Tor Browser 7.5a1 is released

Tor Browser 7.5a1 is now available from the Tor Browser Project page and also from our distribution directory.

This release features important security updates to Firefox.

Tor Browser 7.5a1 is the first alpha in the 7.5 series. It updates Firefox to 52.2.0esr and contains all the improvements that went into versions 7.0 and 7.0.1. In addition to that it includes Tor version 0.3.1.3-alpha and sandboxed-tor-browser version 0.0.7.

Here is the full changelog since 7.0a4:

  • All Platforms
    • Update Firefox to 52.2.0esr
    • Update Tor to 0.3.1.3-alpha
    • Update Torbutton to 1.9.7.4
      • Bug 22542: Security Settings window too small on macOS 10.12
      • Bug 22104: Adjust our content policy whitelist for ff52-esr
      • Bug 22457: Allow resources loaded by view-source://
      • Bug 21627: Ignore HTTP 304 responses when checking redirects
      • Bug 22459: Adapt our use of the nsIContentPolicy to e10s mode
      • Translations update
    • Update Tor Launcher to 0.2.12.2
      • Bug 22283: Linux 7.0a4 is broken after update due to unix: lines in torrc
      • Translations update
    • Update HTTPS-Everywhere to 5.2.18
    • Update NoScript to 5.0.5
    • Update sandboxed-tor-browser to 0.0.7
    • Bug 22362: NoScript's XSS filter freezes the browser
    • Bug 21766: Fix crash when the external application helper dialog is invoked
    • Bug 21886: Download is stalled in non-e10s mode
    • Bug 22333: Disable WebGL2 API for now
    • Bug 21861: Disable additional mDNS code to avoid proxy bypasses
    • Bug 21684: Don't expose navigator.AddonManager to content
    • Bug 21431: Clean-up system extensions shipped in Firefox 52
    • Bug 22320: Use preference name 'referer.hideOnionSource' everywhere
    • Bug 16285: Don't ship ClearKey EME system and update EME preferences
    • Bug 21972: about:support is partially broken
    • Bug 21323: Enable Mixed Content Blocking
    • Bug 22415: Fix format error in our pipeline patch
    • Bug 21862: Rip out potentially unsafe Rust code
    • Bug 16485: Improve about:cache page
    • Bug 22462: Backport of patch for bug 1329521 to fix assertion failure
    • Bug 22458: Fix broken `about:cache` page on higher security levels
    • Bug 18531: Uncaught exception when opening ip-check.info
    • Bug 18574: Uncaught exception when clicking items in Library
    • Bug 22327: Isolate Page Info media previews to first party domain
    • Bug 22452: Isolate tab list menuitem favicons to first party domain
    • Bug 15555: View-source requests are not isolated by first party domain
    • Bug 5293: Neuter fingerprinting with Battery API
    • Bug 22429: Add IPv6 address for Lisbeth:443 obfs4 bridge
    • Bug 22468: Add default obfs4 bridges frosty and dragon
  • Windows
  • OS X
    • Bug 22558: Don't update OS X 10.7.x and 10.8.x users to Tor Browser 7.0
  • Linux
    • Bug 16285: Remove ClearKey related library stripping
    • Bug 21852: Don't use jemalloc4 anymore
  • Android
    • Bug 19078: Disable RtspMediaResource stuff in Orfox
Anonymous

June 13, 2017

Permalink

Hello, I have sandboxed-tor-browser 0.0.6 with tor-browser-7.0a4 and when I launched it it updated to tor-browser-7.5a1 but did it also update to sandboxed-tor-browser 0.0.7?

I have been having problems with slow initial handshakes with obfs 4 bridget to none at all. I am reluctant to use obfs 3. I just installed the latest tails and it just started happening immediately after and continues.

Can the tails team help? Thank you

Anonymous

June 14, 2017

Permalink

What the hell happened to the Tor Browser, every single pay loads two times slowers, when I lick on "New Identity" I have to wait 3-4 seconds, last time the New Identity was instant, and webpages that have scripts are slow downed like hell (try to create a new Bitcoin wallet on Blockchain.info).

Nonsense, if there's lag as hell it's a bug quite obviously and one should rather revert to the last working TBB and surf on HIGH security settings which is still better than using 7.x on MEDIUM.

Anonymous

June 14, 2017

Permalink

Please, fix the notification about unsecure connection to onion sites. It is firefox notification for clearnet plain http sites, but for onion sites it shouln't be showed.

Have you tried installing a clean, new Tor Browse into a different location? What operating system are you on? Do you get error messages? If you are on Windows, do you have firewall/antivirus tools that could interfere with Tor Browser? If so, what happens if you uninstall them (disabling might often not be enough)?

I have also been having the same problems after loading new TB updates (to different folders) for Version 7.n.n and later versions of 6 of TB. TB fails to start with no notifications of any problems.
I have now gone back to an old version (6.5.2) which allows me "normal" access.
I run Windows 7 with Windows Firewall and BitDefender AV(Free version). Apart from installing updates for Windows and BiDefender have not (knowingly) altered my PC config.
I see this issue has been reported many times by TB users but I am yet to see any specific resolution?
I understand it is important to maintain the latest TB version so how can I assist to resolving this issue?

Anonymous

June 16, 2017

Permalink

[06-16 20:09:51] Torbutton NOTE: Exception on control port [Exception... "Component returned failure code: 0x804b000e (NS_ERROR_NET_TIMEOUT) [nsIBinaryInputStream.readBytes]" nsresult: "0x804b000e (NS_ERROR_NET_TIMEOUT)" location: "JS frame :: chrome://torbutton/content/torbutton.js :: torbutton_socket_readline :: line 915" data: no]

Now on Win 7, thanks e10s!

Anonymous

June 16, 2017

Permalink

Modernizr.video.h264 × false HTML5 Video h264
on higher security levels too!
Please, make it non-detectable when its click-to-play.

The videos are click-to-play, not the codecs. Those things are not related. The on thing is a security measure to avoid getting exploited due to bugs in codecs or related code. What you want, though, is blocking feature detection probably due to fingerprinting concerns. It seems to me we have https://trac.torproject.org/projects/tor/ticket/13543 for that.

Anonymous

June 16, 2017

Permalink

hi Tor we in egypt we can use tor anymore becoz the gov have been block it ;(
any way to we can use plz
thanks

Anonymous

June 17, 2017

Permalink

Can Tor Really Be Trusted? I Know It's Been Asked A Million Times. More and more government people are using it. IS it SAFE? No Malicious Code? Can Someone I trust Confirm This?

Your last question ("can someone I trust confirm this") is exactly the right question.

To get there, you need two things: (1) you need the tools in question to be open, documented, and amenable to analysis. (2) you need to know and trust enough people that one of them is good at assessing tools.

We do our best to be great at (1), and you can improve your own situation re (2), by going to your local cryptoparties, meeting more people, and generally getting more integrated with the global security and privacy community.

Anonymous

June 18, 2017

Permalink

Error in parsing value for ‘height’. Declaration dropped. about:tor
Warning: ‘nsIOService::NewChannel()’ deprecated, please use ‘nsIOService::NewChannel2()’ aboutTor.js:42:18
Warning: ‘nsIAboutModule->newChannel(aURI)’ deprecated, please use ‘nsIAboutModule->newChannel(aURI, aLoadInfo)’ viewSource-content.js:350:4
[06-18 13:13:43] Torbutton WARN: no SOCKS credentials found for current document.
Warning: ‘nsIOService::NewChannel()’ deprecated, please use ‘nsIOService::NewChannel2()’ aboutTor.js:42:18
Warning: ‘nsIAboutModule->newChannel(aURI)’ deprecated, please use ‘nsIAboutModule->newChannel(aURI, aLoadInfo)’ NetUtil.jsm:357:15

Anonymous

June 18, 2017

Permalink

today when i opened tor i was asked to update, which i diligently did, since then tor will not open at all, all my settings were setup to use tor ie antivirus,proxy settings, permissions etc (nothings changed). i even tried disabling my vpn,no joy. i've tried it on the 2 platforms i have win7 and win10. i have a performance monitor running and notice it tries to start then shuts down. i also noticed its not listed in the list of programs when you go to add remove programs. i don't think i'm the only one experiencing this since downloading update. any ideas?

hi ,
as i said in my post my antivirus hasn't changed ( it worked fine before update and i have tried disabling them), the version i have installed is 1-7,0,1_en_us ?

But tor has changed. So, this new Tor Browser version is shipping a new major tor version which your antivirus tool is probably thinking to be malware and prevents it from running. Try uninstalling the antivirus software to check whether it is really the problem (disabling is often not enough).

Anonymous

June 18, 2017

Permalink

Hi,
I used Tor browser to circumvent bypass Zscaler at my office and it worked. However now Tor doesn't even start. I tried the various options. However, nothing worked. I find that the LAN's Automatic configuration options lead to Zscaler site. Any idea to regain my internet freedom.

Tor failed to establish a tor network connection. Connecting to a relay directory failed (connection refused)

Subsequently I tried configuring the bridges but the connection never got established.

The error log is as below.

6/21/2017 13:03:24 PM.100 [NOTICE] DisableNetwork is set. Tor will not make or accept non-control network connections. Shutting down all existing connections.

6/21/2017 13:03:24 PM.100 [NOTICE] Switching to guard context "bridges" (was using "default")

6/21/2017 13:03:37 PM.500 [NOTICE] DisableNetwork is set. Tor will not make or accept non-control network connections. Shutting down all existing connections.

6/21/2017 13:03:37 PM.500 [NOTICE] Switching to guard context "default" (was using "bridges")

6/21/2017 13:03:37 PM.500 [NOTICE] DisableNetwork is set. Tor will not make or accept non-control network connections. Shutting down all existing connections.

6/21/2017 13:03:37 PM.500 [NOTICE] DisableNetwork is set. Tor will not make or accept non-control network connections. Shutting down all existing connections.

6/21/2017 13:03:37 PM.500 [NOTICE] Opening Socks listener on 127.0.0.1:9150

6/21/2017 13:03:37 PM.700 [NOTICE] Bootstrapped 5%: Connecting to directory server

6/21/2017 13:04:37 PM.700 [WARN] Problem bootstrapping. Stuck at 5%: Connecting to directory server. (Connection refused [WSAECONNREFUSED ]; CONNECTREFUSED; count 10; recommendation warn; host B44FBE5366AD98B46D829754FA4AC599BAE41A6A at 178.16.208.60:443)

6/21/2017 13:04:37 PM.700 [WARN] 9 connections have failed:

6/21/2017 13:04:37 PM.700 [WARN] 9 connections died in state connect()ing with SSL state (No SSL object)

6/21/2017 13:07:06 PM.900 [NOTICE] Closing no-longer-configured Socks listener on 127.0.0.1:9150

6/21/2017 13:07:06 PM.900 [NOTICE] DisableNetwork is set. Tor will not make or accept non-control network connections. Shutting down all existing connections.

6/21/2017 13:07:06 PM.900 [NOTICE] Closing old Socks listener on 127.0.0.1:9150

6/21/2017 13:07:06 PM.900 [NOTICE] Delaying directory fetches: DisableNetwork is set.

6/21/2017 13:08:55 PM.900 [NOTICE] DisableNetwork is set. Tor will not make or accept non-control network connections. Shutting down all existing connections.

6/21/2017 13:08:55 PM.900 [NOTICE] DisableNetwork is set. Tor will not make or accept non-control network connections. Shutting down all existing connections.

6/21/2017 13:08:55 PM.900 [NOTICE] DisableNetwork is set. Tor will not make or accept non-control network connections. Shutting down all existing connections.

6/21/2017 13:08:55 PM.900 [NOTICE] Opening Socks listener on 127.0.0.1:9150

6/21/2017 13:08:57 PM.700 [WARN] Problem bootstrapping. Stuck at 5%: Connecting to directory server. (Connection refused [WSAECONNREFUSED ]; CONNECTREFUSED; count 11; recommendation warn; host 7BE683E65D48141321C5ED92F075C55364AC7123 at 193.23.244.244:443)

6/21/2017 13:08:57 PM.700 [WARN] 10 connections have failed:

6/21/2017 13:08:57 PM.700 [WARN] 10 connections died in state connect()ing with SSL state (No SSL object)

6/21/2017 13:09:04 PM.600 [WARN] Problem bootstrapping. Stuck at 5%: Connecting to directory server. (Connection refused [WSAECONNREFUSED ]; CONNECTREFUSED; count 12; recommendation warn; host AEA43CB1E47BE5F8051711B2BF01683DB1568E05 at 37.187.7.74:443)

6/21/2017 13:09:04 PM.600 [WARN] 11 connections have failed:

6/21/2017 13:09:04 PM.600 [WARN] 11 connections died in state connect()ing with SSL state (No SSL object)

6/21/2017 13:09:04 PM.600 [NOTICE] Closing no-longer-configured Socks listener on 127.0.0.1:9150

6/21/2017 13:09:04 PM.600 [NOTICE] DisableNetwork is set. Tor will not make or accept non-control network connections. Shutting down all existing connections.

6/21/2017 13:09:04 PM.600 [NOTICE] Closing old Socks listener on 127.0.0.1:9150

6/21/2017 13:09:04 PM.600 [NOTICE] Delaying directory fetches: DisableNetwork is set.

Any help will be deeply appreciated.

Anonymous

June 18, 2017

Permalink

Now doesn't work after update.Tried reloading to different location. Still doesn't work. WILL YOU FIX IT PLEASE? It was ok before the update.

I guess you are on Windows and have some antivirus/firewall software installed? If so, then uninstall it and check whether that changes things. Often new major tor versions we ship in Tor Browser get prevented from starting by such kind of software. And, no, disabling the antivirus/firewall software might not be enough.

This has happened to me as well on a couple of the TOR updates and each time it has been Trusteer Rapport that has been blocking it starting up. Simply stopping Trusteer allowed TOR to load and run normally, but dont forget to start it again if you use another browser to do your online banking! The issue appeared to fix itself after a couple of weeks - don't know if it was an update from TOR or Trusteer that resolved it though.

Join the discussion...

This question is for testing whether or not you are a human visitor and to prevent automated spam submissions.

4 + 12 =
Solve this simple math problem and enter the result. E.g. for 1+3, enter 4.