Blogs

Tor Browser 6.0.6 is released

Tor Browser 6.0.6 is now available from the Tor Browser Project page and also from our distribution directory.

This release features important security updates to Firefox.

This release is updating Firefox to 45.5.0esr. Moreover, other components got an update as well: Tor to 0.2.8.9, HTTPS-Everywhere to 5.2.7, and OpenSSL to 1.0.1u.

We fixed a lot of usability bugs, some caused by Apple's macOS Sierra (meek did not work anymore and windows could not be dragged either). We moved directly to DuckDuckGo as our search engine avoiding a roundtrip to Disconnect.me first. Finally, we added a donation banner shown in some localized bundled starting on Nov 23 in order to point to our end-of-the-year 2016 donation campaign.

Here is the full changelog since 6.0.5:

  • All Platforms
    • Update Firefox to 45.5.0esr
    • Update Tor to 0.2.8.9
    • Update OpenSSL to 1.0.1u
    • Update Torbutton to 1.9.5.12
      • Bug 20414: Add donation banner on about:tor for 2016 campaign
      • Translation updates
    • Update Tor Launcher to 0.2.9.4
      • Bug 20429: Do not open progress window if tor doesn't get started
      • Bug 19646: Wrong location for meek browser profile on OS X
    • Update HTTPS-Everywhere to 5.2.7
    • Update meek to 0.25
      • Bug 19646: Wrong location for meek browser profile on OS X
      • Bug 20030: Shut down meek-http-helper cleanly if built with Go > 1.5.4
    • Bug 19838: Add dgoulet's bridge and add another one commented out
    • Bug 20296: Rotate ports again for default obfs4 bridges
    • Bug 19735: Switch default search engine to DuckDuckGo
    • Bug 20118: Don't unpack HTTPS Everywhere anymore
  • Windows
    • Bug 20342: Add tor-gencert.exe to expert bundle
  • OS X
    • Bug 20204: Windows don't drag on macOS Sierra anymore
    • Bug 20250: Meek fails on macOS Sierra if built with Go < 1.7
  • Build system
    • All platforms

Tor 0.2.9.5-alpha is released, with numerous bugfixes

Tor 0.2.9.5-alpha fixes numerous bugs discovered in the previous alpha version. We believe one or two probably remain, and we encourage everyone to test this release.

You can download the source from the usual place on the website. Packages should be available over the next several days. Remember to check the signatures!

Please note: This is an alpha release. You should only try this one if you are interested in tracking Tor development, testing new features, making sure that Tor still builds on unusual platforms, or generally trying to hunt down bugs. If you want a stable experience, please stick to the stable releases.

Below are the changes since 0.2.9.4-alpha.

Changes in version 0.2.9.5-alpha - 2016-11-08

  • Major bugfixes (client performance):
    • Clients now respond to new application stream requests immediately when they arrive, rather than waiting up to one second before starting to handle them. Fixes part of bug 19969; bugfix on 0.2.8.1-alpha.
  • Major bugfixes (client reliability):
    • When Tor leaves standby because of a new application request, open circuits as needed to serve that request. Previously, we would potentially wait a very long time. Fixes part of bug 19969; bugfix on 0.2.8.1-alpha.

  read more »

Announcing the Tor Browser User Manual

The community team is excited to announce the new Tor Browser User Manual!

The manual is currently only available in English. We will be adding more languages in the near future, as well as adding the manual to Transifex.

During the creation of this manual, community feedback was requested over various mailing lists / IRC channels. We understand that many people who read this blog are not part of these lists / channels, so we would like to request that if you find errors in the manual or have feedback about how it could be improved, please open a ticket on our bug tracker and set the component to "community".

This manual is part of an ongoing effort to foster wider adoption of Tor, and provide better support to all users, new and old. We'll soon have some more exciting new developments to share about our user support efforts, so stay tuned.

Thanks for using Tor!

Tor 0.2.8.9 is released, with important fixes

Tor 0.2.8.9 backports a fix for a security hole in previous versions of Tor that would allow a remote attacker to crash a Tor client, hidden service, relay, or authority. All Tor users should upgrade to this version, or to 0.2.9.4-alpha. Patches will be released for older versions of Tor.

You can download the source from the Tor website. Packages should be available over the next week or so.

Below is a list of changes since 0.2.8.8.

Changes in version 0.2.8.9 - 2016-10-17

  • Major features (security fixes, also in 0.2.9.4-alpha):
    • Prevent a class of security bugs caused by treating the contents of a buffer chunk as if they were a NUL-terminated string. At least one such bug seems to be present in all currently used versions of Tor, and would allow an attacker to remotely crash most Tor instances, especially those compiled with extra compiler hardening. With this defense in place, such bugs can't crash Tor, though we should still fix them as they occur. Closes ticket 20384 (TROVE-2016-10-001).
  • Minor features (geoip):
    • Update geoip and geoip6 to the October 4 2016 Maxmind GeoLite2 Country database.

Tor 0.2.9.4-alpha is released, with important fixes

Tor 0.2.9.4-alpha fixes a security hole in previous versions of Tor that would allow a remote attacker to crash a Tor client, hidden service, relay, or authority. All Tor users should upgrade to this version, or to 0.2.8.9. Patches will be released for older versions of Tor.

Tor 0.2.9.4-alpha also adds numerous small features and fix-ups to previous versions of Tor, including the implementation of a feature to future- proof the Tor ecosystem against protocol changes, some bug fixes necessary for Tor Browser to use unix domain sockets correctly, and several portability improvements. We anticipate that this will be the last alpha in the Tor 0.2.9 series, and that the next release will be a release candidate.

You can download the source from the usual place on the website. Packages should be available over the next several days. Remember to check the signatures!

Please note: This is an alpha release. You should only try this one if you are interested in tracking Tor development, testing new features, making sure that Tor still builds on unusual platforms, or generally trying to hunt down bugs. If you want a stable experience, please stick to the stable releases.

Below are the changes since 0.2.9.3-alpha.

Changes in version 0.2.9.4-alpha - 2016-10-17

  • Major features (security fixes):
    • Prevent a class of security bugs caused by treating the contents of a buffer chunk as if they were a NUL-terminated string. At least one such bug seems to be present in all currently used versions of Tor, and would allow an attacker to remotely crash most Tor instances, especially those compiled with extra compiler hardening. With this defense in place, such bugs can't crash Tor, though we should still fix them as they occur. Closes ticket 20384 (TROVE-2016-10-001).
  • Major features (subprotocol versions):
    • Tor directory authorities now vote on a set of recommended subprotocol versions, and on a set of required subprotocol versions. Clients and relays that lack support for a _required_ subprotocol version will not start; those that lack support for a _recommended_ subprotocol version will warn the user to upgrade. Closes ticket 19958; implements part of proposal 264.
    • Tor now uses "subprotocol versions" to indicate compatibility. Previously, versions of Tor looked at the declared Tor version of a relay to tell whether they could use a given feature. Now, they should be able to rely on its declared subprotocol versions. This change allows compatible implementations of the Tor protocol(s) to exist without pretending to be 100% bug-compatible with particular releases of Tor itself. Closes ticket 19958; implements part of proposal 264.

  read more »

OONI is looking for a UX designer!

in

Passionate about design and Internet freedom?

The Open Observatory of Network Interference (OONI), a free software project under The Tor Project that aims to uncover Internet censorship by monitoring its prevalence around the world, is seeking a UX designer.

Up until recently, users would run OONI’s software (ooniprobe) from the command line. Soon we aim to release both a desktop (web based) and mobile client that will enable users to run ooniprobe from a graphical user interface. We want to make the user interface as usable and graphically appealing as possible to engage more users.

If you’re interested in designing the interface of OONI’s new desktop and mobile clients, please don’t hesitate to apply! Information on how to apply can be found here.

Q and A with Yawning Angel

Here's an interview I just did with our own Yawning Angel, a longtime Tor developer, about his work on a Linux prototype for a sandbox for the Tor Browser.

What is a sandbox?

It’s a separate environment from the rest of your computer where you run untrusted programs. We’re running Tor Browser.

The idea is that exploits targeting Tor Browser are trapped inside the sandbox and can’t get out and mess with the rest of your computer or deanonymize you.

The amount of information Tor Browser will learn about your computer, and thereby you, will be limited. For example, the sandbox will hide things like your files, and real IP and MAC addresses from Tor Browser.

Tor Browser can only access or manipulate the insides of the sandbox. It's like Plato's Allegory of the Cave. The only reality Tor Browser knows is the inside of the sandbox (cave). We prevent it from interacting with the rest of your computer (the outside world), except via the Tor Network (shadows on the wall).

How will the sandbox help users?

It should make Tor a lot safer for users. We know there are people who try to de-anonymize Tor users by exploiting Firefox. Having Tor Browser run in a sandbox makes their life a lot harder.

Which operating system will the sandbox support?

We need a sandbox for Linux, OSX, and Windows. I’m working on the Linux one. The Tor browser team is looking at OSX. In the future we’d like to do Windows.

Can you talk about the sandbox a bit more?

I use a Go application to manage installing and updating Tor Browser, and set up the sandbox using a utility called bubblewrap (the underlying sandboxing code also used by Flatpak) which is based around Linux's container support.

It ended up being something superficially similar to what the Subgraph OS project has done, but my approach is more targeted as "something you can just download and start using on your existing Linux system", and theirs, as far as I am aware, is more oriented around being a full OS replacement.

Why are you doing this?

It's an interesting technical challenge, and in the light of recent events like The FBI’s Quiet Plan to Begin Mass Hacking, defending users against malicious attackers at the application layer is incredibly important.

Why did we not have this before?

Developer time—we have a lot that we already need to do. We never have time to do this. We have a funding proposal to do this but I decided to do it separately from the Tor Browser team. I’ve been trying to do this since last year. This is my third attempt. I failed twice at coming up with something that I like, but the third time appears to be the charm.

What was the hardest part?

Lots of design problems. It’s incredibly complicated.

What else have you worked on?

Everything—I’ve touched a lot of our code. I designed and wrote obfs4, Meek on Android uses my code, and I work on core Tor.

When will the sandbox be available to users?

This is experimental. Right now I have something that works on my laptop. It is not user friendly at all. It’s a functional prototype. By the end of the year it will be available in alpha form for early adopters to experiment with.

What are you working on right now?

There’re a few security versus usability tradeoffs. Most users will disagree with the tradeoffs I’ve made for myself, so I have to make all that configurable. For example, do we want to give the sandbox access the sound card? We will make it user configurable.

Mozilla is also working on something like this, right?

Mozilla is working primarily on efforts to sandbox the content, media and plugin processes (roughly a per-tab sandbox).
In our version, the entire browser is running in a sandbox.

Both projects in the long run should work to complement each other, since both are a good idea.

Tor 0.2.8.8 is released, with important fixes

Tor 0.2.8.8 fixes two crash bugs present in previous versions of the 0.2.8.x series. Relays running 0.2.8.x should upgrade, as should users who select public relays as their bridges.

You can download the source from the Tor website. Packages should be available over the next week or so.

Below is a list of changes since 0.2.8.6.

Changes in version 0.2.8.8 - 2016-09-23

  • Major bugfixes (crash):
    • Fix a complicated crash bug that could affect Tor clients configured to use bridges when replacing a networkstatus consensus in which one of their bridges was mentioned. OpenBSD users saw more crashes here, but all platforms were potentially affected. Fixes bug 20103; bugfix on 0.2.8.2-alpha.
  • Major bugfixes (relay, OOM handler):
    • Fix a timing-dependent assertion failure that could occur when we tried to flush from a circuit after having freed its cells because of an out-of-memory condition. Fixes bug 20203; bugfix on 0.2.8.1-alpha. Thanks to "cypherpunks" for help diagnosing this one.
  • Minor feature (fallback directories):
    • Remove broken fallbacks from the hard-coded fallback directory list. Closes ticket 20190; patch by teor.
  • Minor features (geoip):
    • Update geoip and geoip6 to the September 6 2016 Maxmind GeoLite2 Country database.
Syndicate content Syndicate content