Tor Browser is released

The release of the Tor Browser Bundle is now available on the Download page. You can also download the bundles directly from the distribution directory.

This release fixes the localization of the non-english bundles.

Please see the TBB FAQ listing for any issues you may have before contacting support or filing tickets. In particular, the TBB 3.x section lists common issues specific to the Tor Browser 3.x series.

Here is the list of changes since 3.5.2. The 3.x ChangeLog is also available.

  • All Platforms
    • Bug 10895: Fix broken localized bundles
  • Windows:
    • Bug 10323: Remove unneeded gcc/libstdc++ libraries from dist

Join us! The Tor Project Developer's Meeting - Reykjavik, Iceland - February 17 - 21, 2014

The Tor Project team will be in Reykjavik, Iceland February 17 thru 21 for our bi-annual developer's meeting.

It is going to be an exciting week so please consider joining us any number of the following public events:

Tuesday, 2/18, 8:00 pm
Crypto Party

Location: Multi-Kulti -

Wednesday, 2/19, 6:30 pm
Tor: Lessons Learned over the Past 12 Months

Roger Dingledine and Jacob Appelbaum will lead the conversation.
This evening event is being hosted by Reykjavik University.
Location: Reykjavik University - M101 -

Thursday, 2/20, 9:00 am
Digital Safety for Journalists - 1/2 Day Hands-on Workshop

Location: Grand Hotel -

Friday, 2/21, 9:30 am

Location: Grand Hotel -

For questions, please contact

Tor Weekly News — February 12th, 2014

Welcome to the sixth issue of Tor Weekly News in 2014, the weekly newsletter that covers what is happening in the Tor community.

Tails 0.22.1 is out

The Tails team cut its 36th release on February 4th. Their Debian-based live operating system continues to provide anonymity by ensuring that all outgoing connections are routed through Tor, and privacy by ensuring that no traces are left without the user’s knowledge.

Tails 0.22.1 contains security fixes to Firefox, NSS, and Pidgin. It also brings an updated Linux kernel and several fixes for regressions and small issues.

While advertised as a minor version, the new incremental upgrades are a major usability improvement. Previously, upgrading Tails basically meant installing Tails again by downloading the image and putting it on a DVD or a USB stick. Users who store persistent data in their Tails instance then had to use this new medium to upgrade the stick with their data. A tedious process, to say the least. Now, with incremental upgrades, Tails users with USB sticks will be prompted to perform a few clicks, wait, and reboot to get their system up-to-date.

One usability change might surprise long time Tails users: the browser now has to be manually opened when Tor has successfully reached the network.

As always, be sure to upgrade! Users of Tails 0.22 on USB sticks can do so easily by running the Tails Upgrader application in the Tails menu.

Tor Browser Bundle 3.5.2 is released

The Tor Browser team delivers a new Tor Browser Bundle. Version 3.5.2 brings Tor users important security fixes from Firefox and contains fixes to the “new identity” feature, window size rounding, and the welcome screen with right-to-left language, among others.

The curious can take a peek at the changelog for more details. Every Tor user is encouraged to upgrade as soon possible. Jump to the download page!

Call to bridge operators to deploy ScrambleSuit

In the beginning there was Tor. When censors started filtering every known relay address, bridges were invented as a way to access the Tor network through unlisted relays. Deep packet inspection systems then started to filter Tor based on its traffic signature, so pluggable transports and obfucation protocols were designed in order to prevent bridge detection.

Currently, obfuscation is achieved through “obfs2” and “obfs3”. obfs2 is flawed; it’s detectable by deep packet inspection and is being phased out. obfs3 is unfortunately still vulnerable to active probing attacks. As obfs3 bridges are open to anyone, an attacker who uses a traffic classifier and finds an unclassified connection can figure out if it’s Tor simply by trying to connect through the same destination.

ScrambleSuit comes to the rescue. On top of making the traffic harder to recognize by timing or volume characteristics, ScrambleSuit requires a shared secret between the bridge and the client. A censor looking at the connection won’t have this secret, and therefore be unable to connect to the bridge and confirm that it’s Tor.

obfsproxy 0.2.6 was released last week and adds ScrambleSuit to the set of available pluggable transports. Bridge operators are now called to update their software and configuration. At least Tor is required. The latest version of obfsproxy can be installed from source, pip and Debian unstable.

There must be a critical mass of bridges before ScrambleSuit is made available to the Tor users who need it, so please help!

More status reports for January 2014

The wave of regular monthly reports from Tor project members for the month of January continued. Kevin P Dyer, Nick Mathewson, Georg Koppen, Karsten Loesing, Jacob Appelbaum, Arturo Filastò, Isis Lovecruft and Nicolas Vigier all released their reports this week.

Roger Dingledine has also sent the report to SponsorF.

Miscellaneous news

Most Tor developers will gather next week in Reykjavík, Iceland for the 2014 winter meeting. Expect a drop in activity on the usual communication channels while everyone is busy with face-to-face conversations. See upcoming events for activities open to the larger Tor community.

David Fifield is looking for testers for experimental 3.5.2 browser bundles with tor-fw-helper. “tor-fw-helper is a tool that uses UPnP or NAT-PMP to forward a port automatically” — something that flashproxy requires. David is “interested in finding out how likely it is to work”.

David Goulet gave us an update on the development of Torsocks 2.x. He hopes to perform a “full on release” after the Tor developers meeting.

”The Trying Trusted Tor Traceroutes project is coming closer to the next data review (03/2014)” wrote Sebastian Urbach. If you are a relay operator, please help find out how Tor performs against network-level attackers. The team now has a scoreboard with feedback for the participants.

One relay started to act funny regarding its advertised bandwidth. Roger Dingledine quickly reported his worries to the tor-talk mailing list. A couple of hours later Hyoung-Kee Choi accounted that one of the students from his research group had made a mistake while experimenting on the Tor bandwidth scanner. Directory authorities are now restricting its usage in the consensus.

On February 11th, the Tor Project participated on The Day We Fight Back, a global day of mobilization against NSA mass surveillance.

Tor help desk roundup

Tor supporters are often curious about the legal risks involved in running a Tor relay. The Tor Project is not aware of any country where running Tor is a punishable offense. Running a bridge relay or a non-exit relay is the best way to grow the Tor network without being exposed to additional legal scrutiny. The decision to run an exit relay should be made only after carefully reviewing the best practices. Unlike non-exit and bridge operators, exit relay operators need to be prepared to respond to abuse complaints.

Users continue to express interest in a 64-bit Tor Browser Bundle for Windows. Work to provide this new variant is on-going.

News from Tor StackExchange

strugee is running a Fast, Running and Valid relay and wonders when the relay will get the V2Dir flag. weasel answered that relays should “get the V2Dir flag simply by publishing a DirPort”, but that Tor will not always publish a DirPort: the full list can be found in the source code.

Ivar noted that the site How’s my SSL thinks that the SSL configuration of the Tor Browser is bad and wondered how the situation could be improved. Jens Kubieziel explained some settings for about:config and pointed to a more detailed blog post. Sam Whited also pointed out some settings for Firefox and noted that Firefox 27 improved the rating to “probably good” which will help the Tor Browser in the future.

fred set up a relay on a Windows machine where µTorrent is used besides Tor. When Tor is enabled many trackers become unreachable, but come back as soon as the relay is disabled. An explanation to this behaviour has yet to be found, don’t hesitate to chime in.

This issue of Tor Weekly News has been assembled by Lunar, Matt Pagan, Paul Feitzinger, qbi, Roger Dingledine and Karsten Loesing.

Want to continue reading TWN? Please help us create this newsletter. We still need more volunteers to watch the Tor community and report important news. Please see the project page, write down your name and subscribe to the team mailing list if you want to
get involved!

Tor Browser 3.5.2 is released

The 3.5.2 release of the Tor Browser Bundle is now available on the Download page. You can also download the bundles directly from the distribution directory.

This release includes important security updates to Firefox.

Please see the TBB FAQ listing for any issues you may have before contacting support or filing tickets. In particular, the TBB 3.x section lists common issues specific to the Tor Browser 3.x series.

Here is the list of changes since 3.5.1. The 3.x ChangeLog is also available.

  • Rebase Tor Browser to Firefox 24.3.0ESR
  • Bug 10419: Block content window connections to localhost
  • Update Torbutton to
    • Bug 10800: Prevent findbox exception and popup in New Identity
    • Bug 10640: Fix about:tor's update pointer position for RTL languages.
    • Bug 10095: Fix some cases where resolution is not a multiple of 200x100
    • Bug 10374: Clear site permissions on New Identity
    • Bug 9738: Fix for auto-maximizing on browser start
    • Bug 10682: Workaround to really disable updates for Torbutton
    • Bug 10419: Don't allow connections to localhost if Torbutton is toggled
    • Bug 10140: Move Japanese to extra locales (not part of TBB dist)
    • Bug 10687: Add Basque (eu) to extra locales (not part of TBB dist)
  • Update Tor Launcher to
    • Bug 10682: Workaround to really disable updates for Tor Launcher
  • Update NoScript to

Tails 0.22.1 is out

Tails, The Amnesic Incognito Live System, version 0.22.1, is out.

All users must upgrade as soon as possible: this release fixes numerous security issues.


Notable user-visible changes include:

  • Security fixes
    • Upgrade the web browser to 24.3.0esr, that fixes a few serious security issues.
    • Upgrade the system NSS to 3.14.5, that fixes a few serious security issues.
    • Workaround a browser size fingerprinting issue by using small icons in the web browser's navigation toolbar.
    • Upgrade Pidgin to 2.10.8, that fixes a number of serious security issues.
  • Major improvements
    • Check for upgrades availability using Tails Upgrader, and propose to apply an incremental upgrade whenever possible.
    • Install Linux 3.12 (3.12.6-2).
  • Bugfixes
    • Fix the keybindings problem introduced in 0.22.
    • Fix the Unsafe Browser problem introduced in 0.22.
    • Use IE's icon in Windows camouflage mode.
    • Handle some corner cases better in Tails Installer.
    • Use the correct browser homepage in Spanish locales.
  • Minor improvements
    • Update Torbutton to
    • Do not start Tor Browser automatically, but notify when Tor
      is ready.
    • Import latest Tor Browser prefs.
    • Many user interface improvements in Tails Upgrader.

See the online Changelog for technical details.

Known issues

I want to try it or to upgrade!

Go to the download page.

As no software is ever perfect, we maintain a list of problems that affects the last release of Tails.

What's coming up?

The next Tails release is scheduled for March 18.

Have a look to our roadmap to see where we are heading to.

Would you want to help? There are many ways you can contribute to Tails. If you want to help, come talk to us!

Support and feedback

For support and feedback, visit the Support section on the Tails website.

Tor Weekly News — February 4th, 2014

Welcome to the fifth issue of Tor Weekly News in 2014, the weekly newsletter that covers what is happening in the Tor community.

News from the browser team front

Mike Perry has a detailed report about what the growing Tor Browser team has been up to. Among the good news, new fingerprinting defenses are getting close to be merged for “screen resolution, default character sets, site permissions, and local service enumeration”. Some other changes that will reduce the attack surface include “disabling addon update requests for addons that should not update, a potential fix for a disk leak in the browser’s video cache, […], and a potential fix to prevent the Flash plugin from being loaded into the browser at all until the user actually requests to use it.”

Most censored users currently have to use a separate browser bundle dubbed “pluggable transports bundle”. This has proven quite inconvenient for both users and those trying to support them. Mike reports progress on “unifying the pluggable transport bundles with the official bundles, so that both censored and uncensored users can use the same bundles. […] The progress is sufficient that we are very likely to be able to deploy a 3.6-beta1 release in February to test these unified bundles.”

Another important topic is how the privacy fixes in the Tor Browser can benefit a wider userbase. The team has “continued the merge process with Mozilla, and have worked to ensure that every patch of ours is on their radar […]. Two patches, one for an API we require to manage the Tor subprocess, and another to give us a filter to remove potentially dangerous drag-and-drop events to the desktop have already been merged. Next steps will include filing more bugs, continual contact with their development team, and touching up patches as needed.”

There are even more things to smile about in the report. Read it in full for the whole picture.

Key revocation in next generation hidden services

It looks like every public-key infrastructure struggles with how to handle key revocation. Hidden services are no different. The current design completely ignored preventing a stolen key from being reused by an attacker.

With the on-going effort to create a new protocol for hidden services, now seems to be a good time for George Kadianakis to raise this issue. In the past there was little control for the hidden services operators over their secret key. The new design enables offline management operations which include key revocation.

As George puts it, currently well-known solutions “are always messy and don’t work really well (look at SSL’s OCSP and CRLs).” So how can “the legitimate Hidden Service can inform a client that its keys got compromised”?

In his email, George describes two solutions, one relying on the directory authorities, the other on hidden service directories. Both have drawbacks, so perhaps further research is necessary.

In the same thread, Nick Hopper suggested a scheme that uses multiple hidden service directories to cross-certify their revocation lists. This gives more confidence to the user, since the adversary now has to compromise multiple hidden service directories.

Please join the discussion if you have ideas to share!

Help needed to remove DNS leaks from Mumble

Mumble is a “low-latency, high quality voice chat software primarily intended for use while gaming”.

It’s proven to be a reliable solution for voice chat among multiple parties over Tor. Matt and Colin have worked on a documentation on how to setup both the client and the server side for Tor users.
But the client is currently safely usable only on Linux system with torsocks and on Tails. On other operating systems, the Mumble client will unfortunately leak the address of the server to the local DNS resolver.

The changes that need to be made to the Mumble code are less trivial than one would think. Matt describe the issue in more details in his call for help. Have a look if you are up to some C++/Qt hacking.

Monthly status reports for January 2014

The wave of regular monthly reports from Tor project members for the month of January has begun. Damian Johnson released his report first, followed by reports from Philipp Winter, Sherief Alaa, the Tor Browser team from Mike Perry, Colin C., the help desk, Matt. Lunar, George Kadianakis, and Pearl Crescent.

Miscellaneous news

Nick Mathewson came up with a Python script to convert the new MaxMind GeoIP2 binary database to the format used by Tor for its geolocation database.

Thanks to John Ricketts from Quintex Alliance Consulting for providing another mirror for the Tor Project’s website and software.

Abhiram Chintangal and Oliver Baumann are reporting progress on their rewrite of the Tor Weather service.

Andreas Jonsson gave an update on how Mozilla is moving to a multi-process model for Firefox and how this should positively affect the possibility of sandboxing the Tor Browser in the future.

As planned, to help “developers to analyze the directory protocol and for researchers to understand what information is available to clients to make path selection decisions”, Karsten Loesing has made microdescriptor archives available on the metrics website.

Christian has deployed a test platform for the JavaScript-less version of Globe, a tool to retrieve information about the Tor network and its relays.

In an answer to Shadowman’s questions about pluggable transports, George Kadianakis wrote a detailed reply on how Tor manages pluggable transports, both on the server side an on the client side.

Arthur D. Edelstein has advertised a GreaseMonkey script to enable Tor Browser to access YouTube videos without having JavaScript enabled. Please be aware of the security risks that GreaseMonkey might introduce before using such a solution.

Andrew Lewman reports on his trip to Washington DC where he met Spitfire Strategies to learn about “Tor’s brand, media presence, and ideas for the future”. For a short excerpt: “It’s interesting to get critiques on all our past media appearances; what was good and what could be better. Overall, the team there are doing a great job.”

Lunar accounted for Tor’s presence at FOSDEM, one of the largest free software event in Europe. The project had a small booth shared with Mozilla and there was even a relay operator meetup.

Yan Zhu has released the first version of HTTPS Everywhere for Firefox Mobile. A good news for users of the upcoming Orfox.

Tor help desk roundup

Users often want to know if Tor can make them appear to be coming from a particular country. Although doing so can reduce one’s anonymity, it is documented on our FAQ page.

Orbot users have noticed that installing Orbot to their SD storage can cause Orbot to stop functioning correctly. Installing Orbot to the internal storage has resolved issues for a few users.

News from Tor StackExchange

Rhin is looking for hidden services hosting services. Jens pointed them to but it looks like no there are no gratis hidden services hosters currently available.

Vijay kudal wanted to know how to change the current circuit within shell scripts. Jens Kubieziel gave an answer using expect and hexdump.

Roya saw replying contradictory information with Atlas about the exit node being used. It seems to be a bug in check occuring when multiple nodes are using the same IP address.

This issue of Tor Weekly News has been assembled by Lunar, Matt Pagan, qbi, George Kadianakis, Colin, Sandeep, Paul Feitzinger and Karsten Loesing.

TWN is a community newsletter. It can’t rest upon a single pair of shoulders at all times, especially when those shoulders stand behind a booth for two days straight. So if you want to continue reading TWN, we really need your help! Please see the project page and say “hi” on the team mailing list.

Tor Weekly News — January 29th, 2014

Welcome to the fourth issue of Tor Weekly News in 2014, the weekly newsletter that covers what is happening in the Tor community.

Tor Browser Bundle 3.5.1 is released

An update to the Tor Browser Bundle has been released on January 27th. The new release contains Tor which fixes a bug creating useless extra circuits. It also fixes a denial of service condition in OpenSSL and removes “” from the NoScript whitelist.

Arabic bundles are back after a short hiatus. Support for screen readers is also enabled again and has been confirmed working.

HTTPS Everywhere has been updated to version 3.4.5. It contains a new rule to secure connections to Stack Exchange and its Tor corner.

Look at the blog post for a more detailed changelog. And now, head over to the download page and upgrade!

New Tor denial of service attacks and defenses

Rob Jansen, Florian Tschorsch, Aaron Johnson, and Björn Scheuermann have been working on a new paper entitled The Sniper Attack: Anonymously Deanonymizing and Disabling the Tor Network. As research papers are sometimes hard to fully understand, Rob Jansen has published a new blog post giving an overview of the attacks, the defenses, what has been modified in Tor so far, and what open questions remain.

“We found a new vulnerability in the design of Tor’s flow control algorithm that can be exploited to remotely crash Tor relays. The attack is an extremely low resource attack in which an adversary’s bandwidth may be traded for a target relay’s memory (RAM) at an amplification rate of one to two orders of magnitude” explains Rob.

The authors have been working with Tor developers on integrating defenses before publishing: “Due to our devastating findings, we also
designed three defenses that mitigate our attacks, one of which provably renders the attack ineffective. Defenses have been implemented and deployed into the Tor software to ensure that the Tor network is no longer vulnerable as of Tor version and later.”

Be sure to read the blog post and the paper in full if you want to know more.

Good times at Real World Crypto 2014

On the second week of January, a bunch of Tor developers attended the Real World Crypto workshop in New York City.

The workshop featured a nice blend of industry and academic crypto talks and a fruitful hallway track. Many researchers involved with Tor and privacy technologies were also present.

As far as talks were concerned, Tom Shrimpton presented the Format-Transforming Encryption (FTE) traffic obfuscation tool which is currently being developed to work as a Tor pluggable transport. The Tor developers present also worked with Kevin Dyer, one of the paper authors and developers of FTE, towards including FTE in the Pluggable Transport Tor bundles.

On the censorship circumvention front, I2P developers showed interest in using pluggable transports. Work has been done to identify various problems with the current PT spec that need to be fixed so that other projects can use pluggable transports more smoothly.

Furthermore, there were talks with the developers of UProxy (a censorship circumvention tool made by Google) and helped them understand how pluggable transports work and what they would need to do if they wanted to use them in UProxy. They seemed interested and motivated to work on this.

The Tor developers also worked on the Next Generation Hidden Services project, and sketched out some ways to move forward even though there are some open research questions with the current design.

Nick Mathewson commented on IRC: “I think the hallway track to main conference utility ratio was higher than usual, since the conference actually sticks practitioners and cryptographers in the same room pretty reliably.” Let’s hope for next year!

The media and some terminology

BusinessWeek published The inside story of Tor, the best Internet anonymity tool the government ever built. Better that what one can usually read about Tor in the press, the piece — courtesy of Dune Lawrence — still sparkled a discussion on the tor-talk mailing list about terminology.

Katya Titov quoted a misleading part of the article: “In addition to facilitating anonymous communication online, Tor is an access point to the ‘dark Web’, vast reaches of the Internet that are intentionally kept hidden and don’t show up in Google or other search engines, […].”

As references to the “dark web”, the “deep web”, or the “dark deep shady Knockturn Alley of the Internet” have been popping up more and more in the media over the past months, Katya wanted to come up with proper definitions of commonly misunderstood terms to reduce misinformation and FUD.

She summarized the result of the discussion in a new HowBigIsTheDarkWeb wiki page. Be sure to point it to your fellow journalists!

Miscellaneous news

To follow up on last week’s Tor Weekly News coverage, Philipp Winter wrote a blog post to explain what the “Spoiled Onions” paper means for Tor users.

Thanks to Sukhbir Singh, users with email addresses can now request bridges and bundles via email.

Karsten Loesing dug some statistics about the Tor Weather service. There are currently 1846 different email addresses subscribed for 2349 Tor relays.

Tor developers will be present at the Mozilla booth during FOSDEM’14 . Drop by if you have questions or want to get involved in Tor!

Tor help desk roundup

Users repeatedly contact Tor help desk about unreachable hidden services. If that happens, please first make sure the system clock is accurate and try to visit the hidden service for the Tor Project’s website (idnxcnkne4qt76tg.onion). If it works, it means that Tor is working as it should and there’s nothing more the Tor Project can do. Hidden services are solely under the responsibility of their operators and they are the only one that can do something when a hidden service goes offline.

News from Tor StackExchange

Alex Ryan has been experiencing crashes of his relay running on a Raspberry Pi due to circuit creation storms. He found out that the problem disappeared after upgrading to the new 0.2.4 series of Tor. There are currently no official Raspbian packages, so users will have to build the package manually from source.

User cypherpunks wanted to know how to report security issues to the Tor Project. Until a proper process is decided, the best way at the moment is to contact Nick Mathewson, Andrea Shepard, or Roger Dingledine privately using their GnuPG keys.

How many hidden services can be served from a single Tor instance? Syrian Watermelon is looking to know if there is a hard limit and how memory usage will go. The question is still open and has attracted some interest from other users.

This issue of Tor Weekly News has been assembled by Lunar, George Kadianakis, qbi, Karsten Loesing and dope457.

Want to continue reading TWN? Please help us create this newsletter. We still need more volunteers to watch the Tor community and report important news. Please see the project page, write down your name and subscribe to the team mailing list if you want to get involved!

Tor Browser 3.5.1 is released

The 3.5.1 release of the Tor Browser Bundle is now available on the Download page. You can also download the bundles directly from the distribution directory.

Please see the FAQ listing for any issues you may have before contacting support or filing tickets.

This release features an update to OpenSSL to fix a denial of service condition, and to fix the NoScript whitelist to remove

This release also features Tor, as well as a support for screen readers for the blind on Windows.

Here is the list of changes since 3.5.1. The 3.x ChangeLog is also available.

  • All Platforms
    • Bug 10447: Remove SocksListenAddress to allow multiple socks ports.
    • Bug 10464: Remove from NoScript whitelist
    • Bug 10537: Build an Arabic version of TBB 3.5
    • Update Torbutton to
      • Bug 9486: Clear NoScript Temporary Permissions on New Identity
      • Include Arabic translations
    • Update Tor Launcher to
      • Include Arabic translations
    • Update Tor to
    • Update OpenSSL to 1.0.1f
    • Update NoScript to
    • Update HTTPS-Everywhere to 3.4.5
  • Windows
    • Bug 9259: Enable Accessibility (screen reader) support
  • Mac
    • misc: Update bundle version field in Info.plist (for MacUpdates service)
Syndicate content Syndicate content