New Release: Tor Browser 9.0.1

Tor Browser 9.0.1 is now available from the Tor Browser download page and also from our distribution directory.

Tor Browser 9.0.1 is the first bugfix release in the 9.0 series and aims to mostly fix regressions and provide small improvements related to our 9.0 release. Additionally, we are adding a banner on the starting page for our fundraising campaign Take Back the Internet with Tor.

Known Issue

For each new release, two members from our team are building the release separately and compare the result to make sure that it is reproducible. For the 9.0 and 9.0.1 releases, however, an issue that we are still investigating is making our build not completely deterministic. As a workaround for this issue, we had to do multiple builds until we got matching builds. You might need to do the same if you are trying to reproduce our build.

Note: due to some delay with the signing, the Android version is not yet available. We expect to be able to publish the signed Android version in a few hours. Update: the Android version has been published.


The full changelog since Tor Browser 9.0 is:

  • All Platforms
    • Update NoScript to 11.0.4
      • Bug 21004: Don't block JavaScript on onion services on medium security
      • Bug 27307: NoScript marks HTTP onions as not secure
    • Bug 30783: Fundraising banner for EOY 2019 campain
    • Bug 32321: Don't ping Mozilla for Man-in-the-Middle-detection
    • Bug 27268: Preferences clean-up
  • Windows + OS X + Linux
    • Update Tor Launcher to
      • Bug 32164: Trim each received log line from tor
      • Translations update
    • Bug 31803: Replaced about:debugging logo with flat version
    • Bug 31764: Fix for error when navigating via 'Paste and go'
    • Bug 32169: Fix TB9 Wikipedia address bar search
    • Bug 32210: Hide the tor pane when using a system tor
    • Bug 31658: Use builtin --panel-disabled-color for security level text
    • Bug 32188: Fix localization on about:preferences#tor
    • Bug 32184: Red dot is shown while downloading an update
  • Android
    • Bug 32342: Crash when changing the browser locale

November 06, 2019


George here, my Avira also said it detected a trojan (TR/Crypt.XPACK.Gen3) in file qipcap.dll on updating. What about this?

For watching videos, you might want to look at Tails (see, a free open source Linux distribution which provides current Tor Browser and many other useful things in an amnesia way. I think this may provide a significantly safer way to watch videos or do anything else which possibly requires dropping to "Standard" setting in Tor Browser.

(I am not affiliated with either Tails Project or Tor Project, but I use both Tails and Tor Browser.)


November 06, 2019


about:tor crashes Tor Browser 9.0.1 on Windows:
"Gah. Your tab just crashed. We can help! Choose Restore This Tab to reload the page."

I have same problem, is there a fix?

I think we don't know about this issue.

Is this an issue that is new with version 9.0.1, or did you have it with previous versions too? Is it an issue that happens every time you open the browser, or only sometimes? Do you have the issue on other pages than about:tor?

Also, are you using the en-US browser, or an other locale?


"Mozilla/5.0 (X11; Linux x86_64; rv:68.0) Gecko/20100101 Firefox/68.0"

8.0 bug


Why should Tor Browser report the real OS to sites? In terms of privacy, it doesn't make sense, and I don't care if the GNU/Linux "market share" "shrinks" as a result of more protection against fingerprinting.

May someone please answer about "Trojan Positive" in this release? I've tested on VM in Ubuntu, with two pro AV, both gave the same result.

Tested on VM - Windows10 - Avira AV - Detected Trojan on - "qipcap.dll"
Tested on VM - Windows7 - Norton AV - Detected Unsafe File -"qipcap.dll" (norton didn't detected as trojan, but as unsafe file, which mean it could be false-positive, or not...)

Many users have reported this but still no answer from anyone, and there are many answers on less important questions. This is something that should be tested and explained to users why it's happening, if that is false positive then why. As someone said, this totally ruin a TOR reputation, and I am sure nobody want's that. Thanks for your time and hard work to keep the online privacy possible for regular users.

"if that is false positive then why"
false positive
because AV is a piece of crap

"but still no answer from anyone"
because they are tired answering stupid questions

same security warning with me. Avira sanitized qipcap.dll. Trojan or false positive?

If you downloaded Tor Browser from the torproject website, then this is a false positive. Some antivirus consider that files that have not been seen by a lot of users are suspicious.

Please bring back the "Do not check for updates"
Very tired of having to rebuild a previous version thanks to bugs in latest release e.g. Noscript does not work in 9.01

It should be possible to select in the preferences: "Check for updates but let you choose to install them".

Do you have more details about the noscript issue?

I have checked the preference for "Check for updates but let you choose to install them".
Tor still automatically installs 9.01, and wipes out all my settings as well.

"should be possible to select in the preferences: "Check for updates but let you choose to install them"."

Is 9.0.1. still Phoning Home everytime you open the Preferences menu?
When yes this would be .....very ...inconvenient.

If you really wan't to bring back "Do not check for updates",
"Check for updates but let you choose to install them" is in NO way
the same.
Everytime the user is opening about:preferences/Tools->Options, 'Security Level',
TBB is phoning home! This isn't funny. Do you wanna have the user is trusting you?
The same s..t you have with vanilla Firefox.

+1 - "Do not check for updates" much appreciated.
i don't wanna ping you every launch of TBB!
i've tried different settings in about:config and there's still this update prompt.
how to disable TBB version check?
extensions.torbutton.versioncheck_enabled;false does not work!

"See how Tails is disabling the updates"

Ok -i hope it works.
But, why torproject and Mozills Corp. think all Torbrowser users, all
Firefox users want to ping yourand their servers, everytime they open Options
or 'About Tor Browser'?
Without loosing trust because it's US-software under US-law?
Can you explain that, why there is no simple No Update option? Logically(-:?

You can read the discussions in the mozilla ticket where they implemented this:

+1: how to?

>Can you explain that, why there is no simple No Update option? Logically(-:?
>You can read the discussions in the mozilla ticket where they implemented this

Clap, clap (-:, i have read it. If the distributors don't want explain, don't want discussion, they shouldn't pretend they wan't.
They don't want because there is NO logical explanation why users should accept they have no choice. Manually update shouldn't be sport.
The spirit of Tor - you should know this. It is not much space between trust and distrust.

We did not decide to remove this option. Mozilla did it, and they explained why.

I don't really like it myself, but there are still some ways to do it, although not as easy as before. I think it's not perfect, but we don't have unlimited time, and already many other things to work on, so if someone who think that's important wants to spend the time to investigate this and document the best way to do it, then that would be useful.

ok, i surrender.
i've copied an edited pref.js file into .../tor-browser_en-US/Browser/TorBrowser/Data/Browser/profile.default
before firstrun of a TBB 9.0 and tried to disable 'check for updates' with this varying settings:

user_pref("", false);
user_pref("app.update.disabledForTesting", true); boolean; DOES NOT EXIST in TBB 9.0
user_pref("app.update.doorhanger", false);
* user_pref("app.update.enabled", false); boolean; DOES NOT EXIST in TBB 9.0

user_pref("app.update.url", ""); or "/dev/null"
* user_pref("app.update.url.details", ""); or "/dev/null"
* user_pref("app.update.url.manual", ""); or "/dev/null"

* user_pref("extensions.torbutton.versioncheck_url", ""); or "/dev/null"

* user_pref("browser.policies.testing.disallowEnterprise", false);

there is no update prompt anymore but still showing the
'Update to 9.0.1' button in about:preferences and the best:
it downloads (!) the update from somewhere even if ALL urls in about:config are deleted.

is there a hidden fallback url or WHAT IS IT that still checks and even downloads an update?

exact advices please!

NoScript does work on 9.0.1 but it is not displayed on toolbar and has to be added manually

Xpack.gen3 discover in update by several antivir applications!

хорошее обновление

Where are my bookmarks, I've tried all the steps that are supposed to restore them, I can't even restore from a back up

Hey Tor Project, i'm french.
Your wallpaper take back the internet with Tor & theme are ++++ beautifull!!
Thank for the général évolution of Tor!
French user

There seems to be a bug where launching tor from the gui shortcut in Ubuntu hangs for the longest time. Sometimes as long as 10 minutes before the connection dialog begins. It's affected me since at least 2 or 3 updates ago.


We have this ticket for this issue:

This should be fixed in the next alpha.

Why sometimes using Tor Browser, it's window size suddenly change? Please fix this.

Do you have some steps we can use to reproduce this issue ?

I had to manually install the noscript browser extension to use noscript. Should this have been necessary and why was Noscript removed from the new tor release?

noscript is still included. What has been removed is the toolbar button, as not all options from this button are safe to use. It is however possible to add it back by selecting "Customize" in the hamburger menu.

We have some plans to implement per-site security settings support which should remove the need for the noscript button:

The "about:tor" page crashes even on fresh install of Tor Browser 9.0.1 on Windows 10 Release 1903 32-bit :
"Gah. Your tab just crashed. We can help! Choose Restore This Tab to reload the page."

Sadly Tor Browser has become really frustrating :

  • Permanent letterboxing, when Firefox does it right, only on page load.
  • Obscure management of cookies.
  • Low privacy settings, example: network.http.referer.XOriginPolicy = 0!
  • NoScript is garbage and has an awful UI. Should be replaced with uBlock Origin by default.
  • NoScript and HTTPS Everywhere icons are hidden by default on fresh install.

Did you have this issue in previous versions of Tor Browser, or is it new with 9.0.1?

Crash is new to 9.0.1, right after update, fresh install (new profile) also crashes. I didn't encounter any crash on 9.0.

versions prior to 9.0 YES were translated into Spanish

because versions 9.0 and 9.0.1 on android are not translated into Spanish..?

My proxy settings are getting reset with every manual update. Slightly annoying.

Join the discussion...

We encourage respectful, on-topic comments. Comments that violate our Code of Conduct will be deleted. Off-topic comments may be deleted at the discretion of the post moderator. Please do not comment as a way to receive support or report bugs on a post unrelated to a release. If you are looking for support, please see our support portal or ways to get in touch with us.

This question is for testing whether or not you are a human visitor and to prevent automated spam submissions.

2 + 5 =
Solve this simple math problem and enter the result. E.g. for 1+3, enter 4.