security updates | Tor Blog

We’re Upping Our Support to Mobile Browsing

It’s essential for us to reach people in areas in the world with heavy online surveillance and censorship, especially those in the Global South. Most people in these regions only use smartphones to access the internet, and we want to better support these users by upping our support for mobile browsing.

New Tor Browser Bundles for Linux

The Tor Browser Bundles for Linux have all been updated to really include the latest Firefox, 10.0.2.

37 comments

New Tor Browser Bundles

The Tor Browser Bundles have all been updated to the latest Firefox 10.0.2.

https://www.torproject.org/download

49 comments

Lots of new Tor packages

A new Tor stable (0.2.1.29) (sig

New Tor Browser Bundle packages

The Tor Browser Bundles have all been updated with some important security fixes and it is advised that all users upgrade.

11 comments

Tor Project infrastructure updates

You should upgrade to Tor 0.2.1.22 or 0.2.2.7-alpha:
https://www.torproject.org/easy-download.html.en

38 comments

Upcoming Events

January 25, 2019

Tor Meetup (Athens)

February 02, 2019 - February 03, 2019

FOSDEM (Brussels)

February 06, 2019 - February 08, 2019

IT Defense (Stuttgart)

March 23, 2019 - March 24, 2019

LibrePlanet (Boston)

March 24, 2019 - March 27, 2019

KNOW 2019 (Vegas)

See All Upcoming Events

Recent Updates

New release: Tor 0.4.0.1-alpha

There's a new alpha release available for download. If you build Tor from source, you can download the source code for 0.4.0.1-alpha from the usual place on the website. Packages should be available over the coming weeks, with a new alpha Tor Browser release likely by the end of the month.

Remember, this is an alpha release: you should only run this if you'd like to find and report more bugs than usual.

Tor 0.4.0.1-alpha is the first release in the new 0.4.0.x series. It introduces improved features for power and bandwidth conservation, more accurate reporting of bootstrap progress for user interfaces, and an experimental backend for an exciting new adaptive padding feature. There is also the usual assortment of bugfixes and minor features, all described below.

Changes in version 0.4.0.1-alpha - 2019-01-18

Major features (battery management, client, dormant mode):
- When Tor is running as a client, and it is unused for a long time, it can now enter a "dormant" state. When Tor is dormant, it avoids network and CPU activity until it is reawoken either by a user request or by a controller command. For more information, see the configuration options starting with "Dormant". Implements tickets 2149 and 28335.
- The client's memory of whether it is "dormant", and how long it has spent idle, persists across invocations. Implements ticket 28624.
- There is a DormantOnFirstStartup option that integrators can use if they expect that in many cases, Tor will be installed but not used.
Major features (bootstrap reporting):
- When reporting bootstrap progress, report the first connection uniformly, regardless of whether it's a connection for building application circuits. This allows finer-grained reporting of early progress than previously possible, with the improvements of ticket 27169. Closes tickets 27167 and 27103. Addresses ticket 27308.
- When reporting bootstrap progress, treat connecting to a proxy or pluggable transport as separate from having successfully used that proxy or pluggable transport to connect to a relay. Closes tickets 27100 and 28884.

Strength in Numbers: The Final Count Is In

One of the Tor Project’s ongoing goals has been to diversify our funding sources.

New Releases: Tor 0.3.5.7, 0.3.4.10, and 0.3.3.11

Tor 0.3.5.7 is the first stable release in its series; it includes compilation and portability fixes, and a fix for a severe problem affecting directory caches. Tor 0.3.4.10 and 0.3.3.11 are also released today; please see the official announcements for those releases if you are tracking older stable versions.

The Tor 0.3.5 series includes several new features and performance improvements, including client authorization for v3 onion services, cleanups to bootstrap reporting, support for improved bandwidth- measurement tools, experimental support for NSS in place of OpenSSL, and much more. It also begins a full reorganization of Tor's code layout, for improved modularity and maintainability in the future. Finally, there is the usual set of performance improvements and bugfixes that we try to do in every release series.

There are a couple of changes in the 0.3.5 that may affect compatibility. First, the default version for newly created onion services is now v3. Use the HiddenServiceVersion option if you want to override this. Second, some log messages related to bootstrapping have changed; if you use stem, you may need to update to the latest version so it will recognize them.

We have designated 0.3.5 as a "long-term support" (LTS) series: we will continue to patch major bugs in typical configurations of 0.3.5 until at least 1 Feb 2022. (We do not plan to provide long-term support for embedding, Rust support, NSS support, running a directory authority, or unsupported platforms. For these, you will need to stick with the latest stable release.)

Below are the changes since 0.3.5.6-rc. For a complete list of changes since 0.3.4.9, see the ReleaseNotes file.

Changes in version 0.3.5.7 - 2019-01-07

Major bugfixes (relay, directory):
- Always reactivate linked connections in the main loop so long as any linked connection has been active. Previously, connections serving directory information wouldn't get reactivated after the first chunk of data was sent (usually 32KB), which would prevent clients from bootstrapping. Fixes bug 28912; bugfix on 0.3.4.1-alpha. Patch by "cypherpunks3".
Minor features (compilation):
- When possible, place our warning flags in a separate file, to avoid flooding verbose build logs. Closes ticket 28924.

Strength in Numbers: Library Freedom Is Intellectual Freedom

Photo by Janko Ferlič on