Tor Browser 7.5a1 is released
Tor Browser 7.5a1 is now available from the Tor Browser Project page and also from our distribution directory.
This release features important security updates to Firefox.
Tor Browser 7.5a1 is the first alpha in the 7.5 series. It updates Firefox to 52.2.0esr and contains all the improvements that went into versions 7.0 and 7.0.1. In addition to that it includes Tor version 0.3.1.3-alpha and sandboxed-tor-browser version 0.0.7.
Here is the full changelog since 7.0a4:
- All Platforms
- Update Firefox to 52.2.0esr
- Update Tor to 0.3.1.3-alpha
- Update Torbutton to 1.9.7.4
- Bug 22542: Security Settings window too small on macOS 10.12
- Bug 22104: Adjust our content policy whitelist for ff52-esr
- Bug 22457: Allow resources loaded by view-source://
- Bug 21627: Ignore HTTP 304 responses when checking redirects
- Bug 22459: Adapt our use of the nsIContentPolicy to e10s mode
- Translations update
- Update Tor Launcher to 0.2.12.2
- Bug 22283: Linux 7.0a4 is broken after update due to unix: lines in torrc
- Translations update
- Update HTTPS-Everywhere to 5.2.18
- Update NoScript to 5.0.5
- Update sandboxed-tor-browser to 0.0.7
- Bug 22362: NoScript's XSS filter freezes the browser
- Bug 21766: Fix crash when the external application helper dialog is invoked
- Bug 21886: Download is stalled in non-e10s mode
- Bug 22333: Disable WebGL2 API for now
- Bug 21861: Disable additional mDNS code to avoid proxy bypasses
- Bug 21684: Don't expose navigator.AddonManager to content
- Bug 21431: Clean-up system extensions shipped in Firefox 52
- Bug 22320: Use preference name 'referer.hideOnionSource' everywhere
- Bug 16285: Don't ship ClearKey EME system and update EME preferences
- Bug 21972: about:support is partially broken
- Bug 21323: Enable Mixed Content Blocking
- Bug 22415: Fix format error in our pipeline patch
- Bug 21862: Rip out potentially unsafe Rust code
- Bug 16485: Improve about:cache page
- Bug 22462: Backport of patch for bug 1329521 to fix assertion failure
- Bug 22458: Fix broken `about:cache` page on higher security levels
- Bug 18531: Uncaught exception when opening ip-check.info
- Bug 18574: Uncaught exception when clicking items in Library
- Bug 22327: Isolate Page Info media previews to first party domain
- Bug 22452: Isolate tab list menuitem favicons to first party domain
- Bug 15555: View-source requests are not isolated by first party domain
- Bug 5293: Neuter fingerprinting with Battery API
- Bug 22429: Add IPv6 address for Lisbeth:443 obfs4 bridge
- Bug 22468: Add default obfs4 bridges frosty and dragon
- Windows
- OS X
- Bug 22558: Don't update OS X 10.7.x and 10.8.x users to Tor Browser 7.0
- Linux
- Android
- Bug 19078: Disable RtspMediaResource stuff in Orfox
Comments
Please note that the comment area below has been archived.
Hello, I have sandboxed-tor…
Hello, I have sandboxed-tor-browser 0.0.6 with tor-browser-7.0a4 and when I launched it it updated to tor-browser-7.5a1 but did it also update to sandboxed-tor-browser 0.0.7?
No, there is no update…
No, there is no update mechanism available for the sandboxed-tor-browser itself yet. To update that one you need to download the new version.
Thank you sir!
Thank you sir!
I have been having problems…
I have been having problems with slow initial handshakes with obfs 4 bridget to none at all. I am reluctant to use obfs 3. I just installed the latest tails and it just started happening immediately after and continues.
Can the tails team help? Thank you
its right and good to update…
its right and good to update tor-browser to minimize risks
Thanks for the update.
Thanks for the update.
Avast anti virus deletes…
Avast anti virus deletes this version as a generic virus ??? and have to restore it from virus chest
Most of the time it is a…
Most of the time it is a false positive.
https://decvnxytmk.oedi.net/docs/faq.html.en#VirusFalsePositives
What the hell happened to…
What the hell happened to the Tor Browser, every single pay loads two times slowers, when I lick on "New Identity" I have to wait 3-4 seconds, last time the New Identity was instant, and webpages that have scripts are slow downed like hell (try to create a new Bitcoin wallet on Blockchain.info).
If you're on the medium…
If you're on the medium security setting try the low one if you want scrips to load faster.
Nonsense, if there's lag as…
Nonsense, if there's lag as hell it's a bug quite obviously and one should rather revert to the last working TBB and surf on HIGH security settings which is still better than using 7.x on MEDIUM.
Please, fix the notification…
Please, fix the notification about unsecure connection to onion sites. It is firefox notification for clearnet plain http sites, but for onion sites it shouln't be showed.
I have same issue, didn't…
I have same issue, didn't previous verions have https everywhere? I'm concerned when on onion sites especially being very new to security/anonymity
> didn't previous verions…
> didn't previous verions have https everywhere?
HTTPS Everywhere does not affect onion sites, and never has.
I second this.I went around…
I second this.I went around the bend trying to figure out what was wrong.Found nothing.Very annoying.
See the following ticket…
See the following ticket about the warning on login boxes on HTTP sites.
https://trac.torproject.org/projects/tor/ticket/21321
Tor previously worked. Now…
Tor previously worked. Now not starting after update. Any ideas?
Have you tried installing a…
Have you tried installing a clean, new Tor Browse into a different location? What operating system are you on? Do you get error messages? If you are on Windows, do you have firewall/antivirus tools that could interfere with Tor Browser? If so, what happens if you uninstall them (disabling might often not be enough)?
I have also been having the…
I have also been having the same problems after loading new TB updates (to different folders) for Version 7.n.n and later versions of 6 of TB. TB fails to start with no notifications of any problems.
I have now gone back to an old version (6.5.2) which allows me "normal" access.
I run Windows 7 with Windows Firewall and BitDefender AV(Free version). Apart from installing updates for Windows and BiDefender have not (knowingly) altered my PC config.
I see this issue has been reported many times by TB users but I am yet to see any specific resolution?
I understand it is important to maintain the latest TB version so how can I assist to resolving this issue?
how do I active multi…
how do I active multi-process in Tor browser?
It is already on by default…
It is already on by default in almost all cases, no need to activate it.
downloading mail attachment…
downloading mail attachment showing unknown time remaining, what is the solution?
Do you have steps to…
Do you have steps to reproduce your problem? How are you downloading the attachment?
Same problem here since a…
Same problem here since a while: I try downloading .pdfs, the downloading process appears to start but gets stuck: "Unkown time remaining"
Can you test with a recent…
Can you test with a recent alpha version (7.5a5)? It should be fixed there. Note: the current stable (7.0.6) does not have this fix yet but we plan to backport it for 7.0.7.
[06-16 20:09:51] Torbutton…
[06-16 20:09:51] Torbutton NOTE: Exception on control port [Exception... "Component returned failure code: 0x804b000e (NS_ERROR_NET_TIMEOUT) [nsIBinaryInputStream.readBytes]" nsresult: "0x804b000e (NS_ERROR_NET_TIMEOUT)" location: "JS frame :: chrome://torbutton/content/torbutton.js :: torbutton_socket_readline :: line 915" data: no]
Now on Win 7, thanks e10s!
Modernizr.video.h264 × false…
Modernizr.video.h264 × false HTML5 Video h264
on higher security levels too!
Please, make it non-detectable when its click-to-play.
Could you be a bit more…
Could you be a bit more verbose about the bug you are seeing and about the solution you would like to have implemented?
Sites are able to detect…
Sites are able to detect HTML5 A/V codecs available even when they are click-to-play (i.e. disabled).
The videos are click-to-play…
The videos are click-to-play, not the codecs. Those things are not related. The on thing is a security measure to avoid getting exploited due to bugs in codecs or related code. What you want, though, is blocking feature detection probably due to fingerprinting concerns. It seems to me we have https://trac.torproject.org/projects/tor/ticket/13543 for that.
hi Tor we in egypt we can…
hi Tor we in egypt we can use tor anymore becoz the gov have been block it ;(
any way to we can use plz
thanks
I am under the impression…
I am under the impression that pluggable transports, like obfs4 and meek, still work in Egypt.
Please let us know if that is not true anymore.
some strange errors when…
some strange errors when
moz-icon://noscript?size=32&contentType=video/ogg
Can Tor Really Be Trusted? I…
Can Tor Really Be Trusted? I Know It's Been Asked A Million Times. More and more government people are using it. IS it SAFE? No Malicious Code? Can Someone I trust Confirm This?
Your last question ("can…
Your last question ("can someone I trust confirm this") is exactly the right question.
To get there, you need two things: (1) you need the tools in question to be open, documented, and amenable to analysis. (2) you need to know and trust enough people that one of them is good at assessing tools.
We do our best to be great at (1), and you can improve your own situation re (2), by going to your local cryptoparties, meeting more people, and generally getting more integrated with the global security and privacy community.
Error in parsing value for …
Error in parsing value for ‘height’. Declaration dropped. about:tor
Warning: ‘nsIOService::NewChannel()’ deprecated, please use ‘nsIOService::NewChannel2()’ aboutTor.js:42:18
Warning: ‘nsIAboutModule->newChannel(aURI)’ deprecated, please use ‘nsIAboutModule->newChannel(aURI, aLoadInfo)’ viewSource-content.js:350:4
[06-18 13:13:43] Torbutton WARN: no SOCKS credentials found for current document.
Warning: ‘nsIOService::NewChannel()’ deprecated, please use ‘nsIOService::NewChannel2()’ aboutTor.js:42:18
Warning: ‘nsIAboutModule->newChannel(aURI)’ deprecated, please use ‘nsIAboutModule->newChannel(aURI, aLoadInfo)’ NetUtil.jsm:357:15
today when i opened tor i…
today when i opened tor i was asked to update, which i diligently did, since then tor will not open at all, all my settings were setup to use tor ie antivirus,proxy settings, permissions etc (nothings changed). i even tried disabling my vpn,no joy. i've tried it on the 2 platforms i have win7 and win10. i have a performance monitor running and notice it tries to start then shuts down. i also noticed its not listed in the list of programs when you go to add remove programs. i don't think i'm the only one experiencing this since downloading update. any ideas?
Since this is the 7.5a1 post…
Since this is the 7.5a1 post, I assume you're using the alpha 7.5? How does the stable 7.0.1 work for you?
(It sounds like you have some sort of antivirus firewall thing that is killing Tor Browser.)
hi ,…
hi ,
as i said in my post my antivirus hasn't changed ( it worked fine before update and i have tried disabling them), the version i have installed is 1-7,0,1_en_us ?
But tor has changed. So,…
But tor has changed. So, this new Tor Browser version is shipping a new major tor version which your antivirus tool is probably thinking to be malware and prevents it from running. Try uninstalling the antivirus software to check whether it is really the problem (disabling is often not enough).
Hi,…
Hi,
I used Tor browser to circumvent bypass Zscaler at my office and it worked. However now Tor doesn't even start. I tried the various options. However, nothing worked. I find that the LAN's Automatic configuration options lead to Zscaler site. Any idea to regain my internet freedom.
Do you get any error…
Do you get any error messages?
Tor failed to establish a…
Tor failed to establish a tor network connection. Connecting to a relay directory failed (connection refused)
Subsequently I tried configuring the bridges but the connection never got established.
How did you try to configure…
How did you try to configure bridges, what options did you choose? Do you have some log output here as well which might give us a clue on what is going on?
The error log is as below. …
The error log is as below.
6/21/2017 13:03:24 PM.100 [NOTICE] DisableNetwork is set. Tor will not make or accept non-control network connections. Shutting down all existing connections.
6/21/2017 13:03:24 PM.100 [NOTICE] Switching to guard context "bridges" (was using "default")
6/21/2017 13:03:37 PM.500 [NOTICE] DisableNetwork is set. Tor will not make or accept non-control network connections. Shutting down all existing connections.
6/21/2017 13:03:37 PM.500 [NOTICE] Switching to guard context "default" (was using "bridges")
6/21/2017 13:03:37 PM.500 [NOTICE] DisableNetwork is set. Tor will not make or accept non-control network connections. Shutting down all existing connections.
6/21/2017 13:03:37 PM.500 [NOTICE] DisableNetwork is set. Tor will not make or accept non-control network connections. Shutting down all existing connections.
6/21/2017 13:03:37 PM.500 [NOTICE] Opening Socks listener on 127.0.0.1:9150
6/21/2017 13:03:37 PM.700 [NOTICE] Bootstrapped 5%: Connecting to directory server
6/21/2017 13:04:37 PM.700 [WARN] Problem bootstrapping. Stuck at 5%: Connecting to directory server. (Connection refused [WSAECONNREFUSED ]; CONNECTREFUSED; count 10; recommendation warn; host B44FBE5366AD98B46D829754FA4AC599BAE41A6A at 178.16.208.60:443)
6/21/2017 13:04:37 PM.700 [WARN] 9 connections have failed:
6/21/2017 13:04:37 PM.700 [WARN] 9 connections died in state connect()ing with SSL state (No SSL object)
6/21/2017 13:07:06 PM.900 [NOTICE] Closing no-longer-configured Socks listener on 127.0.0.1:9150
6/21/2017 13:07:06 PM.900 [NOTICE] DisableNetwork is set. Tor will not make or accept non-control network connections. Shutting down all existing connections.
6/21/2017 13:07:06 PM.900 [NOTICE] Closing old Socks listener on 127.0.0.1:9150
6/21/2017 13:07:06 PM.900 [NOTICE] Delaying directory fetches: DisableNetwork is set.
6/21/2017 13:08:55 PM.900 [NOTICE] DisableNetwork is set. Tor will not make or accept non-control network connections. Shutting down all existing connections.
6/21/2017 13:08:55 PM.900 [NOTICE] DisableNetwork is set. Tor will not make or accept non-control network connections. Shutting down all existing connections.
6/21/2017 13:08:55 PM.900 [NOTICE] DisableNetwork is set. Tor will not make or accept non-control network connections. Shutting down all existing connections.
6/21/2017 13:08:55 PM.900 [NOTICE] Opening Socks listener on 127.0.0.1:9150
6/21/2017 13:08:57 PM.700 [WARN] Problem bootstrapping. Stuck at 5%: Connecting to directory server. (Connection refused [WSAECONNREFUSED ]; CONNECTREFUSED; count 11; recommendation warn; host 7BE683E65D48141321C5ED92F075C55364AC7123 at 193.23.244.244:443)
6/21/2017 13:08:57 PM.700 [WARN] 10 connections have failed:
6/21/2017 13:08:57 PM.700 [WARN] 10 connections died in state connect()ing with SSL state (No SSL object)
6/21/2017 13:09:04 PM.600 [WARN] Problem bootstrapping. Stuck at 5%: Connecting to directory server. (Connection refused [WSAECONNREFUSED ]; CONNECTREFUSED; count 12; recommendation warn; host AEA43CB1E47BE5F8051711B2BF01683DB1568E05 at 37.187.7.74:443)
6/21/2017 13:09:04 PM.600 [WARN] 11 connections have failed:
6/21/2017 13:09:04 PM.600 [WARN] 11 connections died in state connect()ing with SSL state (No SSL object)
6/21/2017 13:09:04 PM.600 [NOTICE] Closing no-longer-configured Socks listener on 127.0.0.1:9150
6/21/2017 13:09:04 PM.600 [NOTICE] DisableNetwork is set. Tor will not make or accept non-control network connections. Shutting down all existing connections.
6/21/2017 13:09:04 PM.600 [NOTICE] Closing old Socks listener on 127.0.0.1:9150
6/21/2017 13:09:04 PM.600 [NOTICE] Delaying directory fetches: DisableNetwork is set.
Any help will be deeply appreciated.
How did you configure your…
How did you configure your bridge? I am asking because the log looks like you don't have a bridge configured.
Now doesn't work after…
Now doesn't work after update.Tried reloading to different location. Still doesn't work. WILL YOU FIX IT PLEASE? It was ok before the update.
I guess you are on Windows…
I guess you are on Windows and have some antivirus/firewall software installed? If so, then uninstall it and check whether that changes things. Often new major tor versions we ship in Tor Browser get prevented from starting by such kind of software. And, no, disabling the antivirus/firewall software might not be enough.
This has happened to me as…
This has happened to me as well on a couple of the TOR updates and each time it has been Trusteer Rapport that has been blocking it starting up. Simply stopping Trusteer allowed TOR to load and run normally, but dont forget to start it again if you use another browser to do your online banking! The issue appeared to fix itself after a couple of weeks - don't know if it was an update from TOR or Trusteer that resolved it though.
We have not provided any…
We have not provided any update that fixes this kind of issues (caused by antivirus/firewall tools) so far. Thus, I assume this got done by the Trusteer folks.
[06-19 11:54:13] TorLauncher…
[06-19 11:54:13] TorLauncher NOTE: Event monitor read error [scrubbed]
security hole https:/…
security hole https://bugzilla.mozilla.org/show_bug.cgi?id=1370819
backport with nice side…
backport with nice side effects https://bugzilla.mozilla.org/show_bug.cgi?id=1322554#c168
16:55:36.918 ReferenceError:…
16:55:36.918 ReferenceError: event is not defined 1 browser.xml:1207:17
handleEvent chrome://global/content/bindings/browser.xml:1207:17
Could you compile with -Os…
Could you compile with -Os for Windows?
Maybe? What benefit would…
Maybe? What benefit would that have? I assume Mozilla is not doing that for their ESR 52 right now?
Mozilla is doing PGO (would…
Mozilla is doing PGO (would you join?) and doesn't give a fuck about MinGW. That's why all configs for it are out of date and require adjustments to be on par with the official Windows build.
We don't do PGO as this is…
We don't do PGO as this is mainly an issue with our deterministic builds setup right now. It's probably nothing that we could not overcome but it's a ton of work. See https://bugzilla.mozilla.org/show_bug.cgi?id=935637 which is kind of related.
It is well known. But…
It is well known. But updating MinGW branch of official mozconfigs is not so big task.
1# May i ask if we can run…
1# May i ask if we can run through our own hosted nodes? instead of actively connecting to None trusted nodes? Such as hosting your vary own guard or exit node. so we can trust our exit and guard from doing correlation attacks.
You only need to have a…
You only need to have a trusted guard node, doing so is easy by changing the torrc
Well, sticking to a chosen…
Well, sticking to a chosen guard node is easy by changing the torrc. Having one that's trusted is much more complicated. :)
In particular, you need to think about the network observers between you and the guard, and you need to think about whether somebody might guess which guards you trust and then either a) attack them to get to you, or b) make assumptions about traffic they see coming from those guards to other relays.
You can read much more about guard research issues here:
https://vbdvexcmqi.oedi.net/blog/improving-tors-anonymity-changing-guar…
But long story short, I think a lot of people want to tweak and mess with things when they'll be safer and happier just leaving them un-messed-with.
Hi! I got a question. What…
Hi! I got a question. What about:config settings stand behind the new "Security Settings" slider?
I would like to better understand the mechanics of it, not the least because I want to be sure there's nothing I should additionaly tweak in about:config settings. Does this slider only change about:config settings or does it do more than that?
Yes, it does just change…
Yes, it does just change about:config settings. You'll find them here: https://gitweb.torproject.org/torbutton.git/tree/src/modules/security-p… ff.
Thank you. What was the…
Thank you. What was the state of these settings in previous releases of the TorBrowser? Was it "low" by default prior to intruducing the slider?
Yes.
Yes.
20:43:20.686 TypeError:…
20:43:20.686 TypeError: realSpellChecker is null 1 InlineSpellCheckerContent.jsm:55:5
20:40:15.652 Error:…
20:40:15.652 Error: aboutMemory.js assertion failed: _amount already set for non-leaf node 1 aboutMemory.js:85:11
assert chrome://global/content/aboutMemory.js:85:11
fillInNonLeafNodes chrome://global/content/aboutMemory.js:1260:9
fillInNonLeafNodes chrome://global/content/aboutMemory.js:1242:22
fillInNonLeafNodes chrome://global/content/aboutMemory.js:1242:22
fillInTree chrome://global/content/aboutMemory.js:1270:3
appendProcessAboutMemoryElements chrome://global/content/aboutMemory.js:1522:5
displayReports chrome://global/content/aboutMemory.js:1087:7
updateAboutMemoryFromReporters/processLiveMemoryReports/displayReportsAndFooter chrome://global/content/aboutMemory.js:526:9
We tell all Linux user in…
We tell all Linux user in Iran or any one, please use tail 3.0 and TOR separately for the deep state in Iran. Watch all Iranian sett-elite TV from any where in the world without deep state of Iran knows. We shall over come the most terrorist occupier of Iranian people . Iranian people love USA and EU and we are not any way hate any one nations. We only hate mullahs.
First, thank you for Tor! I…
First, thank you for Tor! I have a $100 money order to support this project going out in tomorrow's mail.
Since you say it is not safe to use add-ons, why don't you include some sort of native non-'referer' feature?
Why, after I delete every history that can be deleted, do I see my history come up in the URL box?
I am not happy with this last release. I used to be able to control which sites I would allow to run scripts. Now, it seems that my favorite sites scripts won't run at all, even when the slider is full open! Nothing fancy, they're just ordinary forums.
I have exactly the same…
I have exactly the same problem as many, that it doesn't start. I have windows 7 64 bit. Tor use to work with my antivirus and firewall. I keep reading close them both and try again. I have done that and still no luck. I refreshed the installation of I have installed it in a different location still no luck.
Does the stable (7.0.1) Tor…
Does the stable (7.0.1) Tor Browser work for you?
Are you going to fix https:/…
Are you going to fix https://bugzilla.mozilla.org/show_bug.cgi?id=1361337?
I am not a Tor Browser dev,…
I am not a Tor Browser dev, but ...
- Tor Browser fixed this issue or a similar one a long time ago. See here.
- Things like this are why it is much smarter to use Tor Browser instead of trying to patch up any other browser. Tor Browser is a lot more than a couple addons and config changes that you can make yourself.
Are you citing comments from…
Are you citing comments from bugzilla for me?
The main thing there is
Firefox 53 has something that 52-based Tor Browser doesn't have.
The main thing there is:…
The main thing there is:
> We have a patch to prevent that kind of thing happening as we got bitten by this kind of issue in the past. So, this is not a problem for Tor Browser based on ESR52.
Since updating to TBB 7…
Since updating to TBB 7 twitter automatically reverts to it's mobile version when I visit the site. I don't actually know if it's a TOR issue or some autofeature of twitter when the bandwidth is low, but it happens always and regardless of amount of traffic.
I read android users encountered the same problem but unlike them, TOR has no feature to request desktop version. Maybe you could add something like that (not just for twitter) or figure out if TBB is causing the problem. Thank you.
It looks like twitter is…
It looks like twitter is sending you a meta refresh request, wrapped in a noscript tag.
That means if you have javascript disabled, then your Browser will honor the meta refresh request, and off you'll go to the mobile version of Twitter.
Okay, but the thing is, I…
Okay, but the thing is, I disable JS rarely and never when visiting twitter. Anyways, what can I do to avoid my browser responding to the refresh request? Or is my browser somehow corrupted?
Hello…
Hi,
Since upgrading to the TOR v. 7.5a1, I notice that the first node on my connection circuit stays the same.
Regardless of how many times I request a "New Tor Circuit for this site," my browser remains pointed to the same URL.
I'm naturally concerned about this because
a) I was able to change all three nodes previously after each request, and
b) Whoever owns that node can easily identify my browser details and identity.
I hope this issue can be resolved soon.
Best Regards
> a) I was able to change…
> a) I was able to change all three nodes previously after each request, and
No you weren't.
> b) Whoever owns that node can easily identify my browser details and identity.
No they can't.
Thanks for the reply. I…
Thanks for the reply. I remain convinced about (a).
Why does the first node stay the same?
> I remain convinced about …
> I remain convinced about (a).
Don't let something that's been part of the design and the implementation for years keep you from your delusions.
> Why does the first node stay the same?
https://decvnxytmk.oedi.net/docs/faq.html.en#EntryGuards
Seehttps://www.torproject…
See
https://decvnxytmk.oedi.net/docs/faq#EntryGuards
and for way way more info, see
https://vbdvexcmqi.oedi.net/blog/improving-tors-anonymity-changing-guar…
My original question remains…
My original question remains unanswered.
I have collected more than two dozen pages of notes consisting of hundreds of different combinations of URLs for the Tor circuit nodes.
In each combination, the entry node is different; it's always changed after each request for either "New Identity," or "New Circuit for this site," resulting in a new set of three URLs.
However, as of a few days ago, the entry node for the circuit has frozen and is no longer changing on request.
I did not find the answer to my question in the links posted by arma or yawning. In fact yawning, or someone else, deleted my earlier reply, posted more than 24 hours ago.
My confidence in TOR is rapidly eroding, while my suspicions are growing!
> In each combination, the…
> In each combination, the entry node is different; it's always changed after each request for either "New Identity," or "New Circuit for this site," resulting in a new set of three URLs.
If this actually happened (which I sincerely doubt) it would have been a major bug that dramatically reduces both the security and anonymity.
> However, as of a few days ago, the entry node for the circuit has frozen and is no longer changing on request.
Good, that's how Tor's path selection is supposed to work, as has been the case for years. In fact, every single browser release for as long as I can remember, gets people like you freaking out over the Guard design.
> In fact yawning, or someone else, deleted my earlier reply, posted more than 24 hours ago.
Wasn't me.
>gets people like you…
>gets people like you freaking out over the Guard design
Perhaps people like me have a good reason for "freaking out."
You write as if you are in some way superior to everyone else posting a message on this forum. I despise that attitude.
Do you represent Tor legally, or otherwise?
You should start worrying because someone hacked my PC and switched on the camera, while I was connected to a TOR circuit last week.
> Perhaps people like me…
> Perhaps people like me have a good reason for "freaking out."
Because they don't understand that Tor uses Guards that persist for quite a while, between sessions?
If you're so sure about the previous behavior, why not prove it by downloading an old bundle (https://archive.torproject.org/tor-package-archive/torbrowser/) disabling the auto updater, and examining the circuits that get built. It's easy to prove right?
(I'm deliberately ignoring the genetic fallacies.)
>(I'm deliberately ignoring…
>(I'm deliberately ignoring the genetic fallacies.)
I've been using TOR for several years, but this was the first time to contact the blog because my PC was hacked in real-time while connected to a TOR circuit.
Typecasting, or burying your head in the sand, albeit deliberately, doesn't change the facts that the Browser is NO longer secure!
As I said before, my confidence in TOR has eroded, while my suspicions have grown.
Your snide remarks helped tip the balance.
If you're in fact a benign civilian, and not the opposite, get off your high horse and help find out whether the browser is salvageable.
PS. I just came across the following written four years ago:
https://www.yahoo.com/news/tors-anonymous-internet-still-secure-2018214…
If anything, if Tor Browser…
If anything, if Tor Browser used to always have a different entry node for every circuit you built and now it doesn't, then Tor Browser is more secure now than it used to be.
https://tor.stackexchange…
https://tor.stackexchange.com/questions/7048/why-is-the-first-ip-addres…
Thank you for TOR.
Thank you for TOR.
GOOD AND BRAVO TOR....
GOOD AND BRAVO TOR....
I'm running Mac OS 10.12.4…
I'm running Mac OS 10.12.4. All of the Tor Browsers in the 7 series give me this message when I try to open them:
Close Tor Browser
A copy of Tor Browser is already open. Only one copy of Tor Browser can be open at a time.
I cannot find any other copy of Tor Browser on my computer. I first encountered this after a routine update of Tor Browser, and many attempts at downloading it again and trashing old versions have not been successful. I would try an earlier-than-7 version, but can't find an active link to one on your site.
A quick internet search led…
A quick internet search led me to:
https://tor.stackexchange.com/questions/2189/tor-wont-open-on-mac-sayin…
I bet there are more answers on the Internet too. :) Good luck!
The browser is working again…
The browser is working again with the new update now. Thank you. I spent a lot of time with these with new luck, only to have the browser work fine after just restarting the computer -_- oh well.
Hi Peeps! I wanna find out…
Hi Peeps! I wanna find out how to use BitCoin core over tor but can't find any good guide on it. The guides on the internet are old... they all refer to the tor which used vidalia and had that separate icon down right on your desktop... but now i can only find the tor browser bundle on your site... not the seperate tor thingy.. does bitcoin core work with tor browser bundle? how do i make it work, just open the tor browser bundle?
Clean installation of stable…
Clean installation of stable, High security. Opened console severely slows down the browser?
TypeError: chromeWindow.gBrowser is undefined[Learn More] devtools-browser.js:496:7
Error: Script terminated by timeout at:
[138] resource://devtools/client/shared/vendor/react.js:18540:1
[72] resource://devtools/client/shared/vendor/react.js:11944:7
mountComponentIntoNode@resource://gre/modules/commonjs/toolkit/loader.js -> resource://devtools/client/shared/vendor/react.js:11392:3
[113] resource://devtools/client/shared/vendor/react.js:17257:13
batchedMountComponentIntoNode@resource://gre/modules/commonjs/toolkit/loader.js -> resource://devtools/client/shared/vendor/react.js:11406:3
[53] resource://devtools/client/shared/vendor/react.js:8847:7
batchedUpdates@resource://gre/modules/commonjs/toolkit/loader.js -> resource://devtools/client/shared/vendor/react.js:15333:3
[72] resource://devtools/client/shared/vendor/react.js:11600:5
[72] resource://devtools/client/shared/vendor/react.js:11674:21
[72] resource://devtools/client/shared/vendor/react.js:11694:12
WebConsoleFrame.prototype.createLocationNode@resource://gre/modules/commonjs/toolkit/loader.js -> resource://devtools/client/webconsole/webconsole.js:2627:5
Messages.Simple.prototype<._renderLocation@resource://gre/modules/commonjs/toolkit/loader.js -> resource://devtools/client/webconsole/console-output.js:1052:12
Messages.Simple.prototype<._renderBody@resource://gre/modules/commonjs/toolkit/loader.js -> resource://devtools/client/webconsole/console-output.js:991:20
Messages.Simple.prototype<.render@resource://gre/modules/commonjs/toolkit/loader.js -> resource://devtools/client/webconsole/console-output.js:911:16
WebConsoleFrame.prototype.reportPageError@resource://gre/modules/commonjs/toolkit/loader.js -> resource://devtools/client/webconsole/webconsole.js:1528:16
WebConsoleFrame.prototype._outputMessageFromQueue@resource://gre/modules/commonjs/toolkit/loader.js -> resource://devtools/client/webconsole/webconsole.js:2198:16
WebConsoleFrame.prototype._flushMessageQueue@resource://gre/modules/commonjs/toolkit/loader.js -> resource://devtools/client/webconsole/webconsole.js:2087:20
17:48:58.446 b…
17:48:58.446 b.loadURIWithFlags is not a function 1 tabbrowser.xml:2274
addTab chrome://browser/content/tabbrowser.xml:2274:17
loadOneTab chrome://browser/content/tabbrowser.xml:1564:23
openLinkIn chrome://browser/content/utilityOverlay.js:393:26
openUILinkIn chrome://browser/content/utilityOverlay.js:197:3
BrowserOpenTab chrome://browser/content/browser.js:1993:3
oncommand chrome://browser/content/browser.xul:1:1
17:49:08.071 A promise chain failed to handle a rejection. Did you forget to '.catch', or did you forget to 'return'?
See https://developer.mozilla.org/Mozilla/JavaScript_code_modules/Promise.j…
Date: Sat Jul 01 2017 17:48:58 GMT+0000 (UTC)
Full Message: TypeError: eventLoop is undefined
Full Stack: ThreadActor<._popThreadPause@resource://gre/modules/commonjs/toolkit/loader.js -> resource://devtools/server/actors/script.js:537:5
ThreadActor<.onResume/<@resource://gre/modules/commonjs/toolkit/loader.js -> resource://devtools/server/actors/script.js:1021:7
Handler.prototype.process@resource://gre/modules/Promise.jsm -> resource://gre/modules/Promise-backend.js:932:23
this.PromiseWalker.walkerLoop@resource://gre/modules/Promise.jsm -> resource://gre/modules/Promise-backend.js:813:7
this.PromiseWalker.scheduleWalkerLoop/<@resource://gre/modules/Promise.jsm -> resource://gre/modules/Promise-backend.js:747:11
EventLoop.prototype.enter@resource://gre/modules/commonjs/toolkit/loader.js -> resource://devtools/server/actors/script.js:349:5
ThreadActor<._pushThreadPause@resource://gre/modules/commonjs/toolkit/loader.js -> resource://devtools/server/actors/script.js:532:5
ThreadActor<.onInterrupt@resource://gre/modules/commonjs/toolkit/loader.js -> resource://devtools/server/actors/script.js:1394:7
onPacket@resource://gre/modules/commonjs/toolkit/loader.js -> resource://devtools/server/main.js:1743:15
ChildDebuggerTransport.prototype.receiveMessage@resource://gre/modules/commonjs/toolkit/loader.js -> resource://devtools/shared/transport/transport.js:761:7
DT_setSlowScriptDebugHandler/debugService.activationHandler@resource://gre/modules/commonjs/toolkit/loader.js -> resource://devtools/client/framework/devtools-browser.js:505:9
browserForChannel@chrome://torbutton/content/tor-circuit-display.js:170:1
collectBrowserCredentials/createTorCircuitDisplay<@chrome://torbutton/content/tor-circuit-display.js:185:21
observe/observer.observe@resource://torbutton/modules/utils.js:61:9
torbutton_do_async_versioncheck@chrome://torbutton/content/torbutton.js:869:5
torbutton_new_tab@chrome://torbutton/content/torbutton.js:2066:5
addTab@chrome://browser/content/tabbrowser.xml:2250:13
loadOneTab@chrome://browser/content/tabbrowser.xml:1564:23
openLinkIn@chrome://browser/content/utilityOverlay.js:393:26
openUILinkIn@chrome://browser/content/utilityOverlay.js:197:3
BrowserOpenTab@chrome://browser/content/browser.js:1993:3
oncommand@chrome://browser/content/browser.xul:1:1
1 script.js:537
obfs4proxy has problems with…
obfs4proxy has problems with Dr. Watson on Windows: when it crashes, it hangs dwwin.exe, and tor.exe can no longer start (exiting during start), until all dwwin.exe processes forcibly terminated.
This seems like a Go runtime…
This seems like a Go runtime bug.
According to the issue tracker, they "fixed" something like this in the Go 1.4 timeframe (https://github.com/golang/go/issues/8006), so it shouldn't happen, but I don't have sufficient familiarity with Windows to be able to see if the fix is sufficient, nor a Windows system to reproduce/debug the issue.
Sorry.
Also it immediately crashes…
Also it immediately crashes with Illegal Instruction on systems without SSE2.
See https://gitweb…
See https://gitweb.torproject.org/builders/tor-browser-bundle.git/tree/giti…
That is an auto-detection "feature" which breaks determinism. To make builds reproducible you need to add
export GO386=387
Huh? That's basically…
Huh? That's basically totally irrelevant because Tor Browser likely won't build on a non-64 bit system anyway, just from lack of memory. As of Tor Browser 7.0, SSE2 is mandatory on Windows anyway, so if anything `GO386=sse2` should be the fix for this.
Irrelevant to what? To Linux…
Irrelevant to what? To Linux builds of obfs4proxy? As of Tor Browser 7.0, SSE2 is mandatory on Windows for %#$ing google's ANGLE only (thanks to gk), so if anything `GO386=sse2` should be the great symbol of incompetence (especially, since google auto-set it for cross-compiles).
> Irrelevant to what?…
> Irrelevant to what?
"That is an auto-detection "feature" which breaks determinism."
When did this thread switch to Linux from Dr Watson and the Windows PT build descriptor?
> When did this thread…
> When did this thread switch to Linux from Dr Watson and the Windows PT build descriptor?
"Also it immediately crashes with Illegal Instruction on systems without SSE2."
On systems, not only on Windows.
Such issues are good…
Such issues are good candidates to be included into Known Issues section of Tor Browser documentation (but where is it?). This could also prevent users' spam on Trac.
Disable https-everywhere and…
Disable https-everywhere and enable:
21:17:35.455 TypeError: this.targets is undefined 1 HTTPSRules.js:601:9
HTTPSRules.rulesetsByTarget chrome://https-everywhere/content/code/HTTPSRules.js:601:9
HTTPSRules.potentiallyApplicableRulesets/attempt< chrome://https-everywhere/content/code/HTTPSRules.js:634:31
bound self-hosted:915:17
HTTPSRules.potentiallyApplicableRulesets chrome://https-everywhere/content/code/HTTPSRules.js:637:5
ApplicableList.prototype.populate_menu chrome://https-everywhere/content/code/ApplicableList.js:166:19
show_applicable_list chrome://https-everywhere/content/toolbar_button.js:343:3
onpopupshowing chrome://browser/content/browser.xul:1:1
you guys messed up something…
you guys messed up something with your latest tor browser 7.0.2 updates. now it's screaming on microdesks etc in the log... Also I have experienced browser hang right just before the updates. Don't remember the site name but browser just frizzed in place. Maybe it's because I experimented with jumbo frames in 7KB on my adapter, not rly sure.
Anyway, pls fix the problems with microdesks.
First, please post this in…
First, please post this in the blog post for the Tor Browser version that it's talking about. Otherwise nobody is going to be able to follow along. :)
And second, without any more details, I don't think anybody will be able to help you.
Can you try to reproduce it, and narrow down what it might be, and then open a ticket on https://bugs.torproject.org/ ?
Am using Tor 7.5a2 on a Mac…
Am using Tor 7.5a2 on a Mac Sierra 10.12.6, downloaded the dmg file, unpacked on the desktop and dropped into the Applications folder. There is no "torrc" file to edit in order to specify an exit node.
Any clues out there? Thank you.
Where have you looked for…
Where have you looked for that file? Does any torrc file show up after you have started Tor Browser once?
i was wondering if tor works…
i was wondering if tor works against zscaler? any information is appreciated.