Tor Project blog

New Alpha Release: Tor Browser 16.0a7

2026-06-03T00:00:00Z

Tor Browser 16.0a7 is now available from the Tor Browser download page and also from our distribution directory.

This version includes important security updates to Firefox.

⚠️ Reminder: The Tor Browser Alpha release-channel is for testing only. As such, Tor Browser Alpha is not intended for general use because it is more likely to include bugs affecting usability, security, and privacy.

Moreover, Tor Browser Alphas are now based on Firefox's betas. Please read more about this important change in the Future of Tor Browser Alpha blog post.

If you are an at-risk user, require strong anonymity, or just want a reliably-working browser, please stick with the stable release channel.

Send us your feedback

If you find a bug or have a suggestion for how we could improve this release, please let us know.

Full changelog

The full changelog since Tor Browser 16.0a6 is:

All Platforms
- Updated NoScript to 13.6.19.90401984
- Updated Tor to 0.4.9.9
- Bug tor-browser#42436: Allow for multiple configured (front, reflector) domain fronting pairs in Moat module
- Bug tor-browser#44869: Rebase alpha onto 151
- Bug tor-browser#44952: TOR_PROVIDER=none throws an error at launch
- Bug tor-browser#44989: Backport Bug 2040704: Fix date format leak in Firefox 151
- Bug tor-browser#44990: CI failing due to dubious ownership of cached repo
- Bug tor-browser#44999: Privacy settings are broken in 151
- Bug tor-browser-build#41686: Copy more build artifacts to the artifacts directory
Windows + macOS + Linux
- Updated Firefox to 151.0a1
- Bug tor-browser#44903: Use the support-page instead of tor-manual-page in moz-support-link
- Bug tor-browser#44904: Use settings config for onion site settings
- Bug tor-browser#44991: Improve the no-authentication handling on the control port
- Bug tor-browser#44997: Captcha doesn't work in TB desktop
- Bug tor-browser#45005: Rename arrowpanel CSS variable
Windows
- Bug tor-browser#44745: Change how we hide SSO setting for windows
Android
- Updated GeckoView to 151.0a1
- Bug tor-browser#43543: Make the dev icon distinct from the nightly one
- Bug tor-browser#44211: Disable "Shake it up. Skip the scroll."
- Bug tor-browser#44323: Audit Android Settings changes from 128 to 140
- Bug tor-browser#44917: Disable Ads client for all channels
- Bug tor-browser#45031: Disable AI features for Android
Build System
- All Platforms
  - Bug tor-browser-build#41779: Update toolchains for Firefox 151
  - Bug tor-browser-build#41781: Fix clean section in rbm.local.conf.example
  - Bug tor-browser-build#41792: Switch from ftp.gnu.org to ftpmirror.gnu.org
  - Bug tor-browser-build#41798: Update the URL to versions.ini in relprep.py
  - Bug tor-browser-build#41806: make list_toolchain_updates should check var/firefox_platform_version
  - Bug tor-browser-build#41807: Incorrectly generated Bugzilla query link in generate-bugzilla-triage-csv.py
- Windows + Linux + Android
  - Updated Go to 1.26.3
- macOS
  - Bug tor-browser-build#41793: Stop copying permissions from .mar in dmg2mar
- Android
  - Bug tor-browser-build#41801: Hardlink artifacts in fix_gradle_deps.py

New Release: Tor Browser 15.0.15

2026-06-03T00:00:00Z

Tor Browser 15.0.15 is now available from the Tor Browser download page and also from our distribution directory.

This release contains important security updates to the tor daemon and fixes some censorship circumvention problems.

Send us your feedback

If you find a bug or have a suggestion for how we could improve this release, please let us know.

Full changelog

The full changelog since Tor Browser 15.0.14 is:

All Platforms
- Updated NoScript to 13.6.20.1984
- Updated Tor to 0.4.9.9
- Bug tor-browser#42436: Allow for multiple configured (front, reflector) domain fronting pairs in Moat module
Windows + macOS + Linux
- Bug tor-browser#44997: Captcha doesn't work in TB desktop
Linux
- Bug tor-browser#44886: Backport tor-browser#44361: Notify Linux i686 users that they won't receive updates anymore

Arti 2.4.0 released: Relay and directory authority development; flowctl-cc stable

2026-06-01T00:00:00Z

Arti is our ongoing project to create a next-generation Tor implementation in Rust. We're happy to announce the latest release, Arti 2.4.0.

This release continues our ongoing development towards using Arti as a relay and as a directory authority. It also contains fixes for a number of bugs affecting onion service client connectivity.

Additionally, as of this release, flow control and congestion control is considered stable, and can be enabled by compiling Arti with the flowctl-cc feature.

Users of the arti-client crate should note that there are multiple breaking changes to the TorClient APIs, and that the use_obsolete_software option has been removed (see #1960).

As usual, this release also contains a number of bugfixes, cleanups, and improvements to our CI infrastructure.

For full details on what we've done, including API changes, and for information about many more minor and less-visible changes, please see the CHANGELOG.

For more information on using Arti, see our top-level README, and the documentation for the arti binary.

Thanks to everybody who's contributed to this release, including Aaron Dewes, Andrew Kloet, Boris Nagaev, Neel Chauhan, Nihal, syphyr.

Also, our deep thanks to our sponsors for funding the development of Arti!

New Release: Tails 7.8

2026-05-21T00:00:00Z

Changes and updates

Update Tor Browser to 15.0.14.
Remove Thunderbird.

You can still install Thunderbird as additional software.

If you have both the Thunderbird Email Client and Additional Software features of the Persistent Storage turned on, Tails automatically adds Thunderbird to your list of additional software.

A new version of Thunderbird is released in Debian shortly after each Tails releases, because both Tails and Thunderbird follow the release calendar of Firefox. As a consequence, until Tails 7.5 (February 2026), the version of Thunderbird in Tails was almost always outdated, with known security vulnerabilities.

By installing Thunderbird as additional software, the latest version of Thunderbird is installed automatically from your Persistent Storage each time you start Tails.

Fixed problems

Fix multiple security vulnerabilities in the Linux kernel and haveged, that could allow an application in Tails to gain administration privileges.

For example, if an attacker was able to exploit other unknown security vulnerabilities in an application included in Tails, they might then use one of these vulnerabilities to take full control of your Tails and deanonymize you.

For more details, read our changelog.

Get Tails 7.8

To upgrade your Tails USB stick and keep your Persistent Storage

Automatic upgrades are available from Tails 7.0 or later to 7.8.
If you cannot do an automatic upgrade or if Tails fails to start after an automatic upgrade, please try to do a manual upgrade.

To install Tails 7.8 on a new USB stick

Follow our installation instructions:

The Persistent Storage on the USB stick will be lost if you install instead of upgrading.

To download only

If you don't need installation or upgrade instructions, you can download Tails 7.8 directly:

Support and feedback

For support and feedback, visit the Support section on the Tails website.

New Release: Tor Browser 15.0.14

2026-05-19T00:00:00Z

Tor Browser 15.0.14 is now available from the Tor Browser download page and also from our distribution directory.

This version includes important security updates to Firefox.

Send us your feedback

If you find a bug or have a suggestion for how we could improve this release, please let us know.

Full changelog

The full changelog since Tor Browser 15.0.13 is:

All Platforms
- Bug tor-browser#44958: Backport Security Fixes from Firefox 151
Windows + macOS + Linux
- Updated Firefox to 140.11.0esr
Android
- Updated GeckoView to 140.11.0esr
Build System
- All Platforms
  - Bug tor-browser-build#41781: Fix clean section in rbm.local.conf.example
  - Bug tor-browser-build#41798: Update the URL to versions.ini in relprep.py
- Windows + Linux + Android
  - Updated Go to 1.25.10

A new way to fund internet freedom

2026-05-19T00:00:00Z

A coalition of privacy, internet freedom, cryptocurrency and open-source ecosystems, led by the Tor Project and Funding the Commons, today announced a new participatory funding campaign designed to support critical digital infrastructure at a moment of systemic funding instability.

Launching today at internetfreedom.torproject.org and as an Onion Service, the campaign is the first-ever Web3-native crowdfunding initiative dedicated to the internet freedom ecosystem. The campaign accepts contributions in Bitcoin (BTC), Ethereum (ETH), Zcash (ZEC), Monero (XMR), and Golem (GLM), and benefits 10 nonprofit projects working across privacy, censorship circumvention, secure communications, and public-interest digital infrastructure. An initial $115,000 USD matching pool supported by Cake Wallet, Zcash Community Grants, Logos, and Octant -- with additional ecosystem participation expected throughout the campaign -- will amplify donations made through June 18th, 2026, using a participatory matching model designed to reward broad community participation.

Internet freedom in peril

Internet freedom has declined for 15 consecutive years. As censorship and surveillance become increasingly sophisticated and pervasive, many of the tools people rely on to communicate and organize safely, access information freely, and protect their privacy are facing financial pressure and funding cuts. Some organizations were forced to reduce staffing, scale back technical infrastructure, delay development work, and stop support for the communities that depend on them. This strain threatens the long-term sustainability of critical public-interest infrastructure.

Today, the Tor Project and Funding the Commons, are launching a new experiment: a community-driven crowdfunding campaign exploring how internet freedom services and infrastructure can be funded more sustainably, transparently, and collectively. The campaign benefits organizations and tools supporting secure journalism, private communications, anti-censorship technologies, and privacy-preserving infrastructure used by millions of people worldwide.

SecureDrop: Secure whistleblower submission system used by journalists and newsrooms
OpenArchive: Privacy-first archiving tools for human rights defenders and journalists
OnionShare: Open-source tool for secure, anonymous file sharing and hosting
Ricochet Refresh: Metadata-resistant instant messaging over Tor
Onion Browser: Tor-powered web browser for iOS
Open Observatory of Network Interference (OONI): Global observatory documenting internet censorship and shutdowns
Paskoocheh, by ASL19: Anti-censorship technology and digital security support
Unredacted: Infrastructure supporting censorship circumvention and resilient communications
Digital Security Help Desk, by Miaan Group: Internet freedom technologies supporting users in Iran
Osservatorio Nessuno: Protecting activists, journalists, and civil society organizations with tech support and traceless software

Tor cannot be resilient alone. Its resilience depends on the resilience of the ecosystem around it, especially smaller projects that may not have the same access to institutional funding or donor networks. This campaign is one way to bring more people into the shared responsibility of sustaining public-interest technology.

A participatory funding model

The campaign uses a participatory matching fund model called quadratic funding designed to amplify the impact of many small contributions. Rather than prioritizing only large donations, the model increases support for projects backed by broader community participation, giving more people a meaningful voice in how funds are distributed. In practice, a project supported by many smaller contributors may receive more matching funds than one supported by only a few large donors.

The campaign's matching pool is supported by a coalition of organizations aligned around privacy, open infrastructure, and public goods funding, including: Cake Wallet, Zcash Community Grants, Logos, and Octant. Contributions can be made using ETH, BTC, ZEC, XMR, and GLM.

"Privacy and internet freedom drive everything we build at Cake Wallet. We are proud to support Tor and the broader internet freedom ecosystem through this campaign, helping keep essential privacy tools accessible to everyone. Beyond supporting the mission, we are also users, advocates, and builders who have helped bring Tor's protections to over two million users worldwide." - Vik Sharma, CEO, Cake Wallet

"Tor and Zcash protect complementary layers of privacy: Tor protects network privacy, while Zcash protects financial privacy. By supporting this campaign, Zcash Community Grants (ZCG) is helping sustain critical public-interest infrastructure for people who rely on privacy and internet freedom." - ZCG's members

Internet freedom tools are digital public infrastructure, and they face many of the same funding challenges as other public goods: they are widely relied on, difficult to monetize ethically, and often invisible until they are under threat. Funding the Commons has spent years working with builders, funders, researchers, and public institutions to test new ways of sustaining public goods.

Partnering with Funding the Commons gives us a way to bring internet freedom organizations into a broader conversation about how public-interest infrastructure is funded, and to test a model that can be reused, improved, and expanded over time:

"Quadratic funding is one of web3's answers to how critical infrastructure gets funded: Institutional money follows community signals, not the other way around," said David Casey, Director of Funding the Commons. "Any donation moves the match pool, no matter the size, putting weight behind the projects Tor users rely on every day."

The campaign launches today at: internetfreedom.torproject.org and http://swvbwbtmajvfrnz4wztx6ovshilm23ntigi73fz5wczj3aqdquq5icad.onion, and accepts donations through June 18th, 2026.

Preserving evidence: How OpenArchive fosters accountability and media sovereignty

2026-05-18T00:00:00Z

This post is part of a spotlight series on the organizations defending the free Internet.

A picture may be worth a thousand words, but only if it survives. Behind every image or video is someone making a choice in real time: to document what they are seeing, preserve what others may try to deny, and take on the risks and responsibilities that come with creating archival records.

Now that technology outpaces regulation and social media is the dominant platform for news, communities sharing documentation of world events face exploitation and repression through targeting, surveillance, and media erasure or manipulation. Mobile media can disappear as quickly as it was captured because, for example, a phone gets confiscated, a platform removes it, or a company changes its content moderation policies. This media can become impossible to verify if or when metadata is stripped, potentially leading to unchecked mis- and disinformation due to media manipulation. Additionally, it can become dangerous when the wrong person can see who captured it or where it was stored.

Eyewitnesses and the media they document and preserve, often depicting potential human rights violations, are increasingly at risk of being targets of surveillance, censorship, media manipulation, doxxing, and worse. In response to these growing threats, OpenArchive first created the FLOSS Save app in 2015. Following their mission to offer people access to ethical, secure, decentralized backends, they then created their novel, custom DWeb Storage to further help communities safely preserve their documentation without having to depend on -- at best, unreliable, and, at worst, weaponized -- centralized platforms that can remove, lose, or expose sensitive data at a moment's notice.

Their vision is a future where our histories are easily preserved, securely owned, and freely accessible. OpenArchive builds towards that future through human rights-centered co-research, education/training, and tool development dedicated to the ethical collection and long-term preservation of mobile media. To achieve this, we equally prioritize privacy, usability, archival integrity, and decentralized technology to equip human rights defenders, at-risk communities, journalists, and movements worldwide with tools to preserve, verify, and act on evidence of abuses, challenging extractive technology and amplifying marginalized voices. The premise is straightforward: people should be able to easily preserve their histories safely and on their own terms.

Built for conditions documenters actually face

For over a decade, OpenArchive has maintained Save, their free, open source flagship mobile app that helps people securely archive, verify, and encrypt their mobile media while working under real-world constraints. Co-created with and for its users, it supports authentication via SHA256 hashes and ProofMode, encrypted transit via TLS and Tor, long-term preservation to destinations like the Internet Archive, Nextcloud, their novel DWeb P2P Storage backend (in beta), and redundancy through multi-server backup.

In practice, this work responds to urgent risks. For example, in conditions of conflict, they expedite local deployments of Save and run trainings for local archivist communities. Documenters on the ground had named phone confiscation, arrest, and internet outages as their primary risks, exactly the conditions Save is designed for.

Additionally, in one case, human rights defenders facing corporate environmental abuse had a different challenge: none of the documenters they had surveyed were using encrypted tools in their workflows, leaving them vulnerable to tracking and surveillance. In other contexts, human rights defenders also named privacy and inconsistent internet access as major barriers, underscoring how easily documentation can become vulnerable before it ever reaches an archive.

OpenArchive's work grounds those realities. Guided by the human rights-centered design methodology (co-created by OpenArchive's Executive Director, Natalie Cadranel and leading human rights experts), the team works with documenters, archivists, journalists, and advocates to understand their threats, constraints, workflows, and safety needs before designing tools around them.

Most social media platforms are optimized for attention and monetization, not for archival preservation, provenance, or community control. A centralized platform presents a single point of failure, an easy access point for censorship, targeting, link rot, or account / company shutdowns.

From camera roll to decentralized archives

Responding to this specific need, OpenArchive has built a novel p2p DWeb Storage backend for Save, now in beta. In addition to Nextcloud and the Internet Archive, it gives communities an alternative to centralized platforms, one designed around privacy, verifiability, and resilience rather than someone else's business model.

Under the hood, it uses two open source protocols: Veilid for encrypted peer-to-peer networking and anonymous connections, and Iroh for data storage, retrieval, replication, and verification. Save users can create groups, share files into repositories, and replicate media across peers, with encrypted communication and data integrity preserved throughout.

"Decentralized storage" can sound abstract. But it actually means no single company, server, or account holds the records. Copies are distributed. Access is shared among trusted peers. If one node goes down (or gets shut down), the archive survives on the others.

OpenArchive's role in the internet freedom ecosystem is protecting the chain of trust around media: who captured it, how it was handled, whether it remained intact, and whether the people behind it were put at additional risk. That chain is what makes documentation usable for journalism, legal evidence, historical memory, and accountability.

Much of this work is quiet by necessity. The communities most in need of secure archiving are often the least able to publicize their use of it.

By offering diverse and decentralized backends, Save is built for exactly that reality. When the platform shuts down the account, when the server goes offline, or when the border is closed, the record doesn't have to disappear with it.

Keeping the doors open

2026-05-15T00:00:00Z

This guest post is part of a spotlight series on the organizations defending the free internet.

A user in China once said this about our work:

"You have helped many many people to overcome the great firewall. Without your help, I would be in the totally darkness trap and being brain-washed."

We don't hear from the people who use our services very often. Most of them can't or don't feel that they can safely send a message. When one comes through, it's a reminder of what's actually at stake.

We're Unredacted, a US-based 501(c)(3) non-profit. We build and operate Internet infrastructure that helps people reach the open Internet and protect their right to privacy. We do this by operating a network of over 300 servers around the world. We're a way through when the front door is locked, and a place to communicate when the public square isn't safe. Most of the work is invisible: datacenter work, hardware, automation, open source software, bandwidth, abuse queues, monitoring alerts, and the late nights spent keeping all of it online.

What we do falls into three areas. Censorship Evasion is where Unredacted Door lives, our umbrella for the services designed to route around blocking. Secure Infrastructure is where we run things like XMPP.is and our Matrix homeserver, and other free services built with security and privacy in mind. Unredacted Education is the writing and documentation side: guides and explainers for the people who want to understand the work and replicate it. Alongside those, Unredacted Labs is where we experiment with infrastructure ideas that aren't quite production-ready. GreenWare is one of those, our effort to run real network capacity on hardware that doesn't burn a lot of power.

Unredacted Door

The name is literal. When the entrance to the open Internet gets walled off, people need another way in.

Unredacted Door brings together several of our circumvention services: FreeSocks, messaging proxies for Signal and Telegram, Tor bridges, and Snowflake proxies. In a recent 30-day window, these services carried nearly 300 TiB of traffic for tens of thousands of people routing around censorship in their countries. That's roughly the equivalent of bandwidth to stream tens of thousands of hours of 4K video. Demand isn't slowing, and we need to continue building more. Every new filter, every new law, every "for your safety" rollout sends more people looking for a route the censors haven't found yet.

The largest piece of Unredacted Door is FreeSocks: free proxies for people in places where censorship is severe. If you've never run into one, a proxy is a relay point. Your app doesn't talk directly to the blocked service. It talks to a server that carries the connection past whatever filters are sitting between you and the wider Internet. FreeSocks is built to make that relay quietly unremarkable, which is exactly the trait a standard VPN tends to lack. A VPN advertises itself. There's a known endpoint, a known handshake, an obvious shape on the wire. Censors are very good at blocking things they can recognize.

No single tool covers every situation. Tor Browser gives you strong privacy and anonymity for browsing. Snowflake helps people reach Tor when access to the network itself is blocked. FreeSocks proxies push specific traffic through a route that's harder to spot. People living under censorship usually need a few of these on hand, because no single door stays open forever.

That's why we're putting serious work into the next version of FreeSocks (v2). It uses Xray - a powerful and versatile traffic-routing engine, which can make proxy traffic look more like ordinary web traffic bundled with our open source control plane that allows us to rotate endpoints automatically when censors find and block a server. The less a user has to fiddle with their setup while they're already under pressure, the better.

GreenWare: sustainable infrastructure, literally

Tor relays, bridges, proxies, and more. They run on hardware in datacenters, and that hardware has a real footprint: financial, operational, and environmental. If we want privacy infrastructure to last, we have to ask what's actually sustainable to operate.

GreenWare is our attempt to shrink that footprint without shrinking what we can carry on it. The premise is straightforward: most Tor relay traffic doesn't need a server that draws power like a space heater. A relay needs a steady network, predictable CPU, and enough memory to hold its state. That's a workload a single-board computer can handle, if the chassis around it is built to take it seriously.

We started with Raspberry Pi 5 boards powered over PoE, fed entirely through their network cables. The idea worked. A typical server in a datacenter draws as much power as a small space heater. A Pi draws less than a lightbulb. But the first generation had ceilings. Density wasn't where we wanted it, and a few of the supporting components weren't built for the hours we were putting on them.

So we run two deployments in parallel now. The first is a 1U chassis with 20 ComputeBlade modules stacked into it. We deployed all 20 in our datacenter and moved a chunk of our Tor exit relays onto them. That chassis pulls a little over 100W under load, roughly what an old incandescent bulb burns. The second is a custom Raspberry Pi chassis we designed after the ComputeBlade work taught us what we actually wanted in the field. Both are live, and as of writing all 123 of our Tor exit relays run on this combined infrastructure, drawing roughly 400W in total. As time goes on, we'll have more to say about the chassis design and the project as it matures.

The Tor network runs on people and organizations willing to operate infrastructure for it. Exits are the hardest part of that job. They need bandwidth, maintenance, abuse handling, legal nerve, and money. If we can drop the cost and the power required to run real exit capacity, more people can take on a piece of the work and diversify and grow the network.

Our longer-term ambition is to keep pushing on efficient hardware, carbon tracking, and eventually renewable-powered micro points of presence. We'd be more than glad to partner with organizations and companies that want to see this grow.

The open Internet is kept open by many people and organizations investing energy, time, and effort: The researchers measuring censorship, the relay operators providing bandwidth, and the communities that refuse to leave one another behind. At Unredacted, our part is building and maintaining the routes people may need when the obvious ones disappear.

Defending the public's right to know

2026-05-12T00:00:00Z

This post is part of a spotlight series on the organizations defending the free internet.

Internet freedom has declined for 15 consecutive years. Beyond surveillance, the erosion of privacy and anonymity, and information manipulation, governments are targeting specific sites and services, or attacking infrastructure itself, causing shutdowns and deliberate disruptions for internet users. But how do we know when the internet is censored and how?

OONI, the Open Observatory for Network Interference, born out of the Tor Project, exists to answer that question. Through free software tools and open data OONI makes censorship measurable, verifiable, and actionable. This post is about what that looks like in practice.

Protecting the public record

OONI data is the world's largest open dataset on internet censorship: billions of measurements collected across tens of thousands of networks from 245 countries and territories since 2012. OONI's data exists because people around the world run OONI Probe and contribute measurements from the networks that they are connected to. Every new measurement adds to a shared public record.

Both its scale and methodology contribute to OONI's impact. Internet censorship often works by making interference hard to see. It can make a blocked website look broken, a throttled app look unreliable, or a shutdown look like a technical failure. OONI helps expose these tactics through open measurement methodologies, peer review, expert feedback, and comparison against control measurements, so that censorship claims can be tested, challenged, and verified.

To make this dataset user-friendly, OONI launched thematic pages in OONI Explorer focusing on the areas most frequently targeted: social media and messaging apps, news media, and circumvention tools. Each page includes short reports, longer research reports, and charts with the latest OONI data.

In 2025, a dedicated "Blocking of News Media" page helped surface findings that would otherwise require sifting through billions or raw measurements: the blocking of the independent media outlet Zawia3 in Egypt, the blocking of 12 news media websites in Jordan, and the blocking of The Wire in India during the military conflict with Pakistan.

Think about when censorship events tend to happen: elections, protests, armed conflict, national exams, and periods of political unrest. The moment when access to information matters most. OONI gives affected communities a shared factual basis at those moments to make accountability possible.

How journalists and media organizations use OONI

In 2025, Meduza, one of the most prominent Russian media outlets in exile published an article introducing OONI tools and encouraging readers to use them. It's just one example how a newsroom can effectively use censorship measurement not just to report a story, but as an act of public education: helping audiences understand how network interference works, how it can be documented, and how they can contribute to that evidence base themselves.

When a news website is blocked, that's not just a technical event. It's the public losing access to reporting, communities losing access to timely information, and journalists losing access to their audiences. Documentation that can be cited and analyzed is what turns that event into something actionable.

The most concrete example of that chain in action is Kenya. OONI data served as evidence in a public-interest case challenging the unlawful disruption of internet access. The case was filed by a coalition that included BAKE, ICJ Kenya, Paradigm Initiative, the Kenya Union of Journalists, Katiba Institute, the Law Society of Kenya, and CIPESA. To support the petition before the High Court of Kenya, OONI produced a detailed research report, in the form of an expert opinion, documenting the blocking of Telegram during Kenya's 2023 and 2024 KCSE national exams.

This is a case where a journalists' union, digital rights organizations, legal advocates, and technical researchers were able to work from the same datasets to elevate internet disruption to a public-interest issue. And this case also helped set an important regional precedent: lawyers in Tanzania subsequently reached out to OONI for data to support legal efforts challenging the blocking of Twitter/X there, prompting OONI to publish a research report documenting the block.

Collective action for a collective internet

The Kenya-to-Tanzania ripple effect illustrates how internet censorship works across geographies. But also how we can fight it. A block on messaging apps isn't a standalone event. Journalists may lose access to sources. Activists may lose organizing channels. Circumvention tool developers may need to adapt. Researchers may need to verify what happened. Lawyers may need evidence. But everyone needs documentation.

OONI's open data model is built for exactly these moments. Protecting the free internet requires documenting censorship, sharing evidence, and building the collective capacity to respond.

New Release: Tails 7.7.3

2026-05-12T00:00:00Z

This release is an emergency release to fix a critical security vulnerability in the Linux kernel, as well as security vulnerabilities in Tor Browser and in the Tor client.

Changes and updates

Update the Linux kernel to 6.12.86, which fixes Dirty Frag, a vulnerability that could allow an application in Tails to gain administration privileges.

For example, if an attacker was able to exploit other unknown security vulnerabilities in an application included in Tails, they might then use Copy Fail to take full control of your Tails and deanonymize you.

We are not aware of this vulnerability being used in practice until now.
Update Tor Browser to 15.0.12.
Update the Tor client to 0.4.9.8.
Update Thunderbird to 140.10.1.

Fixed problems

For more details, read our changelog.

Get Tails 7.7.3

To upgrade your Tails USB stick and keep your Persistent Storage

Automatic upgrades are available from Tails 7.0 or later to 7.7.3.
If you cannot do an automatic upgrade or if Tails fails to start after an automatic upgrade, please try to do a manual upgrade.

To install Tails 7.7.3 on a new USB stick

Follow our installation instructions.

The Persistent Storage on the USB stick will be lost if you install instead of upgrading.

To download only

If you don't need installation or upgrade instructions, you can download Tails 7.7.3 directly:

Support and feedback

For support and feedback, visit the Support section on the Tails website.