Tor Browser 6.0 is released

The Tor Browser Team is proud to announce the first stable release in the 6.0 series. This release is available from the Tor Browser Project page and also from our distribution directory.

This release brings us up to date with Firefox 45-ESR, which should mean a better support for HTML5 video on Youtube, as well as a host of other improvements.

Beginning with the 6.0 series code-signing for OS X systems is introduced. This should help our users who had trouble with getting Tor Browser to work on their Mac due to Gatekeeper interference. There were bundle layout changes necessary to adhere to code signing requirements but the transition to the new Tor Browser layout on disk should go smoothly.

The release also features new privacy enhancements and disables features where we either did not have the time to write a proper fix or where we decided they are rather potentially harmful in a Tor Browser context.

On the security side this release makes sure that SHA1 certificate support is disabled and our updater is not only relying on the signature alone but is checking the hash of the downloaded update file as well before applying it. Moreover, we provide a fix for a Windows installer related DLL hijacking vulnerability.

A note on our search engine situation: Lately, we got a couple of comments on our blog and via email wondering why we are now using DuckDuckGo as the default search engine and not Disconnect anymore. Well, we still use Disconnect. But for a while now Disconnect has no access to Google search results anymore which we used in Tor Browser. Disconnect being more a meta search engine which allows users to choose between different search providers fell back to delivering Bing search results which were basically unacceptable quality-wise. While Disconnect is still trying to fix the situation we asked them to change the fallback to DuckDuckGo as their search results are strictly better than the ones Bing delivers.

Update: We plan to post instructions for removing the OS X code signing parts on our website soon. This should make it easier to compare the OS X bundles we build with the actual bundles we ship.

The full changelog since Tor Browser 5.5.5 is:
Tor Browser 6.0 -- May 30

  • All Platforms
    • Update Firefox to 45.1.1esr
    • Update OpenSSL to 1.0.1t
    • Update Torbutton to 1.9.5.4
      • Bug 18466: Make Torbutton compatible with Firefox ESR 45
      • Bug 18743: Pref to hide 'Sign in to Sync' button in hamburger menu
      • Bug 18905: Hide unusable items from help menu
      • Bug 16017: Allow users to more easily set a non-tor SSH proxy
      • Bug 17599: Provide shortcuts for New Identity and New Circuit
      • Translation updates
      • Code clean-up
    • Update Tor Launcher to 0.2.9.3
      • Bug 13252: Do not store data in the application bundle
      • Bug 18947: Tor Browser is not starting on OS X if put into /Applications
      • Bug 11773: Setup wizard UI flow improvements
      • Translation updates
    • Update HTTPS-Everywhere to 5.1.9
    • Update meek to 0.22 (tag 0.22-18371-3)
      • Bug 18371: Symlinks are incompatible with Gatekeeper signing
      • Bug 18904: Mac OS: meek-http-helper profile not updated
    • Bug 15197 and child tickets: Rebase Tor Browser patches to ESR 45
    • Bug 18900: Fix broken updater on Linux
    • Bug 19121: The update.xml hash should get checked during update
    • Bug 18042: Disable SHA1 certificate support
    • Bug 18821: Disable libmdns support for desktop and mobile
    • Bug 18848: Disable additional welcome URL shown on first start
    • Bug 14970: Exempt our extensions from signing requirement
    • Bug 16328: Disable MediaDevices.enumerateDevices
    • Bug 16673: Disable HTTP Alternative-Services
    • Bug 17167: Disable Mozilla's tracking protection
    • Bug 18603: Disable performance-based WebGL fingerprinting option
    • Bug 18738: Disable Selfsupport and Unified Telemetry
    • Bug 18799: Disable Network Tickler
    • Bug 18800: Remove DNS lookup in lockfile code
    • Bug 18801: Disable dom.push preferences
    • Bug 18802: Remove the JS-based Flash VM (Shumway)
    • Bug 18863: Disable MozTCPSocket explicitly
    • Bug 15640: Place Canvas MediaStream behind site permission
    • Bug 16326: Verify cache isolation for Request and Fetch APIs
    • Bug 18741: Fix OCSP and favicon isolation for ESR 45
    • Bug 16998: Disable <link rel="preconnect"> for now
    • Bug 18898: Exempt the meek extension from the signing requirement as well
    • Bug 18899: Don't copy Torbutton, TorLauncher, etc. into meek profile
    • Bug 18890: Test importScripts() for cache and network isolation
    • Bug 18886: Hide pocket menu items when Pocket is disabled
    • Bug 18703: Fix circuit isolation issues on Page Info dialog
    • Bug 19115: Tor Browser should not fall back to Bing as its search engine
    • Bug 18915+19065: Use our search plugins in localized builds
    • Bug 19176: Zip our language packs deterministically
    • Bug 18811: Fix first-party isolation for blobs URLs in Workers
    • Bug 18950: Disable or audit Reader View
    • Bug 18886: Remove Pocket
    • Bug 18619: Tor Browser reports "InvalidStateError" in browser console
    • Bug 18945: Disable monitoring the connected state of Tor Browser users
    • Bug 18855: Don't show error after add-on directory clean-up
    • Bug 18885: Disable the option of logging TLS/SSL key material
    • Bug 18770: SVGs should not show up on Page Info dialog when disabled
    • Bug 18958: Spoof screen.orientation values
    • Bug 19047: Disable Heartbeat prompts
    • Bug 18914: Use English-only label in <isindex/> tags
    • Bug 18996: Investigate server logging in esr45-based Tor Browser
    • Bug 17790: Add unit tests for keyboard fingerprinting defenses
    • Bug 18995: Regression test to ensure CacheStorage is disabled
    • Bug 18912: Add automated tests for updater cert pinning
    • Bug 16728: Add test cases for favicon isolation
    • Bug 18976: Remove some FTE bridges
  • Windows
  • OS X
    • Bug 6540: Support OS X Gatekeeper
    • Bug 13252: Tor Browser should not store data in the application bundle
    • Bug 18951: HTTPS-E is missing after update
    • Bug 18904: meek-http-helper profile not updated
    • Bug 18928: Upgrade is not smooth (requires another restart)
  • Build System
    • All Platforms
      • Bug 18127: Add LXC support for building with Debian guest VMs
      • Bug 16224: Don't use BUILD_HOSTNAME anymore in Firefox builds
      • Bug 18919: Remove unused keys and unused dependencies
    • Windows
      • Bug 17895: Use NSIS 2.51 for installer to avoid DLL hijacking
      • Bug 18290: Bump mingw-w64 commit we use
    • OS X
      • Bug 18331: Update toolchain for Firefox 45 ESR
      • Bug 18690: Switch to Debian Wheezy guest VMs
    • Linux
      • Bug 18699: Stripping fails due to obsolete Browser/components directory
      • Bug 18698: Include libgconf2-dev for our Linux builds
      • Bug 15578: Switch to Debian Wheezy guest VMs (10.04 LTS is EOL)

Comment viewing options

Select your preferred way to display the comments and click "Save settings" to activate your changes.

first

i am getting an error right now, never had this problem before. tor crashes right now, but worked a few hours ago.

Problem signature:
Problem Event Name: APPCRASH
Application Name: firefox.exe
Application Version: 45.1.1.0
Application Timestamp: 00000000
Fault Module Name: MSVCR120.dll
Fault Module Version: 12.0.21005.1
Fault Module Timestamp: 524f7ce6
Exception Code: c0000005
Exception Offset: 00013b0b
OS Version: 6.1.7601.2.1.0.256.48
Locale ID: 1033
Additional Information 1: 4d1c
Additional Information 2: 4d1ccb1f086e8f68af5ebd400b9240a6
Additional Information 3: a773
Additional Information 4: a7738b1c9bfdec77d1b26715e67e5bda

Read our privacy statement online:
http://go.microsoft.com/fwlink/?linkid=104288&clcid=0x0409

If the online privacy statement is not available, please read our privacy statement offline:
C:\Windows\system32\en-US\erofflps.txt

Oh, now TBB uses both msvcr100 & 120. GeKo, what you've done?

Nothing. So, 5.5.5. is still working flawless but 6.0 crashes? Could you test that? https://dist.torproject.org/torbrowser/5.5.5/

I have a similar problem. I installed the latest version, and it will not run. I see the Tor icon appear and disappear in the task master.

I've opened https://trac.torproject.org/projects/tor/ticket/19257, thanks. So, 5.5.5 is still working? What about 6.0a5: https://dist.torproject.org/torbrowser/6.0a5/ ?

https://www.reddit.com/r/TOR/comments/4m79fi/tor_stopped_responding/ has the solution for you I think.

I've got the same issue..

After auto updating to version 6.0, TPB terribly slow, get to open only one first site, and then after a time. Then everything usually hangs. I use an old WinXP. Updating the TPB is disabled, and still the browser hangs. Firewall Comodo Free.

With POSReady updates?

Tor 6.0 & the latest Beta (6.0a5) won't start. W10x64 Pro non-domain.
Have tried different folders, removed and re-ran but the browser just won't open. Disabling AVG makes no difference. Tried running as admin but didn't make any difference. Restarted system, removed FireFox and so on but still won't open. Some previous versions still work but could do with prominent links to previous versions as I don't like using a really old version.

Please, remove all security crappy software first. And check that its "drivers" were removed too. Then install a new copy of TBB to c:\ and test.

I have the same issue since version 6.0 came out. 6.1 is the same.

The older version 5.x ran fine. I even reinstalled 5.5 and it was fine until I let it update itself, then it wouldnt start

i had the same problem remove trusteer rapport the banking software now no problems connecting

Can you please provide a way to disable xpinstall.signatures.required again? This is really sad. I need to use two add-ons I know very well and cannot update to Tor 6.0 because of this. I understand that you focus on security but if the users know what they are doing, you should allow them to decide... Thanks in advance.

Thank You! :)

Oh, god. It's finally here. Guys, arm yourselves of cool and patience and prepare for the incoming horde of complaints about upstream changes. (I myself don't know what am I going to do with the new search bar nonsense...)

Anyhow, thanks a lot, Tor Browser team! :)

The addon Classic Theme Restorer has an option to revert to the old search bar (and to revert tons of other stuff to how they were before)

Thanks. I know about CTR and I use it on Ice Cat. However, I don't like to install extra addons on Tor Browser, especially so when we are talking about big addons, like CTR.

I think I might eventually try to extract just that feature from CTR and create a new tiny addon so that I can confidently put it in Tor Browser.

It could be better to completely remove all the junk Mozilla put in FF (pocket/hello/addon mandatory signing/new GUI/) from TBB.

... please, remove all that junk ( making my life happy again ! )

"" [Disconnect] has no access to Google search results..""
for direct with google & more.. Leme suggest this:
> http://polycola.com/
captchas rarely appears :)

Dear SysOp :)
"too old title, but can't think of any thing else right now" :))

thanks for posting the link on my above comment,

Question, pls answer,,

case1, did u test/track the link and found its helpful to agree-to-post?
OR
2-just posting that comment as-is without testing?

what difference that makes!?

in case 1: to me it means (like) if the comment is "credited" from TBB for my behalf, and that site might mean even-better than what i thought,,
LoL
waiting.....,bye,

Thanks for this *awesome* job !

One thing: when restarting after upgrade, TorBrowser did not take care of the window size. ie: it started taking all my screen, and not the usual size.

Restarted TBB again, and everything seems fine.

Thanks again for this awesome number of fixes :o

*Important*

I think this new version (6.0) is dangerously giving away the user's screen resolution when JavaScript is enabled (the default behavior).

New behavior (you can easily test this on the console):


screen.availWidth
result = 1920

screen.availHeight
result = 1000

screen.width
result = 1920

screen.height
result = 1440

Old behavior (this is the "right behavior", where window size and screen resolution the same and standardized):


screen.availWidth
result = 1000

screen.availHeight
result = 1000

screen.width
result = 1000

screen.height
result = 1000

Juan Nada
0xA053222C47796683

Well, you can test what real websites are seeing if they try to extract the above values by visiting http://browserspy.dk/screen.php. And there I still see the rounded values with a fresh 6.0 on a Windows 7 box for example.

You're right: real websites only can access the standardized Tor window size values. Only browser pages (like blank or about:tor) are showing the real resolution values.

That's one odd behavior compared to previous versions, but it is not giving away the revolution as I was supposing before. I checked with https://www.browserleaks.com/javascript

As unrelated notes:

  • Linux users still can be detected, although the default TBB userAgent string is set to Windows. Link: https://www.browserleaks.com/firefox
  • Connections to .onion websites are still marked as "Not Secure", as any other HTTP page.
  • Tor 6.0 is beautifully fast, stable and predictable.

Juan Nada
0xA053222C47796683

We can prevent the leak. Please see this!
https://trac.torproject.org/projects/tor/ticket/8725#comment:19

I have run tests with a fresh copy of Tor Browser 6 on Windows Vista. With JavaScript enabled http://browserspy.dk/screen.php returns exact window dimensions not rounded values. http://ip-check.info also returns exact values even when JavaScript is disabled.

I've released the core code to block resource:// leaks (#8725) under MPL 2.0. Can you review it?
https://addons.mozilla.org/en-US/firefox/addon/no-resource-uri-leak/
https://notabug.org/desktopd/no-resource-uri-leak/src/master/src/resource-filter/content-policy.js

I had the same happen, it's not really an issue.

not an issue? You must be kidding.

It is handled differently see: Bug 18958: Spoof screen.orientation values - https://trac.torproject.org/projects/tor/ticket/18958

...

Moreover,

Firefox about:config Additional Privacy, Security and Anonymity Settings;

Tor Browser Bundle Null Advisory - https://tornull.org/tbbnull.php

Dowloading now, I hope Youtube is fixed.

you can't watch youtube on Tor browser.

Works fine for me on my Linux box.

With High Security Level the experience is awful: no controls & timeline in player, timeline doesn't work, no way to enable/disable html5 video in NoScript menu, but it starts to play without permission!

Is this more bleeding edge then 6.0a5?
I would think so right?

Yes, there is nothing more bleeding edge than this one right now. :)

Awesome! Updating via Tor Browser's auto-updater as we speak.

anyway, thanks for this update..

thou,

can't figure-out privacy under "Tor enabled" (green icon), in compliance with NoScript + click to play!!
so tired playing mouse & cat with that combination!

disabling something will disable most unwanted-to,
as will as when..
enabling something will enable other most unwanted-to!

How to enable ALL scripts in every site WHiLE that WiLL NEVER run a Video/Audio .period.

never play V/A without intending-to (eg. click to play)...??!

thanks again..

which should mean a better support for HTML5 video on Youtube, as well as

You broke sound in youtube. Videos stop during playing (network problem), after pause video continues, but without sound. I need to reload the same video 10 times to get it played up to the end... This is just one of examples: https://www.youtube.com/watch?v=WSq7oxM_fyo However, I see this problem on most of videos. Previous stable TBB worked fine.

Works fine for me right now. What system are you using? And, well, there is nothing Tor Browser can do regarding the network problem(s) you encountered.

Linux amd64. I found one hack to repair sound: if it stopped (video then contunies to play but without sound), just click on next timemoment (like plus few seconds in video), and then sound appears. Otherwise, video will be played after interruption, but without sound.

A lot of "Network error" in Browser Console are not so harmless: some of them interrupt the video or make it play from the beginning!

Hmm, with my settings it works fine, but if TBB isn't fast enough to load the next video chunk, then the video starts from the beginning.

Oh hell yea! This must mean that Subresource Integrity is now supported, since that came in Firefox 43. This means that webpage authors can hash any included CSS or JS and include the hash in the webpage. If the downloaded file has a different hash, the browser won't load it.

Potentially quite bad for fingerprinting/privacy in terms of linking website visits together..

I agree... I wonder if anyone has looked at this Firefox feature (not TBB feature) from a user privacy perspective. It also seems like the sort of thing that could potentially be used to block NoScript surrogate scripts depending on where it's implemented.

Great. Thanks.

Fantastic, but Avast Antivirus cosiders Tor malware and is blocking it...

Sounds like another case of
https://www.torproject.org/docs/faq#VirusFalsePositives

use Linux Mint or other Linux destro

AVG did the same and is labeling tor browser 6.0 a Trojan horse. Completely deleted tor browser with all my bookmarks/settings...

I use Avast free 2016 and no virus warning even though the settings I use will give more false positives. In the past Avast did sometimes considered Tor to be malware but that was not often.

Tangentially related to Tor upgrades: If anyone from Agora is reading this, thousands of people are begging for your return. Even if you can't come back right now but still have plans, we beg of you to make a single Reddit post giving a timeline. Please!!!

And kudos to the Tor team as well for all their hard work, of course. :-)

It was about 160MB before updating and now 217MB. Is it normal? Updated using auto-updater.

good question! :)

but if that -may- mean: it will leave your OS with lil' or no-more RAM, then leme suggest u this:
https://addons.mozilla.org/en-US/firefox/addon/memory-fox-next/

i still use it,
thou the RAM available in my OS after running TBB= 1.Gb

bye,,

Please don't suggest installing addons in Tor Browser without giving a security/privacy warning.

gk, updater.exe leaves updater.mar (33 MiB) in folder, and no update history is shown (but it is in updates.xml). Looks like update process stalls at NS_main: unable to remove directory: tobedeleted, err: 41

Hm. Did the updates work before? Or is it the first time you are updating Tor Browser?

Again: history of updates in Options isn't showed now, but it is in updates.xml file (since 5.0.7)

Don't use Windows 10 if you're concerned about privacy use vpn instead. If you want to use Tor, boot your computer into a Tails live system.
VPNs: http://www.bestvpnprovider.com/china-vpn

Thanks for the info,
may you please pin-point (without much details)
what risk in using TBB +W10?!

Thought TBB will "isolate" us from ANY risk.. no matter WHAT OS is!

Right?

OK, ThanksAgain :)

note; if anyone aware what this user is talking about, then pls enlighten us,..
(( that if he didn't answer "for any of his own reasons" ))

Because Windows 10 logs everything you type on the keyboard, doesn't matter if you're using TBB or not: http://www.pcworld.com/article/2974057/windows/how-to-turn-off-windows-10s-keylogger-yes-it-still-has-one.html

Check this out:
KeyScrambler Personal
http://www.qfxsoftware.com/download.htm

it is closed source os. only ms knows how much holes they insert to satisfy nsa friends. remember microsoft icons bug?
"Thought TBB will "isolate" us from ANY risk.. no matter WHAT OS is!" - where did you get such a strange ads?

LoL,,
"isolate" huh!
remember when waving 2 fingers in each hand?
to resemble the 2 above marks!

although, TBB -alomost- "isolate" us,
BUT still --truly-- it is (&will be) far better than closest comparative.

&the best above ALL: it's FREE..
&works for any OS that you may think of,,
nuf ADS ;)

lol guys talk bout windows here

Sure, Tor Browser on Windows 10 is rather pointless for most use cases of tor.

...How exactly is a VPN any better? You're still going to leak the same info. If you've got to use Windows 10 securely, I'd suggest using it behind a firewall that blocks access to most/all of Microsoft. Then you can use Tor Browser without fear (at least from Win10's tracking.)

Since updating the browser won't even open. Have deleted and redownloaded. Same.

Which operating system are you using? Are there error messages you get? If so, which ones?

I am using windows 10 and since updating TOR won't even start. Nothing at all seems to be happening. I am really disappointed and wish the update had not been done

Same here

Which kind of firewall/anti virus software are you running? Could you uninstall it for testing whether it is interfering with Tor Browser (which is the likely cause of your problem)?

I disabled ESET Smart Security and disabled the firewall too but it has had no effect. TOR browser still does nothing at all

I am getting error, Tor Browser crashes on bootup. Di with update and fresh install of 6. Windows 7 here

Which error are you getting?

6.0a5 doesn't auto-update to this, I assume this is by design, different channel?

Or will there be an update available to that browser soon? Either to 6.0 or other?

Thanks for this release.

Heh, gk, it's worth mentioning that it's better to update alpha channel first (even with new stable when you do it without new alpha) to avoid stupid questions like this ;)

There will be a new alpha release (and a new stable too) based on the next firefox ESR release (45.2) which is planned for the 7th of June.

any idea WHY the-ONLY-second/(&last) good-thing in InternetExplorer is the clear-shinny-contrast fonts than TBB?

Top image is TBB vs. 2nd=ie

http://www.bild.me/bild.php?file=4983110TBB-vs-IE.png

Picture in original size (Forums, communities and similar):
[URL=http://www.bild.me][IMG]http://s1.bild.me/bilder/240416/4983110TBB-vs-IE.png[/IMG][/URL]

And the hinting is quite a lot better in the top picture (uniform stem widths, smoother curves, symmetrical characters are symmetrical), not to mention the color fringes due to overexaggerated subpixel effect in the bottom picture. So I'm not seeing a problem here.

When making audio/video elements click-to-play (medium-low settings and higher), and loading such an element directly, the resource starts loading and after a short period gets blocked by noscript.

This is a regression from previous versions, no?

Maybe. My first guess would be that you are hitting https://bugs.torproject.org/19200. But then the "after a short period gets blocked by noscript" part makes me suspicious. Do you have steps to reproduce your issue? On which operating system does this happen?

Try any video here, for example: http://ftp.acc.umu.se/pub/debian-meetings/2016/mini-debconf-vienna/webm/. I just tested it on Linux/x86_64, but if noscript is the culprit, this could affect everyone; The changelog for v. 2.9.0.10 says: "fixed placeholder activation in Gecko 45 and above". I'll take a look.

Thanks, this is https://bugs.torproject.org/19210 now.

No, this crap rarely appears in the previous version too :(

that explains what "sufferings" my limited-internet-package will face!

i don't mind if it's direct -unlimited- DSL connection,
search my above comment (Cat) & (mouse) game :)
this update seems "great"
thou, preferred previous TBB

I -almost- "solved" it.. say 90%

that if the problem Re: Video/Audio..

comment-back to write u the steps

ok?

TBB6.0 has an error, TBB5.5.5 has not:

i can customize a lot -set/unset Preferences,about:config- in TBB6.0, but when i erase

identity.fxaccounts.remote.webchannel.uri;https://accounts.firefox.com/

the Customize menu, for drag and drop Tool/Feature-icons, is blank.
Please fix it.

Is there currently no way to view my cookies?

Tor Button used to have a nice list where I could "protect" certain cookies and have them last across sessions, while others were ephemeral. Is that feature gone for good?

Also, recent previous versions of Tor Browser have no had a "show cookies" button in the standard place firefox does (unless I'm mistaken?) but this new version does have the button. Unfortunately, it shows a window with no cookies.

This is particularly misleading! Many Tor Browser users I've talked to assume that Tor Browser completely "disables cookies". Showing them an empty list of cookies reenforces this incorrect belief.

Thanks for all your hard work! Other than the cookie thing this seems like a great release.

This is still blocked by an Mozilla upstream bug. We track that in https://bugs.torproject.org/10353.

I find it vexing that Mozilla hasn't fixed this for so darn long..

https://panopticlick.eff.org : your browser has a nearly-unique fingerprint :(

From the same site I get 1 in 1000 +/- on a Win7 system, which is slightly worse than 5.5. I am back to 10+ bits from 7... something on 5.5. I do understand that this is not an absolute benchmark for anonymity neither do I know exactly what causes the measure to go up or down, or even if EFF has retained the same benchmark measures it used 1-2 months ago.

You might enjoy
http://tor.stackexchange.com/questions/6548/why-does-panopticlick-tell-me-the-new-tor-browser-is-unique

why would anyone here enjoy having to identify themselves with their email to post anythin, especially on a site that it refuses post even when a REAL email is used?

You go post this answer because your system wouldn't let me!

"When 5.5 and 5.5.5 came out I updated within hours or less and went to panopticlick and I was amazed at the improvement. I must have been one of the first few and it was down to 5xx something. With 6 it is more than double. I redownloaded 5.5.5 again and it is still the same rating I got back ... a month or more ago. So your theory does not hold water. eff can't tell what browser you are using in specific just a version of FF and your OS.

One thing to watch for is your plugins, most will reveal identity information (identifiers) which group you with users with same FF plugins.

Based on the same use though why would 6 be inferior to 5.5.5?"

The newtab icon is ...extrem ...persistent. You can't set a blank screen.

why on earth is OCSP still enabled? please see https://noisebridge.net/OCSP and strongly consider disabling it in the next release!

Tor Browser uses OCSP stapling, please see https://en.wikipedia.org/wiki/OCSP_stapling

But doesn't it still contact OCSP servers in the (very common) case that the HTTPS server doesn't include an OCSP response in the TLS handshake?

ctrl-shift-U (the shortcut key for new identity) is already used in GTK applications for unicode character entry: https://en.wikipedia.org/wiki/Unicode_input#In_X11_.28Linux_and_other_Unix_variants.29

as such, the new identity keyboard shortcut only works when the cursor is not in a text input area.

Thanks, this is https://bugs.torproject.org/19211 now.

Help. I cannot change the Preferences settings and can't get move between any of the options. I'm using a Mac 10.8.5.

Thanks

What are you trying to do? Can you give steps to reproduce your problem?

just upgraded to v6 this morning and nothing happens when i run the shortcut. have been using tor browser for the last 7 or so versions with no issues. my system is windows 7 64 bit. have tried running as Administrator, disabling firewall, and antivirus with no joy. please help

uninstall tor completely
then install tor version 6
and will work like charm

tyvm for the reply. as far as i can tell the installation is self contained in the one directory and not in the registry? there was no uninstall that i could find...Tor Browser isnt listed in Programs. I did delete the upgraded Tor Browser directory and ran the install again..still no joy. apologies if im missing something obvious

ok i just installed v6 to new directory after upgraded directory would not load Tor Browser. the new directory install also will not load. no processes for firefox or tor shows up in my windows 7 64 bit system.

Do you get any error messages? Have you tried removing your antivirus and firewall software for testing purposes? It happens that merely disabling them is not enough.

no error messages anywhere. i have not tried uninstalling antivirus and firewall yet. just a bit peeved to have to do this as multiple previous versions have worked fine without this step. not complaining just maybe a little lazy

Will you make 64-bit Windows build?

Not with the ESR45 based series. We plan to do that for the next ESR (i.e 52), though.

What are system requeriments ? For example: how much space will it take on my win 7?

thank you very much

I can't find the torrc file anywhere
i'm using os x 10.11.5
in 5.5.5 version it was with torrc-default file
but now i cant find it?

THANK YOU

Thanks a lot for the hard work!

How about officially integrating the DuckDuckGo onion search into TOR Browser (at least as an option)? Like it is done here: https://addons.mozilla.org/en-US/firefox/addon/duckduckgo-on-tor/

Their onion address is here: http://3g2upl4pq6kufc4m.onion

That's already done.

This was https://trac.torproject.org/projects/tor/ticket/16322 and is already implemented in Tor Browser 6.0.

I store Tor Browser inside a Veracrypt volume, but It will not upgrade after updating it, I have to cut and paste outside the volume, and only then, will upgrade to new version. What could be? Happens the same with plugins, they won't update, only out of the volume.

hey tor browser wont start on debian jessie or 8 basicly. it will just say connecting to the Tor network and grabbing certificate authorities and stuff but it stays stuck 1/4 of the way there. icant get the network to load no matter what i do let alone the browser to pop up...

What output do you get when you start it on the terminal like so: ./start-tor-browser.desktop --debug inside your tor-browser_$LOCALE directory? Do older Tor Browser versions work?

Meek pluggable transport not working on OS X. meek-client-torbrowser proxy is not launching.

Probably due to new directory structure, noted /Applications/TorBrowser.app/Contents/Resources/TorBrowser/Tor/PluggableTransports/template-profile.meek-http-helper

folder exists

actual proxy located in:

/Applications/TorBrowser.app/Contents/MacOS/Tor/PluggableTransports/meek-client-torbrowser

Maybe the link to the transport has not been updated for the new setup or in torrc.

Other proxies work.

In 5.5, meek was only located in /Applications/TorBrowser.app/TorBrowser/Tor/PluggableTransports/meek-client-torbrowser and worked.

This error occurs on a fresh install of 6.0.

LOG:

DisableNetwork is set. Tor will not make or accept non-control network connections. Shutting down all existing connections.

...

Opening Socks listener on 127.0.0.1:9150

...

The communication stream of managed proxy 'PluggableTransports/meek-client-torbrowser' is 'closed'. Most probably the managed proxy stopped running.

...

We were supposed to connect to bridge '0.0.2.0:3' using pluggable transport 'meek', but we can't find a pluggable transport proxy supporting 'meek'. This can happen if you haven't provided a ClientTransportPlugin line, or if your pluggable transport proxy stopped running.

Works fine for me with a fresh install and choosing meek-azure (this is on an old 10.6 testing Mac) . I wonder what is wrong on your side, hrm.

Maybe would be better to test on 10.11 before just saying everything is fine?

I did not say everything is fine. I just said this is working on my OS X machine. How do you know from the original post that this is an issue on 10.11?

10.11 is the latest, and only version of OS X Apple issues full security updates for, so you'd think TorProject would want to test on it.

I just used a Mac OS 10.11.5 system to try to reproduce this problem. I could not. I tried both en-US and es-ES packages.

In Tor Browser 6.0, the template-profile.meek-http-helper directory contents should be copied to TorBrowser-Data/Tor/PluggableTransports/profile.meek-http-helper by the meek client when it starts up. If the original commenter is still having problems, they should open a trac ticket so we can discuss this problem and investigate further.

Will try to when I have time. Does anyone know how to enable logging on the meek proxy?

In torrc, change the ClientTransportPlugin line to:

ClientTransportPlugin meek exec PluggableTransports/meek-client-torbrowser --log meek-client-torbrowser.txt -- PluggableTransports/meek-client --log meek-client.txt

This will give you two log files, meek-client-torbrowser.txt and meek-client.txt. meek-client-torbrowser is the program that starts up a headless copy of Firefox for TLS camouflage. meek-client actually implements the transport.

Note to all OSX users encountering similar error: make sure before upgrade/clean install for 6.0+ that user installing has sudo privileges. TorBrowser needs write access to /Applications/TorBrowser-Data/ which will fail unless the user is an administrator. sudo privileges can be removed after installation and first run without problems.

Thanks. This is https://trac.torproject.org/projects/tor/ticket/19646
Read the ticket for a workaround.

thanks!

i guess it's normal that http://ip-check.info/?lang=en says my user-agent is bad or should i reinstall it?

They probably need to update their test to reflect our switch to ESR45.

Under ‘main’ ‘env’ ‘test 1’ ‘test 2’ and ‘ssi’ http://www.stilllistener.com/checkpoint1/index.shtml gives the same user agent information that ip-check.info rates as bad (red).

Maybe we should think carefully when consulting ip-check.info.

Since with TOR 6.0, when checking on ip-check.info, I was getting an orange and a red rating for Signature and User-Agent respectively I decided to reinstall TOR 5.5.5 and check the results again.

The Signature ‘Orange’ rating for TOR 6.0 becomes a ‘Green’ rating for TOR 5.5.5 showing EXACTLY the SAME ‘Value’.

In the case of User Agent the only difference between the Green rating for TOR 5.5.5 and a Red rating for TOR 6.0 is that for TOR 5.5.5 38.0 appears under Value and for TOR 6.0 that changes to 45.0.

Keep up the good work.

This forced ass raping of updates for 6.0 is bullshit.

Please make preventing auto updates an enjoyable, and possible, experience.

Yes, the updates still download when the respectively located update files have been removed and when about:config and the file crying about not being edited that directs you there have been altered to prevent them from doing so.

More trust in users would be nice :)

about:config
app.update.auto = false

With that said, is there any reason why you don't want updates? You're leaving yourself open to known security vulnerabilities.

as for me its against my personal security rule #6:
never allow anyone to touch your property

This isn't a Tor bug, but a Youtube one.

I was using 5.5.5 to surf Youtube without issue (each time using a fresh Tor extraction), then a few days ago HTML5 started to crash reliably after watching a few videos (does the same with v6.0).

Getting a "new identity" didn't fix the issue. You have to shut it down, kill Firefox in task manager, and restart in order to view HTML5 videos again (non-video websites still work).

Obviously Youtube made a change that is crashing Tor (since I used a fresh Tor extraction each time for weeks without issue).

For security reasons it's probably a good idea to restart as much as possible when getting a new identity, especially HTML5, so settings/cache/bugs/and other data aren't retained, and this would provide a fix to not only this issue, but countless others.

Which operating system is this happening on? And what does "reliably" mean? Do you have some particular steps I could try?

This update is pretty big!

Where is the hardened version for Windows?

Yes, it is big as the new Firefox got a lot bigger (again). There is no hardened version for Windows. And it is none planned at the moment.

So is it normal that it is about 200MB? It was about 160 before this update.

The "hardened" version specifically includes Address Sanitizer(ASan) which has a significant impact on performance in both memory usage and speed, which is why hardened is permanently stuck in alpha.
As for why it isn't available on Windows: Last I checked, ASan didn't fully support Windows.

>Accept-Encoding: gzip, deflate, br
>brotli
Whatever makes you happy.

Is brotli secured and bug-free?

will audio fingerprinting be fixed ?

https://audiofingerprint.openwpm.com/

You can follow the event (and contribute to it): https://bugs.torproject.org/13017.

Thank you for CTRL+SHIFT+L !!!!!!!!!!!!!! :DDDDDDDDDDDDDDDD
Now maybe getting a new circuit to bypass Cloudflare & co will be less annoying.

Automatic update from 5.5.5 doesn't work. It says that there was an error (doesn't say which) and says to download from the website.

Tor browser now fullscreens itself rather than keeping to a standard size for greater anonymity.

I imagine this isn't seen in most common setups (unless it's a deliberate change). But I'm using a tiling WM (XMonad), and the behaviour I have always seen before is TB keeping itself to those fixed proportions to the left of the screen. If you start moving "tiles" about, it ends up losing track and fullscreening itself, but not if left alone. Now with 6.0, it is always fullscreen, though it does briefly display the initial tab at the smaller size on first opening, just for a split second before expanding to fill the whole screen..

We did not change anything regarding that particular code. I guess there are some underlying changes Mozilla did that are causing this. Could you open a ticket on trac.torproject.org so that we can investigate this? Thanks!

Done, #19263

When I updated and restarted Tor, AVG Free Edition blocked and quarantined Trojan horse inject3.ASKH coming from Tor Browser. Anyone else have this situation?

Yep. Says the tojan is in ..\TorBrowser\Browser\updated\AccessibleMarshal.dll

Yes, I've the same problem. AVG shows that the Trojaner is in AccessibleMarshal.dll

Duckduckgo is owned by Gabriel Weinberg who earlier ran the site The Names Database, a community portal created for the purpose of data mining.

The Names Database was exceptionally underhanded in that it did not mine only its users, but offered them community perks if they exposed personal information of friends and relatives who could then be profiled with no say of their own.

If anyone thinks his stripes have faded you only have to look at his profile here, where he lists himself as a current a board member of Locality, which is a company that by its own words specializes in user data mining.

https://angel.co/yegg
https://angel.co/locately

I doubt I need to explain why the integrating the platform of a current data miner, with a history of unethical practice, in a suite intended for user privacy is a really bad idea. Your data simply is not safe in the hands of this person.

at least some competition to google's mining!

That would be an argument if there weren't other alternatives, like Startpage.

don't create new monster to fight it later. do they have onion address at least?
i use it sometimes when http://3g2upl4pq6kufc4m.onion/ is unreachable

How can I set a ExitNodes country code in the Mac OS X version of Tor 6.0? The torrc file apparently is no longer in the app bundle so where does Tor 6.0 look for torrc assuming torrc is still supported on a Mac? Or is there some other way of doing this now?

https://trac.torproject.org/projects/tor/ticket/13252#comment:22 has the layout changes. Do you find the torrc file with that help? If not, where did you install Tor Browser on your OS X system?

~/Library/Application\ Support/TorBrowser-Data/Tor/torrc

cannot set the "extensions.brief.homeFolder" for Brief addon
even if I set it manually from the "about:config", cannot set the integer more than "5"
!!!!!!!!!!!!!!!!!!!!!

It was worked normal on ver 5.5

when downloading this version of tor it started out as having 7min left to finish dwnloading and than started climbing up to 15 mins left why would it do this? I have fast internet service

I used to be able to use a version of Tor on a flash drive and carry it across computers (IE: copying it to my work computer) and all my preferences (No script whitelist, addons, etc) would remain. Now, it behaves like a clean install every single time. It's VERY annoying/time consuming.

Hard to tell what is going wrong. Could you open a ticket in our bug tracker (trac.torproject.org) giving us some details on what worked and what is broken now so that we can investigate further? Thanks!

If this is OS X, this is no doubt because of the hasty decision to move profile files to Application Support folder vs having them in the Application itself simply to satisfy Gatekeeper which is easy for an attacker to bypass anyway.

Just an FYI: It only puts it in the application support folder if you put Tor in the Application folder. If you put Tor anywhere else (IE: a flash drive or the Desktop - which I do for a portable Tor browser and at work), it creates the data file in that directory - which makes it easy to find later for deleting purposes.

I wouldn't mind this change if they provided an easy way for me to point to the location of the profile information as I copy/paste tor.app across computers. But, as far as I could find, that doesn't exist right now.

A messy work-around:
1) Open the DMG and put Tor.app in the file you want it (I used my flash drive for this)
2) Open it so that it creates the TorBrowser-Data file
3) Set up Tor as desired
4) On new device, open DMG and put Tor.App in file you want
5) Open it so that it creates the TorBrowser-Data file
6) Quit Tor
7) Copy files from TorBrowser-Data file old device to same folder on the new device.
8) Open Tor (and your settings should all be there).

This is a messy fix (for some reason, some of my NoScript settings went a little wonky), but not as time consuming as how I had to do it before.

I'd love to do that, but it keeps rejecting my registration as spam no matter what browser I use.

So here are additional details:
All computers running OSX 10.9.5

Under 5.5.5 and earlier, I could save Tor.app to whatever folder I like, set up all my preferences/addons (IE: ghostery, adblock plus, disconnect for social media, bookmarks, etc) load addon specific details (IE my noscript whitelist) and then exit out of Tor, copy the Tor.app to a flash drive and then either use Tor from the flash drive, or copy it to other computers as needed with all preferences/settings in tact.

Now, even if I copy the Tor-Data folder along with the Tor.app to a flash drive, Tor always behaves as a 'clean version', so I have to reload all these preferences for every individual computer.

I figured that was because the data was unpackaged from the rest of Tor (as mentioned in the bug fixes), but then I didn't see a place where I could easily change the setting in Tor to point to the location of the "Tor-Data" file.

It would be nice to know all file locations for version 6.0 vs 5.5.5 in OS X. If you uninstall version 5.5.5 by removing the .app file is there anything else to remove before installing 6.0 to achieve a clean install?

For 5.5.5, removing the .app folder should be enough.
For 6.0, you also need to remove the TorBrowser-Data folder which will either be next to the .app or, if you place the .app bundle in /Applications, it will be at ~/Library/Application Support/TorBrower-Data.

With Tor Browser 6.x on Mac OS, if you move or copy the TorBrowser-Data folder and make sure it is next to TorBrowser.app, the browser profile, Tor data, and other settings should be used. It works for me. The data folder name is important; you should not rename it.

This doesn't work across file systems.
My work computer profile is "TorWork", then the file structure is Torwork/...

My Home computers are Mini/...
Laptop/...

My flash drive is Flash/...

The only way to get Tor to copy/paste somewhat cleanly across systems is how I described above. Just copy pasting Tor.app and Tor-Data wasn't good enough. Tor.app is somehow linked to how it creates Tor-Data.

Terrible. I clicked to update, it got to the connecting to the Tor network and it did nothing for 3 hours. I exited and now cannot access the browser at all. I then downloaded the new version and when I click to install it freezes Windows Explorer. I have to manually restart that process. The browser is unusable now when it was perfect. Now it sucks and reminds me of IE.
I am running Windows 8.1 No error messages nothing. Just does nothing.

If anyone has any ideas? I am open to suggestion.

Do you have any antivirus/firewall software running on your system? The symptoms you mentioned fit well to such a software trying to protect you and while doing so is interfering with Tor Browser. If so, could you uninstall it for testing purposes (disabling is often not enough).

since update it will not open

I've searched some and don't see where the 'maximize' issue was resolved. Can someone say whether maximizing is a fingerprinting risk now or not?

Also does using fullscreen mode (F11) represent a risk?

>I've searched some and don't see where the 'maximize' issue was resolved.

It cannot be resolved easily. My guess is that it would require the rendering engine itself to be thoroughly changed, something Tor Browser devs are not very likely to do. If you want a more precise answer, be yourself more precise about what you mean with "maximize issue".

>Can someone say whether maximizing is a fingerprinting risk now or not?

It has always been and it continues to be.

>Also does using fullscreen mode (F11) represent a risk?

Yes.

Read: https://www.torproject.org/projects/torbrowser/design/ . In particular the section "7. Monitor, Widget, and OS Desktop Resolution" under "Specific Fingerprinting Defenses in the Tor Browser".

channe-prefs.js: pref("app.update.channel", "alpha");

I set it to alpha from stable a few months ago because I want to use latest version as possible.
So should I switch back to "release" to receive this update?

I'm expecting alpha gets alpha and release(latest as possible) version; if not please consider it.

If you can wait a couple of days, next week will be a new alpha available.

This is giving me quite a headache...how do I update TOR within TAILS os? Any help would be GREATLY appreciated.

you upgraade tails

tor will be updated when you update tails

Ask Tails.

https://mailman.boum.org/listinfo/tails-support

A message about Tor and its developers... https://twitter.com/dakami/status/695033477704634368

tbb 5.5.5 disappears (crashes) without error message by clicking a specific website
os: win7 sp1

Does Tor Browser 6.0 fix the issue for you?

couldn' t reproduce it after restart, maybe it was a disc space problem (windows caching...)

state
search providers

Where are the files located now?

Shumway doesn't support proxy settings? Maybe that should be addressed with the Mozilla's devs?

http://www.infowars.com/google-and-the-fbi-have-been-collecting-your-info-longer-than-you-think/

Version 6.0 is Garbage! Not only it doesn't even open (stays stuck on ''Connecting to the Tor network'') but now I cannot even get older versions to work, as the same problem happens with version 5.5, when before it was perfectly alrigth!

Are you guys working for NSA/GCHQ and trying to screw us over by coming up with this ''upgrade'' which doesn't even work to force us to use Firefox/Internet Explorer?...

Otherwise what on Heaven's sake is going on here?? I have just wasted another hour trying to get this Demonic thing to work for NOTHING...I'm FED UP!!!!!

Maybe your local antivirus/firewall software got an update and is blocking now bot versions? Tor Browser is self-contained and does not mess with older/other versions. Even if 6.0 would not work this would not impede 5.5. Thus, there is a different thing wrong on your computer.

New error in TBB6.0:

when you try to see the page source(right click -> View page Source/View Selection Source), browser is open a new tab
with source, e.g. view-source:https://blog.torproject.org/blog/tor-browser-60-released

view-source:data:text/html;charset=utf-8,

%EF%B7%90If%20you%20can%20wait%20a%20couple%20of%20day%EF%B7%AFs%2C%20next%20week%20will%20be%20a%20new%20alpha%20available.<%2Fp>

Having the source in a new tab instead of an own window seems to be a new feature in ESR 45. This happens with a vanilla Firefox 45 ESR as well.

It's a bad feature.

In "an own window" you can format the page easy.
In the "new tab instead" not!

Use about:config to set view_source.tab to false.

Torbutton INFO: tor SOCKS: https://blog.torproject.org/blog/tor-browser-60-released via --NoFirstPartyHost-about-blank--:0
Torbutton INFO: tor SOCKS: http://ocsp.digicert.com/ via --nofirstpartyhost-about-blank--:0
getFirstPartyURI failed for view-source:https://blog.torproject.org/blog/tor-browser-60-released: no host in first party URI view-source:https://blog.torproject.org/blog/tor-browser-60-released

REMINDER: Former CIA director: ‘We kill people based on metadata’

https://www.rt.com/usa/158460-cia-director-metadata-kill-people/

Every time I try to install this update, it breaks the whole browser. I can't run it without downgrading to 5.5.5 and I don't think that's a good idea to be doing...

I have every single executable file whitelisted in my AV as well, but still no dice

It won't open, even with antivirus uninstalled

good tks

Regrettably this update slows down the browser speed immensely... i dont know why but still it does... went back to an old version....

i am not able to get new bridges via Email ? what should i do ?

i send get transport [obf3] to bridges@torproject.org(with no subjext ) but i don't receive any email

There is an error in your formatting, and a typo. It should be:

get transport obfs3

("obfs3" not "obf3", and no square brackets around the transport name.)

Flawless as usual on a updated debian, so how can you guys sound
so outraged after each update when really you should focus on
the operating system or should i say barely operating system tor is
laying over.
As for network speed (was "i can't play flash player" before), keep on
advertising for a regression to previous versions, try to advocate for
keeping Xp with vidalia's versions you'll look more genuine.

To the builders : keep on rocking ! From Paris with love.

Yep. Never had any of the problems some people complain about here on every freaking release.

Braindead windoze useds? 3-letter agency shills? Whatever.

Won't open. Have reverted to older version.

I am using windows 10 and since updating TOR won't even start. Nothing at all seems to be happening.

Using Windows Defender & Windows Firewall, so have turned off but still nothing.

Could u make a video tutorial to teach us installing Tor and establishing Obfs4 bridge on CentOs vps?Please

It's not a video, but this tutorial is good:
https://medium.com/@dcamero/tor-obfs4-bridge-for-gfw-5caf8db7748b
(Sorry for CloudFlare captcha.)
For CentOS, you might have to compile obfs4proxy yourself; see:
https://github.com/Yawning/obfs4#installation

Thank u.

Problem////

can not connect TOR

That updates changed something bad. I used a cpanel for a website I manage, but as of the 6.0 update, I'm auto-disconnected in a blink. I've read about cookie-related issues, has this updates changed somethings on this end ?

Not really. Do you have a test website we could look at for debugging?

I have just installed version 6.0 (again!).

When I do a check with ip-check info I get “You are using Tor, but your browser profile differs from the recommended”. It gives an orange rating for Signature and a red one for User-Agent. This happens even after re-installing three times.

With version 5.5.5 both of these were ‘green’.

Please help.
Thanks

They probably did not update the user agent on their test and are still comparing the new one to the old, esr38 based value.

yeah man , I have the same problem and do not know what to do

How to edit search providers in the package?

Disconnect is broken and DDG is unusable for latency reasons.

Please help :)

You can manage your search engines on about:preferences#search.

with this tor up dating it s impossible to open the page of www.mega.nz
why???

Works for me.

I installed tor 6.0. After that I found that the first connection is always to same IP address (23.254.166.222) even if I try to create a new tor circuit. Is this some new feature and is 23.254.166.222 tor project's own node server?

Won't open, removed antivirus and still won't open.

Downgraded to old version, network seems to lose connections if not regularly used (timeout issue?) new identity and new circuit for this website now no longer work in old version.

What is this 23.254.166.222 in Tor circuit? I cannot avoid it whetever I'm doing. Is Tor secure any longer?

Some sites don't use HTTPS? Why? Even if forced, still won't.

when i am open chat cam show to me:
(video format or MME type is not supported)
how can I solve this?
thank you

Also TBB asks a program to open .m3u8 file, but Firefox uses this playlist to open the proper video.

Facebook and Twitter are censoring free speech, Bloomberg reported in an article which downplayed what’s really going on: the hijacking of the Internet to destroy national identity, culture and the free exchange of ideas in favor of an 1984-style virtual superstate.

i do agree.
give a try to diaspora.
a lot of site propose to let you posting but they do not publish your comments.
mailing-list are also in this case.
1984 was about a brutal state which opium & diamonds were the goals and have free servants were the gift, a virtual state is a commercial deal where the goal is to be on the right side (a silence for an agreement) : the others will not survive in a good condition.

Tor 6.0 exit nodes instability? Irregular jumping between nodes within two seconds?

I must say that I have ever increasing problems with running tor browser in a transparent proxying environment. Short list:

* Having a tor update installed without being asked beforehand
* than Tor browser doesn't start until I delete the launcher plugin manually
* afterwards I am not able to open torbutton network settings
* onion addresses do not work anymore, although AutoMapHostsOnResolve is set to 1, and they work with wget.

I understand that the team focuses on average users deploying torbrowser out of the box, but all the other use cases shoudn't just be fully ignored!

You can disable the auto-updater if you want. That said filing issues on our bug tracker (trac.torproject.org) might be a smart move as we are otherwise not aware of the problem or forget about it. Once that is done working on a patch might speed up solving your problem considerably. So, no, there is no ignoring going on. It is just that we are not enough to fix all the bug reports we get. :(

Oops, good idea to use the bug tracker. :)

By the way, for anybody who reads this: .onion addresses can be (re-)enabled by setting

network.dns.blockDotOnion to False

and thanxxx!!! for all your excellen work!

How about providing the Tor browser as a flatpak ( http://flatpak.org/ ) to allow it to be run properly sandboxed? I guess tor users are quite security aware...

Yup, that's one option we are currently considering for Linux.

I don't know if anyone else is having this problem but tor seems to be stuck on the 'example.com' page when i try to look at any sites circuit. It just says example A, example B example C instead of the IP's and countries. any help would be greatly appreciated.

Works for me. Is that reproducible even after you start Tor Browser again?

Among other problems I've never had before with tor the amount of identifying information that comes out of 5.5.5 is a fraction of what is in 6. This has been the first backwards step in this direction I know. I have gone back to 5.5.5 and disabled updates (irritating) in both win and linux64 and I am waiting for a better version in the future.

Why isn't there some feedback on all the complaints listed here.

What kind of identifying information do you have in mind that twhere not in 5.5.5 but are in 6.0?

When I use panopticlick.eff testing 5.5.5 shows 1 of 204 browsers and 6 show more than a 1000

But now I am noticing another problem, as I turn off updates in preferences adanced update the update still happens when it is left idel for a while

It seems there is no way to block updates anymore, unless a firewall blocks torptoject

The new update 6.01 is even worse than 6 and reveals twice as much bits of identifying information to https://panopticlick.eff.org than 5.5.5 did.

Do you guys have any clue of why this is happening. Maybe there is something in ff that reveals more identifying info?

Yes, the problem is the Panopticlick test. It is not suited for the things you want to get tested. You want to know how identifiable you are in the Tor Browser crowd. Not how identifiable you are compared to Internet Explorer or Firefox etc. And not how identifiable you are compared to older browser versions.

And, sure, you can disable automatic updates if you really want to in your browser. But it not advisable doing so.

Where can I find the old 5.5.5 version?

I used to have it until Tor automatically updated to 6.0 and now Tor won't open. And I see am not the only one with this problem.

Should we wait for a 6.0.2 version to fix the unintended consequences of 6.0?

We don't have found a single Windows system where we could reproduce the problem. Our guess is that there is still software running on your and other Windows users' computer that is responsible for this. That said we have https://trac.torproject.org/projects/tor/ticket/19334 to investigate this trying to find out what is going on. It would be much appreciated if you or other Windows users affected by this could participate there and test bundles we make. Thanks.

A forced update downloaded for 6.0.1 even though I have removed the package update files and edited the about:config page.

What else can I do to stop these, they are a risk to my physical safety. I need to download Tor elsewhere safely.

Please help.

Hello. In Privacy section, I can't configure it to "Never remember history"
Thanks for your helping

Not sure why this is happening. Thanks for reporting, I opened https://trac.torproject.org/projects/tor/ticket/19369 for it.

U guess the response was that "we took down 5.5.5" yesterday so you don't use it.

I have gone to great lengths in preventing 5.5.5 from updating and once it remains idle it autoupdates anyway. My next move is to firewall torproject so no connection can be made.

Warning: wrong shasum on 6.0 browser download

https://dist.torproject.org/torbrowser/6.0/
https://dist.torproject.org/torbrowser/6.0/TorBrowser-6.0-osx64_en-US.dmg

$ shasum -a 256 /***/***/***/TorBrowser-6.0-osx64_en-US.dmg
0f4f6ca01028c2956c811dd94d67a76feb507cad176c031f32e6f95873003b4c

https://dist.torproject.org/torbrowser/6.0/sha256sums-unsigned-build.txt
d68d01889ba38764ebf2057b3cd3263f638a74205031a6d1df11ab8ca13a3618 TorBrowser-6.0-osx64_en-US.dmg

Shasums are not matching downloads
Tried 3 times with download over 3 different extitnodes
all downloads and shasums are "same same but different"

I know there is a new browser version available
but still ..

See my update note on the blog post above: the OS X bundles are signed now and we are still working on providing instructions to remove the signature in a way that you can get compare the SHA256 sums easily.

Installed the update, and now it just won't open the browser, nno matter how many times i click on the icon

After installing my tor browser,so i try to open it,it will load and stop

Won't load for me. Have to resort to 5.5 although would attempt newer version but cant find link - using windows 10. Have not disabled anti-virus - getting no error message, no activity in task manager. Cheers.

Syndicate content Syndicate content