Tor Browser 5.0.7 is released

by gk | January 7, 2016

Update: Clarify that the crash bug requires Javascript to be exercised.

A new stable release for Tor Browser is available from the Tor Browser Project page and also from our distribution directory.

This release features an important fix for a crash bug in one of our patches. All users are encouraged to update immediately as this bug is probably exploitable if Javascript is enabled. The bug was not exploitable at High security level, or on non-HTTPS websites at Medium-High security level.

Here is the complete changelog since 5.0.6:

  • All Platforms
    • Update NoScript to 2.9
    • Update HTTPS Everywhere to 5.1.2
    • Bug 17931: Tor Browser crashes in LogMessageToConsole()
    • Bug 17875: Discourage editing of torrc-defaults

Comments

Please note that the comment area below has been archived.

Anonymous (not verified) said:

January 07, 2016

Permalink

"Bug 17875: Discourage editing of torrc-defaults"

I really like the possibility to edit torrc, depending on the usage and risk calculation in case.
What I really hate though and would like to know if there's an answer to that, is how I can manage choosing my entry nodes. To be more specific, avoiding using services in so called western democracies like ultimate wire tapping king UK for example.

They probably keep a nice list of all people using Torbrowser by registering people contacting entry nodes in the UK and share that info with all their partners in legal crime.
I allmost would consider, as a way of speaking, using an entry node in NK than a growing list of western countries that are preparing laws to make it possible to wire tap the complete communication in their country and everything that is trespassing.
I assume that when a country is wiretapping all communication it's very important to not use an entry and exit node in the same country at the same time because of the risk connecting entry an exit node information to unanonimise people.

Would a Torbrowser model be thinkable where users could choose a region, in the meaning of a cluster of countries, for their entry node and the same thing for their exit nodes?
To illustrate the idea behind this situation, I would be more comfortable with the idea to use an entry node in Russia and using an exit node in the US while living in Portugal then living, let's say, in Ireland and using an entry and exit node in the UK.
I realize that this way of thinking is maybe not exactly matching the principle of getting the Torbrowser user group as identical as possible, but maybe the above concept is not a big threat to that at all and could also protect people in pseudo democracies more then maybe now.

I'm not an expert while you and many others probably are, so I am very open to the pros and con's to this idea.
Thank you for reading and maybe answering in advance.
All the best,

This is exactly what I thought too.

It is absolutely stupid to allow exit-nodes in the UK, or other countries which have already turned into total-surveillance-states.

Also i totally dislike that you always get an "entry-node" (? not sure if term is correct) in the same country where you are located at the time you open TOR-Browser.

I would like to use the eastern-european countries (or russia) for much more safety !

And i dont care if they are much slower !

Let the guys who insist to download warez through TOR download it from fast NSA servers.

And the rest, who want "a bit more privacy" chill at slow but secure speeds in other parts of the world ;-)

Let us have an actual CHOICE !

But, if my suggestion is contra-productive : Make TOR as unbreakable as possible !!!

Thanks for all your efforts so far, without TOR the whole Internet would have already turned into being merely "a marketplace" for capitalist shit goals anyways ;-)

Using an entry node in Russia makes it a certainty that your traffic to the entry node will be captured and stored indefinitely.

If the entry node is in the same country, there is a chance that it won't be.

> you always get an "entry-node" (? not sure if term is correct) in the same
> country where you are located at the time you open TOR-Browser.

This is false.

Conversely the use of UK nodes leads to divide and conquer. Such adversary then need to invest greater effort in monitoring not just UK nodes, but every other. It becomes more of a challenge to perform analysis without breaking crypto. As long as the exiting traffic, from a UK node, doesn't contain identifying info, and provided the traffic doesn't end up at a UK business (or 5eye). If a % of tor client suddenly avoided UK node, or exit, it would make the job of this adversary easier against all others.

The fact that relay selection is random rather than user-selected is an important security feature. An adversary able to guess the relays in a particular user's circuits can focus their efforts on those relays. Additionally, statistically anomalous relay selection leads to the intersection attack described above wherein users (or their reasons for using Tor) may be identified with some degree of confidence based on which relays they choose.

Agreed. Now, more than ever, we are stronger standing together. You'll recall not too long ago many of these adversaries conducted surveillance under the cover of blanket national security directives. Now they do the same thing after public disclosure. Why? This implies they may intend to create the heightened paranoia that causes Tor client to avoid nodes of interest.

Not that I don't see a reason for concern. As described in a comment below, the behavior of NodeFamily needs re-evaluation against modern adversaries. In the case of any potentially adversarial node a defensive stance should be easily obtainable by torrc config. Rather than force a client to avoid (i.e) UK exit, or all (i.e) UK node, NodeFamily (or some other option), should prevent multiple (i.e) UK node in a given circuit. It's a slight refinement and, provided geoip data is accurate, makes it harder for potential state adversaries to get a chain of nodes in a geo-location, also having well behaved and predictable timing characteristics. I see three potential discussion points:
1. Adjust the NodeFamily behavior for all uses of the torrc option. Make the above proposed behavior the default.
2. Introduce an additional torrc option to enable the proposed new behaviour. Make it optional.
3. Allow NodeFamily, ExcludeExitNodes, and ExcludeNodes to be specified for particular isolation. This may be of use in tbb+system tor implementations, or where exiting traffic touches adversary-friendly entity and the lack of ephemerally secured communication exists for some streams.

I don't mind writing some code. One of these days I'll cross-post to mailing list and make the request on trac.

I assume that when a country is wiretapping all communication it's very important to not use an entry and exit node in the same country at the same time because of the risk connecting entry an exit node information to unanonimise people.
And middle node too.

Anonymous (not verified) said:

January 07, 2016

Permalink

"Bug 17875: Discourage editing of torrc-defaults"

How is this discouraged? Editing torrc is important for me.

Anonymous (not verified) said:

January 12, 2016

Permalink

"We plan to update NSS in the next regular release"

Ok, but the critical question is:
Surprising use of MD5 is visible, in Security - Technical details, or not?

Anonymous (not verified) said:

January 08, 2016

Permalink

WTF? It's not an attack! Weak cipher suites were disabled long time ago!

Anonymous (not verified) said:

January 07, 2016

Permalink

It's been a few weeks since I noticed that Disconnectme is returning far fewer results than it used to. I guess the men behind the curtains are messing with it too.

I contacted the Disconnect.me people and they told me that this was caused by SEO bots hitting them. As the result they had to put in mitigation strategies to cope with Google's bot detection mechanisms. They are working on a permanent fix for this problem. Other search engines Disconnect.me offers should be not affected.

If you are asking this question my guess is that you do not actually need or want to "open" them.

If you actually know what you are doing, check the "mar tools" package, also in the distribution directory.

Anonymous (not verified) said:

January 07, 2016

Permalink

I find the network traffic of inside updater updating Tor Browsers is about 10 times faster than I download something from any website including torproject itself, do you notice that?

The UI does not tell you how much data you're downloading, so you can't say what the speed is. The reason it takes apparently little time is because the updater does not download the entire Tor Browser but only a "patch".

Anonymous (not verified) said:

January 08, 2016

Permalink

Here are some of our favorite tools that you can try:

Internet Service Provider (ISP): Sonic
Wireless provider: Cricket
Encrypt an email account you already have: Thunderbird with Enigmail; Mac Mail with GPGTools; Outlook with GPG4Win
Private email clients: Unspyable, Countermail, or Shazzle
Search engines: Ixquick and DuckDuckGo
Mobile calls: RedPhone, Silent Circle
Android proxy: Orbot
iOS proxy: FoxyProxy (configure it as a proxy, not a VPN)
Mobile photos: ObscuraCam
Text messaging: TextSecure
Online tracker blocking: our very own DNTMe
Web-based chatting: Adium with OTR, Cryptocat
Mobile chatting: ChatSecure (iOS)Virtual private networks (VPNs): iVPN, Private Wifi
Hard drive encryption: TrueCrypt
Web browser: Tor Browser (and Mozilla’s Firefox is the best major browser on privacy)
Mobile browser: Onion Browser (iOS), Orweb (Android)

Anonymous (not verified) said:

January 08, 2016

Permalink

ExcludeNodes and ExcludeExitNodes by country does not work

NodeFamily also has a long standing problem. It considers the comma separated values as part of a declared family. It does not consider entire sets of node from a country, declared as an element, to form a family.
`NodeFamily {us}, {gb}, {ca}, {nz}, {au}` will avoid circuits where a node from each element appear. It will not prevent multiple node from each element. Meaning although us and uk node won't be used in a circuit, uk or us can easily appear more than once in a given circuit.
Surprisingly, no ticket was found. Is this intended behaviour, or should it be ticketed....

Anonymous (not verified) said:

January 08, 2016

Permalink

Hello
one question:
Some applications need to "proxy authentication" when communicating with "Tor Browser"
When questioned username and password, what should we do?
Thank you

Click on the green onion after you started Tor Browser and there choose "Tor Network Settings..." and check "This computer needs to use a local proxy to access the Internet". There you can enter your credentials.

You can do this on your very first start as well with the Tor Launcher wizard if you choose the configure option and are not trying to connect directly to the Tor network.

Anonymous (not verified) said:

January 08, 2016

Permalink

hey bros, when I ask for obfuscated bridges it is only giving me one, the same one, for the past 24 hours.

Anonymous (not verified) said:

January 08, 2016

Permalink

Where is the PortableApps.com version / integration?

Anonymous (not verified) said:

January 11, 2016

Permalink

We have a few years now with many serious bags not yet fixed:

Many of these serious issues are 3 years old, they go from release to release. Will they be fixed? If yes, then when?

The latter is supposed to get fixed in the upcoming 5.5 stable release and should be no issue anymore in the current alphas. Not sure about the former yet. There is no ETA for them. Patches are welcome!

Anonymous (not verified) said:

January 21, 2016

Permalink

Thank you for the reply! As I understand, the first issue (distinguishing Windows from Linux when JS is enabled) will not be resolved in foreseeable future. :-(

Anonymous (not verified) said:

January 11, 2016

Permalink

It seems they can still track you with Tor. It is called a browser fingerprint. People are using Random Agent Spoofers now, which is an extension add on.

Anonymous (not verified) said:

January 11, 2016

Permalink

@DEV 5.07 / TEAM

Tor browser & virtual cpu function e.g intel 3337U, etc.

My chipset is able to manage virtual space ; should it be possible to run tor on this "unused area" ?

i use rarely VM or similar environement so this space is still free as a function 'opened', disposable.

if you know a trick/tip for activate or include tor by the cpu and not by the operating system , i could run it long hours per days and that every day.

i read that running a relay is important and running tor too.

Anonymous (not verified) said:

January 12, 2016

Permalink

Again, no chance with adobe flash for me on this update. I use Tor solely to listen to the BBC, which is blocked here in Vietnam, and yet I cannot play any podcast because Tor cannot configure Adobe Flash or something. No, not afraid of being tracked down and incarcerated, I've heard the "Privacy is Important" drill enough, Vietnam's online surveillance and censorship is half-arsed, at most, and VPN doesn't work because God knows why my government hates The Archers so much as to block it to this extent. I understand what you're doing here and I commemorate it wholeheartedly, but I just want to be given the option whether or not to use Adobe Flash. Still am waiting for the day when I get to listen to good ole' BBC

What you should try is:

youtube-dl

http://rg3.github.com/youtube-dl

A lot of people post here saying with each new TBB release, "Flash still doesn't work!" No kidding? We don't know that already?

Check youtube-dl's list of supported sites at their website. You don't need a browser plugin/addon/extension for this.

I don't know if torify/torsocks is included in the TBB*, but in TAILS I run
at the command line (after downloading youtube-dl and a quick verify of the md5/sha1 or sha256 checksusms):

chmod a+rx youtube-dl

^ the chmod command only once, then:

  1. torsocks ./youtube-dl URLtovideoorpagewithvideo<br />

Easy.

Again, if you use TBB instead of TAILS, programs like youtube-dl may need an additional option. The website for youtube-dl explains it very well.

A lot of people post here saying with each new TBB release, "Flash still doesn't work!" No kidding? We don't know that already?

It's not "a lot of people"......

It's actually one troll working for the NSA that has been posting nearly similar complaints about Adobe Flash not working in TBB.

His ulterior motive is to ensnare unsuspecting TBB users to use Adobe Flash which is notorious for unmasking actual geolocations.

Again, no chance with adobe flash for me on this update. I use Tor solely to listen to the BBC, which is blocked here in Vietnam,

You don't need Adobe Flash to listen to BBC....

And we know who you're: whenever there's an announcement on the release of a new version of Tor, you'd never fail to post anonymously lamenting that you're unable to watch Youtube videos because Adobe Flash doesn't work on TBB.

and VPN doesn't work because God knows why my government hates The Archers so much as to block it to this extent.

Haha...we caught you there, you NSA troll.

It's obvious you don't live in Vietnam because if you did you'd discover that businesses and individuals in Vietnam do use VPNs daily. (I should know as I just left Vietnam after meeting my business partners)

Anonymous (not verified) said:

January 21, 2016

Permalink

Hello, downloaded torbrowser-install-5.0.7_en-US.exe today from this site and pgp says that the signature is invalid, signed with unknown certificate 0x2E1AC68ED40814E0

That is different from the one in the tutorial which is 0x4E2C6E8793298290

Explain this?

They're the same key.

Specifically:

$ gpg --list-key 93298290
pub 4096R/93298290 2014-12-15 [expires: 2020-08-24]
uid Tor Browser Developers (signing key)
sub 4096R/F65C2036 2014-12-15 [expires: 2017-08-25]
sub 4096R/D40814E0 2014-12-15 [expires: 2017-08-25]

So 93298290 is the long-term key, and D40814E0 is one of its subkeys.

Make sure you have the subkey, and have verified the fingerprints of both long-term and subkey. gpg allows you to follow the chain-of-trust. This should fix the signature problem you describe. Always ensure the subkey has been signed by the long-term key and likewise for the subkey.