tbb

Tor Browser 5.0a4 is released

The Tor Browser Team is proud to announce the second alpha release based on Firefox 38 ESR. This release is also the fourth and final alpha in the 5.0 series. The release is available for download in the 5.0a4 distribution directory and on the alpha download page.

Most notably, this release contains an experimental defense against font fingerprinting by using an identical set of shipped fonts on all supported platforms. We've also updated the versions of several Tor Browser components, including updating Tor to 0.2.7.2-alpha. The 5.0-stable release will be based on Tor 0.2.6-latest, however.

Last but not least we fixed a lot of important bugs that were due to our switch to Firefox 38 ESR, including issues with major websites such as Twitter. This release brings us very close to a stable Tor Browser 5.0, which we aim to release next week. Unless we hear about additional issues, not much will change between 5.0a4 and 5.0-stable, aside from the Tor version and possibly the font defense.

Here is the complete changelog since 5.0a3

  • All Platforms
    • Update Tor to 0.2.7.2-alpha with patches
      • Bug 15482: Don't allow circuits to change while a site is in use
    • Update OpenSSL to 1.0.1p
    • Update HTTPS-Everywhere to 5.0.7
    • Update NoScript to 2.6.9.31
    • Update Torbutton to 1.9.3.1
      • Bug 16268: Show Tor Browser logo on About page
      • Bug 16639: Check for Updates menu item can cause update download failure
      • Bug 15781: Remove the sessionstore filter
      • Bug 15656: Sync privacy.resistFingerprinting with Torbutton pref
      • Translation updates
    • Bug 16884: Prefer IPv6 when supported by the current Tor exit
    • Bug 16488: Remove "Sign in to Sync" from the browser menu
    • Bug 13313: Bundle a fixed set of fonts to defend against fingerprinting
    • Bug 16662: Enable network.http.spdy.* prefs in meek-http-helper
    • Bug 15646: Prevent keyboard layout fingerprinting in KeyboardEvent (fixup)
    • Bug 15703: Isolate mediasource URIs and media streams to first party
    • Bug 16429+16416: Isolate blob URIs to first party
    • Bug 16632: Turn on the background updater and restart prompting
    • Bug 16528: Prevent IndexedDB Modernizr site breakage on Twitter and elsewhere
    • Bug 16523: Fix in-browser JavaScript debugger
    • Bug 16236: Windows updater: avoid writing to the registry
    • Bug 16005: Restrict WebGL minimal mode a bit (fixup)
    • Bug 16625: Fully disable network connection prediction
    • Bug 16495: Fix SVG crash when security level is set to "High"
  • Build System
    • Bug 15864: Rename sha256sums.txt to sha256sums-unsigned-build.txt

Tor Browser 5.0a3 is released

The Tor Browser Team is proud to announce the first alpha released based on Firefox 38 ESR.

As such, this release features many updates to Firefox (including several security updates), as well as to our build system and dependencies. For this release, we performed a thorough network and feature review of Firefox 38, and fixed the most pressing privacy issues, as well as all Tor proxy safety issues that we discovered during the audit.

We also updated our toolchain on OS X to use the OS X 10.7 SDK. For Linux and Windows we switched to GCC 5.1 as our new (cross)-compiler. We are therefore especially interested in feedback if there are stability issues or broken Tor Browser bundles due to these toolchain upgrades.

Besides Firefox 38 and build system changes, we also updated several components. Most notably, we bumped OpenSSL to version 1.0.1o, NoScript to version 2.6.9.27 and Torbutton to version 1.9.3.0. Included as well is a backported Tor patch to improve usability on websites, and we fixed a crash bug impacting users with the security slider level set to "High".

Here is the complete changelog since 5.0a2

  • All Platforms
    • Update Firefox to 38.1.0esr
    • Update OpenSSL to 1.0.1o
    • Update NoScript to 2.6.9.27
    • Update meek to 0.20
    • Update Torbutton to 1.9.3.0
      • Bug 16403: Set search parameters for Disconnect
      • Bug 14429: Make sure the automatic resizing is enabled
      • Bug 16427: Use internal update URL to block updates (instead of
        127.0.0.1)

      • Bug 16200: Update Cache API usage and prefs for FF38
      • Bug 16357: Use Mozilla API to wipe permissions db
      • Translation updates
    • Update Tor Launcher to 0.2.6.7
      • Bug 16428: Use internal update URL to block updates (instead of
        127.0.0.1)

      • Bug 15145: Visually distinguish "proxy" and "bridge" screens.
      • Translation updates
    • Bug 16430: Allow DNS names with _ characters in them (fixes
      nytimes.com) (Tor patch backport)

    • Bug 13247: Fix meek profile error after bowser restarts
    • Bug 16397: Fix crash related to disabling SVG
    • Bug 16403: Set search parameters for Disconnect
    • Bug 16446: Update FTE bridge #1 fingerprint
    • Bug 15646: Prevent keyboard layout fingerprinting in KeyboardEvent
    • Bug 16005: Relax WebGL minimal mode
    • Bug 16300: Isolate Broadcast Channels to first party
    • Bug 16439: Remove Roku screencasting code
    • Bug 16285: Disabling EME bits
    • Bug 16206: Enforce certificate pinning
    • Bug 13670: Isolate OCSP requests by first party domain
    • Bug 16448: Isolate favicon requests by first party
    • Bug 7561: Disable FTP request caching
    • Bug 6503: Fix single-word URL bar searching
    • Bug 15526: ES6 page crashes Tor Browser
    • Bug 16254: Disable GeoIP-based search results
    • Bug 16222: Disable WebIDE to prevent remote debugging and addon
      downloads.

    • Bug 13024: Disable DOM Resource Timing API
    • Bug 16340: Disable User Timing API
    • Bug 14952: Disable HTTP/2
  • Mac OS
    • Use OSX 10.7 SDK
    • Bug 16253: Tor Browser menu on OS X is broken with ESR 38
  • Build System
    • Bug 16351: Upgrade our toolchain to use GCC 5.1
    • Bug 15772 and child tickets: Update build system for Firefox 38

Tor Browser 4.5.3 is released

A new release for the stable Tor Browser is available from the Tor Browser Project page and also from our distribution directory.

Tor Browser 4.5.3 is based on Firefox ESR 31.8.0, which features important security updates to Firefox.

Moreover, it contains an updated OpenSSL, NoScript and Torbutton, a fix for a crash bug visible with the security slider level set to "High" and a backport of a Tor patch to improve usability on websites.

Here is the complete changelog since 4.5.2:

  • All Platforms
    • Update Firefox to 31.8.0esr
    • Update OpenSSL to 1.0.1o
    • Update NoScript to 2.6.9.27
    • Update Torbutton to 1.9.2.8
      • Bug 16403: Set search parameters for Disconnect
      • Bug 14429: Make sure the automatic resizing is disabled
      • Translation updates
    • Bug 16397: Fix crash related to disabling SVG
    • Bug 16403: Set search parameters for Disconnect
    • Bug 16446: Update FTE bridge #1 fingerprint
    • Bug 16430: Allow DNS names with _ characters in them (fixes
      nytimes.com) (Tor patch backport)

Tor Browser 5.0a2 is released

The second alpha release in the 5.0 series of the Tor Browser is now available from our extended downloads page as well as the distribution directory.

This release provides a fix for the Logjam attack (https://weakdh.org/) and updates a number of Tor Browser components: Tor to version 0.2.7.1-alpha, Torbutton to version 1.9.2.7, NoScript to version 2.6.9.26, meek to version 0.19 and HTTPS-Everywhere to version 5.0.5. Moreover, it fixes a possible crash on Linux and avoids breaking the Add-ons page if Torbutton is disabled, and it also fixes an update issue when using meek on Windows systems.

Here is the complete changelog

  • All Platforms
    • Update Tor to 0.2.7.1-alpha
    • Update OpenSSL to 1.0.1n
    • Update HTTPS-Everywhere to 5.0.5
    • Update NoScript to 2.6.9.26
    • Update meek to 0.19
    • Update Torbutton to 1.9.2.7
      • Bug 15984: Disabling Torbutton breaks the Add-ons Manager
      • Bug 14429: Make sure the automatic resizing is enabled
      • Translation updates
    • Bug 16130: Defend against logjam attack
    • Bug 15984: Disabling Torbutton breaks the Add-ons Manager
  • Windows
    • Bug 16014: Staged update fails if meek is enabled
    • Bug 16269: repeated add-on compatibility check after update (meek enabled)
  • Linux
    • Bug 16026: Fix crash in GStreamer
    • Bug 16083: Update comment in start-tor-browser

Tor Browser 4.5.2 is released

A new release for the stable Tor Browser is available from the Tor Browser Project page and also from our distribution directory.

Tor Browser 4.5.2 provides a fix for the Logjam attack (https://weakdh.org/) and updates a number of Tor Browser components: Tor to version 0.2.6.9, Torbutton to version 1.9.2.6, NoScript to version 2.6.9.26 and HTTPS-Everywhere to version 5.0.5. Moreover, it fixes a possible crash on Linux and avoids breaking the Add-ons page if Torbutton is disabled.

Here is the complete changelog since 4.5.1:

  • All Platforms
    • Update Tor to 0.2.6.9
    • Update OpenSSL to 1.0.1n
    • Update HTTPS-Everywhere to 5.0.5
    • Update NoScript to 2.6.9.26
    • Update Torbutton to 1.9.2.6
      • Bug 15984: Disabling Torbutton breaks the Add-ons Manager
      • Bug 14429: Make sure the automatic resizing is disabled
      • Translation updates
    • Bug 16130: Defend against logjam attack
    • Bug 15984: Disabling Torbutton breaks the Add-ons Manager
  • Linux
    • Bug 16026: Fix crash in GStreamer
    • Bug 16083: Update comment in start-tor-browser

Tor Browser 5.0a1 is released

The first alpha release in the new 5.0 series of the Tor Browser is now available from our extended downloads page as well as the distribution directory.

Tor Browser 5.0a1 is based on Firefox ESR 31.7.0, which features important security updates to Firefox.

In addition to including all of the fixes that were present in the 4.5.1 release, this alpha release also features some additional privacy defenses.

In particular, this release re-enables the automatic window resizing fingerprinting defense that first appeared in 4.5a4. This defense can be disabled by setting the about:config pref extensions.torbutton.resize_windows to false, but please first report any issues you encounter on the feature's trac ticket.

This release also introduces a new defense against various forms of performance fingerprinting and time-based side channel attacks. A handful of new attacks have been published recently that take advantage of Javascript's high-performance timers to determine hardware performance, perform keystroke fingerprinting, extract history information, and even steal sensitive data from memory. Because this defense reduces the resolution of time available to Javascript to 100 milliseconds for all time sources, and to 250 milliseconds for keypress event timestamps, we are especially interested in hearing any reports about issues with HTML5 video, animation, or game sites. Hopefully you will have as much fun testing this defense as we will!

Here is the complete list of changes since Tor Browser 4.5:

  • All Platforms
    • Update Firefox to 31.7.0esr
    • Update meek to 0.18
    • Update Tor Launcher to 0.2.7.5
      • Translation updates only
    • Update Torbutton to 1.9.2.5
      • Bug 15837: Show descriptions if unchecking custom mode
      • Bug 15927: Force update of the NoScript UI when changing security level
      • Bug 15915: Hide circuit display if it is disabled.
      • Bug 14429: Improved automatic window resizing
      • Translation updates
    • Bug 15945: Disable NoScript's ClearClick protection for now
    • Bug 15933: Isolate by base (top-level) domain name instead of FQDN
    • Bug 15857: Fix file descriptor leak in updater that caused update failures
    • Bug 15899: Fix errors with downloading and displaying PDFs
    • Bug 15773: Enable ICU on OS X
    • Bug 1517: Reduce precision of time for Javascript
    • Bug 13670: Ensure OCSP requests respect URL bar domain isolation
    • Bug 13875: Improve the spoofing of window.devicePixelRatio
  • Windows
    • Bug 15872: Fix meek pluggable transport startup issue with Windows 7
  • Build System
    • Bug 15947: Support Ubuntu 14.04 LXC hosts via LXC_EXECUTE=lxc-execute env var
    • Bugs 15921+15922: Fix build errors during Mozilla Tryserver builds

Tor Browser 4.5.1 is released

A new release for the stable Tor Browser is available from the Tor Browser Project page and also from our distribution directory.

Tor Browser 4.5.1 is based on Firefox ESR 31.7.0, which features important security updates to Firefox.

The 4.5.1 release also addresses several regressions and usability issues discovered during the 4.5 release. The most notable change is that we have slightly relaxed the first party isolation privacy property, due to issues encountered on several file hosting sites as well as other sites that host content on multiple subdomains. Tor Circuit use and tracking identifiers are now all isolated to the base (top-level) domain only, as opposed to the full domain name. This change is also consistent with the browser URL bar - isolation is now performed based on the bold portion of the website address in the URL bar.

We also have temporarily disabled the NoScript ClearClick clickjacking protection, as it was experiencing false positives due to changes in Tor Browser that cause errors in NoScript's evaluation of the content window. These issues were most commonly experienced with ReCaptcha captcha input, but occurred elsewhere as well.

With this release, 4.0 users will now be updated automatically to the 4.5 series.

Note to MacOS users: The update process for Mac OS 10.6 and 10.7 users will unfortunately not be automatic. You will be instructed to perform a manual download instead. Moreover, as of this release, 32 bit Macs are now officially unsupported. For more information, see the original end-of-life blog post.

Here is the list of changes since 4.5:

  • All Platforms
    • Update Firefox to 31.7.0esr
    • Update meek to 0.18
    • Update Tor Launcher to 0.2.7.5
      • Translation updates only
    • Update Torbutton to 1.9.2.3
      • Bug 15837: Show descriptions if unchecking custom mode
      • Bug 15927: Force update of the NoScript UI when changing security level
      • Bug 15915: Hide circuit display if it is disabled.
      • Translation updates
    • Bug 15945: Disable NoScript's ClearClick protection for now
    • Bug 15933: Isolate by base (top-level) domain name instead of FQDN
    • Bug 15857: Fix file descriptor leak in updater that caused update failures
    • Bug 15899: Fix errors with downloading and displaying PDFs
  • Windows
    • Bug 15872: Fix meek pluggable transport startup issue with Windows 7
  • Build System
    • Bug 15947: Support Ubuntu 14.04 LXC hosts via LXC_EXECUTE=lxc-execute env var
    • Bugs 15921+15922: Fix build errors during Mozilla Tryserver builds

Tor Browser 4.5 is released

The Tor Browser Team is proud to announce the first stable release in the 4.5 series. This release is available from the Tor Browser Project page and also from our distribution directory.

The 4.5 series provides significant usability, security, and privacy enhancements over the 4.0 series. Because these changes are significant, we will be delaying the automatic update of 4.0 users to the 4.5 series for one week.

Usability Improvements


On the usability front, we've improved the application launch experience for both Windows and Linux users. During install, Windows users are now given the choice to add Tor Browser to the Start Menu/Applications view, which should make it easier to find and launch. This choice is on by default, but can be disabled, and only affects the creation of shortcuts - the actual Tor Browser is still self-contained as a portable app folder. On the Linux side, users now start Tor Browser through a new wrapper that enables launching from the File Manager, the Desktop, or the Applications menu. The same wrapper can also be used from the command line.

We've also simplified the Tor menu (the green onion) and the associated configuration windows. The menu now provides information about the current Tor Circuit in use for a page, and also provides an option to request a new Tor Circuit for a site. Tor Browser is also much better at handling Tor Circuits in general: while a site remains in active use, all associated requests will continue to be performed over the same Tor Circuit. This means that sites should no longer suddenly change languages, behaviors, or log you out while you are using them.


Figure 1: The new Tor Onion Menu


Security Improvements


On the security front, the most exciting news is the new Security Slider. The Security Slider provides user-friendly vulnerability surface reduction - as the security level is increased, browser features that were shown to have a high historical vulnerability count in the iSec Partners hardening study are progressively disabled. This feature is available from the Tor onion menu's "Privacy and Security Settings" choice.


Figure 2: The new Security Slider


Our Windows packages are now signed with a hardware signing token graciously donated by DigiCert. This means that Windows users should no longer be prompted about Tor Browser coming from an unknown source. Additionally, our automatic updates are now individually signed with an offline signing key. In both cases, these signatures can be reproducibly removed, so that builders can continue to verify that the packages they produce match the official build binaries.

The 4.5 series also features a rewrite of the obfs2, obfs3, and ScrambleSuit transports in GoLang, as well as the introduction of the new obfs4 transport. The obfs4 transport provides additional DPI and probing resistance features which prevent automated scanning for Tor bridges. As long as they are not discovered via other mechanisms, fresh obfs4 bridge addresses will work in China today. Additionally, barring new attacks, private obfs4 addresses should continue to work indefinitely.


Privacy Improvements


On the privacy front, the 4.5 series improves on our pre-existing first party isolation implementation to prevent third party tracking. First party isolation provides the property that third party advertisements, like buttons, and "mashup" content that is included on one site will only know about your activity on that site, and will not be able to match it to your activity while you are on any other site. In other words, with first party isolation, Facebook, Twitter, and Google+ can't track you around the entire web using their infamous like buttons.

Specifically, in the 4.5 release, we now ensure that blob: URIs are scoped to the URL bar domain that created them, and the SharedWorker API has been disabled to prevent cross-site and third party communication. We also now make full use of Tor's circuit isolation to ensure that all requests for any third party content included by a site travel down the same Tor Circuit. This isolation also ensures that requests to the same third party site actually use separate Tor Circuits when the URL bar domain is different. This request isolation is enforced even when long-lived "HTTP Keep-Alive" connections are used.

We have also improved our resolution and locale fingerprinting defenses, and we now disable the device sensor and video statistics APIs.

New Search Provider


Our default search provider has also been changed to Disconnect. Disconnect provides private Google search results to Tor users without Captchas or bans.

Full Changelogs


Here is the complete list of changes in the 4.5 series since 4.0:

  • All Platforms
    • Update Tor to 0.2.6.7 with additional patches:
      • Bug 15482: Reset timestamp_dirty each time a SOCKSAuth circuit is used
    • Update NoScript to 2.6.9.22
    • Update HTTPS-Everywhere to 5.0.3
      • Bug 15689: Resume building HTTPS-Everywhere from git tags
    • Update meek to 0.17
    • Include obfs4proxy 0.0.5
      • Use obfs4proxy for obfs2, obfs3, obfs4, and ScrambleSuit bridges
    • Pluggable Transport Dependency Updates:
      • Bug 15265: Switch go.net repo to golang.org/x/net
      • Bug 15448: Use golang 1.4.2 for meek and obs4proxy
    • Update Tor Launcher to 0.2.7.4. Changes since 0.2.7.0.2 in 4.0.8:
      • Bug 11879: Stop bootstrap if Cancel or Open Settings is clicked
      • Bug 13271: Display Bridge Configuration wizard pane before Proxy pane
      • Bug 13576: Don't strip "bridge" from the middle of bridge lines
      • Bug 13983: Directory search path fix for Tor Messanger+TorBirdy
      • Bug 14122: Hide logo if TOR_HIDE_BROWSER_LOGO set
      • Bug 14336: Fix navigation button display issues on some wizard panes
      • Bug 15657: Display the host:port of any connection faiures in bootstrap
      • Bug 15704: Do not enable network if wizard is opened
    • Update Torbutton to 1.9.2.2. Changes since 1.7.0.2 in 4.0.8:
      • Bug 3455: Use SOCKS user+pass to isolate all requests from the same url domain
      • Bug 5698: Use "Tor Browser" branding in "About Tor Browser" dialog
      • Bug 7255: Warn users about maximizing windows
      • Bug 8400: Prompt for restart if disk records are enabled/disabled.
      • Bug 8641: Create browser UI to indicate current tab's Tor circuit IPs
        • (Many Circuit UI issues were fixed during 4.5; see release changelogs for those).
      • Bug 9387: Security Slider 1.0
        • Include descriptions and tooltip hints for security levels
        • Notify users that the security slider exists
        • Make use of new SVG, jar, and MathML prefs
      • Bug 9442: Add New Circuit button to Torbutton menu
      • Bug 9906: Warn users before closing all windows and performing new identity.
      • Bug 10216: Add a pref to disable the local tor control port test
      • Bug 10280: Strings and pref for preventing plugin initialization.
      • Bug 11175: Remove "About Torbutton" from onion menu.
      • Bug 11236: Don't set omnibox order in Torbutton (to prevent translation)
      • Bug 11449: Fix new identity error if NoScript is not enabled
      • Bug 13019: Change locale spoofing pref to boolean
      • Bug 13079: Option to skip control port verification
      • Bug 13406: Stop directing users to download-easy.html.en on update
      • Bug 13650: Clip initial window height to 1000px
      • Bugs 13751+13900: Remove SafeCache cache isolation code in favor of C++ patch
      • Bug 13766: Set a 10 minute circuit lifespan for non-content requests
      • Bug 13835: Option to change default Tor Browser homepage
      • Bug 13998: Handle changes in NoScript 2.6.9.8+
      • Bug 14100: Option to hide NetworkSettings menuitem
      • Bug 14392: Don't steal input focus in about:tor search box
      • Bug 14429: Provide automatic window resizing, but disable for now
      • Bug 14448: Restore Torbutton menu operation on non-English localizations
      • Bug 14490: Use Disconnect search in about:tor search box
      • Bug 14630: Hide Torbutton's proxy settings tab.
      • Bug 14631: Improve profile access error msgs (strings for translation).
      • Bugs 14632+15334: Display Cookie Protections only if disk records are enabled
      • Bug 15085: Fix about:tor RTL text alignment problems
      • Bug 15460: Ensure FTP urls use content-window circuit isolation
      • Bug 15502: Wipe blob: URIs on New Identity
      • Bug 15533: Restore default security level when restoring defaults
      • Bug 15562: Bind SharedWorkers to thirdparty pref
    • Bug 3455: Patch Firefox SOCKS and proxy filters to allow user+pass isolation
    • Bug 4100: Raise HTTP Keep-Alive back to 115 second default
    • Bug 5698: Fix branding in "About Torbrowser" window
    • Bug 10280: Don't load any plugins into the address space by default
    • Bug 11236: Fix omnibox order for non-English builds
      • Also remove Amazon, eBay and bing; add Youtube and Twitter
    • Bug 11955: Backport HTTPS Certificate Pinning patches from Firefox 32
    • Bug 12430: Provide a preference to disable remote jar: urls
    • Bugs 12827+15794: Create preference to disable SVG images (for security slider)
    • Bug 13019: Prevent Javascript from leaking system locale
    • Bug 13379: Sign our MAR update files
    • Bug 13439: No canvas prompt for content callers
    • Bug 13548: Create preference to disable MathML (for security slider)
    • Bug 13586: Make meek use TLS session tickets (to look like stock Firefox).
    • Bug 13684: Backport Mozilla bug #1066190 (pinning issue fixed in Firefox 33)
    • Bug 13788: Fix broken meek in 4.5-alpha series
    • Bug 13875: Spoof window.devicePixelRatio to avoid DPI fingerprinting
    • Bug 13900: Remove 3rd party HTTP auth tokens via Firefox patch
    • Bug 14392: Make about:tor hide itself from the URL bar
    • Bug 14490: Make Disconnect the default omnibox search engine
    • Bug 14631: Improve startup error messages for filesystem permissions issues
    • Bugs 14716+13254: Fix issues with HTTP Auth usage and TLS connection info display
    • Bug 14937: Hard-code meek and flashproxy node fingerprints
    • Bug 15029: Don't prompt to include missing plugins
    • Bug 15406: Only include addons in incremental updates if they actually update
    • Bug 15411: Remove old (and unused) cacheDomain cache isolation mechanism
    • Bug 15502: Isolate blob: URI scope to URL domain; block WebWorker access
    • Bug 15562: Disable Javascript SharedWorkers due to third party tracking
    • Bug 15757: Disable Mozilla video statistics API extensions
    • Bug 15758: Disable Device Sensor APIs
  • Linux
    • Bug 12468: Only print/write log messages if launched with --debug
    • Bug 13375: Create a hybrid GUI/desktop/shell launcher wrapper
    • Bug 13717: Make sure we use the bash shell on Linux
    • Bug 15672: Provide desktop app registration+unregistration for Linux
    • Bug 15747: Improve start-tor-browser argument handling
  • Windows
    • Bug 3861: Begin signing Tor Browser for Windows the Windows way
    • Bug 10761: Fix instances of shutdown crashes
    • Bug 13169: Don't use /dev/random on Windows for SSP
    • Bug 14688: Create shortcuts to desktop and start menu by default (optional)
    • Bug 15201: Disable 'runas Administrator' codepaths in updater
    • Bug 15539: Make installer exe signatures reproducibly removable
  • Mac
    • Bug 10138: Switch to 64bit builds for MacOS



Here is the list of changes since the last 4.5 alpha (4.5a5):

  • All Platforms
    • Update Tor to 0.2.6.7 with additional patches:
      • Bug 15482: Reset timestamp_dirty each time a SOCKSAuth circuit is used
    • Update NoScript to 2.6.9.22
    • Update HTTPS-Everywhere to 5.0.3
      • Bug 15689: Resume building HTTPS-Everywhere from git tags
    • Update meek to 0.17
    • Update obfs4proxy to 0.0.5
    • Update Tor Launcher to 0.2.7.4
      • Bug 15704: Do not enable network if wizard is opened
      • Bug 11879: Stop bootstrap if Cancel or Open Settings is clicked
      • Bug 13576: Don't strip "bridge" from the middle of bridge lines
      • Bug 15657: Display the host:port of any connection faiures in bootstrap
    • Update Torbutton to 1.9.2.2
      • Bug 15562: Bind SharedWorkers to thirdparty pref
      • Bug 15533: Restore default security level when restoring defaults
      • Bug 15510: Close Tor Circuit UI control port connections on New Identity
      • Bug 15472: Make node text black in circuit status UI
      • Bug 15502: Wipe blob URIs on New Identity
      • Bug 15795: Some security slider prefs do not trigger custom checkbox
      • Bug 14429: Disable automatic window resizing for now
    • Bug 4100: Raise HTTP Keep-Alive back to 115 second default
    • Bug 13875: Spoof window.devicePixelRatio to avoid DPI fingerprinting
    • Bug 15411: Remove old (and unused) cacheDomain cache isolation mechanism
    • Bugs 14716+13254: Fix issues with HTTP Auth usage and TLS connection info display
    • Bug 15502: Isolate blob URI scope to URL domain; block WebWorker access
    • Bug 15794: Crash on some pages with SVG images if SVG is disabled
    • Bug 15562: Disable Javascript SharedWorkers due to third party tracking
    • Bug 15757: Disable Mozilla video statistics API extensions
    • Bug 15758: Disable Device Sensor APIs
  • Linux
    • Bug 15747: Improve start-tor-browser argument handling
    • Bug 15672: Provide desktop app registration+unregistration for Linux
  • Windows
    • Bug 15539: Make installer exe signatures reproducibly removable
    • Bug 10761: Fix instances of shutdown crashes


Post update 4/28/2015: Provide screenshots of the Tor Onion menu and Security Slider.
Post update 4/28/2015: Add section headers.

Tor Browser 4.0.8 is released

A new release for the stable Tor Browser is available from the Tor Browser Project page and also from our distribution directory.

This release contains a fix for the update loop issue present in 4.0.7. It is otherwise identical to that release.

Both 4.0.7 and 4.0.8 contain an update to the included Tor software, to fix two crash bugs in the version of the Tor software included prior to 4.0.7. One crash bug affects only people using the bundled tor binary to run hidden services, and the other crash bug allows a malicious website or Tor exit node to crash the underlying tor client by inducing it to load a resource from a hidden service with a malformed descriptor. These bugs do not allow remote code execution, but because they can be used by arbitrary actors to perform a denial of service, we are issuing a security update to address them.

There will be no corresponding 4.5-alpha release for this fix, to allow us to focus on stabilizing that series for release in ~2 weeks.

Note to MacOS users: This is the last planned release that will run on 32 bit MacOS versions. Users of Mac OS 10.8 (Mountain Lion) and newer versions will be automatically updated to the 64 bit Tor Browser 4.5 when it is stabilized in April, and we expect this transition to be smooth for those users. However, the update process for 10.6 and 10.7 users will unfortunately not be automatic. For more details, see the original end-of-life blog post.

Here is the complete changelog since 4.0.6 (covering 4.0.7 and 4.0.8):

  • All Platforms
    • Bug 15637: Fix update loop due to improper versioning
    • Update Tor to 0.2.5.12
    • Update NoScript to 2.6.9.21

Tor Browser 4.0.7 is released

Unfortunately, the 4.0.7 release has a bug that makes it think of itself as 4.0.6, causing an update loop. This version mismatch will also cause the incremental update to 4.0.8 to fail to properly apply. The browser will then download the full update at that point, which should succeed, but at the expense of both user delay and wasted Tor network bandwidth.

For this reason, we have decided to pull 4.0.7 from the website at the moment, and instead prepare 4.0.8 as soon as possible.

Thank you for your patience.

Syndicate content Syndicate content