New Release: Tor Browser 10.0.4

Tor Browser 10.0.4 is now available from the Tor Browser download page and also from our distribution directory.

This release updates NoScript to 11.1.5 and includes an important security update to Firefox.

The full changelog since Tor Browser 10.0.2 (Desktop) is:

  • Windows + OS X + Linux
    • Update NoScript to 11.1.5
    • Bug 40021: Keep page shown after Tor Browser update purple
    • Bug 40022: EOY November Update - Matching
    • Bug 40219: Backport Mozilla Bug 1675905
    • Translations update
  • Build System
    • Windows + OS X + Linux
      • Update Go to 1.14.11
      • Bug 40141: Include "desktop" in signed tag

The full changelog since Tor Browser 10.0.3 (Android) is:

  • Android
    • Update NoScript to 11.1.5
    • Bug 40022: EOY November Update - Matching
    • Bug 40106: EOY November Update - Matching
    • Bug 40219: Backport Mozilla Bug 1675905
    • Translations update
  • Build System
    • Android
      • Update Go to 1.14.11
      • Bug 40141: Include "android" in signed tag
Anonymous

November 10, 2020

Permalink

Hopefully this update will see a few issues removed from the very buggy and sketchy Android version. In relation to the tickets you have raised for said app, please DO NOT keep the permissions for camera, audio or fingerprint/biometric data. These permissions are undeed and adds huge attack vectors to an unstable app. If people need to take photos they can use the default camera app and clean the image in ObscuraCam, if people need to be audio recorded over the internet then they don't need Tor in the first place. The fingerprint/bio info also just adds another needless point of possible failure. Please completely remove the Google password saver, many people go through time and effort of custom ROM use in order to avoid Google, the last thing they need is for Google to pop up at one of the last points of contact. It was also said that the new app must be used for up to date protection, but isn't it majorly vunerable until the needless permissions get removed? Couldn't a malicious onion site try to access GPS and camera use? Could a malicious node take advantage of this in any way?
The lack of trust (and thus users) would lead me to also believe that these newer versions are more fingerprintable as the crowd of users is smaller, timed correlation attacks are probably going to be pretty easy for a while, or am I wrong?

What is you concern with the browser having access to the camera, audio, and biometrics? Do you think a website can gain access to these devices without receiving explicit permission from you?

On recent versions of Android, these permissions are not allowed by default. You will be prompted before the browser may use these features/devices and you can revoke permission at any time in Android's App settings.

Sysrqb what is wrong with you. The OP makes highly valid points about reducing various attack vectors, the very point of privacy and security hardening, and you brazenly ask him what his concern is?

Would you leave the front door to your home open at night? Leave a suitcase of cash open on the car seat? Take a leisurely walk in the ghetto at 3am? Have you lost your mind? Why intentionally dangle dangerous, risky settings that serve no viable purpose in a privacy browser?

"Your attitude is laudable Doctor, but your reasoning is reckless." --Spock

Yes, I'm sure it is more than possible for a malicious website to bypass the permission requests and gain ungranted access, previous versions didn't have these permissions and all those versions happen to work a hell of a lot better than the last two broken jumbles you've put out (half a year for THIS, really?) It will take another half year just to make it useable.
You also ignored my question about attackers having access to the GPS info (that you've apparently switched off but also made sure the end user can't check for themselves, apparently reading about:config is more of a risk than just hoping a glitchy new release happens to do as asked) You didn't respond about the lack of users making it more fingerprintable either, which leads me to believe that it is indeed more fingerprintable. Read the playstore reviews, most people install the update, realise its crap and then downgrade back to the working 68.10.1 version within 5 minute. You've really messed up with the mobile app, Guardian Project had more of an idea what to do. Either fix this mess or let us have Orfox back. Protect your users.

I did not ignore your question about attackers having access to the GPS info. On Android 6 and newer, you have control over which permissions are granted, and those permissions (including GPS) are not allowed by default.

https://support.google.com/googleplay/answer/6270602?hl=en

In addition, we will delete some of the requested permissions:
https://gitlab.torproject.org/tpo/applications/fenix/-/issues/40109

Access to about:config does not provide you with the transparency you believe it does. If you believe the preference values, then you must audit the code and confirm those preferences are used as expected, too. Exposing about:config only allows people to modify the browser such that they become more unique and fingerprintable.

We don't have any evidence that the biometrics make a user or their device more fingerprintable. If we did, then that functionality would be disabled. This is how Tor Browser is designed and it is how development works. Features in Firefox are kept in Tor Browser only when we're confident they do not leak or reveal unnecessary additional identifying information. Sometimes we miss a new leak, and we appreciate reports from anyone when they discover such an oversight.

I'm sorry you do not like the new app and the new interface, but this is the foundation we have for building a privacy-focused web browser that won't bypass a proxy and provides fingerprinting resistance. Using version 68.10.1 (or any 68 version) exposes you to the growing list of known vulnerabilities, and security is essential for privacy. Please keep this in mind.

Please report bugs and crashes so we can fix them.

Anonymous

November 10, 2020

Permalink

I need access to about:config. I need to configure it to use Orbot which connects over SOCKS to my censorship evasion tool. I can't do direct connections, the GFW doesn't like it. And bridges only work some of the time.

Anonymous

November 10, 2020

Permalink

And happiness spread throughout the land. All were content and snug in their beds.

Anonymous

November 10, 2020

Permalink

Hi,

Some features missing in android from the 9x series.

The UI added less convenience in the android clients in this version compared to v9x series, viz.

1. The print button as 'Save as PDF' is gone.
2. The `share` and other convenient icons in top of menu bar is gone.
3. Opening a new tab is a hassle in this version (`New Private Tab` is gone)
4. Dark theme is rigid without any customization possibility.
5. Extremely slow rendering compared to v9

6. The only upside is it is rarely crashing!

Cheers and stay sate

Join the discussion...

We encourage respectful, on-topic comments. Comments that violate our Code of Conduct will be deleted. Off-topic comments may be deleted at the discretion of the post moderator. Please do not comment as a way to receive support or report bugs on a post unrelated to a release. If you are looking for support, please see our support portal or ways to get in touch with us.

This question is for testing whether or not you are a human visitor and to prevent automated spam submissions.

3 + 3 =
Solve this simple math problem and enter the result. E.g. for 1+3, enter 4.