Tor Browser 4.5.1 is released

A new release for the stable Tor Browser is available from the Tor Browser Project page and also from our distribution directory.

Tor Browser 4.5.1 is based on Firefox ESR 31.7.0, which features important security updates to Firefox.

The 4.5.1 release also addresses several regressions and usability issues discovered during the 4.5 release. The most notable change is that we have slightly relaxed the first party isolation privacy property, due to issues encountered on several file hosting sites as well as other sites that host content on multiple subdomains. Tor Circuit use and tracking identifiers are now all isolated to the base (top-level) domain only, as opposed to the full domain name. This change is also consistent with the browser URL bar - isolation is now performed based on the bold portion of the website address in the URL bar.

We also have temporarily disabled the NoScript ClearClick clickjacking protection, as it was experiencing false positives due to changes in Tor Browser that cause errors in NoScript's evaluation of the content window. These issues were most commonly experienced with ReCaptcha captcha input, but occurred elsewhere as well.

With this release, 4.0 users will now be updated automatically to the 4.5 series.

Note to MacOS users: The update process for Mac OS 10.6 and 10.7 users will unfortunately not be automatic. You will be instructed to perform a manual download instead. Moreover, as of this release, 32 bit Macs are now officially unsupported. For more information, see the original end-of-life blog post.

Here is the list of changes since 4.5:

All Platforms
- Update Firefox to 31.7.0esr
- Update meek to 0.18
- Update Tor Launcher to 0.2.7.5
  - Translation updates only
- Update Torbutton to 1.9.2.3
  - Bug 15837: Show descriptions if unchecking custom mode
  - Bug 15927: Force update of the NoScript UI when changing security level
  - Bug 15915: Hide circuit display if it is disabled.
  - Translation updates
- Bug 15945: Disable NoScript's ClearClick protection for now
- Bug 15933: Isolate by base (top-level) domain name instead of FQDN
- Bug 15857: Fix file descriptor leak in updater that caused update failures
- Bug 15899: Fix errors with downloading and displaying PDFs
Windows
- Bug 15872: Fix meek pluggable transport startup issue with Windows 7
Build System
- Bug 15947: Support Ubuntu 14.04 LXC hosts via LXC_EXECUTE=lxc-execute env var
- Bugs 15921+15922: Fix build errors during Mozilla Tryserver builds

Thank you.

I wanna thank anyone and

I wanna thank anyone and everyone involved in help provided to keep what we say and do private. From regular Joe's like me to other's who must be incognitoI once again thank everyone for what do.

This happened also on

This happened also on previous updates.

When tor is updated, timestamp on log output wrap
to UTC time (I assume)

[geshifilter-code]
May 13 06:28:06.000 [notice] Tor has successfully opened a circuit. Looks like client functionality is working.
ERROR: Error verifying signature.
ERROR: Not all signatures were verified.
May 13 07:37:27.000 [notice] Owning controller connection has closed -- exiting now.
1431491849254 addons.update-checker WARN HTTP Request failed for an unknown reason
1431491849255 addons.update-checker WARN HTTP Request failed for an unknown reason
1431491849255 addons.update-checker WARN HTTP Request failed for an unknown reason
1431491849256 addons.update-checker WARN HTTP Request failed for an unknown reason
May 13 04:37:30.136 [notice] Tor v0.2.6.7 (git-ac600bec40c14864) running on Linux with Libevent 2.0.21-stable, OpenSSL 1.0.1m and Zlib 1.2.3.3.
May 13 04:37:30.136 [notice] Tor can't help you if you use it wrong! Learn how to be safe at https://www.torproject.org/download/download#warning
[/geshifilter-code]

Are you concerned about the

Are you concerned about the errors? They are essentially false positives as the MAR files are not signed with the first key that is included in the source but the second one in these cases. See: https://bugs.torproject.org/15532.

Are you concerned about the

Are you concerned about the errors? They are essentially false positives

You mean that

ERROR: Error verifying signature.<br />
ERROR: Not all signatures were verified.<br />
May 13 07:37:27.000 [notice] Owning controller connection has closed -- exiting now.<br />

OK.

When tor is updated,

When tor is updated, timestamp on log output wrap to UTC time (I assume)

Of couse log output timestamp return to correct when tor is manually restarted.

<br />
May 13 04:37:31.000 [notice] Bootstrapped 100%: Done<br />
May 13 04:37:32.000 [notice] New control connection opened from 127.0.0.1.<br />
May 13 04:37:32.000 [notice] New control connection opened from 127.0.0.1.<br />
May 13 04:44:27.000 [notice] Owning controller connection has closed -- exiting now.<br />
<b>removed</b>:~$<br />
<b>removed</b>:~$ tor --verbose<br />
May 13 07:44:40.550 [notice] Tor v0.2.6.7 (git-ac600bec40c14864) running on Linux with Libevent 2.0.21-stable, OpenSSL 1.0.1m and Zlib 1.2.3.3.<br />
May 13 07:44:40.550 [notice] Tor can't help you if you use it wrong! Learn how to be safe at <a href="https://www.torproject.org/download/download#warning
May" rel="nofollow">https://www.torproject.org/download/download#warning<br />
May</a> 13 07:44:40.550 [notice] Read configuration file "/home/<b>removed</b>/.tor-browser/Browser/TorBrowser/Data/Tor/torrc-defaults".<br />

Seems that tor does not preserve timezone information when it restarts itself?

There is no TZ variable in the environment (when tor is started from command line).

Also seems that tor browser

Also seems that tor browser (that version and previous version) also crashes sometimes.

<br />
(firefox:5265): GStreamer-CRITICAL **: gst_plugin_feature_get_name: assertion `GST_IS_PLUGIN_FEATURE (feature)' failed<br />
/home/<b>removed</b>/bin/tor: line 368:  5265 Segmentation fault      TOR_CONTROL_PASSWD=${TOR_CONTROL_PASSWD} ./firefox --class "Tor Browser" -profile TorBrowser/Data/Browser/profile.default "${@}" &gt; /dev/null<br />
<b>removed</b>:~$ Jun 01 12:46:43.000 [notice] Owning controller connection has closed -- exiting now.</p>
<p><b>removed</b>:~$<br />

This is not a only case.

Jondonym's anonymity test on

Jondonym's anonymity test on http://ip-check.info/index.php?lang=en shows a red field marked "bad": window.name is traceable. Your unique ID: ###### (the same number as the "local storage" ID which is marked orange (medium risk)).

With the "Smart Referer" Firefox extension installed and configured as follows:
Mode > send nothing as referer
Strict (treat subdomains as different domains) > unchecked

the test shows a green field marked "good": window.name has been anonymized.

So Tor Browser really needs an additional extension to prevent tracking???

Well, that depends. See:

Well, that depends. See: https://www.torproject.org/projects/torbrowser/design/#identifier-linka… section 12 for what we are doing.

You don't need an additional

You don't need an additional extension. If you move the security slider under Onion -> "Privacy and Security Settings" to high, JavaScript gets disabled, and window.name disappears.

32bit Debian Wheezy user

32bit Debian Wheezy user here. I successfully auto-updated from TBB 4.0.8 to 4.5.1 . Auto-update worked perfectly for me! Thank you.

13.05.2015 11:19:56.100

13.05.2015 11:19:56.100 [NOTICE] Opening Socks listener on 127.0.0.1:9150
13.05.2015 11:19:56.779 [NOTICE] Bootstrapped 80%: Connecting to the Tor network
13.05.2015 11:20:05.776 [WARN] Problem bootstrapping. Stuck at 80%: Connecting to the Tor network. (Permission denied [WSAEACCES ]; RESOURCELIMIT; count 10; recommendation warn; host 5C69846F6B71D1C55475987FEAD2F96D62A4CD92 at 89.163.227.28:9001)
13.05.2015 11:20:07.320 [WARN] Problem bootstrapping. Stuck at 80%: Connecting to the Tor network. (Permission denied [WSAEACCES ]; RESOURCELIMIT; count 11; recommendation warn; host 3018E8B182E44AA4AEFA19972BA71B34E4A183C2 at 188.230.91.135:9001)
13.05.2015 11:20:07.775 [WARN] Problem bootstrapping. Stuck at 80%: Connecting to the Tor network. (Permission denied [WSAEACCES ]; RESOURCELIMIT; count 12; recommendation warn; host E2BD5F4F366DB494EA1FAD785CFA53F9439BB110 at 162.248.94.205:5277)

"The update process for Mac

"The update process for Mac OS 10.6 and 10.7 users will unfortunately not be automatic." Why is that?

https://blog.torproject.org/b

https://blog.torproject.org/blog/end-life-plan-tor-browser-32-bit-macs has an explanation.

My default search engine was

My default search engine was changed to disconnect.me in this update, instead of the ol' Startpage. Can anyone offer a comparison of the privacy they guarantee to help me choose?

Thanks Tor Team for this update, by the way!

I hadn't seen that

I hadn't seen that additional search engine.
I tried a search. The site creates a unique url that omits search terms. the unique part looks like about 20 hex characters plus dash characters,
i reloaded the url and the page showed the same results and search terms. But assuming this url is a "permalink", a bookmark would need manually added information, because the url doesn't give a clue.

According to Tails' blog

According to Tails' blog posted a few hours earlier than mikeperry's post, it's stated "We disabled in Tails the new circuit view of Tor Browser 4.5 for security reasons. You can still use the network map of Vidalia to inspect your circuits."

If Tails' developers are correct, why do Tor developers not disable it in the Tor Browser Bundle 4.5.1?

Would mikeperry, erinn or arma wish to clarify?

This is exactly what I

This is **exactly** what I wanted to ask in the Tails blog post, but they don't allow asking questions in their blog here (which is pretty lame, IMO!). Also, Tails doesn't have their own blog at their site, or easy way to contact them :(

I would really like to get a response on this, as well.

Looking at the tails

Looking at the tails changelog I see this:

"Unfortunately its per-tab circuit view did not make it into Tails yet since it requires exposing more Tor state to the user running the Tor Browser than we are currently comfortable with. (Closes: #9031, #9369)"

But it looks like this issue is about #9333?
https://labs.riseup.net/code/issues/9333

I don't see why allowing it via. Vadalia is better, or more conformable? And what exit node would Vadalia show, considering each website may use a different exit node with current TorButton?

And I don't see why it's a security risk to have the per-tab circuit view.

Comments from experts would be very welcome.

I really think if Tails has a blog here they should allow comments for each post. Or if not, they should include info on how best to contact them regarding blog post xyz.

Tails has a different threat

Tails has a different threat model, in that they need to account for other application's traffic going out over a system-wide Tor instance, vs just Tor Browser's traffic (the bulk of the Tor Browser users).

I'm not particularly convinced that allowing Vidalia (long since unmaintained) full control port access is any better than allowing Tor Browser (which is maintained but presents a much larger attack surface) control port access, but I am not a Tor Browser developer, and can be quite paranoid at times.

See: https://trac.torproject.org/projects/tor/ticket/8369

Please read Tails ticket

Please read Tails ticket about the issue before jumping to conclusions:
https://labs.riseup.net/code/issues/9298

Thank, but less snark next

Thank, but less snark next time would be nice. Even better, would be Tails blog post adding a little context next time they claims something isn't secure.

These security reasons don't

These security reasons don't apply to Tor Browser outside of Tails, since it has full access to the Tor control port anyway. We at Tails plan to improve our documentation on this topic: https://labs.riseup.net/code/issues/9391#note-3. Sorry for the communication mess :/

Thank you very much. Your

Thank you very much. Your work on Tails is appreciated. Tails is great.

ip-check.info couldn't

ip-check.info couldn't detect or display computer time here, is it being protected by TBB or just a trick?

Your timezone is set to UTC.

is Tor still safe while

is Tor still safe while Running via a Local Proxy ? (For example :Freegate )

Yes.

FreeGate is not an open

FreeGate is not an open source project and is developed by US government, be care.

FreeGate is indeed not open

FreeGate is indeed not open source, and is probably bad news for a variety of reasons. But I know some of the FreeGate developers, and as far as I know they are not "the US government".

Sticking to facts on critiques of closed-source systems will help people learn to reason about them better. :)

You might also enjoy
https://svn.torproject.org/svn/projects/articles/circumvention-features…

Could I please direct gk's

Could I please direct gk's attention to (the last two) my posts under 4.5 regarding a possible problem with DNS lookup?

Since the above changes to 4.5.1 do not mention any change to dns look up, presumably the problem will still affect 4.5.1.

Thank you

There is no bug with respect

There is no bug with respect to DNS lookups that we know of. Not sure what your setup is like but Vidalia is not included anymore in Tor Browser for a while now as it is unmaintained. We strongly recommend using Tor Browser instead of some home-grown setups.

GK thank you for your

GK thank you for your response:

a - I use Tor Browser, plus Vidalia since, disappointingly, the new TOR versions do not give as much information as Vidalia did/does.

b- Just because Vidalia is no longer maintained does not mean that it no longer works.

c- I still feel that there is a problem re DNS (but due to the indecipherable catchas on Trac Tor I cannot report it) or else why would I see the warning: ""Potentially Dangerous Connection! - One of your applications established a connection through Tor to "XXX:XXX" using a protocol that may leak information about your destination. Please ensure you configure your applications to use only SOCKS4a or SOCKS5 with remote hostname resolution." ??

Thank you

I wanted to congratulate the

I wanted to congratulate the team again for closing the window between Firefox releases and TBB releases. I believe this has a real, positive impact on user security and comfort with TBB, and I appreciate the work it's taken to orchestrate everything to make this possible.

here, here

"Tor Circuit use and

"Tor Circuit use and tracking identifiers are now all isolated to the base (top-level) domain only, as opposed to the full domain name."

Updated from 4.0.x. This doesn't work. Worse, I used to fix it with a new circuit using Vidalia. Now that doesn't work either.

Can it be disabled?

"Tor Circuit use and

"Tor Circuit use and tracking identifiers are now all isolated to the base (top-level) domain only, as opposed to the full domain name."

Isn't that like .com and .org?

More like .torproject.org

More like .torproject.org .torproject.co.uk which is why we used "base domain" and in included "(top-level)" implying that there are no subdomains involved anymore.

What is an "unsigned build"?

What is an "unsigned build"? Your sha256sums are incorrect.

"unsigned build" means that

"unsigned build" means that the SHA 256 sums are taken before the .exe files got signed with the help on an authenticcode certificate which changes the SHA 256 sum. To have the hash sums from the unsigned build is important for the advanced verification of Tor Browser. See: https://www.torproject.org/docs/verifying-signatures.html.en#BuildVerif…

Your sha256sums are

Your sha256sums are incorrect.

Some file hosting sites are

Some file hosting sites are still unable to use. Is there a way to fix?

Do you have an example (URL)?

1. What is the latest

1. What is the latest stable Tor version?

2. Is the website tor standalone for windows up to date?

3. Why would the tor included in windows browser downloads be a newer version ever then the stand alone offered?

4. Why does the windows stand alone use Libevent 2.0.21-stable when .22 is available?

5. For security best practices, why are there so many different webpages, with inconsitant changelogs, varying from OS to OS, using confusing to the masses unix style presentation?

6. Why discontinue vidalia without a replacement? Isnt bringing tor to the attention of the masses a good thing? Where is the windows ease and understanding?

you guys do some VERY good things, but then you do some VERY dumb things. Every month you should approach your project as if a complete outsider! How does it appear/function communicate/empower someone with no knowledge whatsoever. etc. Clear concise transperentcy, with expected routine standardize practices would do you so well!

Instead we have different keys signing, different amounts of info released depending on whom does it, a mailing list from 1994 AOL, etc. I know this sounds like a rant, but THANK GOD for the tor blog. at least theere is some kind of modern interaction with the people.

tor blog (here) is OK,

tor blog (here) is OK, except I must enable images to see text. To repair this, I could import a stylesheet in usercontent.css, but it seems easier is to make blog.torproject.org readable with images disabled.
really,this is a minor complaint, but also very easily fixed.

and thanks for tor, tbb, and the necessary backing projects.

As for 5. here you can find

As for 5. here you can find the reason:
https://tor.stackexchange.com/questions/1075/what-happened-to-vidalia
https://trac.torproject.org/projects/tor/wiki/doc/TorBrowserBundle3FAQ#…
The short answer is: Tor Browser Button (TBB) replaced Vidalia (and it's features), because Vidalia because has no active developer who is working on it and it's source is some years old.

And as you can see at the first link there is also another way where you can get information about Tor - Tor stackexchange.

i get failure from drain FD,

i get failure from drain FD, with latest tor, any ideas? it seems to work ok, but sometimes i get massive numbers of them, supressing 7200 in last etc.. ....

I get this error too. Jun 13

I get this error too.
Jun 13 11:29:24.000 [notice] Self-testing indicates your DirPort is reachable from the outside. Excellent.
Jun 13 11:29:24.000 [warn] Failure from drain_fd
Jun 13 11:29:24.000 [notice] Self-testing indicates your ORPort is reachable from the outside. Excellent. Publishing server descriptor.
Jun 13 11:29:28.000 [notice] Performing bandwidth self-test...done.
Jun 13 17:29:23.000 [notice] Heartbeat: Tor's uptime is 6:00 hours, with 2 circuits open. I've sent 3.30 MB and received 9.70 MB.
Jun 13 17:29:23.000 [notice] Average packaged cell fullness: 98.818%. TLS write overhead: 21%
Jun 13 17:29:23.000 [notice] Circuit handshake stats since last time: 0/0 TAP, 4/4 NTor.
Jun 13 17:29:23.000 [notice] Since startup, we have initiated 0 v1 connections, 0 v2 connections, 0 v3 connections, and 23 v4 connections; and received 0 v1 connections, 12 v2 connections, 30 v3 connections, and 499 v4 connections.
Jun 13 18:08:58.000 [warn] Failure from drain_fd [3 similar message(s) suppressed in last 7200 seconds]
Jun 13 20:10:36.000 [warn] Failure from drain_fd [10 similar message(s) suppressed in last 7200 seconds]
Jun 13 22:15:03.000 [warn] Failure from drain_fd [12 similar message(s) suppressed in last 7200 seconds]

The problems with Google

The problems with Google recaptcha system still continue.
It is important to remember that Google has changed the old text verification system to a images verification system. Now the images of recaptcha system are not displayed via the TOR browser and apparently this is a unique Tor browser problem.
Even completely disabling HTTPS Everywhere and Noscript extensions to leave it as close to the Firefox the problem still occurs.
Please take a close look at this because Google recaptcha is used in many many sites.

I am having the same problem

I am having the same problem with Google's new multi-image reCAPTHCA puzzles that have replaced the old "twisted and distorted letters," making it impossible for me to access a number of websites using Tor Browser. The images necessary to solve the puzzle are not displayed. I can confirm that the problem is NOT solved by disabling plugins (HTTPS-Everywhere, NoScript) and/or enabling third-party cookies (but even if these steps did solve the problem, it wouldn't be a good thing).