New Release: Tor Browser 10.5a12 (Android Only)

Tor Browser 10.5a12 is now available from the Tor Browser Alpha download page and also from our distribution directory.

Note: This is an alpha release, an experimental version for users who want to help us test new features. For everyone else, we recommend downloading the latest stable release for Android instead.

This release updates Fenix to 87.0.0-beta.2. Additionally, we update NoScript to 11.2.3 and Tor to 0.4.6.1-alpha.

Note: This is the first Tor Browser version that does not support version 2 onion services. Please see the previously published deprecation timeline.

The full changelog since Tor Browser 10.5a11 is:

  • Android
    • Update Fenix to 87.0.0-beta.2
    • Update NoScript to 11.2.3
    • Update Tor to 0.4.6.1-alpha
    • Translations update
    • Bug 40030: DuckDuckGo redirect to html doesn't work
    • Bug 40043: Rebase android-components patches for Fenix 87 beta 2 builds
    • Bug 40045: Add External App Prompt for Sharing Images
    • Bug 40150: Rebase Fenix patches to Fenix 87 beta 2
    • Bug 40361: Rebase tor-browser patches to 87.0b4
  • Build System
    • Android
      • Update Go to 1.15.10
      • Bug 23631: Use rootless containers
      • Bug 40016: getfpaths is not setting origin_project
      • Bug 40172: Move Gradle compilers out of android-toolchain to own gradle project
      • Bug 40241: Update components for mozilla87-based Fenix
PETER

March 23, 2021

Permalink

You still haven't removed the spyware level permissions, Tor activity on a browser which has GPS and microphone access is destin for failure. I know the GPS option is switched off by default but it's more than fair to assume that there are exploits for leveraging this in the wild. It's been a known issue since the end of last year so that has given hackers/blackmailers and agencies plenty of time to craft and trial various methods. Do something.

In more recent versions of Android (I think 8 and up, or so?), you can go in to settings and selectively override certain permissions of each individual app. On my phone (LineageOS) I have Tor Browser set to "always ask" for coarse location, fine location, camera, and mic.

https://web.archive.org/web/20210324174918/https://support.google.com/a…

BTW, the permissions are Mozilla's fault, not Tor Project's fault.

I hardly know what the heck this Tor browser is all about but I'm waiting for it because I know we need it. I have Cyberghost/VPN. Will that get in the way or help? I'm just an old gal who's pissed off at what's going on. Thanks for finding these bugs and such.

PETER

March 24, 2021

Permalink

Is it possible to change the SOCKSPort/ControlPort used by the alpha version so that it can run alongside the stable version? If I try to run both at the same time I get an error about "failed to bind to one of the listener ports". It would be nice if we could have both open at the same time.