Blogs

Tor Browser 5.5a6-hardened is released

A new hardened Tor Browser release is available. It can be found in the 5.5a6-hardened distribution directory and on the download page for hardened builds.

This release features an important fix for a crash bug in one of our patches. All users are encouraged to update immediately as this bug is probably exploitable if Javascript is enabled. The bug was not exploitable at High security level, or on non-HTTPS websites at Medium-High security level.

Note: There is no incremental update from 5.5a5-hardened available due to bug 17858. We plan to have this fixed for the next release. The internal updater should work, though, doing a complete update.

Here is the complete changelog since 5.5a5-hardened:

  • All Platforms
    • Update NoScript to 2.9
    • Update HTTPS Everywhere to 5.1.2
    • Bug 17931: Tor Browser crashes in LogMessageToConsole()
    • Bug 17875: Discourage editing of torrc-defaults

Tor Browser 5.5a6 is released

A new alpha Tor Browser release is available for download in the 5.5a6 distribution directory and on the alpha download page.

This release features an important fix for a crash bug in one of our patches. All users are encouraged to update immediately as this bug is probably exploitable if JavaScript is enabled. The bug was not exploitable at High security level, or on non-HTTPS websites at Medium-High security level.

In the past, signing Windows .exe files on a Linux machine caused verification errors on some Windows 10 systems. This should be fixed by adding the intermediate certificate in the signing process now.

Here is the complete changelog since 5.5a5:

  • All Platforms
    • Update NoScript to 2.9
    • Update HTTPS Everywhere to 5.1.2
    • Bug 17931: Tor Browser crashes in LogMessageToConsole()
    • Bug 17875: Discourage editing of torrc-defaults
    • Bug 17870: Add intermediate certificate for authenticode signing

Tor Browser 5.0.7 is released

Update: Clarify that the crash bug requires Javascript to be exercised.

A new stable release for Tor Browser is available from the Tor Browser Project page and also from our distribution directory.

This release features an important fix for a crash bug in one of our patches. All users are encouraged to update immediately as this bug is probably exploitable if Javascript is enabled. The bug was not exploitable at High security level, or on non-HTTPS websites at Medium-High security level.

Here is the complete changelog since 5.0.6:

  • All Platforms
    • Update NoScript to 2.9
    • Update HTTPS Everywhere to 5.1.2
    • Bug 17931: Tor Browser crashes in LogMessageToConsole()
    • Bug 17875: Discourage editing of torrc-defaults

This is What a Tor Supporter Looks Like: Ethan Zuckerman

Ethan Zuckerman

“I'm a Tor supporter for a very simple reason: my colleague's lives depend on it.

I'm the co-founder of Global Voices, an international community of bloggers, reporters, translators and activists dedicated to building a more inclusive picture of the world. Members of our community are located in more than 100 nations, and many members of our team live in countries where freedom of expression is under threat.

Some Global Voices members need to maintain anonymity so they can report from countries where their words could lead to imprisonment or worse. These threats are not imaginary - four members of our team were incarcerated for more than a year in Ethiopia, and our members in Bangladesh fear for their safety when they write about killings of secular bloggers, presumably by government-backed extremists.

We teach everyone who works with Global Voices about digital security, and Tor is a cornerstone of the toolkit we teach our authors and translators to use. In countries that monitor web traffic closely, frequently connecting to the Global Voices website could signal that a user is a Global Voices contributor. Correctly using Tor allows our authors in repressive nations to contribute to our site without revealing to local authorities that they are writing for Global Voices. We quite literally could not do our job in many nations we work in without Tor.

While financial support is critical for Tor to continue developing its tools, and while the real heroes of the Tor project are the thousands of volunteers who donate bandwidth and time to maintain Tor exit nodes, there's another way to help Tor: use Tor. Here's what I mean: in the most repressive countries we work in, we cannot use Tor because simply using strong encryption is so uncommon that governments seek out users of these tools. For Tor to be useful in an extremely repressive country like Ethiopia, it needs to be normal, as normal as HTTPS has become in the past few years. When you use Tor to do something quotidian, you're providing cover traffic for people who need to use Tor to do something extraordinary. So give, run an exit node, but at the very least, help make Tor utterly ordinary by using it as often as you can.”

-Ethan Zuckerman

This is What a a Tor Supporter Looks Like: Susan Landau

Susan Landau

“Communications metadata is remarkably revelatory. Just knowing what number you communicated with, when, and for how long can reveal whether you are having a flare-up of MS, seeking an abortion, or thinking about growing marijuana plants commercially. All of this comes from the numbers you call, and not what you say. It's why keeping communications metadata private is so important.

“Tor protects such data. It's not just journalists who need such privacy. It's human rights workers (that's why the State Department supports Tor), law-enforcement investigators checking out questionable sites, the businessperson collecting data to make decisions, the worker checking AIDS information or Alcoholics Anonymous over lunch hour on her private device but using her company's ISP. In a world of increasing surveillance, there's increasing need for Tor.

“I first began using Tor regularly in 2012 when I taught a freshman seminar in privacy. For one assignment I asked my students to try Tor and write a customer review. Tor was very clunky then. The fact that you couldn't simultaneously use Tor and the Firefox browser seriously diminished usability for me.

“Tor has much improved. The program runs faster, it is more secure, and there's greater functionality, including the ability to simultaneously use Tor and Firefox. I am delighted, but more is needed. We live in a world of pervasive surveillance, and Tor provides an essential service. Give generously and give often so that we can protect a modicum of private space in our increasingly public world. The privacy you protect may be your own.”

—Susan Landau

Support Tor Today!

This is What a Tor Supporter Looks Like: Giordano Nanni

Giordano Nanni

Giordano Nanni was a Tor supporter long before anyone at Tor actually knew him personally. Giordano and rap artist Hugo Farrant created the project called Juice Rap News in 2009. "We were adamant about using our respective art forms to bring attention to the issues that we care about,” Giordano says. “We are the generation that is living in the age of the advent of Internet. We are unique in this regard; no other generation will be like ours. We therefore have the blessing and also the responsibility of being the ones who’ll shape the Internet’s future."

Giordano and Hugo began posting Juice Rap News episodes in 2009 from Giordano’s house in Melbourne. "Episode 4 was our first episode about the Internet," Giordano says, "and we used the example of WikiLeaks and Julian Assange to explore the concept of digital rights and the importance of the Internet. It really struck a chord with people, and this encouraged us to keep going in that direction. We quickly grew from a little project that only few knew about to really having an audience. We went on to produce 35 episodes covering a wide range of subjects; but the topic of the Internet has always remained a constant theme throughout the series."

Giordano has fond memories of the events that led to the making of Juice Rap News episode 15: "Big Brother is WWWatching You" in which George Torwell makes his first appearance. "Jake [Appelbaum] came to Melbourne in 2012 to speak at a couple of events. While he was here he contacted us to say he’d like to meet up, and we all met for coffee,” he says. "Later on, we went to the beach and talked. Jake explained how Tor works by drawing onion router diagrams in the sand." Major data retention laws were being brought forward in Australia at the time, and by the end of their conversation, Giordano and Jake agreed on the need to create a Juice Rap News episode focused on surveillance, pointing to Tor as a solution.

Through Juice Rap News, Giordano and Hugo brought their creativity and humor to bear on the issues that concern them most, and Giordano continues that in his current work with the Juice Media channel—like his newest video: "A Message from George Orwell", in which George Torwell makes a new appearance to raise awareness about why digital rights matter.

"I feel that one of the unique responsibilities of our generation is to ensure that the foundation for the Internet is based in strong ethics of justice and transparency, as a democratic platform for openness and free speech", Giordano says. "Our mission with The Juice Media is really to explain these issues in an easy-to-understand way, and to make it fun."

Support Tor Today!

This is What a Tor Supporter Looks Like: Edward Snowden

Edward Snowden


In mid-October, the Tor Project had an opportunity to interview Edward Snowden. Below are key excerpts from the conversation.


Tor: What would you say to a non-technical person about why they should support and care about Tor?

ES: Tor is a critical technology, not just in terms of privacy protection, but in defense of our publication right -- our ability to route around censorship and ensure that when people speak their voices can be heard.

The design of the Tor system is structured in such a way that even if the US Government wanted to subvert it, it couldn't because it's a decentralized authority. It's a volunteer based network. Nobody's getting paid to run Tor relays -- they're volunteers worldwide. And because of this, it provides a built-in structural defense against abuses and most types of adversaries.

Tor provides a level of safety, a level of guarantee, to the confidentiality, and in some cases anonymity of human communications. I think this is an incredible thing because it makes us more human. We are at the greatest peace with ourselves when nobody's watching.

Tor: Can you talk about how the world would be different if Tor did not exist?

ES: Without Tor, the streets of the Internet become like the streets of a very heavily surveilled city. There are surveillance cameras everywhere, and if the adversary simply takes enough time, they can follow the tapes back and see everything you've done.

With Tor, we have private spaces and private lives, where we can choose who we want to associate with and how, without the fear of what that is going to look like if it is abused.

What the Tor network allows is what's called a mixed routing experience where, due to a voluntary cooperation of peers around the Internet -- around the world, across borders, across jurisdictions -- you get individuals who are able to share traffic in ways that don't require them to be able to read the content of it. So you don't have to trust every participant of the Tor network to know who you are and what you're looking for.

Tor: Did you know that Tor is run by a non-profit organization?

ES: Yes, Tor has been extremely open. Almost everybody who is involved in development has an online presence; they're involved in online engagement. You can drop into the IRC and talk to these people directly and ask them questions, or criticize them (laughs). It's a very open and inclusive community, and I think that's incredibly valuable.

They also have a very rich and well-supported mailing list, which is very helpful for people who want to move beyond being a passive user of Tor and actually start being an active participant in expanding the network, in running a relay node from your home, or even starting to experiment with running an exit, which I think is one of the most interesting parts of the Tor experience.


Please join Ed in supporting Tor Today!

This is What a Tor Supporter Looks Like: Alison Macrina

Alison Macrina, Director of Library Freedom Project

Ask Alison Macrina about the Tor Project and she immediately thinks of all of the librarians who have been transformed by learning how to use the Tor Browser in her trainings through the Library Freedom Project. "You teach people how to use the Tor Browser and they are so thrilled," she says. "They are most excited when you teach them about invisible trackers, and then about how Tor creates a different circuit on every tab, protecting you from trackers who would create a trail of what you look at. This one reason why Tor is so great—it is for everyone, not just techie people."

Macrina founded Library Freedom Project for just that reason. She travels to libraries all over the United States, Canada, and increasingly internationally, educating librarians about current privacy issues.

"Helping librarians understand privacy issues impacts not just libraries but the larger community," she says. "Libraries offer public Internet terminals, and librarians like me teach free computer classes to the public. Our patrons come from all walks of life, but we tend to serve communities particularly vulnerable to surveillance (including immigrants, Muslim Americans, people of color, people who are homeless, and those who have been incarcerated) in higher numbers than in the general population."

Education about privacy tools and protecting oneself online is particularly important for these communities, Macrina adds, because they are targeted more. "One thing about using Tor is that it really does protect and allow them to move in the online world unfettered from the pernicious effects of surveillance. It makes a big difference for people’s material realities. Most people realize that the Internet is a hostile place, and to know that there really is something you can do about it, and that you can always do more—they really respond to that."

Library Freedom Project has collaborated with the Tor Project for the last year, and, due to securing some additional grant funding, LFP and the Tor Project will be working together more closely to open up Tor relays in libraries. "We get to hire Nima Fatemi, a core Tor Project person in order to scale our relay project. We will also be able to hold more advanced trainings for librarians because of Nima's expertise, and we will reach many more libraries. We feel that there is a lot of possibility here."

Both Macrina and Fatemi place a strong emphasis on strengthening the communities they serve through the FLP trainings.

"One of the most helpful things we can do to participate in the movement to protect Internet freedom globally is to run a Tor relay. We have many interested libraries who want to participate, and now we have a better capacity to serve them," Macrina says. "With Nima working more closely with Library Freedom Project, we will be able to show them the rich complexity of what Tor can offer them and their communities, that there are many options for protecting their patrons' privacy, and that there is always more that you can do. Part of our strength is all of the people who are involved in this."

Support Tor today!

Syndicate content Syndicate content