Tor Browser 7.0.8 is released

Tor Browser 7.0.8 is now available from the Tor Browser Project page and also from our distribution directory.

In version 7.0.7 we added a donation banner to point to our end-of-the-year 2017 donation campaign. This new release is fixing a bug which prevented the display of the banner.

The full changelog since Tor Browser 7.0.7 is:

  • All Platforms
    • Update Torbutton to 1.9.7.9
      • Bug 23949: Fix donation banner display
      • Update locale list with translated banner
      • Translations update

Yes, this update does not provide security improvements, so you can safely skip it. It was however important to fix the display of this banner as this donation campaign should be an important part of the funding for new security improvements.

Anonymous

October 25, 2017

Permalink

mozilla mismatch :
- punycod is set as false (checking if Tor is well configured ?).
- security.enable_tls : false (?).
- security.ssl3.rsa_des_ede3_sha : true (!!!).
- etc.
- still installed with the cookies ON (anonymity ?)
mozilla mismatch :
too many minimal settings : it is configured for windows & unsafe site not for a safe & secure surf.

Anonymous

October 25, 2017

Permalink

Didn't Paypal interfer with several political organisations, like blocking donations?
Those where unforgivable mistakes.
Why ignoring this political beaviour of Paypal for fill in a name your profile matches name sake?
Why? Why? Why?

PayPal is terrible (censoring wikileaks, and prosecuting anons who ddos'd them in response are just two of many examples) and should be anyone's last choice... but it is also the easiest or only way for some people to pay, so organizations that aren't currently banned would be foolish not to accept it when soliciting donations. If you go to wikileaks.org and click donate you'll see that even they are accepting paypal donations again these days!

Anonymous

October 25, 2017

Permalink

Hi Everybody,
i am using Tor Browser because of it´s possibility to do Internet-Actions as safe as possible. But sometimes it is nonsense if i can't reach my E-Mail Provider or Onlinebanking Account, even when i allow Scripts. What else can i do ?
(www.t-online.de)(www.santanderbank.de)

My donation without using paypall.

Given Torlink
https://trac.torproject.org/projects/tor/wiki/org/teams/CommunityTeam/S…

Hey, saving Bandwith saves money too!
"https.png" , 897 kb, could be less than 180kb
"circuit_full.png", 250kb, could be less than 60kb

That would make 0,240 MB instead of 1,147 MB. It would make 4,78 times less bandwith usage.
2.5 million Torbrowser users (we are all reading the blog and the Tor-wiki pages right?) makes a saving of 2.500.000 X 0,907 MB = 2.267.500 MB, is 2.267 Gigabyte data traffic less (at least, Just look for the big image ones in your website hosting collection and make them as small as acceptible, yes you can!)

Now you tell me what the saving in $ could be for Toproject,
or the environment (don't forget, especially nowadays).

:-)

Depending on what kind of hosting they're using, anywhere from $0 ~ $0.25.

Bandwidth is cheap. And 2GB is basically nothing.

Unless they're using a cellular data plan in Canada or something :P

Tor is an anonymity/privacy tool not a harden or a secure version of another browser : in fact, there are so many weakness settings that you can even surf to unsecure sites.
Your email provider works great with Tor but protonmail is a scam, untrust.
protonmail is compromised & works for at least Israeli govt (and another !)so with the nsa : do not have any doubt about that ...
I should have preferred you posted an onion link.
Tor provides (thx mozilla) some secure alerts/warnings.
Their free vpn (protonmail) is reserved only for their users ; it is yet suspicious and they ask javascript & tel , it is not at all an anonymous email provider , so using Tor and protonmail is not a good idea.
avoid

Anonymous

October 26, 2017

In reply to by Mr.Guido Naumann (not verified)

Permalink

Overall, be patient. If you use a web-based e-mail, e.g. Gmail, TB is not the best option for it. Instead, try a VPN. Any web-based mail tracks your activity, and you will be signing on from New Zealand, Hungary, and Spain in less than 30 minutes, raising unnecessary suspicions. You'll be getting messages from Gmail, Yahoo, or MSN, asking whether someone, somewhere around the globe, is using your account. If you have an e-mail provider, you can use an open-source e-mail client, e.g.,Thunderbird, and still be safely anonymous using TorBirdy.

Many banks don't allow sign-ins from Tor, proxies, or VPNs, but if your VPN has servers in different countries, you can set up your VPN client in the country you're in (I assume you're in the US). IMHO, TB is to be used for anonymizing your interaction with whatever needs to be hidden from prying eyes, i.e. accessing material that can be compromising. Yes, your mailing and banking activities need to be protected; however, TB is the wrong tool for that purpose. You want to use a 12 gauge shotgun to kill a fly, may or may not kill it, but the noise will attract unneeded attention upon yourself.

why not ?
if the banks or another services do not allow Tor , they do not allow vpn too !
they must adapt to their clients & respect privacy & anonymity.

Anonymous

October 25, 2017

Permalink

You appear to release updates very often now... i feel this is suspicious
Backdoors added?

who audits the source code for tor and tor browser?

You mean apart from those that work on tor and Tor Browser daily? I don't know but I hope many are doing it.

As to more frequent releases: that's expected we want to get newer tor versions and bugfixes earlier to our users. We currently envision to release a new Tor Browser every 4 weeks (instead of 6-8 weeks). The current update was necessary to fix a bug in our donation banner, alas.

If the goal was to add a backdoor, it would take only one extra update, or it could even just wait until the next natural update. Why would frequent updates be needed?

As for who audits the source code, many people read it. I don't know of any professional audits, but it's not like only the developers read it. I am not a core developer and yet I read Tor source code. And many people read the source code commits, which include simply differences between one version and the next, making it a lot easier to keep track of what is changing.

Anonymous

October 25, 2017

Permalink

In the past two releases, my noscript icon that is usually on the left next to the green onion moves to the right of the browser, but appears to function normally. Why is this happening? Anyone know?

Anonymous

October 25, 2017

Permalink

I hope more updates will come , especially security.I am paranoid on teh NSA (National Surveillance Agency)

It's not known yet whether the NSA is a global passive adversary or if they just sniff on the Tor relays using the Intel Management Engine and get cryptographic proof unlike probabilistic estimates with correlation attacks.

The NSA is not a GPA, although it tries to be. Saying global passive adversary is like saying computationally-unbounded adversary. It's a useful classification to specify threat model in research papers (as these papers require an insanely specific threat model, as opposed to common OPSEC). For example, the NSA may be able to tap major IXPs and may have compromised routers in many ASes, but do they have access to the connections between two small, arbitrary ISPs? Unlikely.

I am paranoid on…

If it's paranoia then you have nothing to worry about (your fear is irrational).

If you believe you've misused the term 'paranoid' and are being reasonably fearful, that's a different story.

Anonymous

October 25, 2017

Permalink

Hi Tor Team
First: Thx for givin us Tor, its great:)
But i cant print to file anymore, even its written, it should be possible. i see in the about config files, print to file is set to false, i thought thats maybe the bug and tried to put it to right, but it keeps jumping back to false and i cant print to file anymore (with and without restart), which i really like as an option in this fast living net, where a lot of interesting artcles just disappear ...
would be really thankful for an advice. Greets.
ps tried the security settings too, but that doesnt change the print to file possibilitiy too.

thank you gk, works like a charm:)
what does it make exactly to put the security level from 2 to 1?
Pascutto (https://bugzilla.mozilla.org/show_bug.cgi?id=1309205) writes:
"Disabling it makes Firefox much more vulnerable to exploits. Note that the change is limited to Nightly only and does not ride the trains."

and yes, shure, only linux on my machines:) i think ill put it back to 2 if not needed, but hope you ll find the time to fix this, cause print to file is vital. at least for me.
have a nice day!

Anonymous

October 25, 2017

Permalink

Just one thing; if you're going to change TBB into nagware, I will stop donating in the future.
I already donated several times and I don't need any nagware('donate us' image banner or something) in the browser.

Why the company doesn't understand that?

Anonymous

October 25, 2017

Permalink

More precisely: really small site -others too, no third-party-scripts, no or nearly no css, no like google or google inside. In a modern western country.
I often see lot of re-routing/relaychanging before site opens. Or after site is open, sometimes circuit/exit is long stable, sometimes not -same site each time. When Third-parties, they are,stay the same.
Looks like exits/Entry Guard/(middle?) is filtering? And there seems to be special
behaviour, timing, when exit/exit country is the same one.
.......................................................................................................................
https://blog.torproject.org/comment/272041#comment-272041
"open a site i see a lot of re-routing/relaychanging [...] site is open and after minutes circits are changing"
Answer:
https://blog.torproject.org/comment/272048#comment-272048
""complex sites like Google that reroute [...] circuit gets unusable [...] nothing which is unusual."

Anonymous

October 25, 2017

Permalink

Tor 7.0.8 on Windows crashes for me 100% of the time when opening a new tab. Also, it crashes when accessing Zion by any of its mirrors. Go to the mirror, enter the captcha, and watch the tab crash. After reloading the page or restoring the tab 2-3 times, the entire browser will crash.

WTF did you guys do to this release? 7.0.7 was totally fine.

The only thing we did was changing one line of code in Torbutton which is responsible for showing the donation banner once on startup (and we updated some translations). So, if you download a clean, new 7.0.7 (https://archive.torproject.org/tor-package-archive/torbrowser/7.0.7/) and a clean, new 7.0.8 (https://archive.torproject.org/tor-package-archive/torbrowser/7.0.8/) and you start both are you saying the former works fine and the latter is crashing?

I rather suspect this is related to your firewall/antivirus software on your computer. Do you have any of those (which one) and does it help if you uninstall it (disabling is often not enough)?

Anonymous

October 26, 2017

Permalink

Thanks for TB 7.0.8, a much better release than its predecessor. Smooth and relatively fast, within TB context. Go Tor!!! I encourage everyone to donate now to the "Mozilla-will-match-your-gift" campaign, doubling donations for The Tor Project, one of the few lines of defense we have against BB (Big Brother.)

Join the discussion...

This question is for testing whether or not you are a human visitor and to prevent automated spam submissions.

3 + 0 =
Solve this simple math problem and enter the result. E.g. for 1+3, enter 4.