New Release: Tor Browser 8.0.5
This release features important security updates to Firefox.
This new release updates Firefox to 60.5.0esr and Tor to the first stable release in the 0.3.5 series, 0.3.5.7.
It contains a number of backports from the alpha series, most notably the proper first-party isolation of range requests when loading PDF documents.
We also updated NoScript and HTTPS Everywhere to their latest versions and removed our donation campaign related code.
The full changelog since Tor Browser 8.0.4 is:
- All platforms
- Update Firefox to 60.5.0esr
- Update Tor to 0.3.5.7
- Update Torbutton to 2.0.10
- Update HTTPS Everywhere to 2019.1.7
- Update NoScript to 10.2.1
- Bug 26540: Enabling pdfjs disableRange option prevents pdfs from loading
- Bug 28740: Adapt Windows navigator.platform value on 64-bit systems
- Bug 28695: Set default security.pki.name_matching_mode to enforce (3)
https://www.whoishostingthis.com/tools/user-agent/ reports different values for "screen resolution" and "browser window size" (e.g. 1000x700 and 989x700, respectively). I did not resize the browser window prior to this.
My guess is that it's because of the scrollbar, meaning that the website can detect the width of user's scroll bar. This width might be different on different systems, graphical toolkits, desktop environments, etc., increasing the fingerprint.
Yes we are aware of that and it is tracked in https://trac.torproject.org/projects/tor/ticket/22137.