tbb

Tor Browser 3.6.5 and 4.0-alpha-2 are released

Tor Browser 3.6.5

The fifth pointfix release of the 3.6 series is available from the Tor Browser Project page and also from our distribution directory.

This release features important security updates to Firefox.

This release also features improvements to the canvas image extraction permissions prompt, and will now log offending script urls to the browser console. It also restores the missing RELRO hardening option to the Linux bundles, and disables NTLM and Negotiate HTTP auth (which can leak sensitive information about the computer). To avoid resolution fingerprinting, popups are also opened in new tabs by default.

Here is the complete changelog for 3.6.5:

  • All Platforms
    • Update Firefox to 24.8.0esr
    • Update NoScript to 2.6.8.39
    • Update HTTPS Everywhere to 4.0.0
    • Update Torbutton to 1.6.12.1
      • Bug 12684: New strings for canvas image extraction message
      • Bug 8940: Move RecommendedTBBVersions file to www.torproject.org
      • Bug 9531: Workaround to avoid rare hangs during New Identity
    • Bug 12684: Improve Canvas image extraction permissions prompt
    • Bug 7265: Only prompt for first party canvas access. Log all scripts
      that attempt to extract canvas images to Browser console.

    • Bug 12974: Disable NTLM and Negotiate HTTP Auth
    • Bug 2874: Remove Components.* from content access (regression)
    • Bug 9881: Open popups in new tabs by default
  • Linux:
    • Bug 12103: Adding RELRO hardening back to browser binaries.


Tor Browser 4.0-alpha-2

In addition, we are also releasing the second alpha in the 4.0 series, available for download on the extended downloads page.

This release also includes important security updates to Firefox.

In addition to including the changes in 3.6.5, this release also is the first Tor Browser release to enable the in-browser Firefox-based updater. This means that if all goes well, 4.0-alpha-2 users will notified of an available update via a notification similar to that in Firefox. You will then be able to download and install it directly via the browser UI. By default, neither the download nor the update will happen automatically, so if you are not feeling adventurous, you need not allow it to update in this way. Even if you are feeling adventurous, you should probably back up your Tor Browser directory before updating.

In addition to the updater, this release should also re-enable the basic hardening features on Windows, including ASLR, DEP, and SSP.

Furthermore, the NoScript behavior in this release has changed. Selecting "Temporarily allow scripts" will now automatically allow all scripts in a page. This was done for usability reasons, to make it easier for novice users to run Tor Browser with scripting disabled most of the time. This will also hopefully make it possible for more people to use the "High Security" setting in our upcoming Security Slider, which will have Javascript disabled globally via NoScript by default.

Here is the complete changelog for 4.0-alpha-2:

  • All Platforms
    • Update Firefox to 24.8.0esr
    • Update NoScript to 2.6.8.39
    • Update Tor Launcher to 0.2.7.0
      • Bug 11405: Remove firewall prompt from wizard.
      • Bug 12895: Mention @riseup.net as a valid bridge request email address
      • Bug 12444: Provide feedback when “Copy Tor Log” is clicked.
      • Bug 11199: Improve error messages if Tor exits unexpectedly
    • Update Torbutton to 1.6.12.1
      • Bug 12684: New strings for canvas image extraction message
      • Bug 8940: Move RecommendedTBBVersions file to www.torproject.org
    • Bug 12684: Improve Canvas image extraction permissions prompt
    • Bug 7265: Only prompt for first party canvas access. Log all scripts
      that attempt to extract canvas images to Browser console.

    • Bug 12974: Disable NTLM and Negotiate HTTP Auth
    • Bug 2874: Remove Components.* from content access (regression)
    • Bug 4234: Automatic Update support (off by default)
    • Bug 9881: Open popups in new tabs by default
    • Meek Pluggable Transport:
      • Bug 12766: Use TLSv1.0 in meek-http-helper to blend in with Firefox 24
  • Windows:
    • Bug 10065: Enable DEP, ASLR, and SSP hardening options
  • Linux:
    • Bug 12103: Adding RELRO hardening back to browser binaries.



The list of frequently encountered known issues is also available in our bug tracker.

iSEC Partners Conducts Tor Browser Hardening Study

In May, the Open Technology Fund commissioned iSEC Partners to study current and future hardening options for the Tor Browser. The Open Technology Fund is the primary funder of Tor Browser development, and it commissions security analysis and review for all of the projects that it funds as a standard practice. We worked with iSEC to define the scope of the engagement to focus on the following six main areas:

  1. Review of the current state of hardening in Tor Browser
  2. Investigate additional hardening options and instrumentation
  3. Perform historical vulnerability analysis on Firefox, in order to make informed vulnerability surface reduction recommendations
  4. Investigate image, audio, and video codecs and their respective library's vulnerability history
  5. Review our current about:config settings, both for vulnerability surface reduction and security
  6. Review alternate/obscure protocol and application handlers


The complete report is available in the iSEC publications github repo. All tickets related to the report can be found using the tbb-isec-report keyword. General Tor Browser security tickets can be found using the tbb-security keyword.

Major Findings and Recommendations

The report had the following high-level findings and recommendations.

  • Address Space Layout Randomization is disabled on Windows and Mac

  • Due to our use of cross-compilation and non-standard toolchains in our reproducible build system, several hardening features have ended up disabled. We have known about the Windows issues prior to this report, and should have a fix for them soon. However, the MacOS issues are news to us, and appear to require that we build 64 bit versions of the Tor Browser for full support. The parent ticket for all basic hardening issues in Tor Browser is bug #10065.

  • Participate in Pwn2Own

  • iSEC recommended that we find a sponsor to fund a Pwn2Own reward for bugs specific to Tor Browser in a semi-hardened configuration. We are very interested in this idea and would love to talk with anyone willing to sponsor us in this competition, but we're not yet certain that our hardening options will have stabilized with enough lead time for the 2015 contest next March.

  • Test and recommend the Microsoft Enhanced Mitigation Experience Toolkit on Windows

  • The Microsoft Enhanced Mitigation Experience Toolkit is an optional toolkit that Windows users can run to further harden Tor Browser against exploitation. We've created bug #12820 for this analysis.

  • Replace the Firefox memory allocator (jemalloc) with ctmalloc/PartitionAlloc

  • PartitionAlloc is a memory allocator designed by Google specifically to mitigate common heap-based vulnerabilities by hardening free lists, creating partitioned allocation regions, and using guard pages to protect metadata and partitions. Its basic hardening features can be picked up by using it as a simple malloc replacement library (as ctmalloc). Bug #10281 tracks this work.

  • Make use of advanced ParitionAlloc features and other instrumentation to reduce the risk from use-after-free vulnerabilities

  • The iSEC vulnerability review found that the overwhelming majority of vulnerabilities to date in Firefox were use-after-free, followed closely by general heap corruption. In order to mitigate these vulnerabilities, we would need to make use of the heap partitioning features of PartitionAlloc to actually ensure that allocations are partitioned (for example, by using the existing tags from Firefox's about:memory). We will also investigate enabling assertions in limited areas of the codebase, such as the refcounting system, the JIT and the Javascript engine.

Vulnerability Surface Reduction (Security Slider)

A large portion of the report was also focused on analyzing historical Firefox vulnerability data and other sources of large vulnerability surface for a planned "Security Slider" UI in Tor Browser.

The Security Slider was first suggested by Roger Dingledine as a way to make it easy for users to trade off between functionality and security, gradually disabling features ranked by both vulnerability count and web prevalence/usability impact.

The report makes several recommendations along these lines, but a brief distillation can be found on the ticket for the slider.

At a high level, we plan for four levels in this slider. "Low" security will be the current Tor Browser settings, with the addition of JIT support. "Medium-Low" will disable most of the JIT, and make HTML5 media click-to-play via NoScript. "Medium-High" will disable the rest of the JIT, will disable JS on non-HTTPS url bar origins, and disable SVG. "High" will fully disable Javascript, block remote fonts via NoScript, and disable all media codecs except for WebM (which will remain click-to-play).

The Long Term

A web browser is a very large and complicated piece of software, and while we believe that the privacy properties of Tor Browser are better than those of every other web browser currently available, it is very important to us that we raise the bar to successful code execution and exploitation of Tor Browser as well.

We are very eager to see the deployment of sandboxing support in Firefox, which should go a long way to improving the security of Tor Browser as well. To improve security for their users, Mozilla has recently shifted 10 engineers into the Electrolysis project, which provides the groundwork for producing a multiprocess sandbox architecture for the desktop Firefox. This will allow them to provide a Google Chrome style security sandbox for website content, to reduce the risk from software vulnerabilities, and generally impede exploitability.

Until that time, we will also be investigating providing hardened builds of Tor Browser using the AddressSanitizer and Virtual Table Verification features of newer GCC releases. While this will not eliminate all vectors of memory corruption-based exploitation (in particular, the hardening properties of AddressSanitizer are not as good as those provided by SoftBounds+CETS for example, but that compiler is not yet production-ready), it should raise the bar to exploitation. We are hopeful that these builds in combination with PartitionAlloc and the Security Slider will satisfy the needs of our users who require high security and who are willing to trade performance and usability in order to get it.

We also hope to include optional application-wide sandboxes for Tor Browser as part of the official distribution.

Why not Google Chrome?

It is no secret that in many ways, both we and Mozilla are playing catch-up to reach the level of code execution security provided by Google Chrome, and in fact closely following the Google Chrome security team was one of the recommendations of the iSEC report.

In particular, Google Chrome benefits from a multiprocess sandboxing architecture, as well as several further hardening options and innovations (such as PartitionAlloc).

Unfortunately, our budget for the browser project is still very constrained compared to the amount of work that is required to provide the privacy properties we feel are important, and Firefox remains a far more cost-effective platform for us for several reasons. In particular, Firefox's flexible extension system, fully scriptable UI, solid proxy support, and its long Extended Support Release cycle all allow us to accomplish far more with fewer resources than we could with any other web browser.

Further, Google Chrome is far less amenable to supporting basic web privacy and Tor-critical features (such as solid proxy support) than Mozilla Firefox. Initial efforts to work with the Google Chrome team saw some success in terms of adding APIs that are crucial to addons such as HTTPS-Everywhere, but we ran into several roadblocks when it came to Tor-specific features and changes. In particular, several bugs required for basic proxy-safe Tor support for Google Chrome's Incognito Mode ended up blocked for various reasons.

The worst offender on this front is the use of the Microsoft Windows CryptoAPI for certificate validation, without any alternative. This bug means that certificate revocation checking and intermediate certificate retrieval happen outside of the browser's proxy settings, and is subject to alteration by the OEM and/or the enterprise administrator. Worse, beyond the Tor proxy issues, the use of this OS certificate validation API means that the OEM and enterprise also have a simple entry point for installing their own root certificates to enable transparent HTTPS man-in-the-middle, with full browser validation and no user consent or awareness.

All of this is not to mention the need for defenses against third party tracking and fingerprinting to prevent the linking of Tor activity to non-Tor usage, and which would also be useful for the wider non-Tor userbase.

While we'd love for this situation to change, and are open to working with Google to improve things, at present it means that our only option for Chrome is to maintain an even more invasive fork than our current Firefox patch set, with much less likelihood of a future merge than with Firefox. As a ballpark estimate, maintaining such a fork would require somewhere between 3 and 5 times the engineering staff and infrastructure we currently have at our disposal, in addition to the ramp-up time to port our current feature set over.

Unless either our funding situation or Google's attitude towards the features we require changes, Mozilla Firefox will remain the best platform for us to demonstrate that it is in fact possible to provide true privacy by design for the web for those who want it. It is very distressing that this means playing catch-up and forcing our users to make usability tradeoffs in exchange for improved browser security, but we will continue to do what we can to improve that situation, both with Mozilla and with our own independent efforts.

Tor Browser 3.6.4 and 4.0-alpha-1 are released

The fourth pointfix release of the 3.6 series is available from the Tor Browser Project page and also from our distribution directory.

This release features an update to OpenSSL to address the latest round of OpenSSL security issues. Tor Browser should only be vulnerable to one of these issues - the null pointer dereference. As this issue is only a DoS, we are not considering this a critical security update, but users are advised to upgrade anyway. This release also features an update to Tor to alert users of the RELAY_EARLY attack via a log message, and a fix for a hang that was happening to some users at startup/Tor network bootstrap.

Here is the complete changelog for 3.6.4:

  • Tor Browser 3.6.4 -- All Platforms
    • Update Tor to 0.2.4.23
    • Update Tor launcher to 0.2.5.6
    • Update OpenSSL to 1.0.1i
    • Backported Tor Patches:
      • Bug 11654: Properly apply the fix for malformed bug11156 log message
      • Bug 11200: Fix a hang during bootstrap introduced in the initial
        bug11200 patch.
    • Update NoScript to 2.6.8.36
      • Bug 9516: Send Tor Launcher log messages to Browser Console
    • Update Torbutton to 1.6.11.1
      • Bug 11472: Adjust about:tor font and logo positioning to avoid overlap
      • Bug 12680: Fix Torbutton about url.

In addition, we are also releasing the first alpha of the 4.0 series, available for download on the extended downloads page.

This alpha paves the way to our upcoming autoupdater by reorganizing the directory structure of the browser. This means that in-place upgrades from Tor Browser 3.6 (by extracting/copying over the old directory) will not work.

This release also features Tor 0.2.5.6, and some new defaults for NoScript to make the script permissions for a given url bar domain automatically cascade to all third parties by default (though this may be changed in the NoScript configuration).

  • Tor Browser 4.0-alpha-1 -- All Platforms
    • Ticket 10935: Include the Meek Pluggable Transport (version 0.10)
      • Two modes of Meek are provided: Meek over Google and Meek over Amazon
    • Update Firefox to 24.7.0esr
    • Update Tor to 0.2.5.6-alpha
    • Update OpenSSL to 1.0.1i
    • Update NoScript to 2.6.8.36
      • Script permissions now apply based on URL bar
    • Update HTTPS Everywhere to 5.0development.0
    • Update Torbutton to 1.6.12.0
      • Bug 12221: Remove obsolete Javascript components from the toggle era
      • Bug 10819: Bind new third party isolation pref to Torbutton security UI
      • Bug 9268: Fix some window resizing corner cases with DPI and taskbar size.
      • Bug 12680: Change Torbutton URL in about dialog.
      • Bug 11472: Adjust about:tor font and logo positioning to avoid overlap
      • Bug 9531: Workaround to avoid rare hangs during New Identity
    • Update Tor Launcher to 0.2.6.2
      • Bug 11199: Improve behavior if tor exits
      • Bug 12451: Add option to hide TBB's logo
      • Bug 11193: Change "Tor Browser Bundle" to "Tor Browser"
      • Bug 11471: Ensure text fits the initial configuration dialog
      • Bug 9516: Send Tor Launcher log messages to Browser Console
    • Bug 11641: Reorganize bundle directory structure to mimic Firefox
    • Bug 10819: Create a preference to enable/disable third party isolation
    • Backported Tor Patches:
      • Bug 11200: Fix a hang during bootstrap introduced in the initial
        bug11200 patch.
  • Tor Browser 4.0-alpha-1 -- Linux Changes
    • Bug 10178: Make it easier to set an alternate Tor control port and password
    • Bug 11102: Set Window Class to "Tor Browser" to aid in Desktop navigation
    • Bug 12249: Don't create PT debug files anymore

The list of frequently encountered known issues is also available in our bug tracker.

Tor Browser 3.6.3 is released

The third pointfix release of the 3.6 series is available from the Tor Browser Project page and also from our distribution directory.

This release features important security updates to Firefox.

Here is the complete changelog:

  • All Platforms
    • Update Firefox to 24.7.0esr
    • Update obfsproxy to 0.2.12
    • Update FTE to 0.2.17
    • Update NoScript to 2.6.8.33
    • Update HTTPS Everywhere to 3.5.3
    • Bug 12673: Update FTE bridges
    • Update Torbutton to 1.6.11.0
      • Bug 12221: Remove obsolete Javascript components from the toggle era
      • Bug 10819: Bind new third party isolation pref to Torbutton security UI
      • Bug 9268: Fix some window resizing corner cases with DPI and taskbar size.
  • Linux:
    • Bug 11102: Set Window Class to "Tor Browser" to aid in Desktop navigation
    • Bug 12249: Don't create PT debug files anymore

The list of frequently encountered known issues is also available in our bug tracker.

Tor Browser 3.6.2 is released

The second pointfix release of the 3.6 series is available from the Tor Browser Project page and also from our distribution directory.

This release features a fix to allow the configuration of a local HTTP or SOCKS proxy with all included Pluggable Transports.

In addition, this release also features important security updates to Firefox, as well as an update to OpenSSL 1.0.1h to address the latest round of OpenSSL security issues.

This release also updates the Tor client software to version 0.2.4.22, which blacklists directory authority keys that were created prior to fixing the Heartbleed attack.

  • All Platforms
    • Update Firefox to 24.6.0esr
    • Update OpenSSL to 1.0.1h
    • Update NoScript to 2.6.8.28
    • Update Tor to 0.2.4.22
    • Update Tor Launcher to 0.2.5.5
      • Bug 10425: Provide geoip6 file location to Tor process
      • Bug 11754: Remove untranslated locales that were dropped from Transifex
      • Bug 11772: Set Proxy Type menu correctly after restart
      • Bug 11699: Change &#160 to   in UI elements
    • Update Torbutton to 1.6.10.0
      • Bug 11510: about:tor should not report success if tor proxy is unreachable
      • Bug 11783: Avoid b.webProgress error when double-clicking on New Identity
      • Bug 11722: Add hidden pref to force remote Tor check
      • Bug 11763: Fix pref dialog double-click race that caused settings to be reset
    • Bug 11629: Support proxies with Pluggable Transports
      • Updates FTEProxy to 0.2.15
      • Updates obfsproxy to 0.2.9
    • Backported Tor Patches:
      • Bug 11654: Fix malformed log message in bug11156 patch.
    • Bug 10425: Add in Tor's geoip6 files to the bundle distribution
    • Bugs 11834 and 11835: Include Pluggable Transport documentation
    • Bug 9701: Prevent ClipBoardCache from writing to disk.
    • Bug 12146: Make the CONNECT Host header the same as the Request-URI.
    • Bug 12212: Disable deprecated webaudio API
    • Bug 11253: Turn on TLS 1.1 and 1.2.
    • Bug 11817: Don't send startup time information to Mozilla.

The list of frequently encountered known issues is also available in our bug tracker.

Tor Browser 3.6.1 is released

The first pointfix release of the 3.6 series is available from the Tor Browser Project page and also from our distribution directory.

This release features a fix for a regression with using a proxy for normal Tor usage. It does not yet allow the configuration of proxies for pluggable transports. We hope to fix that issue in the following point release.

This is not a security release — feel free to keep using TBB 3.6 if it's working for you.

Here is the complete changelog:

  • All Platforms
    • Update HTTPS-Everywhere to 3.5.1
    • Update NoScript to 2.6.8.22
    • Bug 11658: Fix proxy configuration for non-Pluggable Transports users
    • Backport Pending Tor Patches:
      • Bug 8402: Allow Tor proxy configuration while PTs are present
    • Note: The Pluggable Transports themselves have not been updated to support proxy configuration yet.

Tor Browser 3.6 is released

The Tor Browser Team is proud to announce the first stable release of the 3.6 series. Packages are available from the Tor Browser Project page and also from our distribution directory.

For users upgrading from Tor Browser 3.5.x, the 3.6 series features fully integrated Pluggable Transport support, including an improved Tor Launcher UI for configuring Pluggable Transport bridges. The Pluggable Transport code is also fully disabled for users who do not configure them. The 3.6 series also changes the MacOS archive format from zip to DMG, which should improve installation usability for Mac users.

This release also includes important security updates to Firefox.

Please see the TBB FAQ listing for any issues you may have before contacting support or filing tickets. In particular, the TBB 3.x section lists common issues specific to the Tor Browser 3.x series. We also maintain a list of frequently encountered known issues in our bugtracker.

Here is the complete changelog since TBB 3.5.4:

  • All Platforms

    • Update Firefox to 24.5.0esr
    • Include Pluggable Transports by default:
      • Obfsproxy3 0.2.4, Flashproxy 1.6, and FTE 0.2.13 are now included
    • Bug 11586: Include license files for component software in Docs directory.
    • Bug 9010: Add Turkish language support.
    • Bug 9387 testing: Disable JS JIT, type inference, asmjs, and ion.
    • Update NoScript to 2.6.8.20
    • Update Tor Launcher to 0.2.5.4
      • Bug 9665: Localize Tor's unreachable bridges bootstrap error
      • Bug 10418: Provide UI configuration for Pluggable Transports
      • Bug 10604: Allow Tor status & error messages to be translated
      • Bug 10894: Make bridge UI clear that helpdesk is a last resort for bridges
      • Bug 10610: Clarify wizard UI text describing obstacles/blocking
      • Bug 11074: Support Tails use case (XULRunner and optional customizations)
      • Bug 11482: Hide bridge settings prompt if no default bridges.
      • Bug 11484: Show help button even if no default bridges.
    • Update Torbutton to 1.6.9.0:
      • Bug 11242: Fix improper "update needed" message after in-place upgrade.
      • Bug 10398: Ease translation of about:tor page elements
      • Bug 9901: Fix browser freeze due to content type sniffing
      • Bug 10611: Add Swedish (sv) to extra locales to update
      • Bug 7439: Improve download warning dialog text.
      • Bug 11384: Completely remove hidden toggle menu item.
    • Backport Pending Tor Patches:
      • Bug 9665: Report a bootstrap error if all bridges are unreachable
      • Bug 11200: Prevent spurious error message prior to enabling network.
      • Bug 5018: Don't launch Pluggable Transport helpers if not in use
      • Bug 9229: Eliminate 60 second stall during bootstrap with some PTs
      • Bug 11069: Detect and report Pluggable Transport bootstrap failures
      • Bug 11156: Prevent spurious warning about missing pluggable transports
  • Mac:

    • Bug 4261: Use DMG instead of ZIP for Mac packages
    • Bug 9308: Prevent install path from leaking in some JS exceptions on Mac and Windows
  • Linux:

    • Bug 11190: Switch linux PT build process to python2
    • Bug 10383: Enable NIST P224 and P256 accel support for 64bit builds.
  • Windows:
    • Bug 9308: Prevent install path from leaking in some JS exceptions on Mac and Windows

Here is the changelog since the 3.6-beta-2:

  • All Platforms
    • Update Firefox to 24.5.0esr
    • Update Tor Launcher to 0.2.5.4
      • Bug 11482: Hide bridge settings prompt if no default bridges.
      • Bug 11484: Show help button even if no default bridges.
    • Update Torbutton to 1.6.9.0
      • Bug 7439: Improve download warning dialog text.
      • Bug 11384: Completely remove hidden toggle menu item.
    • Update NoScript to 2.6.8.20
    • Update fte transport to 0.2.13
    • Backport Pending Tor Patches:
      • Bug 11156: Additional obfsproxy startup error message fixes
    • Bug 11586: Include license files for component software in Docs directory.
  • Windows and Mac:
    • Bug 9308: Prevent install path from leaking in some JS exceptions on Mac and Windows builds

Tor Browser 3.6-beta-2 is released

The Tor Browser Team is proud to announce the second beta in the 3.6 series. Packages are available from the Tor Browser Project page and also from our distribution directory.

This release is an important security update over 3.6-beta-1. This release updates OpenSSL to version 1.0.1g, to address potential client-side vectors for CVE-2014-0160.

The browser itself does not use OpenSSL, and is not vulnerable to this CVE. However, this release is still considered an important security update, because it is theoretically possible to extract sensitive information from the Tor client sub-process.

This beta also features a Turkish language bundle, experimental Javascript hardening options, fixes for pluggable transport issues, and a fix for improper update notification while extracting the bundle over an already existing copy.

Here is the complete changelog since 3.6-beta-1:

  • All Platforms
    • Update OpenSSL to 1.0.1g
    • Bug 9010: Add Turkish language support.
    • Bug 9387 testing: Disable JS JIT, type inference, asmjs, and ion.
    • Update fte transport to 0.2.12
    • Update NoScript to 2.6.8.19
    • Update Torbutton to 1.6.8.1
      • Bug 11242: Fix improper "update needed" message after in-place upgrade.
      • Bug 10398: Ease translation of about:tor page elements
    • Update Tor Launcher to 0.2.5.3
      • Bug 9665: Localize Tor's unreachable bridges bootstrap error
    • Backport Pending Tor Patches:
      • Bug 9665: Report a bootstrap error if all bridges are unreachable
      • Bug 11200: Prevent spurious error message prior to enabling network.
  • Linux:
    • Bug 11190: Switch linux PT build process to python2
    • Bug 10383: Enable NIST P224 and P256 accel support for 64bit builds.
  • Windows:
    • Bug 11286: Fix fte transport launch error


A list of frequently encountered known issues with the Tor Browser can be found on our bugtracker. Please check that list and help us diagnose and arrive at solutions for those issues before contacting support.

Tor Browser 3.5.4 is Released

The 3.5.4-stable release of the Tor Browser is now available on the Download page. You can also download the bundles directly from the distribution directory.

This release updates only OpenSSL to version 1.0.1g, to address potential client-side vectors for CVE-2014-0160.

The browser itself does not use OpenSSL, and is not vulnerable to this CVE. However, this release is still considered an important security update, because it is theoretically possible to extract sensitive information from the Tor client sub-process.

Here is the changelog:

  • All Platforms
    • Update OpenSSL to 1.0.1g

Ways to get the Tor Browser Bundle

Below is a collection of resources that will help you get Tor up and running. We also discuss alternative approaches of downloading the Tor Browser Bundle and provide mirrors for all these resources in case torproject.org is blocked.

To start with, please look at Bundle Downloads and determine the best way for you to download the Tor Browser Bundle. After you have downloaded the bundle and before you install/extract it, you should also verify it to make sure the bundle you downloaded is genuine and has not been tampered with; this step is optional but recommended.

We have screencasts (video guides) that will help you with the installation and verification process on Windows, Linux and OS X.

Windows
TBBTraining-DownloadAndVerify-Windows.mp4

Mirror:
torservers.net

Linux
TBBTraining-DownloadAndVerify-Linux.mp4

Mirror:
torservers.net

OS X
TBBTraining-DownloadAndVerify-MacOS.mp4

Mirror:
torservers.net

Text guide for signature verification
https://www.torproject.org/docs/verifying-signatures.html.en

Mirrors:
EFF
torservers.net

Tor Browser Bundle Downloads

torproject.org

https://www.torproject.org/projects/torbrowser.html.en

Mirrors:
EFF
torservers.net

GetTor

GetTor is a program for serving the Tor Browser Bundle through email. This is particulary useful if you cannot access torproject.org or any other mirrors.

To request a bundle from GetTor, send a blank email to gettor@torproject.org. GetTor will then respond with links to the Tor Browser Bundle for all platforms.

Note: GetTor was earlier restricted to requests from Gmail and Yahoo!. This is no longer the case and you can request for bundles from any email address, including Outlook.

Bridges

If you are unable to reach the Tor network after installation (Tor Launcher starts, however the green progress bar stops), you need to use bridges.

Acquiring Bridges

One way to find public bridge addresses is to send an email (from a Gmail or a Yahoo! address) to bridges@bridges.torproject.org with the line 'get bridges' by itself in the body of the mail.

You can also acquire bridges by visiting https://bridges.torproject.org/. If you see that this page is offline, please wait for a few minutes and try again.

Bridge Usage

1. Launch the Tor Browser Bundle
2. Click "Configure"
3. Click "Next" until you reach a page that reads "If this computer's Internet connection is censored, you will need to obtain and use bridge relays"
4. Enter the bridges you received from one of the methods above into the text box
5. Click "Connect"

Pluggable Transports

If you find that using standard bridges fails for you, you can try using the 3.6-beta-1 bundle located on the same downloads page listed above. These bundles included integrated pluggable transport support, and are useful in areas where standard bridges are blocked.

To activate pluggable transports in the 3.6-beta-1 bundle, follow the bridge directions above, however simply select "obfs3" or "fte" when you reach the bridge configuration page (instead of entering bridge addresses yourself).

Support

Still need help? If you have any questions, trouble connecting to Tor network, or need to talk to a human, please contact our support team at:

help@rt.torproject.org for English
help-ar@rt.torproject.org for Arabic
help-es@rt.torproject.org for Spanish
help-fa@rt.torproject.org for Farsi
help-fr@rt.torproject.org for French
help-zh@rt.torproject.org for Mandarin



Written in collaboration with Colin Childs. Screencasts by Sherief Alaa.

Syndicate content Syndicate content