New Release: Tor Browser 8.0a9

Tor Browser 8.0a9 is now available from the Tor Browser Project page and also from our distribution directory.

This release features important security updates to Firefox.

Tor Browser 8.0a9 is the first alpha release based on Firefox 60 ESR. We rebased all of our patches, updated our toolchains to pick up new requirements like Rust support, and fixed the most important usability issues and broken functionality.

We rely on your feedback to make Tor Browser better for users around the world. Releasing a Tor Browser alpha before each stable release gives us a valuable window of time to learn about and fix bugs before the stable release is used by millions.

New Features

If you are comfortable with Tor Browser, we need your help! This alpha has a lot of new features, including a couple major UX changes, and we want them to be in tip-top shape before the stable release hits this September. Here's a taste of what's new:

  1. Improved Circuit Display:

    We've heard a lot of confusion about how the first guard in the Tor Circuit Display stays the same for months, even if you select "New Identity." This is by design, so now, we're trying to to better communicate that to the user and better manage expectations about both "New Identity" and "New Tor Circuit for this Site."

  2. Onion Indicators:

    We're trying out a new system for indicating .onion sites' relationships to TLS certificates. We mapped all the current padlock states Firefox has for sites' TLS certificates, and from there, we've built a new system for communicating these states when they are related to .onion sites.

  3. New Locales: We added support for da, he, sv-SE, and zh-TW to give users speaking those languages an improved Tor Browser experience. The plan is to add even more locales once we are confident we can handle the additional load and disk space requirements.
  4. New Torbutton Icon: We replaced our old Torbutton icon with a shiny new one. That's the first step in redesigning Tor Browser icons and making them compatible with Firefox's Photon UI. There is more to come in the next alphas.
  5. Full Sandboxing Support for Windows: We are able to provide full content sandboxing support for 64bit Windows bundles now, thanks to the work done by Tom Ritter.

Additionally, we updated a number of components we ship: Tor to, Torbutton to 2.0.1, TorLauncher to, HTTPS-Everywhere to 2018.06.21, and NoScript to Expect more bugs than usual in this alpha.

Known Issues

We already collected a number of unresolved bugs in Tor Browser 8.0a9 and tagged them with our ff60-esr keyword to keep them on our radar. The most important ones are listed below:

  1. Meek is currently broken. We need to update the browser part for make it compatible with ESR60.
  2. On Windows localized builds on first start the about:tor page is not shown, rather a weird XML error is visible.
  3. Maybe related to 2) NoScript does not seem to work properly on Windows builds right now.
  4. We are not done yet with reviewing the network code changes between ESR52 and ESR60. While we don't expect that proxy bypass bugs got introduced between those ESR series, we can't rule it out yet.
  5. We disable Stylo on macOS due to reproducibility issues we need to investigate and fix.
  6. We ran into issues while creating the incremental update files. In order to avoid respinning yet another release candidate and redoing the signing work, we opted into patching our mar-tools locally. For those of you who want to reproduce our builds (please do!) bug 26472 has steps that explain what we did.

Give Feedback and Report Bugs

If you find a bug or have a suggestion for how we could improve these changes, please let us know. There are several ways you can reach us with feedback about this alpha including commenting on this post, emailing us at, or contacting the developers at the tbb-dev mailing list. We track all Tor Browser 8 related issues with the ff60-esr keyword in our bug tracker and are happy with bug reports, there, too. Be sure to include as many of these as possible:

  • Your OS
  • Tor Browser version
  • Step by step of how you got to the issue, so we can reproduce it (e.g. I opened the browser, typed a url, clicked on (i) icon, then my browser crashed)
  • A screenshot of the problem
  • The debug log
  • A descriptive subject line (if you're emailing us)

Thank you for your support!


Note: This alpha release is the first one that gets signed with a new Tor Browser subkey, as the currently used one is about to expire. Its fingerprint is: 1107 75B5 D101 FB36 BC6C  911B EB77 4491 D9FF 06E2. We plan to use it for the stable series, too, once Tor Browser 8 gets released.

The full changelog since Tor Browser 8.0a8 is:

  • All platforms
    • Update Firefox to 60.1.0esr
    • Update Tor to
    • Update Libevent to 2.1.8
    • Update Binutils to 2.26.1
    • Update Torbutton to 2.0.1
      • Bug 26100: Adapt Torbutton to Firefox 60 ESR
      • Bug 26430: New Torbutton icon
      • Bug 24309: Move circuit display to the identity popup
      • Bug 26128: Adapt security slider to the WebExtensions version of NoScript
      • Bug 23247: Show security state of .onions
      • Bug 26129: Show our about:tor page on startup
      • Bug 26235: Hide new unusable items from help menu
      • Bug 26058: Remove workaround for hiding 'sign in to sync' button
      • Bug 20628: Add locales da, he, sv, and zh-TW
      • Translations update
    • Update Tor Launcher to
      • Bug 25750: Update Tor Launcher to make it compatible with Firefox 60 ESR
      • Bug 20890: Increase control port connection timeout
      • Bug 20628: Add more locales to Tor Browser
      • Translations update
    • Update HTTPS Everywhere to 2018.6.21
    • Update NoScript to
    • Bug 25543: Rebase Tor Browser patches for ESR60
    • Bug 23247: Show security state of .onions
    • Bug 26039: Load our preferences that modify extensions
    • Bug 17965: Isolate HPKP and HSTS to URL bar domain
    • Bug 26365: Add potential AltSvc support
    • Bug 26045: Add new MAR signing keys
    • Bug 22564: Hide Firefox Sync
    • Bug 25090: Disable updater telemetry
    • Bug 26127: Make sure Torbutton and Tor Launcher are not treated as legacy extensions
    • Bug 26073: Migrate general.useragent.locale to intl.locale.requested
    • Bug 20628: Make Tor Browser available in da, he, sv-SE, and zh-TW
      • Bug 12927: Include Hebrew translation into Tor Browser
      • Bug 21245: Add danish (da) translation
  • Windows
  • OS X
    • Bug 24052: Backport fix for bug 1412081 for better file:// handling
    • Bug 24136: After loading file:// URLs clicking on links is broken on OS X
    • Bug 24243: Tor Browser only renders HTML for local pages via file://
    • Bug 24263: Tor Browser does not run extension scripts if loaded via about:debugging
    • Bug 24632: Disable snowflake for now until its build is fixed
    • Bug 26438: Remove broken seatbelt profiles
  • Linux
    • Bug 24052: Backport fix for bug 1412081 for better file:// handling
    • Bug 24136: After loading file:// URLs clicking on links is broken on Linux
    • Bug 24243: Tor Browser only renders HTML for local pages via file://
    • Bug 24263: Tor Browser does not run extension scripts if loaded via about:debugging
    • Bug 26153: Update selfrando to be compatible with Firefox 60 ESR
    • Bug 22242: Remove RUNPATH in Linux binaries embedded by selfrando
    • Bug 26354: Set SSE2 support as minimal requirement for Tor Browser 8
  • Build System
    • All
      • Bug 26362: Use old MAR format for first ESR60-based alpha
      • Clean up
    • Windows
      • Bug 26203: Adapt tor-browser-build/tor-browser for Windows
      • Bug 26204: Bundle d3dcompiler_47.dll for Tor Browser 8
      • Bug 26205: Don't build the uninstaller for Windows during Firefox compilation
      • Bug 26206: Ship pthread related dll where needed
      • Bug 26396: Build libwinpthread reproducible
      • Bug 25837: Integrate fxc2 into our build setup for Windows builds
      • Bug 25894: Get a rust cross-compiler for Windows
      • Bug 25554: Bump mingw-w64 version for ESR 60
      • Bug 23561: Fix nsis builds for Windows 64
      • Bug 23231: Remove our STL Wrappers workaround for Windows 64bit
      • Bug 26370: Don't copy msvcr100.dll and libssp-0.dll twice
      • Bug 26476: Work around Tor Browser crashes due to fix for bug 1467041
      • Bug 18287: Use SHA-2 signature for Tor Browser setup executables
    • OS X
      • Bug 24632: Update macOS toolchain for ESR 60
      • Bug 9711: Build our own cctools for macOS cross-compilation
      • Bug 25548: Update macOS SDK for Tor Browser builds to 10.11
      • Bug 26003: Clean up our mozconfig-osx-x86_64 file
      • Bug 26195: Use new cctools in our macosx-toolchain project
      • Bug 25975: Get a rust cross-compiler for macOS
      • Bug 26475: Disable Stylo to make macOS build reproducible
    • Linux
      • Bug 26073: Patch tor-browser-build for transition to ESR 60
      • Bug 25540: Stop building and distributing sandboxed tor browser
      • Bug 25481: Rust support for tor-browser and tor

June 27, 2018


Cloudflare`s serves CAPTCHAs when browsing websites with this alpha release but not with the stable release, why?


June 28, 2018

In reply to by Anonymous (not verified)


It does surprise me that the UA has been changed in this release since that makes it stand out from stable Tor Browser as well as (presumably) Orfox. Tor Browser used to always give the same user agent indicating Windows 7 regardless of the true OS, but now my user agent does show my OS.

Found the bug, I think:


June 27, 2018


Finally! Been waiting for a first Torfull encounter with ESR60 for months now! Thanks to Tom Ritter for doing the fantastic tireless work on getting sandboxing to Windows, will save countless souls quiet literally! :)

> Linux

> Bug 26153: Update selfrando to be compatible with Firefox 60 ESR

Thanks a ton as well for not forgetting about SelfRando!

Thanks again to the team for the great work, we'll support you as much as we can! <3


June 27, 2018


Very nice update, it's all running good and smooth, but I go to and the shocker comes when seeing that my user agent LEAKS MY OS even with JS disabled o_0 PLEASE FIX ASAP!!!! NEEDS TO BE SET TO WINDOWS!!!

Btw keep getting this:

JavaScript error: moz-extension://{NoScript UUID}/bg/RequestGuard.js, line 280: Error: Could not establish connection. Receiving end does not exist.

Regarding the User Agent that's expected as we hardly can hide the OS differences anyway and spoofing the User Agent has dramatic usability penalties depending on the platform. E.g. if we'd use the traditional Windows UA for Tor Browser for Android then all mobile users would suddenly get desktop pages on their phones essentially breaking the browsing experience.
Another example: It turns out that Google Docs break for Mac users as the respective Ctrl key is not working anymore.

So, the idea was to just report the OS and give up spoofing it in the User Agent. I am not sure about the architecture, though, yet. We have for the whole discussion.

Regarding the RequestGuard error: I Opened

I can understand the reasoning when it comes to mobile, but why just give up the spoofing among desktop OSs just because it's imperfect? I doubt most websites use the advanced OS detection techniques - I've been using Tor Browser for years and all the websites that used OS detection thought I was using Windows (which is not what I actually use). I'm sure many 3rd party trackers themselves are more advanced and detect both the actual OS and the spoofing however I doubt a lot of them penalize the user somehow for it.

perhaps discussed in those bugtracs, but...

- the android code is already much different from Windows code
- incorporate ua spoofing into one of groupings in the security slider?

No, the security slider is for *security* trade-offs and has nothing to do with enabling or disabling fingerprinting etc. (in general *privacy*) features. We won't mix both.

True. As mentioned in the trac ticket, while font fingerprinting defenses are not perfect, they're perfect enough for JS disabled users and a bunch of other sites and trackers that don't employ OS detection in the first place. The solution ought to be: "Hey let's ameliorate font and OS fingerprinting defenses! In the meantime keep the UA the same since it's simple to do!" rather than the defeatist "Look, we will always lose, we can do nothing, put fire in your clothes and reveal your OS to everybody".

Bug: If you open an image like… then it doesn't get displayed in the center, something seems broken

Please add the light and dark themes that were added in FF53

We ship with whatever Firefox ships by default. If the user wants to customize their Tor Browser it's up to them. However, please note that those customizations might make it easier to fingerprint users.

The built in light and dark themes shouldn't affect fingerprinting as AFIK they are based on the old personas system. Changing the density probably would due to window size changes.

But never mind, they are there. It just took a 2nd restart of TB for them to appear for some reason.


I'm just a casual and regular user of Tor Browser but I'm so excited about this update. Another humongous THANK YOU from this global citizen.

I miss my green onions! Panicking all the time that my browser has slipped out of TOR. Can you change the gray onion icon to a colored one? It disappears in my peripheral vision if its the same as everything around it. Green for on?

Thanks for the feedback, noted. We are trying to adapt our icons and logos to the new Firefox Photon design and this alpha is the first start in doing so. We'll see how we adjust things so that hopefully everyone will be happy about the final result.

On Windows, the new Torbutton icon looks tiny and slightly pixelated compared to a screenshot in this ticket:

"that hopefully everyone will be happy about the final result."

Mozilla seems to have same kind of problems:……

Thank You to everyone who has been working so hard to get us up to speed w/ 60. I can't believe it's finally here! I'm sure you'll get a lot of complaints about the UI especially by the time September rolls around, so be ready for that. Anyway, I just wanted to say "Thank You" and keep up the good work!

Good afternoon! The new design of Tor 8.0a9 is absolutely disgusting! The new version of Tor threw me all the settings, plus required the reinstallation of all add-ons! This is swinishness! Thank you for disrespect!

Which new design do you mean? The one that Firefox ships? That's hardly a thing we can change. Tor Browser is not touching any of your customizations. In particular, it does not touch any of your extensions. Could you give us some steps to reproduce your issue? In particular, which extensions got lost during the update? On which platform? Etc.

Looking For Android browser ver google

> Full Sandboxing Support for Windows: We are able to provide full content sandboxing support for 64bit Windows bundles now, thanks to the work done by Tom Ritter.
You need to enable SEH like in libstdc++ to say "Full Sandboxing Support".

SEH support is orthogonal to full content sandboxing. But, yes, we should think about adding the former to our 64bit builds.

> Known Issues
OMG!!! Finally, it's added to the official post! Keep up this best practice!

> We ran into issues while creating the incremental update files.
Full update got stuck at "Connecting to the update server..." after partial update failed.
'About Tor Browser' menu didn't show any update in progress.
After pressing 'Hide' button, TBB started to dl the update!
But got stuck at 15 MB when I opened 'About Tor Browser' menu.
After closing and reopening it, it showed it had started to dl from 0 MB.
That looks like some incompatibility between your and FF's update mechanisms.

We are using Firefox's updater. I guess you have trouble with your network connection which makes it hard to download the big updates (even the incremental ones are several dozens of MBytes this time). Not sure what we could do about that, though.

No, it looks like your bug (2 calls) ;)
AUS:SVC Downloader: cancel
AUS:SVC UpdateService:downloadUpdate - no support for downloading more than one update at a time

Well, that indicates that a download is already ongoing and I think it's not unreasonable to not allow download a second update in parallel. Or are you indicating there is a bug somewhere else? If so, could you give us steps to reproduce it?

It got stuck downloading - that's all what a user see.
What makes it think it's downloading something twice is unknown.
Intermittent bug.

Windows 10 win64 full update failed:
The Update could not be installed (patch apply failed)

I guess that's It should work eventually but for some reason the update is failing intermittently. Could you report back when you get the update properly applying at last?

full update failed on win64 and logged only this:
failed: 19

I guess that's It should work eventually but for some reason the update is failing intermittently. Could you report back when you get the update properly applying at last?

It is a clean 8.0a7 -> a8 ->a9, no obfs4 or anything.
Updater logs that hashes match every time.
Deleting UpdaterInfo folder doesn't help.
It doesn't look intermittent.
partial -> full -> partial -> full ->... boring... (4 cycles with no luck, what to investigate?)
(Does this cert check require an internet connection?)

Looks like a race condition as it doesn't happen on slow machines.

It is unmaintained and the original maintainer therefore asked us to stop building and distributing it. See:

> Bug 26204: Bundle d3dcompiler_47.dll for Tor Browser 8
The latest version of this file seems to be v. 10.0.15063.675, please, update.

You mean that's the latest version Firefox ships? Because we think about following Mozilla in what they ship in ESR 60.

No, that's the latest security update of 15063 branch. Firefox ships 10.0.15063.674. Why do you think about following Mozilla in what they call security? It's unacceptable for security-conscious software. And it is solely your responsibility to provide security updates for all bundled software you ship.

Seems ANGLE is broken:
Error: WebGL warning: Unable to restrict WebGL limits to minimums. Troubleshoot.jsm:525:18
Error: WebGL warning: Failed to create WebGL context: WebGL creation failed:
* Troubleshoot.jsm:525:18
8.0a8 works.