Tor Browser 5.5.1 is released

by gk | February 5, 2016

Tor Browser 5.5.1 is now available from the Tor Browser Project page and also from our distribution directory.

Most notably, this release features fixes for regressions caused by our font fingerprinting defense: chinese users should have a functional Tor Browser again and emoji support is restored on OS X and Linux systems (we are still working on a fix for Windows).

Moreover, we fixed an oversight in one of our patches which broke some websites depending heavily on iframes.

The full changelog since 5.5 is:

Tor Browser 5.5.1 -- February 5 2016

  • All Platforms
    • Bug 18168: Don't clear an iframe's window.name (fix of #16620)
    • Bug 18137: Add two new obfs4 default bridges
  • Windows
  • OS X
  • Linux

Comments

Please note that the comment area below has been archived.

Anonymous (not verified) said:

February 05, 2016

Permalink

There's still an annoying bug that prevent TOR to use native OSX full screen. When pressing the green button the window remains the same size but is black on the rest of the screen. To have the real full screen, I have to press full screen in the menu bar.

Dude, F11 in menu is the only full screen option for any app. Stop trying to maximize - it's not secure. And did you see your bug fixed in this release to write that?

tbb in windows
I have accidentally, out of habit, clicked the maximize button.
in tbb 4.x, that window became huge.
in recent 5.x, the window either maximizes or increases to a size nearly equal to display size. i then click restore button which restores tbb window size as restore normally does.
if relevant, i usually have multiple tabs open, and only one tbb window open.

and, thanks to node operators and tor developers.

I have this issue with 5.5.1 and it IS a problem. I use Tor to enhance my security but not at the expense of convenience. Moreover, when connecting to my very own hidden service, I couldn't care less about leaking the resolution. But the fact that I can't stretch the window is really annoying :-)

"There's still an annoying bug that prevent TOR to use native OSX full screen."

Strange I don't have that experience on OS X at all. I'l try this new release later on.
What I did experience (for a longer time in different versions) is that if you have another Torbrowser window minimized to dock a renewal of the connection as a whole in another open window and after that opening older open windows from dock and from the previous session again, then you'll get a black window which will disappear after another renewal of your identity in Torbutton.

Another NoScript bug that I once mentioned here and Gk. could not reproduce, Torbrowser completely crashing while trying to print a page to file is still existing. Maybe probably also in this new release. I'll test it again but because it is also happening in regular versions of Firefox I consider that as an NoScript problem in general that exists with some sites and in combination with very high security settings of NoScript.

I'll probably have to contact NoScriptMalone for that issue I guess.

Hello can you help me, every time i want to start tor browser i have to restart my computer. It will start if i restart it but once i close it i have to restart to reopen tor browser, Can anyone help me out??

Anonymous (not verified) said:

February 05, 2016

Permalink

Super

I agree about the default font being less pretty now...

But I'm so happy about the DuckDuckGo onion search being added!! (But never understood why Amazon and ebay are left in by default... does anyone even use those? I can't believe I'm the only person to accidentally run a search on Amazon from the search box.)

Anonymous (not verified) said:

February 05, 2016

Permalink

I've heard Tor is not secure for http sites ! in fact encryption is not end-to-end and the data is encrypted Only between Tor servers ,So ISP can tracks user On Target site (http)

is it true? Please answer me, certainly This is a question of many users

Tor traffic is only unencrypted (via Tor) once it leaves the exit node. The ISP of the exit node can track the activity on the target site, but the ISP of the user cannot. The ISP of the user only sees you connecting to the first node.
Note: this is only necessarily true with Tor Browser; if you use other web browsers through Tor some may leak what website you're browsing; this is as true for HTTP as HTTPS. Moral of the story: Use Tor Browser, not some homebrewed setup.

That's true to a certain degree. The browser bundle has implemented several mitigations like Isolating circuits to each domain, and creating a uniform profile for all users to appear the same among other things.

Now if you start logging into personal accounts or start divulging personal information over http then with little effort and collusion you could be de-anonymized.

Otherwise even if your are trackable as a toruser, unless you give away your identity as stated above, they won't know who their tracking.

Tor is not recommended for HTTP traffic, unless you are just accessing sites with public information, such as a news site, output nodes can intercept your sensitive information, so always use HTTPS encryption.

The same is true for normal HTTP traffic, except with (usually) fewer possible interceptors. It's not like your ISP can't do the same thing. Yes, you should use HTTPS whenever possible, but tor isn't that inherently insecure compared to the normal internet for HTTP (depending on your threat model.)

"HTTPS encryption" is fake for clown sites -> cloudflare "intercept your sensitive information" even and especially if you use https.
wonder if tbb can mark such compromized sites?
or maybe ssl observatory can help?
it is an emergency problem that you can't believe even https encryption.

Anonymous (not verified) said:

February 05, 2016

Permalink

Seria muito bom que escolheriiamos qual circuito a ser criado.

What operating system are you using (Windows, Mac OS, GNU/Linux)? What web site does not display Punjabi correctly?

I tried going to https://pa.wikipedia.org/ and it seems to be working fine, using the system fonts "Raavi" and "Mangal":
Screenshot of text on pa.wikipedia.org.
You can find out what font the browser is trying to use by right-clicking on some text, selecting "Inspect Element", and then clicking on "Fonts".

Anonymous (not verified) said:

February 05, 2016

Permalink

Here comes the font war, use whatever it takes to minimize the attack surface,
who really care about font rendering ? what really matters is what is being read
and Tor browser ability to make it hard to find who is reading it.

Anonymous (not verified) said:

February 05, 2016

Permalink

is Tor secure on http sites? i don't know why don't publish this comment ! I have written this comment in another posts several times

Anonymous (not verified) said:

February 05, 2016

Permalink

great

Anonymous (not verified) said:

February 05, 2016

Permalink

veryyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyy niceeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeee

Anonymous (not verified) said:

February 05, 2016

Permalink

thank you
problem with frames and iframes was fixed so my webapp works again

bless you

Anonymous (not verified) said:

February 05, 2016

Permalink

Hm... Tor-Browser update (over Tor-Browser) will download 54mb (and do a smaller update before - i must restart 2 times to complete it), and the standalone version has only 42mb... why? (Win7, english)

Not sure what you mean. From which version to which are you upgrading? If you are coming from 5.0.7 or 5.5 the update to 5.5.1 will only download an incremental update where you need to restart once. If you are coming from an older version (which already has the updater functionality) your Tor Browser will download the large file and you have to restart only once as well. If you modified 5.0.7 or 5.5 Tor Browser will try an incremental download first and start the full update later as the diff is not matching (due to your modifications). Nevertheless, in this scenario you only need to restart the browser once as well.

The full update files are bigger as a different compressions algorithm is used for them.

Anonymous (not verified) said:

February 08, 2016

Permalink

Thank you gk...

I´ve updated from Version 5.5 and do some small modifications - such as hide referer and deactivated javascript over "about:config"...

Anonymous (not verified) said:

February 05, 2016

Permalink

Hello.
Thanks for partial fix of Bug 18168 but sadly the regression still occurs when the page is using nested frames.

Steps to reproduce:

Visit this page:
http://www.cs.laurentian.ca/rsgrewal/c2206/html/examples/frames/frameSe…

Click link frameSet2.html (Side-by-side frames)
(t loads another frameset inside right frame)

Now click any of the new links opened:

  • CNN
  • Canoe
  • JavaScript site

All the links are now opened in new tabs instead of the correct "content" frame.

Anonymous (not verified) said:

February 05, 2016

Permalink

could someone explain to me the reason why the site is written only in us/uk/ language ?
are there more us posters/volunteers/donators ?
are you so lazy to not dare an international site ?
do you know an hidden service where it could be translated in another language ?
... boring barriers ...
recipe : take a couple of tor admin and cut the ears then lets boil the legs few minutes in an encrypted swap ; it smells good. take the head and look at him ; his tongue must be pink or blue -sometimes black but it is an other story- now , you have to slowly say few words followed with the magic number : 1 -repeat the special op x 3- now it is ready for the female and for the male, he will answer in 12 + 1 different languages. the female will add 'not this one' in the fail test.

could someone explain to me the reason why the site is written only in us/uk/ language ?
are there more us posters/volunteers/donators ?

Let us give you the reasons:

1. Perhaps you didn't know that National Security Agency of the USA and GCHQ of the UK are both operating in native English-speaking countries? The two agencies combined made up the largest government-approved snooping employers in the world.

(a) Estimated staff strength is about 100,000 employees. They--the employees--are proficient in English only. If this site were in Chinese or Arabic, they'd be totally lost.

(b) Before World War II, the Brits were the most superior race in the world. Have you not heard of the phrase "The sun never sets on the British Empire"?

After World War II, the Yankees were the most superior race in the world. "The sun never sets on the American Empire" holds true today. The Yankees have the power and the means to topple foreign governments that they view as threats or support foreign dictators based on their oil-producing capacities, eg. Saudi Arabia.

Given the above, why would the superior race of today tolerate any other foreign languages?

(c) Perhaps you didn't know that Tor was first conceived and developed under the auspices of the US government and was its only and major sponsor? Even as we speak, the US government is still a sponsor of Tor and Tails.

Nah, the reason is much less sinister: we lack the resources to provide the websites in different languages *and* to keep them up-to-date (the latter is much harder but at least as important as the former). But there are plans to change that in the near future, stay tuned.

Anonymous (not verified) said:

February 05, 2016

Permalink

I keep getting a message that 5.5.1 has been downloaded but could not be installed. Then is opens up. LXLE Ubuntu 14.04.

Anonymous (not verified) said:

February 05, 2016

Permalink

ok

Anonymous (not verified) said:

February 06, 2016

Permalink

how do I know that you are real Tor browser?
On my previous Tor browser , 6-7 months ago ,it was not updating itself,and every time
I use it, it asked me if I want to have Tor to be my default search engine and it was not updating?
That Tor browser from September 2016 was erased by accident and I downloaded another version from Google search ?
Also,there are few things different this time round in the main bar, there is orange
writing and on the bookmarks star is now blue not yellow and on the right hand side at the top the star is now blue and not yellow ?
When I use bookmarks bar to log in to outlook the green padlock shows as a sign of security,but when I want to log in to HTTPS://YAHOO there is no green padlock?
This time round Tor browser is updating itself and it is not in my main programs menu,where I can see and edit the content ?
I will appreciate if you explain these points
Thanks,Concerned Tor user

It sounds like you use to be using a version of Tor Browser more than a year old (from before Firefox went to aurora or whatever the present skin is called.) You should have been updating manually for every update back then.
Tor Browser is specifically designed to not integrate into the OS. That means it doesn't put itself into your start menu. Instead, you've got to start it from the shortcut located wherever you installed it. In fact, I don't know if there ever was a version that put itself on the start menu; you may have been using an unofficial build -- which isn't recommended.

Anonymous (not verified) said:

February 06, 2016

Permalink

Windows 7 on VPN w/ 2FA enabled. Cannot open (full screen) browser window w. v5.5.1

Anonymous (not verified) said:

February 06, 2016

Permalink

Flash player doesnt work for fb games and youtube videos. I am going to fall back to using Tor 4. Tor 3 and 4 work fine with flash.

Anonymous (not verified) said:

February 06, 2016

Permalink

In Tails 1.8.2 and prior versions I connected to the internet by adding a username and password to a dsl connection in the network connections. In Tails 2.0 I can't find a dsl or equivalent where I can introduce a username and password to connect to the internet. I know this is not the right place to ask this but I don't know where else to go for help. So please, can anyone help me?

Hello again, fellow Tails user here. I reported your problem on the #tails channel on IRC. It is now tracked on Redmine at RiseUp as issue 11028 (https://labs.riseup.net/code/issues/11028) since 29 Jan. And (voice in the style of Futurama's Professor Farnsworth) "Good news, everyone!": there's a workaround.

Reading muri's investigation, he says the old nm-connection-editor GUI was superceded by a new Gnome3 one, and this can't be reversed (yet). However, if you open a Terminal, and type (I tried this, it works!):

<a href="mailto:amnesia@amnesia" rel="nofollow">amnesia@amnesia</a>:~$ nm-connection-editor &

the old GUI pops up in the middle of the screen. Click "Add" and I'm sure you'll find your way from there to DSL.

I know about Bug #11028,I've been following it ever since it went up. Unfortunately introducing the command line in a terminal, while it does bring up the connection manager with the dsl option and others, doesn't work. After I put in my username and password it simply doesn't connect. The problem is Debian 8, Debian 8 gnome desktop has the exact same problem as Tails 2, Debian 8 cinnamon has the dsl tab in the gui but it doesn't connect, just like Tails 2 with the above terminal command. Linux Mint Rosa (17.3) cinnamon works perfectly, it's the one I'm using now with TB, the same goes for Ubuntu 14.04.3 LTS and Ubuntu 15.10. I'll wait for a fix for the bug before I'll send them an email about whether or not the dsl connection works, as I'm not sure if a fix to gnome 3 would also fix the inability to connect with a dsl using the terminal command. Thanks for your reply, even though I didn't post the comment. I'm the op from the blog post where this comment first appeared. Probably somebody copy & pasted it here by accident. But, to all of those trolls who will undoubtedly start commenting that this is not a tails blog : "Stop whining!" Nobody cares what you say.

That is a common experience for Tor users. It happens when the website uses CloudFlare. See:
https://trac.torproject.org/projects/tor/wiki/org/doc/ListOfServicesBlo…

There is not much to do about it right now, other than solving the captchas or avoiding those websites. Here is a blog post on the subject:
https://vbdvexcmqi.oedi.net/blog/call-arms-helping-internet-services-ac…

Anonymous (not verified) said:

February 10, 2016

Permalink

captchas fail, in my experience. use startpage or other search result proxy.

What are you talking about? For the last 1 to 2 weeks the captchas work without you needing to activate the java script. We don't need to worry about allowing java script and thus we can stay completely anonymous and cloudfare can keep doing it's thing, this is the best compromise.

clown sites under clownfare are dead - they do not even have ssl certificate. nobody can trust them. all your private info IS compromized. so it is https trust what is dead in reality.

Anonymous (not verified) said:

February 06, 2016

Permalink

goood

TAILS doesn't give you administrative rights by default. So you cannot perform any updates. Moreover, if you are running tails on a DVD-R, you cannot change the codes since its not rewritable. To get the lastest version of the Tor browser, you need to update tails (keep to the latest version as possible).

Anonymous (not verified) said:

February 06, 2016

Permalink

Why do I connect using only the first node 88.198.9.16 !!! DEU!
This can not be changed either by restarting or change of identity.
Can I still trust?
Ver .: Tor-Browser 5.5.1

Anonymous (not verified) said:

February 08, 2016

Permalink

The FAQ does not explain that:

> The solution is "entry guards": each Tor client selects a few relays at random to use as entry points [...]

One is certainly different from a few. Please stop misguiding people and explain what is going one.

Anonymous (not verified) said:

February 06, 2016

Permalink

Nice.

Anonymous (not verified) said:

February 06, 2016

Permalink

I know I'd previously received notifications when maximizing Tor that it would give away your native screen resolution which could be used to identify you (it seemed like a long shot to me), so when I noticed in the latest release that I couldn't maximize, I figured it was a security 'feature' rather than a bug. Apparently I was wrong.

Anonymous (not verified) said:

February 06, 2016

Permalink

The bridge is only 2, used to have three. Article 2 is too little, and some bridge didn't work.

Anonymous (not verified) said:

February 06, 2016

Permalink

1. RE the question about size of browser window for which GK replied.

isn't maximising the browser window a bad idea because it aids data for fingerprinting by allowing a non-uniformity of user? This is why the browser window is the smaller size (for most) it is?

2. Unsure where else to post this so excuse me. I dont really wish to sign up to use the Tor mailing list (unfortunately)
malwarebytes scanner sometimes tells me a malicious website has been blocked, either when I'm connecting with Tor , or when I'm using Tor. I am aware there are issues with virus software giving false positives with Tor and Tails including when installing.

However is what I'm experiencing possibly a sign of an adversarial node attempting to make a, for example, packet injection?

3. just as a side note after reading through a lot of the comments for various posts. The revisiting ''NSA troll" - it would appear that one utility of such an actor (I just love the way that word is the one used in this context!! or is it syntax ) to the paymaster is to divide and conquer. Basically, chew up peoples time with useless shit as to make it harder to respond to genuine queries. If authentic actors (haha sorry couldn't resist) are able to discern when said "NSA troll" is posting surely just ignoring completely is going to shut that actor down. And then that actor is going to be unemployed in hollywood looking for a casting couch
And there's so many unemployed actors there

Anonymous (not verified) said:

February 06, 2016

Permalink

super

Anonymous (not verified) said:

February 06, 2016

Permalink

its really good browser i used this last three years and for my opinion tor browser is best

If you read the advice on the Tor home page you will note one is STRONGLY advised not to install any ad ons (for example Adblock Plus) as it may create a security vulnerability

We do have help in No Script ad on which has been included with Tor Browser and configured for safety

Don't add anything else. You may adjust the configurations however

In Tor Project We Trust

Anonymous (not verified) said:

February 10, 2016

Permalink

noscript is standard in tbb. rarely do any ads survive disabled javascript.
if need javascript on a site, be sure to also go through noscript's "untrusted" menu and set as many domains to untrusted.

I'm not sure what exactly you're talking about with setting "as many domains to untrusted" but it sounds like something that could be used for fingerprinting. If security is a concern you're best off simply setting the security slider to High.

Doing so will increase attack surface.

It will also piss off advertisers even more and they can make the use of tor more difficult; see Cloudflare.

Anonymous (not verified) said:

February 07, 2016

Permalink

nice

Anonymous (not verified) said:

February 07, 2016

Permalink

Flash player has not worked the past 2 new upgrades I continue to have to reinstall every day 5.0.4

Flash player has not worked the past 2 new upgrades I continue to have to reinstall every day 5.0.4

The US government will reward you with 1 million US dollars cash if you can persuade 1 million TBB users to use Flash every time they use the software. Proof that it is your persuasion that works must be provided before you claim your reward.

Remember that is must be 1 million TBB users, not 200,000 or part thereof.

"I continue to have to reinstall every day 5.0.4"

Well turn the automatic update off from the options if you want to keep using the (unsecure) old version dumbass. O_o

Anonymous (not verified) said:

February 07, 2016

Permalink

Oooops!

I see I'm almost at the head of the comments queue! Does this reveal me as being too reliant on tor?

"Take it easy hoss, coincidences do occur. Check it out next time 'round"

I've been chatting to some chicoms over the past few days - they've been trying, hard, to re-assure me that everyone in China can access the global internet. LOL

Now I'm gonna hafta refer 'em to this 5.5.1 thread so that they can cobble up reasons as to why such a wonderful ideology needs tor...

Oooops! I don't need to - they're here already...

Anonymous (not verified) said:

February 07, 2016

Permalink

good

Anonymous (not verified) said:

February 07, 2016

Permalink

We are new to Tor.

Yesterday, using a 4 exit router, I wanted to plug the laptop (using TOR) into one outlet and the wife wanted the desktop (non-TOR) plugged into another one. On the laptop I got a message about the same IP being used on both.

Could this situation compromise my security via TOR?

Please advise?
Thanks.
Keep up the good work.

Just another Tor user here.

Your problem description is a little vague between whether the message meany the two computers were sharing the same external IP (that's the one assigned by your ISP to your router), or the (supposedly) unique internal IPs assigned via DHCP by the router to each computer. In either case, it's irrelevant to Tor, as that conceals the external IP, which is what websites typically log to track you.

The internal IPs (typically of the form 192.168.x.y) should be hidden from the internet by the router's Network Address Translation (NAT) table, though this can be circumvented by naughty javascript blabbing that back to a website. It should be impossible for DHCP to assign the same IP to two different computers, so I assume that the 'message' was not that but just one confirming the same external IP that each computer has to share via the router's NAT table.

Does that match what you saw?

Thanks for getting back to us and for your thoughts.

I have just tried to reproduce the situation, so as to be able to note down the actual message and transcribe it here, but it hasn't shown itself again.

I do remember though that the message advised us to contact (someone like) the system administrator to resolve the issue.

We have the McAfee firewall and under the section "My network connections" the IP addresses shown on both the laptop and the desktop are exactly the same.(or rather the same range: e.g. 192.168.A. B to 192.168.A.C.

I'm sorry if I am not being very clear. As I said previously we are new to all this.

As for Javascript, on the laptop where we run TOR I have scripts globally forbidden and Javacript disabled in about:config.

Your further thoughts would be appreciated.

Thanks

"contact (someone like) the system administrator to resolve the issue"
Those grey messages can be copied. Be sure the message "window" is the active window, by clicking the title bar or anywhere but the "ok" button. Then use the usual copy keyboard command Ctrl+C, which is:
(hold) Ctrl, tap C (then release Ctrl key)
Then you can paste into a text file, or directly into... here.

From what you wrote, I'm guessing that mcafee firewall probably is allowing your local network to access among itself. i doubt mcaffee is causing that windows error message. that range is router's range, which most often is:
192.168.0.0 through 192.168.0.255
or
192.168.1.0 through 192.168.1.255

suspect the message was a windows message about local IP (192.168.0.x or nearly that on home routers) conflict. The conflict shouldn't stop internet access, but will erratically break local network connections.
You may not need local connections.

if you do,
Run eventvwr.msc. look for errors near the time the messages popup. you might see master browser errors.
Then, search the web for the event number and some of the error text.

setting each pc and laptop to a static IP might fix the problem. Might need to turn off master browser in services.msc, and maybe create lmhosts file.

or maybe easier is to let only one pc run its master browser. It is best if that PC is running more often than the other pcs.
the other pcs should obey that master browser pc.

Anonymous (not verified) said:

February 07, 2016

Permalink

I am really satisfied with TOR in IRAN . I thing TOR is the best one . some time it happens slow connection . but it is not so important.
h.hayati

Anonymous (not verified) said:

February 08, 2016

Permalink

i still cant surf the net with mtn nigeria modem. it seems the network provider has blocked tor. pls provide guide to surf with mtn modem

Anonymous (not verified) said:

February 08, 2016

Permalink

ok

Anonymous (not verified) said:

February 08, 2016

Permalink

In the past few weeks I have experienced several times an "secure connection failed" error while connecting to a https page.
The TOR Browser gives me an option to report the incident.
I have three questions:
1. To whom exactly is this report sent? TOR? Mozilla? (If it is sent to Mozilla, do they share this information with you afterwards?)
2. Is it being sent by the same TOR circuit as the previously failed connection?
3. When this error happens, the TOR button does not display the information about the nodes of the current circuit. Is there a way to get this information from within the TOR browser?

Thank you for answering in advance.

i think this one of many firefox certificate errors?

but, when a page doesn't connect, i use torbutton "new tor circiut for this site". then tbb usually connects.

Thanks. I'm suspecting this may be a result of a relay tampering with the connection. I'm asking because I would like to report such things, so that relays get banned if they are really up to no good.

Anonymous (not verified) said:

February 08, 2016

Permalink

I want a safe browser. I sure hope developers do not give in to requests for emoji and other nonsense that prove to have vulnerabilities for backdoor hacking. Keep it safe and flush those requests with the brains that ask for them.

Anonymous (not verified) said:

February 08, 2016

Permalink

some1 pls explain to me, was inalot of forums, wasnt able to find answerr why fullscreen,s is unsecure? i mean a fella has 1400x700 res so as millionz of them in the world, what does that unveils?

First of all, I don't think 1400x700 is that standard a resolution.
The resolution that can be determined via javascript, css, or whatever else isn't your screen resolution, it's the resolution of the internal window. If you do anything that alters that resolution you're changing the reported resolution.
Also, if you use fullscreen in your normal browser you're reducing the size of the haystack that needs to be searched through. It isn't just an issue of the fingerprint of Tor Browser, it's also an issue of the fingerprint of any other browser you use.

i don't see 1400x700 here
http://www.w3schools.com/browsers/browsers_display.asp
in 2016, 35% is the largest percentage of any resolution. many resolutions are single digit percentages.

1400x700 is not here http://www.w3schools.com/browsers/browsers_resolution_higher.asp

no 1400x700 on https://www.w3counter.com/globalstats.php
most common resolution 1366x768 is only 16.67%

Anonymous (not verified) said:

February 08, 2016

Permalink

Im having problem with my tor browser, can anyone help?? I have to restart my computer every time i wanna start my tor, once i restart it will start but if i close it will not start till i restart again. Please help

Anonymous (not verified) said:

February 09, 2016

Permalink

Tor was working fine a week ago . but after the update it doesnt even load pages. not even what i type into the search box. am tired and it sucks

Anonymous (not verified) said:

February 09, 2016

Permalink

hello

It only seems like that because those are the sites you are visiting. Everyone uses different sites.
Besides, Cloudflare isn't as bad as it used to be: you can now get through it even with JS disabled.

>Besides, Cloudflare isn't as bad as it used to be: you can now get through it even with JS disabled.

It's still very bad, chances of not being blocked are very small.
Additionally, it will be even worse once they refresh their cached block lists.

No it's not very bad at all, it takes some time to click on the pictures, yes, but not bad at all. I hope they keep doing stuff like this and not put words that can not be understood without java.

Chances of being blocked seems to depend on site.

What I mean by being better is that you might have to play the click the checkbox game but you can get through without Javascript enabled. Before you couldn't; you'd have to enable Javascript to access the sites.

Anonymous (not verified) said:

February 09, 2016

Permalink

Tor always asks me to download a file with a filename 'cz'. What's that?

Anonymous (not verified) said:

February 09, 2016

Permalink

It is not just Tor. Clownfare are also blocking VPNs. Evil !£"$!%"%%"%"^"^^"^"!!!

Anonymous (not verified) said:

February 09, 2016

Permalink

on the home page once connected, it says Congratulations...
for more information about this exit relay see ''Atlas'' which is hyperlinked.

I can't remember what the Atlas page used to look like, but trying it now it just has a blank search bar, and the Atlas logo in the corner, and no other information

I tried copy and pasting the IP address into the search box but
no response to the Enter key and no 'button'' to click for searching
There's nothing else on the screen except

About - Source code - Report a bug - Contact

Is that all normal? The page appears to have no visible utility

Anonymous (not verified) said:

February 09, 2016

Permalink

graphite font rendering is extremely vulnerable and must be updated!

Disable it with gfx.font_rendering.graphite.enabled;false or
Torbutton:Security Level:High

Anonymous (not verified) said:

February 10, 2016

Permalink

thank you very much .but the speed is too low for downloading . please do something about it soon . and let me know how to speed up my download activities .

This relies on several factors. Every relay has an impact on your speed especially the guard node. You can change your guard by deleting your tor folder and reinstalling tor. This is generally inadvisable as it can more likely land you in the hands of an attacker. Also, if you are downloading from an onion/hidden service expect downloads to be significantly slower. In such a case your data must travel further.

Anonymous (not verified) said:

February 10, 2016

Permalink

Smooth . Tor browser really brings back the internet
to what it used to be, an heaven of knowledge without
the heavy burden of modern tracking.

Anonymous (not verified) said:

February 10, 2016

Permalink

I'm first time user of Tor Browser. How can I see or change option, if I'm a exit node or not?
Thanks in advance for your answer.

You are not an exit or any relay node unless you explicitly configure Tor to become one. So no worries. As long as you just load up the browser without going into the configuration menu you are fine.

Oops! If you want to configure or check just click the configure button immediately before tor bootstraps and starts the browser. The rest should be easy to figure out.

Anonymous (not verified) said:

February 11, 2016

Permalink

Thank you for your continued efforts. It's all about keeping the gremlins dry.

I'm about to add a dedicated relay to the network.

I'm not in a position to run an exit (yet)... but once I find the right hosts I will.

Anonymous (not verified) said:

February 11, 2016

Permalink

I'd just like to say Tor Project and Tor staff are all really special, lovely people
I would also like everyone reading, to please remember, kindness is the most important thing. Please be kind, considerate and sensitive to people. Selfishness is the worst possible thing. It is sub-human.
Empathy is the highest human attribute. So never sacrifice it
Practice empathy and sensitivity in all things

Love to all Tor staff and Tor supporters. unless you work for the US government, then, a big HUG and a lollipop and a teddy bear, and a bubble bath to you because you really, really need it. And its only going to get worse for you. So make that TWO teddy bears for you.

Anonymous (not verified) said:

February 12, 2016

Permalink

nice updated & smooth browser your last version. I am operated this is also nice operated

Anonymous (not verified) said:

February 12, 2016

Permalink

browser console: "Torbutton WARN: no SOCKS credentials found for current document." what does that mean? error on my side or server side?

Anonymous (not verified) said:

February 13, 2016

Permalink

I just downloaded Tor 3 days ago and it doesn't even mask my IP. Dude like wtf, seriously. Displays a random IP on the Test Tor Network Settings, but its fake. When I go to whatsmyip it displays my REAL IP. No seriously WTF??????

Everyone needs to check their IP before browsing on Tor. THis is first time its happed. Maybe a fault in the version or my laptop thts doing it, though dont know how thats possible.

Anonymous (not verified) said:

February 16, 2016

Permalink

I am using Windows 8 OS. While using TOR Recently it is taking time to open the Sites and sometimes it get hanged. Can you please suggest any remedy inorder to increase the SPEED considerably while using TOR Browser which is applicable for Windows OS 8.