New Release: Tor Browser 9.5.1

Tor Browser 9.5.1 is now available from the Tor Browser download page and also from our distribution directory.

This release updates Firefox to 68.10.0esr and NoScript to 11.0.32.

Also, this release features important security updates to Firefox.

The Windows installer is now code signed with a new Authenticode certificate. Please report any issues you encounter with this version.

The full changelog since Tor Browser 9.5 is:

  • All Platforms
    • Update Firefox to 68.10.0esr
    • Update NoScript to 11.0.32
    • Translations update
    • Bug 40009: Improve tor's client auth stability
  •  Windows + OS X + Linux
    • Bug 34361: "Prioritize .onion sites when known" appears under General
    • Bug 34362: Improve Onion Service Authentication prompt
    • Bug 34369: Fix learn more link in Onion Auth prompt
    • Bug 34379: Fix learn more for Onion-Location
    • Bug 34347: The Tor Network part on the onboarding is not new anymore

OP
my firewall is blocking everything except the traffic to my entrynodes.
tor is trying to connect to a random node once - no retry - short after launch and
before the firefox window pops up. happens within 'Bootstrapped 15%'.
there is no error message in the console. it looks like tor tries to send a ping.

95.128.43.164 not listed in torstatus
171.25.193.20
54.36.237.163
86.105.212.130
81.7.14.253
163.172.194.53
54.37.139.118
185.100.86.182
163.172.176.167
163.172.149.155
213.183.60.21
193.70.43.76
212.47.229.2
212.47.233.86
217.279.179.177 not listed in torstatus

Could you explain what you mean by "offline relay"? Do you mean that if a node drops off Tor Network a few minutes before a Tor client neccessarily using partially out of date information tries to reach out to it, that could appear suspicious to someone worried about "phoning home"?

OP
Browser Console error message:
[Exception... "Component returned failure code: 0x80004001 (NS_ERROR_NOT_IMPLEMENTED) [nsIAppStartup.secondsSinceLastOSRestart]" nsresult: "0x80004001 (NS_ERROR_NOT_IMPLEMENTED)" location: "JS frame :: resource:///modules/BrowserGlue.jsm
:: _collectStartupConditionsTelemetry :: line 1547" data: no]...............................BrowserGlue.jsm:1547:9

_collectStartupConditionsTelemetry resource:///modules/BrowserGlue.jsm:1547
BG__onFirstWindowLoaded resource:///modules/BrowserGlue.jsm:1649
BG_observe resource:///modules/BrowserGlue.jsm:847
_delayedStartup chrome://browser/content/browser.js:2127
_delayedStartup self-hosted:1003

_collectStartupConditionsTelemetry ???
are you collecting startup conditions information over a random tor circuit?

The default behavior of Firefox is to collect telemetry on users. Tor Browser disables that behavior, or at least tries to.

With every new Firefox release the telemetry gets more invasive. Tor team must review the code each time to remove the telemetry. While it is possible they might have missed something (because humans are fallible) simply having the word 'telemetry' in an output string doesn't mean its actually connecting to anything. They probably just forgot to remove that output.

More testing amongst many users would be good, to verify this is the case.

i configured my entrynodes. they were not selected randomly. i edited torrc and the state-file to:
Guard in=default rsa_id=...........nickname=example1.......
Guard in=default rsa_id=...........nickname=example2.......
Guard in=restricted rsa_id=......nickname=example1.......
Guard in=restricted rsa_id=......nickname=example2.......
there was no additional (or random) traffic necessary to fetch the concensus and this worked over years.
(i know a state-file in a fresh install is different to my one.)
my firewall (IP-based) is blocking this mysterious traffic. nothing else than my entrynodes are allowed.
happens on a fresh install too. it must have to do with your recent changes in 9.5.1. i never had this before.
either tor is trying to send a ping or tor is trying to send data to a collector service or tor tries to fetch some
additional information. TBB works properly without this traffic and i would like to know what it is and how to turn it
off.

This sounds like expected behavior. I'm surprised you haven't seen this previously. The way you are configuring the entry nodes does not enforce only using those nodes. Occasionally tor connects to other entry nodes (in addition to the nodes listed in the state file).

You don't, that is a terrible hack. Explicitly configure the nodes you want in the torrc file as EntryNodes. If you really, really only want to use a small set of entry nodes then use bridges.

OP
StrictEntryNodes 1 or StrictNodes 1 is not applied before, after EntryNodes, on top or at the bottom
of torrc or torrc-defaults. where to put this expression not to be ignored or break tor?

I am not sure about Tor Browser on some OS such as Windows, but Tails certainly expects users to use onion sites, for which it is important that the clock be accurate, so in past editions, when starting Tails, one could see NTP protocol while the Tor client was connecting to the Tor network. In more recent editions, everything seems to be going through Tor, so perhaps trying Tails (tails.boum.org) will alleviate these "phone home" concerns.

Anonymous

July 01, 2020

Permalink

The "important security updates to Firefox" link in the blog post seems to be broken.

Anonymous

July 01, 2020

Permalink

when i have the latest update, tor will not let me on. i am running Widows 7; is that a problem?

Anonymous

July 01, 2020

Permalink

Are updates automatically installed over the Tor network? Does the update installer honor configuration like bridges and proxies?

Yes, the update is downloaded over Tor (and the integrity of the downloaded file is checked before the update is applied). The update should not modify the configured bridges or proxies.

Downloading an update requires multiple steps. Every server is contacted as a DNS hostname (or IP address) over HTTPS, none of them use onion services (yet).
https://gitlab.torproject.org/tpo/applications/tor-browser/-/issues/172…

1) Tor Browser contacts server "A" and asks if an update is available. If there is an update, then server "A" responds with metadata about the update file (a URL for that file, the size of the file, the SHA512 hash of the file).
2) Tor Browser follows the provided URL and connects to server "B" and downloads the file
3) Tor Browser verifies the size of the file and sha512 hash of the file are as expected
4) Tor Browser verifies the cryptographic signature on the file. Tor Browser has two public keys hard-coded for which signatures on updates will be accepted.

The update is installed after all checks pass.

Anonymous

July 01, 2020

Permalink

This site glitches if I try posting a comment on the safest security level. I'm on Windows and using 9.5.1, but this issue has been around since 9.5.

This is unlikely to be fixed anytime soon (just as it hasn't been fixed in the last 3 years). Moving to a new blog platform is more likely. Javascript is a de facto requirement on the web now. If you don't want to browse the web with javascript enabled, then that is your choice. The Tor Project puts a lot of effort into making its websites operate seamlessly without javascript available, but sometimes that isn't possible. Unfortunately Drupal is a beast, and solving this problem is not easy. If you want to leave a comment but you don't want to enable javascript, then you should investigate using Tails.

(Not the OP)

I am using Tails 4.8 and just to be clear, to avoid getting caught in an endless loop in which the blog software tries to continually reload the page, you need to drop down from "Safest" to "Safer" in the Tor Browser.

However, I second the recommendation to use Tails (see tails.boum.org). Journalists, activists, political staffers, local and regional government officials, high school students, employees of companies fond of spying on their workforce, all kinds of people should use Tails for everything online (and probably many things offline too).

Anonymous

July 01, 2020

Permalink

Windows digital sign check fails for installer, proceed with caution until developers give explanations.

Anonymous

July 01, 2020

Permalink

Re-downloaded it today and passed the sign verification, I had the first download right after it appeared on https://dist.torproject.org yesterday but failed. But please explain why it originally failed and how the signing process works now.

Ah. I see. Yes, before the 9.5.1 was officially released the .exe installers were originally signed using the old signing certificate. This installers were re-signed with the new, valid certificate before the new version was announced.