Tor Browser 5.5.2 is released

by gk | February 12, 2016

Tor Browser 5.5.2 is now available from the Tor Browser Project page and also from our distribution directory.

This release features important security updates to Firefox.

Users on the security level "High" or "Medium-High" were not affected by the bugs in the Graphite font rendering library.

The full changelog since 5.5.1 is:

Tor Browser 5.5.2 -- February 12 2016

  • All Platforms
    • Update Firefox to 38.6.1esr
    • Update NoScript to 2.9.0.3

Comments

Please note that the comment area below has been archived.

Anonymous (not verified) said:

February 12, 2016

Permalink

Hmm, getting the error "The integrity of the update could not be verified" when I try to update. I'm on Qubes-Whonix. Tried getting a new identity, which didn't make any difference. The error shows up in 2 of my VM's, but doesn't in another. Any idea what's wrong?

Anonymous (not verified) said:

February 12, 2016

Permalink

via Tor browser, LINUX ubuntu 14.4 64 bit
yes update via Tor browserinternal update automatically

Another thing you could do is checking were exactly the issue is by setting `app.update.log` in your Tor Browser to `true` and open the browser console with Ctrl + Shift + J and looking at the log output.

Anonymous (not verified) said:

February 12, 2016

Permalink

(I'm the person you replied to.) Qubes-Whonix is 64-bit. I restarted Tor Browser, told it again to look for updates, and that fixed it. I'm not sure why restarting Tor Browser fixed it; I've never seen that behavior before. Sadly I don't have any debug output for you.

Anonymous (not verified) said:

February 12, 2016

Permalink

As I am new and don't know, hereby a copy of a posting to help@rt.torproject.org:

5.5.1 (based on Mozilla Firefox 38.6.0)

https://thegreateststorynevertold.tv

Safe mode:

The proxy server is refusing connections

Firefox is configured to use a proxy server that is refusing connections.

Check the proxy settings to make sure that they are correct.
Contact your network administrator to make sure the proxy server is working.
-------------

After 30 minutes trying to figure solution: http://thegreateststorynevertold.tv/portfolio/part-8-pearl-harbor/ Screen changed to:

Forbidden

You don't have permission to access /portfolio/part-8-pearl-harbor/ on this server.

Additionally, a 403 Forbidden error was encountered while trying to use an ErrorDocument to handle the request.
Apache Server at thegreateststorynevertold.tv Port 80

Or
I get: This request has been denied for security reasons. If you believe this was in error, please contact support.

Reference #18.37535d68.1455279193.d56bd48

------------------------------

Access Denied
You don't have permission to access "http://www.lufthansa.com/us/en/Homepage?" on this server.

----------------------------

I tried to do as secure as possible. Any advise?

Anonymous (not verified) said:

February 12, 2016

Permalink

مساء الخير ومشكورين على هالبرنامج

Anonymous (not verified) said:

February 12, 2016

Permalink

getting torbutton warn "no SOCKS credentials found for current document" in browser console. proxy setting: http/https without username/password. how to fix this?

I think this message is related to Torbutton not being able to find a domain against which to perform domain isolation for the purpose of showing the tor circuit graph.

It happens because Firefox's own UI uses several windows/documents that trigger Torbutton's algorithm. Examples: about:* pages, some of the Developer Tools sometimes*.

I believe such cases are harmless and you can disregard the warning.

(*) I have also seen this: "Component returned failure code: 0x80070057 (NS_ERROR_ILLEGAL_VALUE) [mozIThirdPartyUtil.getFirstPartyURIFromChannel]"

Anonymous (not verified) said:

February 12, 2016

Permalink

Sorry, just sent you the log output without "setting `app.update.log` in your Tor Browser to `true`"
Where can I find: setting `app.update.log`?

Anonymous (not verified) said:

February 12, 2016

Permalink

Thanks! Quick question: Is there a reason "Medium-High" uses click-to-play HTML5 audio/video media? I can live with Medium-High for daily use but the HTML5 media click-to-play can be a bit annoying at times

You have no clue what you're talking about
>Comparing open source to closed source
>Comparing single ffmpeg misconfiguration issue with giant attack surface of flash with hundreds of vulnerabilities
>Clearly don't understand how the tech works

Comparisons aside, his answer is correct: great increase in attack surface + bad vulnerability track record => great increase in de-anonymisation risk.

Anonymous (not verified) said:

February 12, 2016

Permalink

Hi ,

i have a problem with firefox, i see anything this message "The proxy server is refusing connections

Firefox is configured to use a proxy server that is refusing connections.

Check the proxy settings to make sure that they are correct.
Contact your network administrator to make sure the proxy server is working."

how i can make for have Tor , before i was download this version i never have problem,

thanks & thanks for your working

Practicality, mostly. The maximum security setting does slow many websites down and it disables many web features. Some people (me for example) consider this too high of a price to pay.

Anonymous (not verified) said:

February 12, 2016

Permalink

NO ENTIENTO EL LEGUAJE PERO DOY LAS GRACIAS POR TENER LA OPURTUNIDAD DE CONTAR CON ESTE POGRAMA GRACIA A USTEDE QUE ME ANDADO AMI ESTA OPORTUNIDAD ES MUY BUENO Y COMPARTIBLE CON MI NAVEGADOR MOZILLA FIREFOX

Maybe it was just some corrupted download? Or maybe someone tampered with your (TLS) exit connection? Hard to tell. Keep an eye open, I suppose.

Anonymous (not verified) said:

February 12, 2016

Permalink

Hello,
I will try and make short... I downloaded Tor few days ago, left all settings as Tor has them, did all recommended things, no tool bar stuff, no plugins, and so on. Tor's been running just fine, I use it mainly for one site that I need to log in and change pages. Today 2-12-16 Tor did auto update (5.2.2), all was fine, restarted. So here is the problem.. After I log into that site just fine, after about 5 minutes and changing a few pages on that site, the site logs me out as if the IP address/Tor network disconnected briefly. This keeps happening even after I try different Tor Circuit or New Identity.
Any recommendations would be appreciated. ( will check back later for reply) Thank you.

The site is probably expiring your session when the exit IP changes, as a security measure. Try enabling TrackHostExits in your torrc file located within the tor browser directory. Add the line

TrackHostExits 1

Anonymous (not verified) said:

February 12, 2016

Permalink

ok

Anonymous (not verified) said:

February 12, 2016

Permalink

is it really safe to allow script in https as well as non https websites

gk pls advice and help

let's say it that way: it's less safe. In combination with flash you are definitely leaking your real ip (confirmed with wireshark).

Using Whonix would be a solution to this problem, however, you need to have faith in the guys behind it.

Anonymous (not verified) said:

February 12, 2016

Permalink

There is a new bug in Tor Browser when the CloudFlare Captcha is encountered. One of the captchas requires the web site visitor to copy and past a string of code into a text box then press "verify" button, but the web page layout in this new version of Tor Browser will hide that button, which makes the verification not possible to proceed (this bug did not exist in earlier versions of Tor Browser). It is kind annoying since lots of websites demand this step to go further.

It sounds like you're confused about the CloudFlare bug where CloudFlare censors websites and requires many thousands of users to solve stupid captchas before allowing people to visit websites.

clodflare captchas never work for me, but...
try disabling stylesheet from the View menu. the button might become visible.

alternatively and much more cumbersom IMO,
menu-click near where the button had been, select "inspect element (Q)"
you might have to move around in the html code pane... until you can select the input button.
edit the style to make visible.

Cloudflare captchas actually started working for me around a week ago, with Javascript disabled. They show a bunch of pictures and say to pick out the street signs, for example. Then you have to copy & paste a code string over. This is the first time in something like a year where they are working for me. It's possible other sites continue to be broken, though.

Anonymous (not verified) said:

February 12, 2016

Permalink

TBB 5.5.2 version is released because of security updates. Will Tails follow suit or do users have to make do with the insecure Tails 2.0 for the time being?

Anonymous (not verified) said:

February 13, 2016

Permalink

oop. Got no full-screen big since updating to 5.5.2 :(
any user prefs. in about:config trigger this? I've disabled canvas, additionally!

Anonymous (not verified) said:

February 13, 2016

Permalink

Thank's you have in nice cool browser is it really safe to allow script in https well good https websites.

Anonymous (not verified) said:

February 13, 2016

Permalink

I'm still updating manually so I can verify the signature with gpg. I know the update server cert is pinned, but a compromise of that server could compromise the package. On the other hand, the tbb package is gpg signed on the developer's machine and would be immune to update server compromise, correct?

How much work would it be for the tbb developers to modify the auto updater to check the download against an embedded gpg signature?

It checks against an embedded signature. And Tor Browser refuses to apply the update if tha signature is wrong. So, even if the update server were compromised that's not enough to get our users to apply a compromised update.

Anonymous (not verified) said:

February 13, 2016

Permalink

Thank you so much for all the work - every single day i use Tor and am thankful for it.

Anonymous (not verified) said:

February 13, 2016

Permalink

nice

Anonymous (not verified) said:

February 14, 2016

Permalink

Hi,

This new version added some new features which is useful. Keep up the good work. In fact it solved a problem. I was trying to download a file using Microsoft Edge browser but the URL was messed up by our local ISP. I used Tor browser and every thing worked fine.

Anonymous (not verified) said:

February 14, 2016

Permalink

salut

Anonymous (not verified) said:

February 14, 2016

Permalink

Can someone please tell me why 5.5.2 updates automatically?

Previously I was promoted to download the tar file and the signature to check with gpg.

Why the change? Shouldn't this have been announced? No everyone likes automatic downloads without knowing in advance!

Did you happen to update to 5.5.2 from a really old version? I don't remember which version, but the auto updater was introduced quite a while ago. There is an about:config option to disable it, but I'm not sure if TorButton still blinks when a new tarball is available since the auto updater was enabled, so you would risk running an outdated version if you disable it.

Anonymous (not verified) said:

February 14, 2016

Permalink

Thankfully because Tor Browser anti filter internet . this anti is great.

Anonymous (not verified) said:

February 14, 2016

Permalink

Hello bro!

how to change independently new circuit (TIME change)?
or auto change 3 minutes

The Tor configuration shipped with Tor Browser already changes circuit based on time (10 minutes IIRC). I would advice not changing it, but if you still want to do it read the tor manual page.

Anonymous (not verified) said:

February 14, 2016

Permalink

Cannot install latest Tor update. I attempt to install and I am given a error pop-up message from Windows 10 reporting I may have another copy of Firefox running.

Checked all processes and do not ever see more than the one instance running when I attempt the update. Tried several times and attempted the install later option but no luck.

Any thoughts.......

-----mikeD

For reasons unknown this morning when I started Tor per usual on Firefox the Tor update completed without reported error!

Changelog:
Tor Browser 5.5.2 -- February 12 2016
* All Platforms
* Update Firefox to 38.6.1esr
* Update NoScript to 2.9.0.3

Thanks and keep up the good work!

-----mikeD

Anonymous (not verified) said:

February 14, 2016

Permalink

After a fresh installation of torbrowser-install-5.5.2_en-US.exe in a new folder I get two pages at start in different tabs. The "Welcome" page and a page saying "Tor Browser has been updated".

What triggers this page with the update notification?
I would like to preclude the possibility of unknown changes after starting a new installation.

Hm... works for me. Does this happen every time you download a clean, fresh Tor Browser 5.5.2 and install it? Which Windows are you using?

The page gets loaded if the browser is detecting a new Tor Browser version after an update. (at least that's the idea)

Anonymous (not verified) said:

February 15, 2016

Permalink

I found transferring the pref.js with my settings from the previous installation results into the additional tab with the "Tor Browser has been updated" page.
This has not occurred on any previous installation up to Torbrowser 5.5 despite using the same pref.js.

Anonymous (not verified) said:

February 14, 2016

Permalink

great job guys and what about updates for Orfox for mobile i use my Android Phone more often 4 internet , i dont need it as much as others do but i have a crappy overheating computer currently when used too much

Anonymous (not verified) said:

February 16, 2016

Permalink

I am the user of Tor Browser. It sometimes says that some other software is try to identify my computer. What should i do in this case. Will it be safe to go ahead or wait for the solution. Please advise.

Do you mean this notice?

Screenshot of the canvas warning.

Almost always, you can click "Not now" or "Never for this site". You only need to click "Allow in the future" for a few websites that require it.

The notice is Tor Browser's defense against canvas fingerprinting, which is a way to track web browsers by how they draw graphics. It is used a lot by web advertising companies.

Anonymous (not verified) said:

February 17, 2016

Permalink

How can i deactivate this window so everytime and for all websites it declines to extract html5 canvas image data?
Ty

Anonymous (not verified) said:

February 16, 2016

Permalink

Process: firefox [625]
Path: /Applications/TorBrowser.app/Contents/MacOS/firefox
Identifier: org.mozilla.tor browser
Version: 5.5.2 (3800.1.1)
Code Type: X86-64 (Native)
Parent Process: ??? [1]
Responsible: firefox [625]
User ID: 501

Date/Time: 2016-02-16 15:25:17.054 +0300
OS Version: Mac OS X 10.11.3 (15D21)
Report Version: 11
Anonymous UUID: 2C9A98D3-FE93-2258-3E15-896AF08E8552

Sleep/Wake UUID: 5CF91AA6-7602-434B-B8CA-915A87EAC831

Time Awake Since Boot: 5800 seconds
Time Since Wake: 2700 seconds

System Integrity Protection: enabled

Crashed Thread: 0 Dispatch queue: com.apple.main-thread

Exception Type: EXC_BAD_ACCESS (SIGSEGV)
Exception Codes: KERN_INVALID_ADDRESS at 0x00000ab000000015
Exception Note: EXC_CORPSE_NOTIFY

VM Regions Near 0xab000000015:
mapped file 0000000125500000-000000012576a000 [ 2472K] rw-/rwx SM=COW
-->
STACK GUARD 0000700000000000-0000700000001000 [ 4K] ---/rwx SM=NUL stack guard for thread 1

Application Specific Information:
objc_msgSend() selector name: hash

Thread 0 Crashed:: Dispatch queue: com.apple.main-thread
0 libobjc.A.dylib 0x00007fff95b7d4e9 objc_msgSend + 41
1 com.apple.Foundation 0x00007fff8ef2a4d8 -[NSConcreteMapTable objectForKey:] + 42
2 com.apple.UIFoundation 0x00007fff916a7809 +[__NSFontTypefaceInfo typefaceInfoForPostscriptName:options:] + 155
3 com.apple.UIFoundation 0x00007fff916ae56f __NSGetMetaFontInstance + 983
4 XUL 0x0000000102a7d425 0x1022d6000 + 8025125

Thread 1:
0 libsystem_kernel.dylib 0x00007fff980a36de __workq_kernreturn + 10
1 libsystem_pthread.dylib 0x00007fff993af729 _pthread_wqthread + 1283
2 libsystem_pthread.dylib 0x00007fff993ad365 start_wqthread + 13

Thread 2:: Dispatch queue: com.apple.libdispatch-manager
0 libsystem_kernel.dylib 0x00007fff980a3ff6 kevent_qos + 10
1 libdispatch.dylib 0x00007fff99af8099 _dispatch_mgr_invoke + 216
2 libdispatch.dylib 0x00007fff99af7d01 _dispatch_mgr_thread + 52

Thread 3:
0 libsystem_kernel.dylib 0x00007fff980a36de __workq_kernreturn + 10
1 libsystem_pthread.dylib 0x00007fff993af729 _pthread_wqthread + 1283
2 libsystem_pthread.dylib 0x00007fff993ad365 start_wqthread + 13

Thread 4:
0 libsystem_kernel.dylib 0x00007fff980a36de __workq_kernreturn + 10
1 libsystem_pthread.dylib 0x00007fff993af729 _pthread_wqthread + 1283
2 libsystem_pthread.dylib 0x00007fff993ad365 start_wqthread + 13

Thread 5:: Gecko_IOThread
0 libsystem_kernel.dylib 0x00007fff980a3fc6 kevent + 10
1 XUL 0x0000000102540bd1 0x1022d6000 + 2534353

Thread 6:: Socket Thread
0 libsystem_kernel.dylib 0x00007fff980a3176 __select + 10
1 libnss3.dylib 0x00000001021ec565 poll + 485

Thread 7:: Analysis Helper
0 libsystem_kernel.dylib 0x00007fff980a2eb2 __psynch_cvwait + 10
1 libsystem_pthread.dylib 0x00007fff993b0150 _pthread_cond_wait + 767
2 libnss3.dylib 0x00000001021ff607 PR_WaitCondVar + 103

Thread 8:: Analysis Helper
0 libsystem_kernel.dylib 0x00007fff980a2eb2 __psynch_cvwait + 10
1 libsystem_pthread.dylib 0x00007fff993b0150 _pthread_cond_wait + 767
2 libnss3.dylib 0x00000001021ff607 PR_WaitCondVar + 103

Thread 9:: Analysis Helper
0 libsystem_kernel.dylib 0x00007fff980a2eb2 __psynch_cvwait + 10
1 libsystem_pthread.dylib 0x00007fff993b0150 _pthread_cond_wait + 767
2 libnss3.dylib 0x00000001021ff607 PR_WaitCondVar + 103

Thread 10:: Analysis Helper
0 libsystem_kernel.dylib 0x00007fff980a2eb2 __psynch_cvwait + 10
1 libsystem_pthread.dylib 0x00007fff993b0150 _pthread_cond_wait + 767
2 libnss3.dylib 0x00000001021ff607 PR_WaitCondVar + 103

Thread 11:: Analysis Helper
0 libsystem_kernel.dylib 0x00007fff980a2eb2 __psynch_cvwait + 10
1 libsystem_pthread.dylib 0x00007fff993b0150 _pthread_cond_wait + 767
2 libnss3.dylib 0x00000001021ff607 PR_WaitCondVar + 103

Thread 12:: Analysis Helper
0 libsystem_kernel.dylib 0x00007fff980a2eb2 __psynch_cvwait + 10
1 libsystem_pthread.dylib 0x00007fff993b0150 _pthread_cond_wait + 767
2 libnss3.dylib 0x00000001021ff607 PR_WaitCondVar + 103

Thread 13:: Analysis Helper
0 libsystem_kernel.dylib 0x00007fff980a2eb2 __psynch_cvwait + 10
1 libsystem_pthread.dylib 0x00007fff993b0150 _pthread_cond_wait + 767
2 libnss3.dylib 0x00000001021ff607 PR_WaitCondVar + 103

Thread 14:: Analysis Helper
0 libsystem_kernel.dylib 0x00007fff980a2eb2 __psynch_cvwait + 10
1 libsystem_pthread.dylib 0x00007fff993b0150 _pthread_cond_wait + 767
2 libnss3.dylib 0x00000001021ff607 PR_WaitCondVar + 103

Thread 15:
0 libsystem_kernel.dylib 0x00007fff9809d386 mach_msg_trap + 10
1 libsystem_kernel.dylib 0x00007fff9809c7c7 mach_msg + 55
2 XUL 0x0000000104462db0 0x1022d6000 + 35179952

Thread 16:: JS Watchdog
0 libsystem_kernel.dylib 0x00007fff980a2eb2 __psynch_cvwait + 10
1 libsystem_pthread.dylib 0x00007fff993b0150 _pthread_cond_wait + 767

Thread 17:: Hang Monitor
0 libsystem_kernel.dylib 0x00007fff980a2eb2 __psynch_cvwait + 10
1 libsystem_pthread.dylib 0x00007fff993b0150 _pthread_cond_wait + 767
2 libnss3.dylib 0x00000001021ff607 PR_WaitCondVar + 103

Thread 18:
0 libsystem_kernel.dylib 0x00007fff980a36de __workq_kernreturn + 10
1 libsystem_pthread.dylib 0x00007fff993af729 _pthread_wqthread + 1283
2 libsystem_pthread.dylib 0x00007fff993ad365 start_wqthread + 13

Thread 19:
0 libsystem_kernel.dylib 0x00007fff980a36de __workq_kernreturn + 10
1 libsystem_pthread.dylib 0x00007fff993af729 _pthread_wqthread + 1283
2 libsystem_pthread.dylib 0x00007fff993ad365 start_wqthread + 13

Thread 20:: Timer
0 libsystem_kernel.dylib 0x00007fff980a2eb2 __psynch_cvwait + 10
1 libsystem_pthread.dylib 0x00007fff993b0150 _pthread_cond_wait + 767
2 libnss3.dylib 0x00000001021ff699 PR_WaitCondVar + 249

Thread 21:: Cache2 I/O
0 libsystem_kernel.dylib 0x00007fff980a2eb2 __psynch_cvwait + 10
1 libsystem_pthread.dylib 0x00007fff993b0150 _pthread_cond_wait + 767
2 libnss3.dylib 0x00000001021ff607 PR_WaitCondVar + 103

Thread 22:
0 libsystem_kernel.dylib 0x00007fff980a2eb2 __psynch_cvwait + 10
1 libsystem_pthread.dylib 0x00007fff993b0150 _pthread_cond_wait + 767

Thread 23:: Cert Verify
0 libsystem_kernel.dylib 0x00007fff980a2eb2 __psynch_cvwait + 10
1 libsystem_pthread.dylib 0x00007fff993b0150 _pthread_cond_wait + 767
2 libnss3.dylib 0x00000001021ff607 PR_WaitCondVar + 103

Thread 24:: mozStorage #1
0 libsystem_kernel.dylib 0x00007fff980a2eb2 __psynch_cvwait + 10
1 libsystem_pthread.dylib 0x00007fff993b0150 _pthread_cond_wait + 767

Thread 25:: Proxy R~olution
0 libsystem_kernel.dylib 0x00007fff980a2eb2 __psynch_cvwait + 10
1 libsystem_pthread.dylib 0x00007fff993b0150 _pthread_cond_wait + 767

Thread 26:: SSL Cert #1
0 libsystem_kernel.dylib 0x00007fff980a2eb2 __psynch_cvwait + 10
1 libsystem_pthread.dylib 0x00007fff993b0150 _pthread_cond_wait + 767
2 libnss3.dylib 0x00000001021ffd0f PR_Wait + 303

Thread 27:: RunProcess
0 libsystem_kernel.dylib 0x00007fff980a367e __wait4 + 10
1 XUL 0x00000001023621fe 0x1022d6000 + 573950

Thread 28:: IPDL Background
0 libsystem_kernel.dylib 0x00007fff980a2eb2 __psynch_cvwait + 10
1 libsystem_pthread.dylib 0x00007fff993b0150 _pthread_cond_wait + 767

Thread 29:: ImageIO
0 libsystem_kernel.dylib 0x00007fff980a2eb2 __psynch_cvwait + 10
1 libsystem_pthread.dylib 0x00007fff993b0150 _pthread_cond_wait + 767

Thread 30:: ImageDecoder #1
0 libsystem_kernel.dylib 0x00007fff980a2eb2 __psynch_cvwait + 10
1 libsystem_pthread.dylib 0x00007fff993b0150 _pthread_cond_wait + 767
2 libnss3.dylib 0x00000001021ffd0f PR_Wait + 303

Thread 31:: Compositor
0 libsystem_kernel.dylib 0x00007fff980a2eb2 __psynch_cvwait + 10
1 libsystem_pthread.dylib 0x00007fff993b0150 _pthread_cond_wait + 767
2 XUL 0x0000000102542aa8 0x1022d6000 + 2542248
3 ??? 0x8000000000000000 0 + 9223372036854775808

Thread 32:: ImageBridgeChild
0 libsystem_kernel.dylib 0x00007fff980a2eb2 __psynch_cvwait + 10
1 libsystem_pthread.dylib 0x00007fff993b0150 _pthread_cond_wait + 767
2 XUL 0x0000000102542aa8 0x1022d6000 + 2542248
3 ??? 0x8000000000000000 0 + 9223372036854775808

Thread 33:: com.apple.NSEventThread
0 libsystem_kernel.dylib 0x00007fff9809d386 mach_msg_trap + 10
1 libsystem_kernel.dylib 0x00007fff9809c7c7 mach_msg + 55
2 com.apple.CoreFoundation 0x00007fff8f6d7624 __CFRunLoopServiceMachPort + 212
3 com.apple.CoreFoundation 0x00007fff8f6d6aec __CFRunLoopRun + 1356
4 com.apple.CoreFoundation 0x00007fff8f6d6338 CFRunLoopRunSpecific + 296
5 com.apple.AppKit 0x00007fff8c586065 _NSEventThread + 149
6 libsystem_pthread.dylib 0x00007fff993afc13 _pthread_body + 131
7 libsystem_pthread.dylib 0x00007fff993afb90 _pthread_start + 168
8 libsystem_pthread.dylib 0x00007fff993ad375 thread_start + 13

Thread 34:: DOM Worker
0 libsystem_kernel.dylib 0x00007fff980a2eb2 __psynch_cvwait + 10
1 libsystem_pthread.dylib 0x00007fff993b0150 _pthread_cond_wait + 767
2 libnss3.dylib 0x00000001021ff607 PR_WaitCondVar + 103

Thread 35:
0 libsystem_kernel.dylib 0x00007fff9809d386 mach_msg_trap + 10
1 libsystem_kernel.dylib 0x00007fff9809c7c7 mach_msg + 55
2 XUL 0x0000000104462295 0x1022d6000 + 35177109

Thread 36:: ImageDecoder #2
0 libsystem_kernel.dylib 0x00007fff980a2eb2 __psynch_cvwait + 10
1 libsystem_pthread.dylib 0x00007fff993b0150 _pthread_cond_wait + 767
2 libnss3.dylib 0x00000001021ffd0f PR_Wait + 303

Thread 37:: ImageDecoder #3
0 libsystem_kernel.dylib 0x00007fff980a2eb2 __psynch_cvwait + 10
1 libsystem_pthread.dylib 0x00007fff993b0150 _pthread_cond_wait + 767
2 libnss3.dylib 0x00000001021ffd0f PR_Wait + 303

Thread 38:: MediaManager
0 libsystem_kernel.dylib 0x00007fff980a2eb2 __psynch_cvwait + 10
1 libsystem_pthread.dylib 0x00007fff993b0150 _pthread_cond_wait + 767

Thread 39:: StreamTrans #11
0 libsystem_kernel.dylib 0x00007fff980a2eb2 __psynch_cvwait + 10
1 libsystem_pthread.dylib 0x00007fff993b0150 _pthread_cond_wait + 767
2 libnss3.dylib 0x00000001021ffd0f PR_Wait + 303

Thread 40:: Cache I/O
0 libsystem_kernel.dylib 0x00007fff980a2eb2 __psynch_cvwait + 10
1 libsystem_pthread.dylib 0x00007fff993b0150 _pthread_cond_wait + 767

Thread 41:: mozStorage #2
0 libsystem_kernel.dylib 0x00007fff980a2eb2 __psynch_cvwait + 10
1 libsystem_pthread.dylib 0x00007fff993b0150 _pthread_cond_wait + 767

Thread 42:: mozStorage #3
0 libsystem_kernel.dylib 0x00007fff980a2eb2 __psynch_cvwait + 10
1 libsystem_pthread.dylib 0x00007fff993b0150 _pthread_cond_wait + 767

Thread 43:: localStorage DB
0 libsystem_kernel.dylib 0x00007fff980a2eb2 __psynch_cvwait + 10
1 libsystem_pthread.dylib 0x00007fff993b0150 _pthread_cond_wait + 767
2 libnss3.dylib 0x00000001021ff607 PR_WaitCondVar + 103

Thread 44:: mozStorage #4
0 libsystem_kernel.dylib 0x00007fff980a2eb2 __psynch_cvwait + 10
1 libsystem_pthread.dylib 0x00007fff993b0150 _pthread_cond_wait + 767

Thread 45:: SSL Cert #2
0 libsystem_kernel.dylib 0x00007fff980a2eb2 __psynch_cvwait + 10
1 libsystem_pthread.dylib 0x00007fff993b0150 _pthread_cond_wait + 767
2 libnss3.dylib 0x00000001021ffd0f PR_Wait + 303

Thread 46:: URL Classifier
0 libsystem_kernel.dylib 0x00007fff980a2eb2 __psynch_cvwait + 10
1 libsystem_pthread.dylib 0x00007fff993b0150 _pthread_cond_wait + 767

Thread 47:: HTML5 Parser
0 libsystem_kernel.dylib 0x00007fff980a2eb2 __psynch_cvwait + 10
1 libsystem_pthread.dylib 0x00007fff993b0150 _pthread_cond_wait + 767

Thread 48:: mozStorage #5
0 libsystem_kernel.dylib 0x00007fff980a2eb2 __psynch_cvwait + 10
1 libsystem_pthread.dylib 0x00007fff993b0150 _pthread_cond_wait + 767

Thread 0 crashed with X86 Thread State (64-bit):
rax: 0x0000000000000008 rbx: 0x000000010079a9a0 rcx: 0x0000000000000000 rdx: 0x00007fff5fbf4d80
rdi: 0x000000010079a9a0 rsi: 0x00007fff8fac806a rbp: 0x00007fff5fbf4d70 rsp: 0x00007fff5fbf4d28
r8: 0x0000000000000000 r9: 0x0000000000000000 r10: 0x00000ab000000015 r11: 0x0000000100000000
r12: 0x29004e90cd1b0173 r13: 0x000000010079a9a0 r14: 0x00007fff78a3e0b8 r15: 0x000000010bac4c70
rip: 0x00007fff95b7d4e9 rfl: 0x0000000000010202 cr2: 0x00000001160980ac

Logical CPU: 0
Error Code: 0x02000131
Trap Number: 133

EDIT (gk): Thanks the above should be enough for trying to track you issue down.

[snip]

Anonymous (not verified) said:

February 16, 2016

Permalink

I've been unable to use obfs4 custom bridges since 5.5 and it still doesn't work. I used custom bridges when obfs3 was the default and used obfs3 custom but now with obfs4 it doesn't work anymore,I can't use obfs4 custom. Don't know why. I haven't change anything else in tor browser.

[WARN] Proxy Client: unable to connect to xxx.xxx.xxx.xx:xxxxxx ("general SOCKS server failure")

[WARN] Proxy Client: unable to connect to xxx.xxx.xxx.xx:xxxxxx ("general SOCKS server failure")

Anonymous (not verified) said:

February 17, 2016

Permalink

I've see this same bug with bridges that I know to be up and working. There's a Trac ticket on this.

Anonymous (not verified) said:

February 16, 2016

Permalink

ok

glibc is patched on debian & ubuntu (slackware is not vulnerable) _ tail is vulnerable as o.s until the next release but , like it is a cd live , i think you can use it.

All speculation here, but I think stack smashing protection (SSP, a feature of GCC) would prevent the remote code execution vuln though not the denial of service. I cant imagine Tails is built without SSP.

Anonymous (not verified) said:

February 19, 2016

Permalink

OK

Anonymous (not verified) said:

February 19, 2016

Permalink

It is creepy that a web server can log what text a users selects on a page for copying.
Tor Browser mitigates this with anonymity but I think dom.event.clipboardevents.enabled should be set to false by default.

Anonymous (not verified) said:

February 20, 2016

Permalink

Do not operate ONION sites. Upload, but give the error "Unable to Connect". Version - 5.5.2.

Anonymous (not verified) said:

February 23, 2016

Permalink

Хоть кто-то проделывает эту работу! Оромное спасибо! (сделаю внос как-только опредеделюсь,как...)

Anonymous (not verified) said:

February 25, 2016

Permalink

Good

I've looked at the release notes for the new version, and it looks like Tor should be ok. (It will still be a good idea to upgrade, for your other applications, maybe.)

Anonymous (not verified) said:

February 27, 2016

Permalink

I know you're not supposed to add any addons... but what would be the risk of just using Tor + ublock origin?

cheers.

Anonymous (not verified) said:

February 27, 2016

Permalink

hello torproject,
The TAILS distributors will replace Vidalia in TAILS 2.2. Good, its unmaintained for years.
https://tails.boum.org/news/test_2.2-rc1/index.en.html

https://labs.riseup.net/code/issues/6841
BUT, there seems to be no substitute for
Settings -> Advanced -> 'Edit current torcc'.
With editing torcc you can set custom Guard Nodes.
Necessary/mandatory when you boot Tails with DVD.
Otherwise, you won't have normal Guard security like TBB.
This would be a big problem! Wouldn't ?

Without editing torcc for Guard Nodes, TAILS would be a REALLY big problem here)-:.
Please Help. It's important.

Anonymous (not verified) said:

February 28, 2016

Permalink

Thank a lot tor developers... Great upgrade..good job..

Anonymous (not verified) said:

February 29, 2016

Permalink

Icant save my passwords...help me plz

Anonymous (not verified) said:

February 29, 2016

Permalink

Recently I'm upgrade to Tor bundle 5.5.2 I want to write on my wordpress.com and wix.com websites using it As I see it It doesn't work at all. Even I can't post any single thing. While I use firefox+blackbeltprivacy or manually connect my firefox to torbundle by using socks 127.0.0.1 and port the tor port, it works. Now is it Firefox of Tor in question or is it tor routers who in glitch?

Anonymous (not verified) said:

March 02, 2016

Permalink

Bangla Font is not shown. Please provide solution.

[edit] leaving personal information out, gk

Anonymous (not verified) said:

March 02, 2016

Permalink

Facebook no longer works in this new version. Can anyone attempt it?
I am using the .onion rather than .com URL.
Able to login but unable to view any pictures.

Anonymous (not verified) said:

March 03, 2016

Permalink

Can anyone answer me why in this update i cannot open .onion sites
and they all open with .cab from the proxy tor2web?I cannot access any hidden services and cant seem to configure it to use Tor directly without the proxy .cab? I remember this happening about 2 years ago with a previous update what are the solutions?

Anonymous (not verified) said:

March 04, 2016

Permalink

I have seen that some videoes are not playing in my browser. it shows that " a plug in is required". how to download a plugin which plays video????

Anonymous (not verified) said:

March 05, 2016

Permalink

I want to play an online game which requires adobe flash player. I already unchecked the disable plugins. But I can't see any flash player plugin in the add-ons of tor. pls help me. i need flash player. i tried downloading but adobe download manager always stops working

Anonymous (not verified) said:

March 05, 2016

Permalink

Orbot on Android has a nice interface to let you interactively select which country a connection will exit from. Is there any chance you will implement a similar interface for Tor under Windows? It is a hassle to have to set TorExitNodes in the settings file.

Anonymous (not verified) said:

March 11, 2016

Permalink

It would be extremely useful to do what she is describing in the original question. For example, if you want to watch a Canadian video that is licensed to only be viewed to a Canadian license, then your exit node has to be Canadian for that.

And I agree with the comment that the current method based on setting Tor ExitNodes is extremely time consuming and cumbersome.

Anonymous (not verified) said:

March 06, 2016

Permalink

I would like to present my sincere THANKS to the TOR Team for the hard work and for the application new release. That shows that TOR people is awake, alert and working to provide to this browser the space in WEB that it deserves.

Congratulations and thank you all so much!

Jose R Bueno - S Paulo - Brazil

Anonymous (not verified) said:

March 06, 2016

Permalink

U need to fix plugin shockwawe
it can not start when i want to go on game and ask to uppgrade plugin
and wont start after uppgrading
please fix that i cant go on my games anymore...

Anonymous (not verified) said:

March 11, 2016

Permalink

Отличный браузер! В отдельных случаях очень выручает!