggered when the user opens the Preferences tab as comments said, that's more randomness.
Tor browser 9.0.1 is…
Tor browser 9.0.1 is connecting to:
firefox.settings.services.mozilla.com:443
It connects consistently to this address. Seems to be some kind of hardcoded telemetry. This needs to be fixed.
There is also a mozilla CDN connection that happens sometimes but couldn't copy url fast enough.
The connection to firefox…
The connection to firefox.settings.services.mozilla.com is to update the addons blocklist:
https://support.mozilla.org/en-US/kb/add-ons-cause-issues-are-on-blockl…
See this comment for a description of the Mozilla services Tor Browser connects to:
https://trac.torproject.org/projects/tor/ticket/21200#comment:4
>Tor browser 9.0.1 is…
>Tor browser 9.0.1 is connecting to:
>firefox.settings.services.mozilla.com:443
Easy to solve yet unlike the problem with unwanted automated updating.
about:config, delete these entries.Solved.
Tor Browser 9.01 only works…
Tor Browser 9.01 only works in safe mode. When I star tor browser normaly the application hang
Depósito con errores , tipo 0
Nombre de evento: AppHangB1
Respuesta: No disponible
Identificador de archivo .cab: 0
Firma del problema:
P1: firefox.exe
P2: 68.2.0.7031
P3: 00000000
P4: c966
P5: 67246080
P6:
P7:
P8:
P9:
P10:
What do you mean by "safe…
What do you mean by "safe mode"? Is it a new issue with 9.0.1, or did it happen with previous versions too? Also, what version of Windows are you using?
hold Shift key while run tor…
hold Shift key while run tor browser,
How to fix the proxy
How to fix the proxy
What is the issue?
What is the issue?
In response to Boklm’s…
In response to Boklm’s comment on November 8, in relation to the NoScript toolbar button that “not all options from this button are safe to use”
A user asked the question:
“Which options are not safe and why?
Could I request that, if you or your colleagues are going to state such things, esp. warnings, in the future could you/they expand on what they are saying so that users are better informed and can take action?”
Apart from the specific subject of that user’s question, the user has raised a good point in relation to apparent ‘warnings’.
Could Boklm please respond to the specific point and anyone who offers ‘advice’ please say exactly what they mean, with examples?
Thanks
Noscript comes with a myriad…
Noscript comes with a myriad of configuration options and it's unclear which ones are safe to use. So we plan to replace it with a new button providing a limited set of options.
You can read the proposal for more details about this:
https://gitweb.torproject.org/tor-browser-spec.git/tree/proposals/101-s…
And the latest discussions on the ticket about per-site security settings support:
https://trac.torproject.org/projects/tor/ticket/30570
That's a really good idea,…
That's a really good idea, given NoScript's behavior contributes to browser fingerprint, it is hard to stay indistinguishable with such fine-tuning. Actually, NoScript also learns unique behavior eg,when one decides to "always block this potential XSS" in the popup dialog. As unbiggest NoScript fan I'm hoping for replacement with some simple (High/Medium/Low/Trusted IE style) reputable (can't forgive NoScript hacking other extension's data) control for JS execution
REALLY unhappy about this…
REALLY unhappy about this update. Some servers are blocking exit nodes in the nasty way - by spewing an error page for the GET request (eg. Cisco, anything running varsnish etc etc). But... if page summary presented by eg. DuckDuckGo is really promising, one can roll the dice by clicking "new curcuit" button in the UI provided by Torbutton, so given much enough desire (read patience and time wasted) to read the contents, one could actually reach the page in question. Life's pretty bad, isn't it?
But I stumbled upon catastrophically worse case: firewall.cx decided to be even more nasty to tor users - they are firewalling exit nodes and... there is no UI to try a luck at another node! Torbutton doesn't recognizes an Firefox's internal "problem loading" page as "site" for which it could request a new virtual circuit!
And the worst: the issue described above also applies to usual cases when your randomly selected exit node having some network health issues, so there is no escape, site becomes inaccessible until MaxCircuitDirtiness timeout expires (or you have to do "new identity" or restart tor)
The well known ad blocking…
The well known ad blocking extension uBlockOrigin for Firefox starts using the DNS permission of the Mozilla DNS JavaScript API to block a new form of embedded ads. (1,2)
Is this extension now making DNS requests still safe to use with torbrowser?
1: https://developer.mozilla.org/en-US/docs/Mozilla/Add-ons/WebExtensions/…
2: https://github.com/uBlockOrigin/uBlock-issues/issues/780
What's happened to the F…
What's happened to the F-droid update for android?
It seems we forgot to upload…
It seems we forgot to upload it. It should be there soon.
I keep getting the error…
I keep getting the error message "x was blocked because we are blocking all third-party storage access requests and content blocking is enabled." It caused an infinite loop and prevented me from logging into Facebook comments plugin. How do I disable blocking of third-party cookies?
I need to know if you are…
I need to know if you are going to produce a "Black Screen of Death" Fix.
*BOTH* of my multi-user Development VMs have been hit by this poor QA update to v9.0.1
Ironically preventing completion and release to the community of privacy related software.
NONE of my diverted time fiddling around with AppArmor settings fixed this.
Thankfully my practice of not having monoculture single points of failure ( using chromium based browsers)
is the ONLY way I can get this to you!
It is the last straw for me; I have been concerned for some time at the egregious resource (CPU) demand at startup
suspicious that it is attempting rowhammer or spectre/meltdown class base processor games.
All of my VMs, including Fresh Builds are equally affected. It is not some extension update
poison that is responsible.
But I will retain torbrowser on end user VMs used for technology demonstrations.
When the QA quality of updates returns to what I was happy to immediately add when busy!
My compliments to the Dev team. I hope that this instigates a learning process so that
this catch22 lockout NEVER happens again...
I cant update it. I cant reload it from scratch tarballs off your site (Whonix Workstation instances)
Those systems are now SOL for torbrowser, and a VERY poor or negative choice example at demo time.
Please advise here and put up a permanent page that gets listed at the head of typically serach engines.
THANKS
It's unclear what issue you…
It's unclear what issue you are talking about. But as you mention apparmor, if you are using torbrowser-launcher, it might be this one: https://github.com/micahflee/torbrowser-launcher/pull/426
Sometimes, when I start Tor…
Sometimes, when I start Tor Browser, the start page states that "Tor is not working in this browser". However, when I go to the URL "check.torproject.org", The site said that "This browser is configured to use Tor."
I want to know if there are other users that encountered similar issues.
Thank you.
Information:
OS: Windows 10
Browser Version: 9.0.1
i have new windows 7 install…
i have new windows 7 install when i try to open TB9,901,95a2Alpha it says:
TB8 and latest firefox is working fine. No other program is showing this error.
This can be fixed by…
This can be fixed by installing Windows updates. You can find more information in this ticket:
https://trac.torproject.org/projects/tor/ticket/32358
is there a way to get on…
is there a way to get on roblox with tor
I have a question. It still…
I have a question.
It still uses HTTP circuit rather than HTTPS when starting and even when HTTPS everywhere is enabled is enabled while browsing, check for port and it shows using port 80.
If the website you visit is…
If the website you visit is not available as https, or if the HTTPSEverywhere ruleset doesn't have a rule about this website, then you will not be using https.
After updating to this…
After updating to this version the new tab crashes every time. It displays "Gah, your tab just crashed" tried re-installing, disabling add ons and all that. The older version works fine but as soon as it updates it gives above mentioned error. please help ASAP.
Which version of Windows are…
Which version of Windows are you using?
@boklm. I see the same…
@boklm. I see the same problem on Windows10-32bits on an AMD Athlon CPU. Maybe it is just a problem of compiler. Sometimes a program can crash because:
- Compiler has a bug, producing invalid code on rare occasions.
- Source code has a bug only revealed on certain compilations (ex. use after free).
- Too aggressive compiler flags (ex. -Ofast).
- Uses unsupported instructions (ex. SSE4.2 when CPU only supports SSE4.1).
Maybe ask the other users also what CPU they are running on.
Does Firefox 68 work on this…
Does Firefox 68 work on this machine? Do you know the exact CPU that you are using, or the SSE instructions it supports?
We have this ticket for this…
We have this ticket for this issue:
https://trac.torproject.org/projects/tor/ticket/32454
Antivirus? TBB doesn't crash…
Antivirus? TBB doesn't crash on Windows10 64-bit/WOW64 on Intel CPUs.
No Antivirus ever here …
No Antivirus ever here (Windows Defender also disabled) !
I like it when my PCs are infected and malwares ruin my UX, including a crash on the TB about:tor page ! ;)
TB 9.0.1 tested on the same AMD Athlon PC on Debian 10 x64 and no crash on about:tor page, so it looks like the bug is limited to the 32-bit version of TB.
You can run Windows Defender…
You can run Windows Defender scan to be sure ;)
The bug is limited to the 32-bit version of Windows 10 on AMD Athlon PC, FWIW.
What error code do you see in the Windows Event Viewer for that crash?
Firefox 68 works fine. In…
Firefox 68 works fine. In fact, on TB 9.0.0, the about:tor page does not crash and TB 9.0.1 seems to work fine apart from this crash.
Right now I use Tor for…
Right now I use Tor for Windows but I want to change to Linux Mint.
For Windows, since you have had those ‘new’ pages, all I have to do is download the files from https://decvnxytmk.oedi.net/download/ and verify the signature by following the instructions on the page: https://jqlsbiwihs.oedi.net/tbb/how-to-verify-signature/
If all is OK I double-click the ‘exe’ file, everything starts and I am using TOR.
I have just downloaded and installed Linux for the first time.
I have downloaded and verified the TOR Linux files in the same way that I have for Windows – all is OK - but I can’t make them run.
I have found the instructions for Debian and Ubuntu under your ‘Expert Guides’. Since my version of Linux is based on Ubuntu I thought these instructions would help but as I am new to Linux I don’t understand them.
I see that the TOR file for Linux has the extension tar.xz. Can anyone please tell me how I install it so that it works with Linux?
Or can someone please give me step-by-step instructions to download, install and run the TOR Linux files under Ubuntu?
Thank you
You can find some…
You can find some documentation for installing Tor Browser on this page:
https://tb-manual.torproject.org/installation/
Let us know if something is not clear.
I had the same experience…
I had the same experience and the same question. Then I found a one minute video that explains how to install the program. Have a look at
https://www.youtube.com/watch?v=EyLtU6lQcQ8
Good Luck
"I have found the…
"I have found the instructions for Debian and Ubuntu under your ‘Expert Guides’."
Do you mean this? The new site may have confused you because the "Documentation" link in the top header goes to the old 2019.* site.
https://2019.decvnxytmk.oedi.net/docs/debian.html.en
Those instructions are for
tor
, the network daemon, not for the Tor Browser Bundle that contains the daemon and a modified Firefox. Also, torproject.org URLs beginning with "2019" go to the old website which is there in case the new purple-colored site doesn't answer the question. Follow the Tor Browser Manual that boklm posted. You can find the manual from a Support question too: How do I install Tor Browser?Why are comments turned off…
Why are comments turned off on some of these blogs? Like with
"We Can Choose an Internet Without Surveillance"
I have an opinion that none of this is true. Tor is not what it once was, an I am thinking that is why so many people left.
See our blog comment policy…
See our blog comment policy:
https://trac.torproject.org/projects/tor/wiki/doc/community/blog-commen…
Moderating and answering comments takes a lot of time, so the author of a blog post can disable comments on a post if they think they won't have time to moderate and answer comments.
> so many people left. The…
> so many people left.
The numbers don't show that. User counts show fairly steady numbers around 2,000,000 for the last 6 years plus increasing bridge user counts that fluctuate wildly from 30,000 to 180,000. The spikes are usually from botnet malware or big news events such as national internet shutdowns. Perhaps chatter has decreased where *you* spend your time.
https://metrics.torproject.org/userstats-relay-country.html?start=2010-…
Hi everybody, It not…
Hi everybody,
It not recommended to use ad-ons to the browser (I am using FF). Standard are HTTPS and NoScript. First time I tried one of my normal webb-sites I saw the site full of ads. NoScript showed zero (0) meaning full blocking when looking at presented scripts. Second time I used the 9.0.1 browser it started to stop ads (reading "connection disabled" in ads-areas). This time though the browser started to utilize much more cpu and not working well. When changing site-pages ads showed up here and there but not everywhere!
How does the ad-free Tor Browser work? The site I tested was a "trusted" http-site. In my normal FF browser I use an anti-ads ad-on and it is working perfect.
Ad-free Tor Browser implies…
Ad-free Tor Browser implies using an adblocker. This is what I would advise at least:
NoScript may conflict with adblockers, so maybe disable it (at your own risk) on the
about:addons
page.Then install uBlock Origin from the Firefox Add-ons site.
Then open the uBlock Origin dashboard, go to the settings pane, enable "I am an advanced user", all privacy settings and block remote fonts.
Then in the Filter lists pane, select the filters you really need (to see all filters available, click on the "+" on the left of the line "x network filters + y cosmetic filters from:").
Then close the dashboard, and set uBlock Origin blocking mode to at least Medium.
Finally, install Cookie AutoDelete and set it to "Enable Automatic Cleaning after x seconds" and "Enable Cleanup on Domain Change".
Installing other privacy related add-ons like Decentraleyes or Privacy Badger is rather redundant if you set uBlock Origin to Medium block mode and enable privacy related filters.
ClearURLs is a very nice add-on and may be the most effective to remove tracking elements from URLs, but I am a bit nervous with the fact that it automatically downloads its rules from an external file on Gitlab. uBlock Origin also download filters, but gorhill is an outstandingly good developer and I trust him more than the ClearURLs developer, who still has to prove his worth...
Installing many extensions…
Installing many extensions is not a good idea as it may change your fingerprint, or conflict with some of Tor Browser protections.
I dream of a Tor Browser…
I dream of a Tor Browser including by default more of these privacy related extensions (especially the essential uBlock Origin):
https://www.privacytools.io/browsers/#addons
https://amiunique.org/tools
BTW, my fingerprint tests on Panopticlick and here AmIUnique reveal what makes my Tor Browser mostly unique (30 days period):
Trying to block fingerprinting through coalescence is a pipe dream !
The only solution according to me is the universal randomization of fingerprints. If every user constantly changes his fingerprint (by randomly changing bits of the sources of fingerprinting) during a session, then it is impossible to uniquely and durably identify users. I hope Firefox will enhance its resistFingerprinting feature and implement randomization of fingerprints in the near future...
The results given by…
The results given by Panotpticlick or AmIUnique are not really meaningful for Tor Browser as those tests are mainly being run by non-Tor Browser users. What is important for Tor Browser is that all Tor Browser users have the same fingerprint, but it doesn't matter if this fingerprint is similar to the one from other browsers.
About randomization of fingerprints, see the section "Strategies for Defense: Randomization versus Uniformity" in the Tor Browser design doc:
https://2019.decvnxytmk.oedi.net/projects/torbrowser/design/
Thank you boklm for the…
Thank you boklm for the infos and the link. I read the doc carefully and now better understand your "No Filters" design choice.
Concerning the randomization, I still disagree.
Uniformity is a pipe dream, because people always want to customize their tools when possible. But, by customizing their Tor Browser through configuration or add-ons, they weaken their fingerprint uniqueness without always knowing when or by how much. Claiming uniformity brings a false sense of anonymity to the end-user.
If you want uniformity then put the end-users in a jail, where they can't modify the Tor Browser. But then, I guess you won't have many users left. On the contrary, if you let the end-users do some customization, then uniformity is impossible to achieve.
Moreover, dictatorships hate liberty because they can't control people with random behaviors. They hate diversity because they can't control people with random identities. Thus, uniformity is their ultimate dream, whereas randomization is a tool to create diversity therefore liberty.
So I think your mistake is to make your design choices from a technical point of view, whereas it should be from a philosophical point of view. The technical solutions should follow the philosophical guidelines, not the other way around...
many who updated to 9.0.1 ,…
many who updated to 9.0.1 , 32bit are getting a white space between website and tor-browser window ... can anyone tell em why and/or how to fix it?
Yes, I don't know why Tor…
Yes, I don't know why Tor Browser developers made this ugly design decision. The original Firefox does it right, only on page load.
Anyway, type
about:config
in the URL bar, then set :privacy.resistFingerprinting.letterboxing;false
Disabling letterboxing is…
Disabling letterboxing is not a good idea as this will make the fingerprint of your browser easy to recognize.
Then please do the…
Then please do the letterboxing only on page load, like Firefox. The way it is now is an ugly looking and disturbing hack.
Tor Browser is a great software, it just needs some polishing that would make it awesome !
See the letterboxing section…
See the letterboxing section in the 9.0 blog post:
https://vbdvexcmqi.oedi.net/new-release-tor-browser-90
it's me again .. about white…
it's me again .. about white space. The prob is much worse .. resizing tor window ads more white space and jumps between resolutions. It's like a mexican jumpin bean as one resizes window. CPU load on boxes older than 3 yrs goes to max.
Ok .. but is there any way to fix it ?
Another thing = when having open tabs more than window limit [let's say 100] drop down arrow list doesn't let one scroll/jump by using first letter .. as it used to. And mousing over list doesn't show URL either .. which worked before.