Tor Browser 3.5.2.1 is released

by mikeperry | February 15, 2014

The 3.5.2.1 release of the Tor Browser Bundle is now available on the Download page. You can also download the bundles directly from the distribution directory.

This release fixes the localization of the non-english bundles.

Please see the TBB FAQ listing for any issues you may have before contacting support or filing tickets. In particular, the TBB 3.x section lists common issues specific to the Tor Browser 3.x series.

Here is the list of changes since 3.5.2. The 3.x ChangeLog is also available.

  • All Platforms
    • Bug 10895: Fix broken localized bundles
  • Windows:
    • Bug 10323: Remove unneeded gcc/libstdc++ libraries from dist

Comments

Please note that the comment area below has been archived.

February 15, 2014

Permalink

nice fixing, hopefully the darknet will recover over time again after most sites are sadly gone for now :´(

February 15, 2014

Permalink

How do you disable the automatic updates? There's no longer a simple option to do that either, or are they automatically disabled now?

In your browser:

Edit » Preferences » Advanced » Update » Never check for updates (not recommended: security risk)

There seem to be a problem with the (New update) notice.

Firstly (TorBrowser updates:) are disabled by default when installing a new version
wich i think (Check for updates, but let me choose whether to install them) should be enabled by default.

Secondly, i never got any notice about the latest update about: Tor Browser 3.5.2.1
release. Only found this release because i keep myself regulary updated on this blog.

Hope you found this answer helpful, best regards

February 15, 2014

Permalink

What I don't understand, is how do you guys/gals released a update that was so obviously broken? Do you not fully test the builds before you release them?

I guess Tor people will just ignore my question, eh? Not like it would take more than 2 minutes for someone to describe the QC testing before each release.

But, I guess taking 2 minutes out of their life to let people know they're doing their job correctly is asking too much . . . sigh.

I guess it's far better to release a broken update then to describe how such a broken update was released, eh?

Hole in sand . . . meet Tor people . . . their head is looking for a place to locate.

If I knew I wouldn't have asked, twice.

There is only one passing mention of a ticket about this being Mozilla's fault. Nice to blame someone else, I guess. Mr. Perry stated they don't check for this issue.
https://trac.torproject.org/projects/tor/ticket/10895

I don't like relying *only* on the automated tests for TBB. Before each release is published at least *one* TBB team member person build it and test it out *themselves*.

I've been using Tor for more than 10 years, and I can count on (at least) one hand all the times TBB has been released in a *broken* state. That's really quite poor history of broken releases.

BTW, I'm the person who came up with the idea for TBB and I'm the first one to start creating it, then Mr. Murdock took over and created the first TBB. I'm also the person that came up with idea for updating TorButton (from it's original state years ago; during the Privoxy Tor years), and I started hacking on the original TorButton but I'm not good, so Mike took over.

A perfect example of this issue of continually releasing broken TBB's is *me* telling Mike over a period of 3 TBB releases that it's broken for Windows (TBB 3.0). And I even told Mike the changes that had to be made in TBB's Firefox. We'll, he didn't seem to care and it took me and lots of other people bitc*ing about it before Mike fix the issue. This was the issue when the new TBB 3.0 would start on Windows only to show a blank window.

And one time Mike even tried to claim a bug was a feature! When the TBB 3.0 wouldn't show the windows theme. Ugh.

I admire Mike _a lot_, I think he's a hero, but I also really dislike the way TBB gets released in a BROKEN, and how Mike is quite arrogant at times when he doesn't want to admit something is broken.

February 15, 2014

Permalink

Tor connects ok, but try to check status, or visit torproject and instantly get

Firefox can't establish a connection to the server at check.torproject.org.

or

Firefox can't establish a connection to the server at www.torproject.org.

why?

I can access torproject pages on the clearnet, just not through the TBB. Tor isn't blocked by my vc. I can access the onion sites, just not Tor (or google) the search facility on the TBB main page also bombs out.

February 15, 2014

Permalink

Hi there, I'm having problem connecting to tor network using the latest TBB. The browser just stuck at 'connecting to directory server' stage.Strangely TBB 3.5.0 works fine on this computer, but both TBB 3.5.2 and TBB 3.5.2.1 won't connect.

All three bundles using exactly the same settings (bridges,port, etc). I checked the log file, and found the following lines of interest:

Feb 16 15:02:08.000 [warn] We were supposed to connect to bridge '173.246.104.81:45698' using pluggable transport 'obfs3', but we can't find a pluggable transport proxy supporting 'obfs3'. This can happen if you haven't provided a ClientTransportPlugin line, or if your pluggable transport proxy stopped running.
Feb 16 15:02:08.000 [debug] channel_change_state(): Changing state of channel 00EA3C68 (global ID 0) from "opening" to "channel error"
Feb 16 15:02:08.000 [info] circuit_handle_first_hop(): connect to firsthop failed. Closing.
Feb 16 15:02:08.000 [info] circuit_build_failed(): Our circuit died before the first hop with no connection
Feb 16 15:02:08.000 [info] connection_ap_fail_onehop(): Closing one-hop stream to '$0000000000000000000000000000000000000000/173.246.104.81' because the OR conn just failed.
Feb 16 15:02:08.000 [debug] circuit_increment_failure_count(): n_circuit_failures now 1.
Feb 16 15:02:08.000 [info] circuit_get_open_circ_or_launch(): No safe circuit (purpose 5) ready for edge connection; delaying.
Feb 16 15:02:08.000 [info] connection_ap_make_link(): ... application connection created and linked.
Feb 16 15:02:08.000 [debug] connection_add_impl(): new conn type Directory, socket -1, address 173.246.104.81, n_conns 6.
Feb 16 15:02:08.000 [debug] fetch_bridge_descriptors(): ask_bridge_directly=1 (1, 1, 0)
Feb 16 15:02:08.000 [debug] directory_initiate_command_rend(): anonymized 0, use_begindir 1.
Feb 16 15:02:08.000 [debug] directory_initiate_command_rend(): Initiating server descriptor fetch
Feb 16 15:02:08.000 [info] connection_ap_make_link(): Making internal direct tunnel to [scrubbed]:47456 ...
Feb 16 15:02:08.000 [debug] connection_add_impl(): new conn type Socks, socket -1, address (Tor_internal), n_conns 7.
Feb 16 15:02:08.000 [debug] circuit_get_open_circ_or_launch(): considering 1, $0000000000000000000000000000000000000000
Feb 16 15:02:08.000 [debug] onion_pick_cpath_exit(): Launching a one-hop circuit for dir tunnel.
Feb 16 15:02:08.000 [info] onion_pick_cpath_exit(): Using requested exit node '$0000000000000000000000000000000000000000~0000000000000000000 at 23.239.140.214'
Feb 16 15:02:08.000 [debug] onion_extend_cpath(): Path is 0 long; we want 1
Feb 16 15:02:08.000 [debug] onion_extend_cpath(): Chose router $0000000000000000000000000000000000000000~0000000000000000000 at 23.239.140.214 for hop 1 (exit is 0000000000000000000000000000000000000000)
Feb 16 15:02:08.000 [debug] onion_extend_cpath(): Path is complete: 1 steps long
Feb 16 15:02:08.000 [debug] circuit_handle_first_hop(): Looking for firsthop '23.239.140.214:47456'
Feb 16 15:02:08.000 [info] circuit_handle_first_hop(): Next router is [scrubbed]: Not connected. Connecting.
Feb 16 15:02:08.000 [debug] channel_tls_connect(): In channel_tls_connect() for channel 00EA3C68 (global id 1)

Feb 16 15:03:36.000 [info] compute_weighted_bandwidths(): Empty routerlist passed in to consensus weight node selection for rule weight as guard
Feb 16 15:03:36.000 [info] smartlist_choose_node_by_bandwidth(): Empty routerlist passed in to old node selection for rule weight as guard
Feb 16 15:03:36.000 [info] should_delay_dir_fetches(): delaying dir fetches (no running bridges known)

I've been posting to both blogs and stack exchange for a few days, am still waiting for a response. Please, someone with technical background take a look at the logs and figure out what's going on with my TBB, any input would be greatly appreciated.

PS: I use win XP SP3 with all necessary patches, Kapasky AV. And I need to stress that TBB 3.5.0 works fine, but both TBB 3.5.2 and TBB 3.5.2.1 won't connect. That rules out network and hardware issues. All bundles passed the signature check.

February 15, 2014

Permalink

For those of us who were using TBB 3.5.2 before 3.5.2.1 was released, was our anonymity compromised?

As far as I can tell, this is not a mandatory update. Neither bug it fixes appears to be critical from a security POV. Nowhere in the release announcement does it say that "all users must" or "are strongly urged" "to upgrade as soon as possible". So, based on all appearances, those not affected can stay with 3.5.2.

I do think this should have been explicitly stated, though.

February 16, 2014

Permalink

AOL Mail is not working in any of these recent releases. I tried many ways. But it is working in older version of Tor Bundle. Please check and update. Thanks.

February 16, 2014

Permalink

I think we should incorporate vidalia, so it would be easier for people to ride a relay :/

February 17, 2014

Permalink

Is there a way to make Tor reconnect without closing the browser or chosing new identity?

if my connction suddenly drops i need always to wait until tor reconnects from alone.

Doesn't refreshing a page or loading new page revive the connection?

I recall that 2.x tbb would show disabled vidalia in systray (windows). "Waking" the dormant vidalia would noticeably delay page loading.
Now in 3.5.x, if I return to activity, there may be only a slight delay before new page loads, but loading seems far faster than when waking dormant vidalia in tbb 2.x.
Also my software firewall would popup alerts when 2.x awoke, but firewall does not popup alerts when 3.5 returns to activity after long inactivity.
3.5.x seems to never "fall asleep" like 2.x did.

February 17, 2014

Permalink

I appreciate all of the efforts that go into this product / service, but have to say that I find it very disconcerting when comments and questions go for 3 days without answers. I understand that this is not a 24/7 help / paranoid rant hotline, but I hope you understand that browser updates are emotional events to many - as much time gets spent on understanding the 'why' behind the update and the 'what' in terms of what are/were my vulnerabilities. Enough with my human element concern...

My technical concern is with how ticket 10419 was resolved. I did my homework in an attempt to address my own concern, but I do not understand how
https://trac.torproject.org/projects/tor/ticket/10419
was resolved. Even after also reading
https://trac.torproject.org/projects/tor/ticket/10682

Neither have a statement on how they were ultimately resolved. How can I verify if there is not a statement on how the issue was closed?

What was the fix for ticket 10419? The primary discussion seems to note that...
---------------------------------------------------------------------------------
# Prevent Internet sites from requesting LAN resources.
Site LOCAL
Accept from LOCAL
Deny
---------------------------------------------------------------------------------
...rule is already in NoScript and just needs to be enabed with noscript.ABE.enabled = true. My ABE shipped **DISabled**.

As I said, there is cross over with ticket 10682 which is also closed to just a reference to a repository - not an explanation as to how fixed.

Please help.

I'm not a TOR developer so this is a non-authoritative answer, but if you look further down the discussion, Mike Perry says he wants to avoid using NoScript to fix #10419 if at all possible, and whether emptying "network.proxy.no_proxies_on breaks CUPS" (which it doesn't apparently). I would infer from this that that was the fix. If you want to be able to use proxies on 127.0.0.1, see gk's comments 37 & 38 for how to change this setting (but note the caveat about potential fingerprinting risks).

Thanks. I am not interested in using TCC to configure local services and agree with Ticket 10419 comment that this is not the purpose of the tor browser. I, however, want to know that Ticket 10419 was resolved such that a site can't use connection attempts or element loads sourced for 127.0.0.1, as was

I read three solutions offered in ticket. I see none implemented in TBB 3.5.2.1 to support closing the ticket.

The no-Proxy solution was not implemented:
user_pref("extensions.torbutton.no_proxies_on", ""); ====>>>No
user_pref("extensions.torbutton.saved.no_proxies_on", ""); ====>>>No
user_pref("network.proxy.no_proxies_on", ""); ====>>>No

The ABE solution was not implemented:
noscript.ABE.enabled = true ====>>>No

Same for...
add "127.0.0.1" to the *no_proxies_on preferences in about:config ====>>>No

This was marked as a critical ticket and I see nothing to indicate that it is fixed.

Thank you.

Upon further review, I see how this was fixed. In earlier versions of TBB, prefs.js listed 127.0.0.1 against the network.proxy.no_proxies_on preference. The key word in the discussion is 'emptied', so 127.0.0.1 was emptied from the no_prox preference.

I appreciate your assistance, apologize for time spent on this, but still offer that clearer ticket resolution statements would save time for all. ;)

Thanks.

February 17, 2014

Permalink

  1. <a href="https://www.ssllabs.com/ssltest/analyze.html?d=torproject.org[/geshifilter-code" rel="nofollow">https://www.ssllabs.com/ssltest/analyze.html?d=torproject.org[/geshifil…</a>]</cite><br />
  2. <cite>The server does not support Forward Secrecy with the reference browsers. Grade reduced to A-.</cite></p>
  3. <p><strong>@mikeperry</strong> Please have the server admins enable [geshifilter-code]TLS_ECDHE_*
cipher suites to provide forward secrecy for as many visitors to Tor Project websites as possible.

February 17, 2014

Permalink

One TBB behaviour that continues to trouble me is that Firefox continues to try to connect to the internet. I use standard install on ubuntu with no add-ons (tor-browser-linux32-3.5.2.1_en-US.tar) and with js disabled in both NoScript and about:config.

I see additional changes with each update that improve browser isolation by disabling / blocking more auto-connect threats like blacklist updates, rule-set updates, safebrowsing reporting...etc...etc...

So with every new TBB release, I have renewed hope that Firefox will not go outside of the tor process with an internet connection attempt. Each release I allow tor to access the internet and firefox to access tor via 127.0.0.1. Each release I am either immediately or later disappointed when Firefox attempts its own internet connection.

My concerns...

1) Why does TBB continue to be released with default settings that allow Firefox automatically seek an internet connection? I can not imagine this not being noted in testing. What is trying to connect and what information is trying to be shared?

2) How many people trust any connections from TBB and allow both tor and TBB Firefox connections to outside world? Why is this not a significant security flaw? Tor works fine when I block these Firefox external connection attempts. I run a minimal ubuntu box with standard Forefox gutted to the best of my ability. I have a process connection map running and see that the Firexoz attempting to connect is from the TBB package.

3) If this behaviour is known and accepted, how do we know that connections are not being made and information being sent to unknown locations by Firefox through tor? This is something that I would never catch even with my layers of application and port level firewalls...

Sorry that I do not have Wireshark capabilities, but can not imagine that this behaviour is not seen on all installations.

Thanks for your efforts.

inside

Setup:
-Standard TBB installation (tor-browser-linux32-3.5.2.1_en-US.tar)
-No add-ons; js disabled in both NoScript and about:config
-Ubuntu 12.04

Problem Description:
-Start up TBB from command line: ./start-tor-browser
-Allow Tor connection through application and port level firewalls
-Monitor processes through netstat window
-Observe tor communicating with outside world
-Observe firefox on 127.0.0.1 ports communicating only with tor across 127.0.0.1:9150/9151
Problem (Attempt to Bypass Tor) => Sometimes sooner, sometimes later...I get an application level alert that Firefox is attempting to connect to the internet
-I deny this Firefox connection attempt
-Firefox continues working well over its 127:0:0:1 connection

Additional Detail:
-Firefox continues working well over its 127:0:0:1 connection after I block the direct connection attempt
-The Firefox PID given in the direct connection alert is the same TBB Firefox PID as in my netstat window, so this is not a non-TBB Firefox process

Concern:
-Something in TBB Firefox is connecting to internet outside of Tor without my direction or something in ubuntu is using TBB Firefox to connect to internet outside of Tor without my direction
-This connection is bypassing the tor proxy
-While I see this as a huge design flaw, it is actually fortunate for me that this connection attempt is bypassing tor, otherwise this connection (from ??? to ??? sharing ???) would occur through Tor and I would be oblivious to the occurrence. As it is occurring now, I am at least able to see the Firefox direct connection attempt and block it
-If individuals do not use application level access control or if they just allow Firefox connections believing that this is part of normal TBB operation, they may be vulnerable

Thanks

Follow-Up
---------------
-I am not a linux expert sadly and have no wireshark capabilities.
-After checking a few ubuntu sites for ideas, I ran a list of Firefox resources before and after the Firefox direct (non-tor) connection attempt alert
-These may all be normal or may be an effect and not the cause of the tor bypass

Before/after bypass connection (differences between lsof | grep firefox):
---------------------------------------------------------------------------------------------------------
(all start similar to: firefox 10265 username mem REG 8,1 10370 675699...)
/usr/share/locale-langpack/en_GB/LC_MESSAGES/pulseaudio.mo
/usr/lib/xxxx-linux-gnu/libcanberra-0.28/libcanberra-pulse.so
/home/username/.local/share/gvfs-metadata/root-xxxxxx.log
/usr/share/locale-langpack/en_GB/LC_MESSAGES/eog.mo
/usr/share/locale-langpack/en_GB/LC_MESSAGES/file-roller.mo
/home/username/.local/share/gvfs-metadata/root
/home/username/tor-browser_en-US/Data/Browser/profile.default/formhistory.sqlite
unix 0x00000000 0t0 132338 socket
/home/username/tor-browser_en-US/.cache/event-sound-cache.tdb.xxxx.xxxx-pc-linux-gnu
/home/username/.local/share/gvfs-metadata/root (deleted)
/home/username/.local/share/gvfs-metadata/root-xxxxxxxx.log (deleted)

Of immediate concern is that I use standard TBB install, meaning EN-US. Only my system, and now you, lol, know that I have an EN-GB language preference set.
References to /usr/share/locale-langpack/, /usr/lib/xxxx-linux-gnu/l, gvfs-metadata, and fileroller add to this concern.

I am no Ubuntu genius, but it sure appears that Ubuntu system processes are hooking TBB Firefox for updates.

"Ubuntu system processes are hooking TBB Firefox for updates.
tbb processes or tor?"
is tbb different from regular tor in that tbb sends _only_ torbrowser firefox through tor?

February 17, 2014

Permalink

It appears that cookies management is still broken. Why is this not a critical issue? How can I, the average user, see what cookies are available in memory and on disk? How can I verify that these are gone if I cant view them in the first place?

I have read some posts on this matter and do not see a good explanation and a good work around. I have current tbb on a unix platform.

This is a sensitive matter in light of Snowden reports on busting anonymity through cookie magic - from simple cookie tracking to the mysterious quantum cookie.

Regards.

February 19, 2014

Permalink

GMail is broken, when you allow apis.google.com in NoScript. When you login and GMail loads GTalk / Hangouts after showing the main window with your mails, the site redirect you to the login page and asks for your password again. This is an infinit loop. When you block the address it works fine. I found a similar behavior on eBay. Seems like a bug. This is very annoying. I would like to report this, but I don't understand the bug tracker system.

February 19, 2014

Permalink

HI TORPROJECT!

Where can I get a new Geoip file for Vidalia? (old file is October 2 2013)
I use Windows.
Thanks.

February 19, 2014

Permalink

so i upgrade to 3.5.2.1 but upon launching it it still says the browser is out of date. why should i trust this bundle if these simple things don't get fixed in about 4 days since it was released?

February 20, 2014

Permalink

What happened to the window where you can select relay options, new identity etc? I try using New Identity from Tor Button but that closes my open window and loses all tabs.

February 22, 2014

Permalink

-- SOUTION PROPOSAL TO WIKIPEDIA-with-TOR:
-
-
(Wanted to propose this at Wikimedia, sorry, but of course it won't allow editing via Tor :-)

++++++++++++++++++++++++++++++++++++
*** Have Wikipedia/media allow SQRL logins for users coming in from Tor exit nodes. ***
++++++++++++++++++++++++++++++++++++

SQRL is a new privacy-oriented authentication protocol that unlike the others involves no lousy 3rd party server storing secrets (that will be inevitably broken into and leak). It is pronounced "squirrel" and stands for "Secure, Quick, Reliable Login".

Essentially it works by authenticating to each web site with an automatically generated public key unique to that website.

The use of such a key means if the web site is broken into, the public key is of no use in correlating a user with other web sites that the same user also has authenticated to. Of course the user's possession of the private key proves they are the right person each time they authenticate. (It is made resistant to replay attacks).

By offering SQRL logins -- at least to Tor users -- Wikipedia will be able to track reputation to discourage vandalism. This is the same as what they currently do with IP addresses.

While no solution is perfect as seen by the existing vandalism despite Wikipedia's IP tracking, is this not way better than opening the floodgates to vandalism with no authentication of any kind?

Thank you.

February 22, 2014

Permalink

This FAQ item is a deal-killer for me:
Why does "New Identity" close all my open tabs?

I won't use the bundle until it's fixed, but frm checking the progress it doesn't look like it will be fixed any time soon. Pity.

This will *never* be "fixed" because the Tor people don't believe it's a bug, they call it a "feature."

While I agree it's good to have, users SHOULD be able to change routes to find faster nodes if they so choose. You can still do so with Vadalia, or, write a script to do so to send the NEWNYM signal to your Tor.

February 26, 2014

In reply to arma

Permalink

"because so many other things are on fire too."

May fix the ControlPort turnedoff PROBLEM in TAILS, too?
Since that Tor in TAILS is hard to use.
Granulate permission rights in Linux is more crippled as in windows?

Sorry, i'am not a programmer but without this normal Tor feature using Tor/TAILS
gets more and more useless.

February 22, 2014

Permalink

Shame the disable javascript button was removed. The https system just let me down badly by being partly enabled for javascript and allowing it to work on an onion site that detected it. https is an awful system for the non tech savy. Please bring back the "disable javascript' button to be certain of that security.

February 22, 2014

Permalink

Hi guys,
I hope that you can help me.
Every time I download the Tor Browser Bundle and open Tor Browser Install I get an error message which says: Error overwriting file:
C: Users\\Desktop\ Tor Browser\ Start Tor Browser .exe
same goes with: C: Users\\Desktop\ Tor Browser\ Browser\ firefox.exe
and C: Users\\Desktop\ Tor Browser\ Tor\tor.exe

I have this problem since TBB 3.5.2.1

Thanks guys for your replies

February 24, 2014

Permalink

Sorry too lazy to complete mandatory registration at bug tracker. This behavior is noticed only in TBB versions 3.5.2 and 3.5.2.1 Sometimes when started Tor Launcher shows up, progress bar zips past but after that Tor Browser window does not appear as expected. Nothing shows on taskbar. Two processes (firefox.exe and Tor.exe) running but no Tor Browser window. I have no idea how to replicate it or what causes it.

February 26, 2014

Permalink

I think I'm experiencing a regression in 3.5.2.1. With 3.5.2.1 panoptoclick shows my screen size as an odd value that makes me unique. With 3.5.2 it shows a value rounded to 100 and far more common. Is this a bug?

February 27, 2014

In reply to gk

Permalink

Ok, I extracted a fresh tar.xz and everything looks ok. I must have resized the window or something. A fresh download shows me nice round numbers at panoptoclick.

Thanks.

February 27, 2014

Permalink

Re: Screen size

Via ip-check.info my screen size has never been shown rounded to a 100.

Am I doing something wrong, or is this a bug with Tor or a feature of ip=check.info?

Is ip-check.info still plain 'ol unauthenticated, unencrypted http?

If so, how can you trust whatever it reports? An exit node could tamper with the content.

March 02, 2014

Permalink

it appears as though the 32-bit linux binary's signing key (63FEE659 for erinn clark) has not been added to the deb.torproject.org-keyring package.

it may be useful to include that key for users expecting her key to be among those included in the keyring package when they verify package signatures.

March 03, 2014

Permalink

Re Screen-size and the exchange of the 27th of last month

Pls help, I am confused.

You seem to be saying that with Tor the screen-size is rounded to 100.

I have just checked mine via Panoptoclick, with Javascript enabled and disabled, with both Tor 3.5.2 and 3.5.2.1.

With Javascript disabled it was not possible for Panoptoclick to detect the actual screen-size (ip-check.info can detect it).
With Javascript enabled, and with both Tor 3.5.2 and 3.5.2.1, Panoptoclick detected the screen-size- exactly the same screen-size as detected by ip-check.info.

In no case, neither with Panoptoclick nor with ip-check.info, is the screen-size shown as being rounded to 100.

Could someone else please perform the test on their computer and report the results?

Also, what is a tar.xz?

Thanks

Anon:

Can you download a fresh version of the Tor Browser Bundle and, without resizing or maximizing your window, see the results at Panoptoclick. The screen size should be multiples of 100.

tar.xz is the compressed file type for the Linux version of the TBB. (windows is released as .exe, and mac as .zip). By "fresh tar.xz" I just meant fresh download of the Tor Browser Bundle.

I did as you suggested and downloaded and installed a new version of 3.5.2.1 - no change at all.

Everything as reported in previous post: IP-check (with Javascript disabled) got my screen size, exactly the same size as Panopticlick with Javascript enabled. With JS diabled Panopticlick couldn't get it.

The screen size ascertained is not a multiple of 100.

Is there anything else that I can check/correct?

Thanks for your help.

Sorry, I forgot to say that I am not using Linux but Windows 7.

I don't know if that makes any difference and that TOR sizing windows in 100s only works with Linux.

March 06, 2014

Permalink

obtaining a new identity requires the browser to restart, along with any current downloads that may be running. how can i obtain a new identity while downloads continue?

March 09, 2014

Permalink

hi.
sometimes, after i run "tor" and after opening the tor browser, first of all, a message comes on the browser who tells "sorry, something went wrong" (something like that) that mean Tor is not protecting you, but in a second or two, the message does change and another one came up who tells an opposite thing: "congratulation....successfully". could you tell me is that safe to use tor after seeing this situation of not? is that a serious problem or just a simple bug?
thanks in advance Tor team :)

March 12, 2014

Permalink

"sometimes, after i run "tor" and after opening the tor browser, first of all, a message comes on the browser who tells "sorry, something went wrong""

Yes, it is a bug. It should say "sorry, everything went wrong with TOR"

March 18, 2014

In reply to mikeperry

Permalink

nothing Mr. Perry. as a matter of fact, i don't have knowledge of doing that kind of changes in proxies and other settings of dear TOR!
to be frank, sometimes i ask myself how could i use TOR if iranian gov't would've blocked TOR's servers and me, as an unprofessional user, should've go to the settings that you have told us to do so, in that case!
by the way, i thank you a lot TOR guys for doing this great and respectful job and making it possible for us to have a secure and free way to use internet. i really appreciate it :)

March 12, 2014

Permalink

Hi there !
I download the lastest update. Everything goes ok, I opened tor browser and when I want to access to a web site it takes ages to connecting and after a while I get that :

The connection has timed out

The server at startpage.com is taking too long to respond.

The site could be temporarily unavailable or too busy. Try again in a few moments.
If you are unable to load any pages, check your computer's network connection.
If your computer or network is protected by a firewall or proxy, make sure that TorBrowser is permitted to access the Web.

I don't understand, I a bit noob with Tor sorry :)

March 14, 2014

Permalink

Regarding screen size.

I am concerned that it seems to be implied that Tor 3.5.2 and 3.5.2.1 both produce a shown screen-size rounded to 100 but I don't get that with either ip-check.info or panopticlick.

Does anyone, apart from Anon at 27th February, get a rounded screen-size, or should I file a bug report?

A response from someone at Tor would be particularly helpful.

Thanks

March 17, 2014

In reply to gk

Permalink

GK

Thanks for your response. I read the bug report you mentioned. Since I am a relative newcomer to this and I am not very knowledgeable about the workings of computers/browsers/Tor I didn't follow what was said very well.

All I can say is that I have used Tor for about 18 months and have always used ip-check.info as a test, The screen-size (ip-check calls it Browser Window - inner size) has NEVER been rounded to 100.

For Tor versions 3.5.2 and 3.5.2.1 I have also checked it with Panopticlick and (with Javascript enabled) Panopticlick gives the same screen-size as ip-check. IP Check gets the screen size whether JS is enabled or disabled.

Sorry, the above may not be much help but if you can tell me what else to check or which settings to change, if any, I will.

Thanks for your help.

March 14, 2014

Permalink

every time I open the Tor Browser, the message that Tor does not work in the browser and I am not connected to the Tor network appears. Can anyone help me appear!

Try deleting your current Tor Browser and download it again. Make sure not to overwrite your previous Tor Browser, and make sure you are saving Tor Browser to somewhere in your user directory like your Desktop or Documents.