Tor Browser 6.0.2 is released

by boklm | June 21, 2016

Tor Browser 6.0.2 is now available from the Tor Browser Project page and also from our distribution directory.

Tor Browser 6.0.2 is a fixup release to address the most pressing issues we found after switching to Firefox 45.2.0esr.

In particular, we resolved a possible crash bug visible e.g. on Faceboook or mega.nz and we fixed the broken PDF download button in the PDF reader.

Note: In version 6.0 we started code signing the OS X bundle for Gatekeeper support. A side effect of this signature is that it makes it harder to compare the bundles we ship with the bundles produced using reproducible builds, therefore we plan to post instructions for removing the OS X code signing parts on our website soon. An other effect is that the incremental update will not be working for users who installed the previous version using the .dmg file, due to bug 19410. The internal updater should still work, though, doing a complete update.

Update (June 23, 12:38 UTC): We have still some users that report crashes on Facebook and mega.nz. We suspect this happens because those users are not using Tor Browser in its default configuration but have left the Private Browsing Mode. There are at least two workarounds for this: 1) Using a clean new Tor Browser 6.0.2 (including a new profile) solves the problem. 2) As files cached by those websites in the Tor Browser profile are causing the crashes, deleting them helps as well. See bug 19400 for more details in this regard.

Here is the full changelog since 6.0.1:

  • All Platforms
    • Update Torbutton to 1.9.5.5
    • Bug 19401: Fix broken PDF download button
    • Bug 19411: Don't show update icon if a partial update failed
    • Bug 19400: Back out GCC bug workaround to avoid asmjs crash
  • Windows
    • Bug 19348: Adapt to more than one build target on Windows (fixes updates)
  • Linux
    • Bug 19276: Disable Xrender due to possible performance regressions

Comments

Please note that the comment area below has been archived.

June 21, 2016

Permalink

Thanks, one question though.

Don't these auto updates make it so people will differ more and more from each other? Because if people won't ever have to reinstall their browser, the browser will differ more and more as time progresses because of modifcation to the browser, like installing addons or changing preferences in about:config

Yes, installing addons or changing preferences in about:config could make your browser differ from others. So you should be careful with what addons you are installing and what preferences you are changing.

June 23, 2016

In reply to boklm

Permalink

Thanks for your reply, but I think it must be made easier to reset your Tor Browser.
Like adding a "Reset Tor Browser" option in the Tor Button menu.

That'd be much appreciated

June 24, 2016

In reply to boklm

Permalink

I understand how certain extensions might leak data or reveal your location, but can anyone explain why modifying preferences in such a way that your config differs from other people's is a bad thing? how does it matter? For example let's say you alter the flag that enables javascript so that it is completely off. A website could identify that you have done this. But how is this in any way compromising to you? Thank you.

June 21, 2016

Permalink

Just done the software update, from 6.0.1 (Linux), got this in the update popup window:

The Update could not be installed (patch apply failed)

And this in /Browser/updated/TorBrowser/UpdateInfo/updates/last-update.log

ensure_copy_recursive: path doesn't exist: (mypath)/Browser/TorBrowser/Data/Browser/profile.default/cache2/entries/C766
12B110C8942421772C3322A6CB5351A75AE0, rv: -1, err: 2
failed: 6
calling QuitProgressUI

When the updater is preparing to patch your copy if Tor Browser, it tries to recursively copy your entire Browser directory. It looks like a file in the browser cache was deleted during the recursive copy (the err: 2 in the log means errno 2 which is ENOENT, aka "No such file or directory"). I am not sure what to do about this, but this kind of problem will disappear when we fix https://bugs.torproject.org/18369

June 21, 2016

Permalink

good

June 21, 2016

Permalink

I don't use raw TBB. I use it with system Tor installed on my Linux machine. So, in preferences I selected "check for updates, but let me choose whether to install them". In this case when update happens, I see a lot of notifications. First, I see small window notifying my that new release appeared. OK, good. Second, few minutes later I see big window where I can choose only "ask later". I want but I cannot cancel update in this window permanently. If I press "ask later" this annoying window later (after few minutes) appears again and again ad infinitum, while I'll not update my TBB manually (I always do so). Can I disable this crap? I am glad to see notification but only once, I don't need dozens of popped up windows annoying me every few minutes when new update arrives.

June 23, 2016

In reply to boklm

Permalink

Will TBB check that new version is appeared in this case? Will I receive notification from TBB? I don't want to disable this functionality completely.

June 21, 2016

Permalink

Thanks for everything guys. And people who said 'slow browser', i think u still dont know how work Tor...

June 21, 2016

Permalink

Hi there. Thanks for your hard work. I am a Mac OS X 10.11.5 (El Capitan) user and have just installed the Tor Browser using the default "Connect" method. The error "Something went wrong, TOR is not working in this browser" occurs. Can you kindly offer any advice?
Kind regards.

June 21, 2016

Permalink

Hi friend, i am use "orbot" on my andriod mobile device and when i use e-mail it still is showing my local header's idk what to do? ANY HELP OUT THERE???

Do you have your mail client properly set up to go through Orbot? Or do you have root to force it through Tor? You might have to manually set up Orbot as a proxy in your mail client, if it has that option. Or you could try another mail program and see if that goes through Tor correctly.

June 21, 2016

Permalink

thanks , but integrated more privacy tool and cryptography software / crypt currency wallet would be better ,

Are you talking about in the browser bundle?? Because I think Tails had Electrum bitcoin client built in last time I checked. (Including anything that actually download the blockchain would probably be annoying for the majority of users that don't use it because of the massive amount of disk space).

I would like to see an integrated adblocker like Ublock, though.... but I know that's another component that they'd have to audit and keep up with that not all users would even want.

"like to see an integrated adblocker"
most web pages use javascript to inject ads and noscript is part of tor browser bundle.
using 'static' ad is probably useless to the web site, because they cannot quantify the ad's effectiveness and so they cannot bill for the ad.

June 21, 2016

Permalink

Does Tails have the standard Tor Browser or the hardened Tor Browser? And if regular, then why not hardened?

Please tell us more about your situation. (Anything you can share safely.) What country are you in? What kind of firewall is there? What does the Tor log say (click the button that says "Copy Tor log to clipboard")?

meek-google stopped working on May 13, 2016; see this link. But meek-azure and meek-amazon should still be working.

July 09, 2016

In reply to dcf

Permalink

I am working through Canada, Ontario I have tried the transports from Wendys restaurant ISP and from my home provider Execulink.

July 09, 2016

In reply to dcf

Permalink

When I try any of the meek transports on July-9 non worked. I get the message "The connection has timed out" from my Public IP 69.63.55.164.

July 19, 2016

In reply to dcf

Permalink

I tried the Meek transports again on July-19 from a Mcdonald's restaraunt public IP 38.108.87.20. None worked. Reinstalled TBB for the Mac SHA256 vaule: 228ab076c62ee2918d5aaff96369bb92862b3a4161b4d2c883ca66dbf4273620

Same results. The browser returns "The connection has timed out"

June 22, 2016

Permalink

Hi all! Newby here.

I changed the background (blue) and font colors (yellow) in OPTIONS/CONTENT/COLORS, for webpages, etc., and using Google mail and G+ (yeah, I know...?), all their related links on any Google page, don't show, though scanning the pointer will find them, but it's guesswork.
The usual borders around each button etc., don't show either, adding to the guess-point.

Also, (I'm in Australia) the Australian Bureau of Meteorology "BoM" radar and satellite pages do not always display the images/maps.

Sometimes nothing, sometimes, scant clouds with no map and background, and none with the various buttons on the maps.

One example: http://www.bom.gov.au/products/national_radar_sat.loop.shtml
Just checked again, and the above page is now good, but has no city radar buttons.

This
http://www.bom.gov.au/products/IDR021.loop.shtml#skip
has no map or other features, for now.
The BoM site does seem better tonight though.

This appears where the options are given, on other browsers, if it helps?
!DOCTYPE html> html> head> style type "text/css">body{margin:0;padding:0;overflow:hidden;line-height:0;} /style> script> function ){var g this,l function a,b){var c a.split "."),d g;c[0]in d||!d.execScript||d.execScript "var "+c[0]);for var e;c.length&& e c.shift ));)c.length||void 0 b?d d[e]?d[e]:d[e] {}:d[e] b},m function a,b,c){return a.call.apply a.bind,arguments)},n function a,b,c){if !a)throw Error );if 2 arguments.length){var d Array.prototype.slice.call

(Damn I wish I could learn code, etc!)

Thanks for Tor Dudes! Y'all may yet help save us from "them"!

June 23, 2016

In reply to gk

Permalink

"Because Tor Browser ships tor stable which is still 0.2.7.6."
OK.
The question is:
Is the newer geoip database from from "June 7 2016" in
https://blog.torproject.org/blog/tor-0284-rc-released
better than the old one
"based on December 1 2015 Maxmind GeoLite2 Country" in
https://blog.torproject.org/blog/tor-browser-602-released .

If not, why there are new updated versions of this database?
In https://blog.torproject.org/blog/tor-0284-rc-released , too?

Old database, inaccurate result?

For my XP is 6.0.2 ending version. I try then 6.0.4, that very stink of Chrome, then was very slow and abrupt work! Sorry....

June 22, 2016

Permalink

Thanks! there was a bug in previous with mega.nz but it is ok now.
you are doing a good work!

Regarding add-ons, is there some list of addons that are safe to install in tor browser?

Flash Isn't supposed to work by default; it leaks your IP, and may not send traffic through Tor. In order to get it working you need to change settings; please research if it fits within your threat model.

I enabled it in the addons manager so that it shows now "always activate" and I also unticked "disable browser plugins" under "privacy and security settings" of the tor button. It still doesn't work. http://isflashinstalled.com/ is saying Adobe Flash is not installed while accessing the same website from IE says it is enabled.

Is there anything else I need to do?

There is no formal process to enter it. But a good way is to start working on bugs in the Applications/Tor Browser component in our bug tracker (trac.torproject.org). Getting familiar with the bundle and how it is being built might be good, too (https://trac.torproject.org/projects/tor/wiki/doc/TorBrowser/Hacking). Finally, we have a mailing list (tbb-dev https://lists.torproject.org/cgi-bin/mailman/listinfo/tbb-dev) and quite regular weekly meetings on IRC (#tor-dev on oftc.net) Mondays 19 UTC where we discuss development related things.

June 22, 2016

Permalink

I have removed DuckDuckGo.com from my browser list but it still goes to DuckDuckGo.com as the search engine after I enter on the initial screen search. I have Disconnect as the default. I just have Disconnect and StartPage in my list of available search engines. Using Tails I remove them and it adds them right back. Thank you.

June 22, 2016

Permalink

is it a bad or a good idea to check on HTTPSeverywhere add-on "use the observatory" ?
does it not leak my location ?
does it not disturb my mailbox when i log-in ?

June 22, 2016

Permalink

After the update, the browser shows Firefox search bar on start, and when I try to browse, it says proxy server is refusing connections. What is the problem?

June 22, 2016

Permalink

:)

June 23, 2016

Permalink

I'm not very smart about all of this! I see there's a 6.0 Tor now. I'm using an old version of Tor Bundle for Android. How can I update? Using a Samsung Galaxy and noticed a warning about port 9050. I downloaded soc app, and see no Samsung app on port 9050? Help! Thanks very much.

June 23, 2016

Permalink

Since the latest update, every time I try to access messages on Facebook, Tor crashes. Any suggestions?

Hm. Do you have the "Don't record browsing history or website data (enabled Private Browsing Mode)" checkbox checked? (behind the green onion in your toolbar -> Privacy and Security Settings...) It should be.

That said this is still a fallout from https://bugs.torproject.org/19400 I guess and you have basically two options:

1) Start with a clean Tor Browser 6.0.2 or
2) There are cached files in your profile that are causing this. Deleting the files must be done just once and manually at the moment. Those files are in storage/temporary/https+++facebook.com (or something similar).

Sorry for the inconvenience.

Just google search? (Endless captchas that don't let you do anything?) Probably because it's seen a bot coming from your exit node at one point or another. Try getting a new circuit (Onion menu > New Tor Circuit for this Site or Control + Shift + L)

Or do you mean logging in to any google services? I'm having trouble with that since I updated. (Forces me through the "verify your account" questionnaire full of questions no one but the NSA probably knows the answer to.) Does the new TBB (linux) have a different user agent now? Checking my google login history on my other browser that's still logged in shows all my TBB logins as Windows, but I think the blocked logins (I've tried getting a new identity and logging in over and over) all show up as "unknown."

What doesn't work about pixiv? I was able to load the login screen (don't have an account so that's as far as I got). Do you have javascript disabled? You might have to play with your NoScript settings (and make them less secure...) to make everything display right.

You can't login with default history settings, on successful login the login page loads again as if it forgot.
If you type in wrong passwd/login it responds correctly and changing settings to "remember history" fixes the whole problem. And of course I've tried it with JS turned on.

June 23, 2016

Permalink

Linux Ubuntu 16.04 LTS running 6.02 has a problem in which Firefox (separate from TOr Firefox) shows as open when TOR browser is open. Also there is no menu for bookmarks etc.. displayed.

Tor browser 6.0.2 was downloaded from Ubuntu Software.

Or maybe it's the behavior I've been noticing after update (in Gnome/Debian): when restarting from an update, Gnome for some reason thinks Tor Browser is just another Firefox window. There is no TB icon in the dock, Alt+Tab shows it under Firefox as another window. (Firefox was running separately already at the time of update.) Closing and reopening TB gets it its own icon again. This has happened the past few updates.

I am seeing this behavior inconsistently on Debian (Gnome). I ran start-tor-browser with --register-app a few updates ago to get it to show up in my applications and launch it through Gnome's graphical application list. Usually it starts up with the Tor Browser icon (even with Firefox/Iceweasel already running), but when I started it today (using the restart browser option given when you install an extension that needs a browser restart), it restarted under the Firefox icon as a separate Firefox window (rather than as its own thing).

June 24, 2016

Permalink

ok

June 24, 2016

Permalink

Hi tor blog.

Notice for future upgrade to Firefox 46.
Since Firefox was updated to version 46.x, its menus, panels, address and search bars, cannot take the colors that user has modified to default theme on Linux Mint 17 (Mate), at least.
Ie, menus, panels and url bars always are white color, after Firefox was Updated to v46.

June 24, 2016

Permalink

Still repeatedly http://khamakarpress.com/ page freezes.
But not on latest ordinary firefox, chrome and Midori browser

never extract HTML5 canvas clicked.

UBUNTU 64 Bit.

Thanks,

Mohammed

June 25, 2016

Permalink

"A program linked with older NSS 3.x shared libraries will work with NSS 3.24 shared libraries without recompiling or relinking." by Mozilla. So what is wrong in using the latest stable NSS with Tor Browser?

June 27, 2016

In reply to gk

Permalink

Could it be the next step in moving to Firefox stable from ESR? It seems that nobody is running such tests for ESR version of NSS too.

June 26, 2016

Permalink

Tor 6.0.1 and 6.0.2 don't work at all on my linux machine running backtrack. It always worked before these two updates and now when i install them it simply does nothing. You click the setup tor icon and it does nothing but changes to the correct tor browser icon. Thats it!

What is going on with this, i can run my server without tor!

Before anyone asks, I'm not running trusteer or any firewall or any virus software, don't have duplicate tor files of tor on the system as I've even gone as far as RE-INSTALLING my server. Can someone please look into this for me.

64bit
backtrack R5

I get no errors and not even the tor connecting window. Nothing shows in task managers and when i try to uninstall tor via command line it says its not installed.

Please help asap.

Thanks

June 26, 2016

Permalink

For people having trouble with Tor Browser above version 5.5.5 not running on Windows 7 64bit, this worked for me. Click START, All programs, Trusteer Endpoint Protection, click 'Stop Trusteer Endpoint Protection'. Install Tor Browser 6.0.2 as normal and then start Tor Browser, should then start ok. Now click START, All programs, Trusteer Endpoint Protection, click 'Start Trusteer Endpoint Protection'. Should all run ok now as it did for me. Hope it works for others that are having trouble like I was. (Tor Version 5.5.5 was fine)

June 26, 2016

Permalink

BUG : same webmail 2 sessions.
I open one with noscript allowed minimum, the second (open in a new tab) has copied the same setting.
I do not wish that : every session must be independent !
(gnu_x64)

June 26, 2016

Permalink

I have been using the Tor 6.0.1 Completely fine. But once I updated everything went bad. Super bad performance. Whole computer gets slow. I'm pretty sure its a problem with Firefox update because Firefox does the same thing. Sadly every time I downgrade to get things working. It automatically updates without my confirmation even though I turned off the auto update feature completely. I think this might also only be a Linux problem. I'm running Arch Linux. Anyone with same problem?

June 26, 2016

Permalink

Why does ipcheck still tell me "You are using Tor, but your browser profile differs from the recommended."

The site has never failed to keep up with the client before, so what exactly is going on?

June 27, 2016

Permalink

I can not start my tor-browser above version 6. This is the system statement:
":~/tor-browser_pl_60$ ./start-tor-browser.desktop --verbose
XPCOMGlueLoad error for file /home/admin2/tor-browser_pl_60/Browser/libxul.so:
/home/admin2/tor-browser_pl_60/Browser/libxul.so: undefined symbol: gdk_window_g
Couldn't load XPCOM."
I have: 'Linux Ubu94 2.6.32-74-generic #142-Ubuntu SMP Tue Apr 28 10:02:35 UTC 2
on VirtualBox
Pelase help.

1Pomoc 2Zapisz 3Mark 4Replac 5Copy 6Move 7Szukaj 8Delete 9PullDn10Kończ

June 28, 2016

In reply to gk

Permalink

admin2@Ubu94:~$ uname -a
Linux Ubu94 2.6.32-74-generic #142-Ubuntu SMP Tue Apr 28 10:02:35 UTC 2015 i686 GNU/Linux

June 28, 2016

In reply to gk

Permalink

Distribution: :~$ lsb_release -a
LSB Version: core-2.0-ia32:core-2.0-noarch:core-3.0-ia32:core-3.0-noarch:core-3.1-ia32:core-3.1-noarch:core-3.2-ia32:core-3.2-noarch:core-4.0-ia32:core-4.0-noarch
Distributor ID: Ubuntu
Description: Ubuntu 10.04.4 LTS
Release: 10.04
Codename: lucid

Please upgrade your system. Ubuntu 10.04 is long out-of-date and has very likely security issues of its own. Tor Browser won't run on it anymore.

June 28, 2016

In reply to gk

Permalink

Thank you for the answer. But that recipe is not possible to apply in my case.

June 27, 2016

Permalink

I just updated to 6.0.2, and the Onion menu no longer displays the current Tor circuit, nor does the "New Tor Circuit" option seem to be working. Have I accidentally set something wrong?

June 28, 2016

In reply to gk

Permalink

There is a lengthy series of messages that show up when I open the browser console. Some obviously are not error messages, others may be, but I don't have the expertise to decipher them. Is there somewhere I can go to figure out what they're telling me?

No, the problem doesn't go away when closing and restarting the Tor Browser.

Everything was fine until I upgraded yesterday. Now, when I click on the Onion menu, what's shown is this:

Tor circuit for this site:

(example.com):

o example A
|
o example B
|
o example C

June 28, 2016

In reply to gk

Permalink

Don't bother any further with my inquiry. I concluded Tor must have somehow become corrupted, so I uninstalled it and then reinstalled the new version. Everything works fine now!

June 28, 2016

Permalink

this version overwrites all files' mtime and atime, and I mean *all* files including saved pages and stuff in Downloads folder - all files are now modified on 2016-06-22 04:55 (the time i upgraded). to my knowledge this is the first time an update does such thing.

June 28, 2016

Permalink

It was bad idea to update it from version 38... it was so stable. Now it crashes. Every hour. With segmentation fault. All versions from 45, including latest.
I use Gentoo and torbrowser hardened from overlay. And you removed version 38 from overlay, so I can't downgrade....

June 30, 2016

Permalink

One of the "Tor circuits for this site" is
"Unknown country".

Clearly a geoIP database can never be perfect and it is reported that the stable Tor version is using an older Dec '15 edition of the data, and there are probably ways a rogue can hide behind a proxy but statistically isn't a rogue node more likely to get "Unknown country" than good nodes are?

Is there any extra scrutiny it can get?

Thank you.

July 01, 2016

Permalink

Many years of problem: the scrolling keys Page Up / Page Down. Scrolling down is only possible by pressing the Space.

July 01, 2016

Permalink

Request since auto-updates have dependencies:

Please, could simple hashes for the Win downloads be published again (in an obvious place)?

Much easier to compare the result from different visits as a verification of correct unaltered file.

The GPG thing is great but much more complex and other drawbacks.

Thanks for considering.

How make you sure that the one tampering with the downloaded .exe files would not be able to adapt the hashes as well so that they are matching the respective Tor Browser installer?

July 02, 2016

Permalink

This is the 4th time TOR has updated itself on start up with this version AFTER i chose the Do Not Update option. Updates are forced, even if shut off!

July 02, 2016

Permalink

Bug or a feature?

Long time ago if you did copy a word into the clipboard and then made new indentity, the clipboard was empty.

Now it's not empty anymore. I this wanted? Ty!

July 04, 2016

In reply to gk

Permalink

gk: sorry cant remember when it was, more than 1 year for sure. i guess i wrote about this on the tor blog i thought that time it was a bug and not a feature. if i remember correct someone answered me that this is not a bug

July 06, 2016

In reply to gk

Permalink

I remember this. Clipboard was cleared on new identity and quit. Was in the browser a year ago.

July 12, 2016

In reply to gk

Permalink

I've seen this behavior, too. Trying to remember when, I think I remember around spring 2015 trying to copy the address from a webpage and then get a new identity, and was frustrated that the address wasn't on the clipboard anymore when Tor Browser restarted.

July 04, 2016

Permalink

still crashes on windows 10 64-bit at startup. not able to fix that for several versions now guys?

July 04, 2016

Permalink

Is there any way for us to setup Tor Browser to remember a userid and password for just two specific websites, and make sure there is no automatic memorization for any other sites?

July 05, 2016

Permalink

What did you modify in it? What is the improvement?
Isn't there any other Search Engine other than DuckDuckGo?

July 05, 2016

Permalink

Guys I respect you but please ... can you stop to play "games" and make tor browser to work and without auto-update? thx

July 06, 2016

Permalink

jquery fails in 6.0+. Does anyone know which DOM features are required for it in about:config? Might be a change I made inadvertently, but seems to have changed since 6.0. jquery is required for many new JS-heavy sites to load properly.

July 06, 2016

Permalink

Hi guys,
Where torbrowser 6.0.2 keep configs (Mac os x)? Before 6.0.2 all configs of browser was located in one place /Applications/TorBrowser/ , but now seems that another location used to store configs. Because I make a changes in about:config mode, then remove TorBrowser from Application and installed a new one, but still see the changed config.

July 08, 2016

Permalink

Is there a published procedure for moving the Tor Browser folder under Windows 8 to a new location and patching files so Tor Browser will run at the new location and preserve bookmarks?

Several files like torrc apparently have full path references to the original folder location, so it is not as simple as just moving the existing install folder.

July 11, 2016

Permalink

After 3 months of problems torbrowser still crashes after connecting on all OSX 10.11.5 that I've tried it on.

July 18, 2016

In reply to gk

Permalink

no crash report. just the executable crashes at startup. it always runs fine ONCE right after installation, then never again. many users reported this for several versions now with Win 10 64bit...

July 11, 2016

Permalink

why it do not display languages other than english on web pages...?
does anybody know the solution...?

July 12, 2016

Permalink

Good Day,.. Hopefully :)

This is --entirely-- NOT related to (Tor Browser 6.0.2 release) ..

But somehow ..it's a [General Topic Question] so please don't refer me to other place for the answer..

Thanks :))

Q: When editing TORRC file, adding ExcludeNodes {ru},

..Then later found the TBB "auto"-added {??} at the end of the line, it then LOOKS like this:

ExcludeNodes {ru},{??}

Wondering what {??} means!?
& if it's fine to delete the {??} !!

for the fun of it, ..seems to me that TBB is ask me WHY are you Excluding Node {ru} ?? .. & continuing it's objection.. RU crazy ??

hahahaah

Hoping your reply may unveil this wonder for me & other users of the great TBB..

Thanks Again..

RGDS:
M.E.

ps.
it also "auto"-added more lines (which looks O.K.) like:
DataDirectory ....
GeoIPFile .....

Hi ALL,

Why it seem that NO Body knows the answer!?
is it too difficult also for the developers of TBB!?

TBB "auto"-added {??} in the TORRC file so it look like this:
ExcludeNodes {ru},{??}

what {??} <=== should mean?

too simple question!
isn't it :)

July 12, 2016

Permalink

Very sluggish browser, eats a lot of CPU. :(
Must have something to do with e10s and Shim.......!?
Would be great if Tor browser could be built on Palemoon me think, fx45 is bloated and adding customized search engine is gone, the new searchengine file search.json.mozl4 is just gibberish, and the now built in search engines into omni.ja isn't very friendly way to manage them.

I am also missing a about:config setting to stop the browsers search engine from sniffing/accepting webpages own searchaengines wherever it is offered, someone could hide malicious code in thos searchengine packets and/or also perhaps send cross-site noise to places we don't want to.
Somehow I feel the search engine in the browser has become a bit bloated and needs to be taimed.

Here are some other feedback on tbb 6.0.2....

Reveals local time of my PC instead of UTC = GMT +0000, check out: "To Locale String" on this site:
https://www.browserleaks.com/javascript

Click HTTPS certificate info button on left side of URL bar, go to More Information -> View Certificate -> General Tab -> Period of Validity
It shows the month written in local language which I am using in my Windows OS instead of English, for example:
Begins On: 14 May 2016
Expires On: 14 May 2017
where the month "May" is written in the local language used in my PC, don't know if this is an issue, but if the browser reads out and print out the local language maybe it may potentially also leak out the language localization data?

An old bug that has never gone away since several years, whenever the user cleans out all coockies, browsing history, caches etc, if you now hover the mouse courser over all the opened tabs, the browser will start fetch some data from the internet, I think it downloads the favicon's and perhaps some other data from those web pages I have previously visited, this noisy behaviour have to go away, also it would be better to store the favicon and what ever data in some type sandbox isolated to each tab.
Since Firfox version around mid-20 something when they changed the tab layout, the whole tool/tab/url-bar has become semiactive leaky/noisy part of the webpage.
https://trac.torproject.org/projects/tor/ticket/18741

July 12, 2016

Permalink

Firefox is enforcing signed add-on check since version 44, I have some add-ons that can't be installed on this tor browser version, and setting xpinstall.signatures.required to false under about:config doesn't help override anymore.
Seems there are several reasons going back to a tor browser built on fx38 as Firefox is becoming increasingly locked in and bloated, fx45 suck so big elephant balls they can be seen from outer space. :(
http://www.ghacks.net/2015/12/16/what-you-do-when-firefox-disables-inst…

No, because one of them is before signing, and the other one is after signing.

The hash of the unsigned one is there for all the other people who build tor browser reproducibly and want to make sure they get the same result.

(The unsigned one has to be what the reproducible build process produces.)

July 16, 2016

Permalink

The torproject team should strongly consider continue developing on a TBB-ESR version built ontop of Firefox version 38, Firefox 45 with e10s capabilty is just too much with a lot of new unknown vulnerabilities, also it is very resource hungry, at least on windows.

Agree on this one, build future tor browsers on some of the older firefox ESR versions, 17, 24, 31 or 38, but not 45, they should also throw out all redundant BS capabilities such as pdf reader which is using canvas, the main point using a tor browser should not be emphasized on whistle and bells features, but rather on privacy and security, unfortunately firefox has become heavily bloated multitalent artist, who knows maybe in the feature firefox can shave me in a sleep, cook pancakes and wipe my ass?

Just try an old firefox 17 of latest ESR version, it is blazingly fast and very light on resources when playing Youtube html5 videos, but do it in a sandbox if you want to plays safe, go to portableapps com and download a protable version and you don't have to mess up with your current installed firefox and run it in a sw called Sandboxie.

July 17, 2016

Permalink

Ever since TBB 6.0.1 (Windows) update, pictures such as avatars don't show anymore on twitter apps. While the captcha image on a private paste service doesn't show either. I checked on other browsers and they show but they don't show on TBB.

I checked Google for the problem and found this old post:

https://blog.torproject.org/blog/tor-browser-50a3-released

++++

On July 7th, 2015 Anonymous said:
It's gotten really slower and stopped showing pictures on twitter

On July 8th, 2015 Anonymous said:
I can confirm problems on Twitter (no pictures shown), also I'm not able to right-click on Twitter and see the context menu and it always shows the cookie warning on top of the page.

On July 9th, 2015 Anonymous said:
Confirmation - no pictures on Twitter. Also tweet button does not show up, and am unable to use the search function on twitter.

On July 9th, 2015 arma said:
https://bugs.torproject.org/16528

++++

I tried the about:config fix it shows from last year mentioned on https://trac.torproject.org/projects/tor/ticket/16528 and it doesn't work for me. That link is from last year.

July 18, 2016

Permalink

Hi,
I have just installed a fresh copy of windows 7, installed Tor 6.0.2 also and is not working, when i open a new tab and search for something this message comes :
Tor unexpectedly exited. This might be due to a bug in Tor itself, another program on your system, or faulty hardware. Until you restart Tor, the Tor Browser will not able to reach any websites. If the problem persists, please send a copy of your Tor Log to the support team.

Restarting Tor will not close your browser tabs

what can i do ?
Thank you

July 18, 2016

Permalink

I have noticed under the tor circuit for this site that it list Canada almost constantly. After several attempts at a new circuit Canada comes up 90%. I am in Canada but I have seen it change to Sweden. I am using a Mac OS running Yosemite and my public IP is 216.75.191.97. Is this typical operation?

this browser
bridge: obfs4 (Canada)
Romania (93.115.91.166)
Netherlands (185.17.184.228)
Internet

Looks like you chose to configure your Tor client to use a bridge in Canada. That bridge is the first hop for all your circuits. So it is not surprising that it would be in all your circuits. This is all normal.

Our blog software is outdated. That feature added more surface area for attack, and wasn't very useful, so we disabled it. In the glorious future when we all have more free time, we plan to have more updated blog software.

July 23, 2016

Permalink

I have been using tor for a while now, however recently I joined this group on gplus and they are telling everyone not to use tor because it has been hacked into........... I have never had any problems with tor...

July 26, 2016

Permalink

Unable to access Tor using OBFS4 from public IP address 192.82.150.249.
the log produced is as follows

26-07-2016, 19:10:51.900 [NOTICE] DisableNetwork is set. Tor will not make or accept non-control network connections. Shutting down all existing connections.
26-07-2016, 19:10:51.900 [NOTICE] Opening Socks listener on 127.0.0.1:9150
26-07-2016, 19:10:53.900 [NOTICE] Bootstrapped 5%: Connecting to directory server
26-07-2016, 19:10:53.900 [NOTICE] Bootstrapped 10%: Finishing handshake with directory server
26-07-2016, 19:10:55.500 [WARN] Proxy Client: unable to connect to 169.229.59.74:31493 ("Connection refused")
26-07-2016, 19:10:55.600 [WARN] Proxy Client: unable to connect to 109.105.109.163:47779 ("Connection refused")
26-07-2016, 19:10:55.600 [WARN] Proxy Client: unable to connect to 109.105.109.163:38980 ("Connection refused")
26-07-2016, 19:10:56.700 [WARN] Proxy Client: unable to connect to 83.212.101.3:80 ("general SOCKS server failure")
26-07-2016, 19:10:56.700 [NOTICE] Ignoring directory request, since no bridge nodes are available yet.
26-07-2016, 19:10:57.300 [NOTICE] Delaying directory fetches: No running bridges
26-07-2016, 19:25:53.900 [WARN] Proxy Client: unable to connect to 109.105.109.163:38980 ("Connection refused")
26-07-2016, 19:25:53.900 [WARN] Proxy Client: unable to connect to 169.229.59.74:31493 ("Connection refused")
26-07-2016, 19:25:53.900 [WARN] Proxy Client: unable to connect to 109.105.109.163:47779 ("Connection refused")
26-07-2016, 19:25:54.000 [WARN] Proxy Client: unable to connect to 83.212.101.3:80 ("general SOCKS server failure")
26-07-2016, 19:32:52.300 [NOTICE] Closing no-longer-configured Socks listener on 127.0.0.1:9150
26-07-2016, 19:32:52.300 [NOTICE] DisableNetwork is set. Tor will not make or accept non-control network connections. Shutting down all existing connections.
26-07-2016, 19:32:52.300 [NOTICE] Closing old Socks listener on 127.0.0.1:9150

July 27, 2016

Permalink

Unable to access Tor using scramblesuit from public IP address 192.82.150.249.
the log produced is as follows
27-07-2016, 22:25:47.300 [NOTICE] DisableNetwork is set. Tor will not make or accept non-control network connections. Shutting down all existing connections.
27-07-2016, 22:25:47.300 [NOTICE] Opening Socks listener on 127.0.0.1:9150
27-07-2016, 22:25:49.100 [NOTICE] Bootstrapped 5%: Connecting to directory server
27-07-2016, 22:25:49.100 [NOTICE] Bootstrapped 10%: Finishing handshake with directory server
27-07-2016, 22:26:49.200 [WARN] Proxy Client: unable to connect to 83.212.101.3:443 ("general SOCKS server failure")
27-07-2016, 22:26:49.200 [NOTICE] Ignoring directory request, since no bridge nodes are available yet.
27-07-2016, 22:26:50.100 [NOTICE] Delaying directory fetches: No running bridges
27-07-2016, 22:35:00.100 [NOTICE] Closing no-longer-configured Socks listener on 127.0.0.1:9150
27-07-2016, 22:35:00.100 [NOTICE] DisableNetwork is set. Tor will not make or accept non-control network connections. Shutting down all existing connections.
27-07-2016, 22:35:00.100 [NOTICE] Closing old Socks listener on 127.0.0.1:9150

July 30, 2016

Permalink

guys, does anyone have a solution for pixiv? login isn't working, when u try to log in - u're getting bounced back, on login screen(like your log in atempt was a success, but you never logged actually) some people say remember history fixes that problem, is there any other solutions to make PIXIV work fine with TBB?

July 30, 2016

Permalink

Don't know why...it's weird but ip-check info, always almost always, shows me IP that differs from exit one in circuit list...any suggestions based on that problem? or whatever it's called

August 09, 2016

Permalink

Any recent news about the government focusing on those who use proxy services like TOR and targeting them as criminal combatants (in defiance of our 4th amendment rights) since they cannot control the proxy services themselves? I had read that based on the new Supreme Court ruling, government "authorities" can now actively search and seize our property based on a hunch regardless of any proof or additional evidence and a court ordered warrant. I also read that government authorities are using this ruling to also do the same with digital information as well; that they believe they have the right to hack and search our computers if it is "found" that an individual uses a proxy service like TOR and even VPN private services. First off, how would they know someone is using a proxy service like TOR without fist targeting those individuals in the first place by looking at protocols and data filtered through our ISP? I hope I am understanding this wrong!

August 27, 2016

Permalink

Heu... Do you remember that TOR is a free and open source project before crying as they are committed to your problem ?

If you are not happy enough, you are free to go away

Thanks to the Tor team, love u people