New Release: Tor Browser 8.0

 

Update (09/07 10:15 UTC): We received reports of Tor Browser 8.0 crashing during start-up on older (10.9.x) macOS systems. This is tracked in bug 27482. The current Tor stable version, 0.3.3.9, is missing a patch to make it compatible with that old and unsupported (by Apple) macOS version. This will be fixed in the planned Tor Browser 8.0.1 release. Meanwhile, users affected by this bug can try the almost identical alpha release, 8.5a1, which is shipping a newer Tor version with this bug fixed. Sorry for the inconvenience.

For the past year, we have been collecting feedback on how we can make Tor Browser work better for you.

Tor Browser 8.0, our first stable release based on Firefox 60 ESR, is now available from the Tor Browser Project page and also from our distribution directory. This release is all about users first.

Tor Browser 8.0 comes with a series of user experience improvements that address a set of long-term Tor Browser issues you’ve told us about. To meet our users' needs, Tor Browser has a new user onboarding experience; an updated landing page that follows our styleguide; additional language support; and new behaviors for bridge fetching, displaying a circuit, and visiting .onion sites.

New User Onboarding

For the most part, using Tor is like using any other browser (and it is based on Firefox), but there are some usage differences and cool things happening behind the scenes that users should be aware of. Our new onboarding experience aims to better let you know about unique aspects of Tor Browser and how to maximize those for your best browsing experience.

Improved Bridge Fetching

For users where Tor is blocked, we have previously offered a handful of bridges in the browser to bypass censorship. But to receive additional bridges, you had to send an email or visit a website, which posed a set of problems. To simplify how you request bridges, we now have a new bridge configuration flow when you when you launch Tor. Now all you have to do is solve a captcha in Tor Launcher, and you’ll get a bridge IP. We hope this simplification will allow more people to bypass censorship and browse the internet freely and privately.

Better Language Support

Millions of people around the world use Tor, but not everyone has been able to use Tor in their language. In Tor Browser 8, we’ve added resources and support for nine previously unsupported languages: Catalan, Irish, Indonesian, Icelandic, Norwegian, Danish, Hebrew, Swedish, and Traditional Chinese.

Apart from those highlights, a number of other component and toolchains got an update for this major release. In particular, we now ship Tor 0.3.3.9 with OpenSSL 1.0.2p and Libevent 2.1.8. Moreover, we switched to the pure WebExtension version of NoScript (version 10.1.9.1) which we still need to provide the security slider functionality. Additionally, we start shipping 64bit builds for Windows users which should enhance Tor Browser stability compared to the 32bit bundles.

Providing this many improvements for our users could only be possible with collaboration between the Tor Browser team and Tor's UX team, Community team, Services Admin team, and our volunteers. We would like to thank everyone for working hard over the past year to bring all these new features to our users.

Known Issues

We already collected a number of unresolved bugs since Tor Browser 7.5.6 and tagged them with our ff60-esr keyword to keep them on our radar. The most important ones are listed below:

  • WebGL is broken right now.
  • We disable Stylo on macOS due to reproducibility issues we need to investigate and fix. This will likely not get fixed for Tor Browser 8, as we need some baking time on our nightly/alpha channel before we are sure there are no reproducibility/stability regressions. The tentative plan is to get it ready for Tor Browser 8.5.

 

Note: This release is signed with a new GPG subkey as the old one expired a couple of days ago. You might need to refresh your copy of the public part of the Tor Browser signing key before doing the verification. The fingerprint of the new subkey is 1107 75B5 D101 FB36 BC6C 911B EB77 4491 D9FF 06E2.

Give Feedback

This is only the beginning of our efforts to put users first. If you find a bug or have a suggestion for how we could improve this release, please let us know.

Changelog

The full changelog since Tor Browser 7.5.6 is:

  • All platforms
    • Update Firefox to 60.2.0esr
    • Update Tor to 0.3.3.9
    • Update OpenSSL to 1.0.2p
    • Update Libevent to 2.1.8
    • Update Torbutton to 2.0.6
      • Bug 26960: Implement new about:tor start page
      • Bug 26961: Implement new user onboarding
      • Bug 26962: Circuit display onboarding
      • Bug 27301: Improve about:tor behavior and appearance
      • Bug 27214: Improve the onboarding text
      • Bug 26321: Move 'New Identity', 'New Circuit' to File, hamburger menus
      • Bug 26100: Adapt Torbutton to Firefox 60 ESR
      • Bug 26520: Fix sec slider/NoScript for TOR_SKIP_LAUNCH=1
      • Bug 27401: Start listening for NoScript before it loads
      • Bug 26430: New Torbutton icon
      • Bug 24309: Move circuit display to the identity popup
      • Bug 26884: Use Torbutton to provide security slider on mobile
      • Bug 26128: Adapt security slider to the WebExtensions version of NoScript
      • Bug 27276: Adapt to new NoScript messaging protocol
      • Bug 23247: Show security state of .onions
      • Bug 26129: Show our about:tor page on startup
      • Bug 26235: Hide new unusable items from help menu
      • Bug 26058: Remove workaround for hiding 'sign in to sync' button
      • Bug 26590: Use new svg.disabled pref in security slider
      • Bug 26655: Adjust color and size of onion button
      • Bug 26500: Reposition circuit display relay icon for RTL locales
      • Bug 26409: Remove spoofed locale implementation
      • Bug 26189: Remove content-policy.js
      • Bug 26490: Remove the security slider notification
      • Bug 25126: Make about:tor layout responsive
      • Bug 27097: Add text for Tor News signup widget
      • Bug 21245: Add da translation to Torbutton and keep track of it
      • Bug 27129+20628: Add locales ca, ga, id, is, nb, da, he, sv, and zh-TW
      • Translations update
    • Update Tor Launcher to 0.2.16.3
      • Bug 23136: Moat integration (fetch bridges for the user)
      • Bug 25750: Update Tor Launcher to make it compatible with Firefox 60 ESR
      • Bug 26985: Help button icons missing
      • Bug 25509: Improve the proxy help text
      • Bug 26466: Remove sv-SE from tracking for releases
      • Bug 27129+20628: Add locales ca, ga, id, is, nb, da, he, sv, and zh-TW
      • Translations update
    • Update HTTPS Everywhere to 2018.8.22
    • Update NoScript to 10.1.9.1
    • Update meek to 0.31
      • Bug 26477: Make meek extension compatible with ESR 60
    • Update obfs4proxy to v0.0.7 (bug 25356)
    • Bug 27082: Enable a limited UITour for user onboarding
    • Bug 26961: New user onboarding
    • Bug 26962: New feature onboarding
    • Bug 27403: The onboarding bubble is not always displayed
    • Bug 27283: Fix first-party isolation for UI tour
    • Bug 27213: Update about:tbupdate to new (about:tor) layout
    • Bug 14952+24553: Enable HTTP2 and AltSvc
      • Bug 25735: Tor Browser stalls while loading Facebook login page
    • Bug 17252: Enable TLS session identifiers with first-party isolation
    • Bug 26353: Prevent speculative connects that violate first-party isolation
    • Bug 26670: Make canvas permission prompt respect first-party isolation
    • Bug 24056: Use en-US strings in HTML forms if locale is spoofed to english
    • Bug 26456: HTTP .onion sites inherit previous page's certificate information
    • Bug 26561: .onion images are not displayed
    • Bug 26321: Move 'New Identity', 'New Circuit' to File, hamburger menus
    • Bug 26833: Backport Mozilla's bug 1473247
    • Bug 26628: Backport Mozilla's bug 1470156
    • Bug 26237: Clean up toolbar for ESR60-based Tor Browser
    • Bug 26519: Avoid Firefox icons in ESR60
    • Bug 26039: Load our preferences that modify extensions (fixup)
    • Bug 26515: Update Tor Browser blog post URLs
    • Bug 26216: Fix broken MAR file generation
    • Bug 26409: Remove spoofed locale implementation
    • Bug 25543: Rebase Tor Browser patches for ESR60
    • Bug 23247: Show security state of .onions
    • Bug 26039: Load our preferences that modify extensions
    • Bug 17965: Isolate HPKP and HSTS to URL bar domain
    • Bug 21787: Spoof en-US for date picker
    • Bug 21607: Disable WebVR for now until it is properly audited
    • Bug 21549: Disable wasm for now until it is properly audited
    • Bug 26614: Disable Web Authentication API until it is properly audited
    • Bug 27281: Enable Reader View mode again
    • Bug 26114: Don't expose navigator.mozAddonManager to websites
    • Bug 21850: Update about:tbupdate handling for e10s
    • Bug 26048: Fix potentially confusing "restart to update" message
    • Bug 27221: Purge startup cache if Tor Browser version changed
    • Bug 26049: Reduce delay for showing update prompt to 1 hour
    • Bug 26365: Add potential AltSvc support
    • Bug 9145: Fix broken hardware acceleration on Windows and enable it
    • Bug 26045: Add new MAR signing keys
    • Bug 25215: Revert bug 18619 (we are not disabling IndexedDB any longer)
    • Bug 19910: Rip out optimistic data socks handshake variant (#3875)
    • Bug 22564: Hide Firefox Sync
    • Bug 25090: Disable updater telemetry
    • Bug 26127: Make sure Torbutton and Tor Launcher are not treated as legacy extensions
    • Bug 13575: Disable randomised Firefox HTTP cache decay user tests
    • Bug 22548: Firefox downgrades VP9 videos to VP8 for some users
    • Bug 24995: Include git hash in tor --version
    • Bug 27268+27257+27262+26603 : Preferences clean-up
    • Bug 26073: Migrate general.useragent.locale to intl.locale.requested
    • Bug 27129+20628: Make Tor Browser available in ca, ga, id, is, nb, da, he, sv, and zh-TW
      • Bug 12927: Include Hebrew translation into Tor Browser
      • Bug 21245: Add danish (da) translation
  • Windows
    • Bug 20636+10026: Create 64bit Tor Browser for Windows
      • Bug 26239+24197: Enable content sandboxing for 64bit Windows builds
      • Bug 26514: Fix intermittent updater failures on Win64 (Error 19)
      • Bug 26874: Fix UNC path restrictions failure in Tor Browser 8.0a9
      • Bug 12968: Enable HEASLR in Windows x86_64 builds
    • Bug 26381: Work around endless loop during page load and about:tor not loading
    • Bug 27411: Fix broken security slider and NoScript interaction on Windows
    • Bug 22581: Fix shutdown crash
    • Bug 25266: PT config should include full names of executable files
    • Bug 26304: Update zlib to version 1.2.11
    • Update tbb-windows-installer to 0.4
      • Bug 26355: Update tbb-windows-installer to check for Windows7+
    • Bug 26355: Require Windows7+ for updates to Tor Browser 8
  • OS X
    • Bug 24136: After loading file:// URLs clicking on links is broken on OS X
    • Bug 24243: Tor Browser only renders HTML for local pages via file://
    • Bug 24263: Tor Browser does not run extension scripts if loaded via about:debugging
    • Bug 22794: Don't open AF_INET/AF_INET6 sockets when AF_LOCAL is configured
  • Linux
    • Bug 22794: Don't open AF_INET/AF_INET6 sockets when AF_LOCAL is configured
    • Bug 25485: Unbreak Tor Browser on systems with newer libstdc++
    • Bug 20866: Fix OpenGL software rendering on systems with newer libstdc++
    • Bug 26951+18022: Fix execdesktop argument passing
    • Bug 24136: After loading file:// URLs clicking on links is broken on Linux
    • Bug 24243: Tor Browser only renders HTML for local pages via file://
    • Bug 24263: Tor Browser does not run extension scripts if loaded via about:debugging
    • Bug 20283: Tor Browser should run without a `/proc` filesystem.
    • Bug 26354: Set SSE2 support as minimal requirement for Tor Browser 8
  • Build System
    • All
      • Bug 26362+26410: Use old MAR format for first ESR60-based stable
      • Bug 27020: RBM build fails with runc version 1.0.1
      • Bug 26949: Use GitHub repository for STIX
      • Bug 26773: Add --verbose to the ./mach build flag for firefox
      • Bug 26319: Don't package up Tor Browser in the `mach package` step
      • Bug 27178: add support for xz compression in mar files
      • Clean up
    • Windows
      • Bug 26203: Adapt tor-browser-build/tor-browser for Windows
      • Bug 26204: Bundle d3dcompiler_47.dll for Tor Browser 8
      • Bug 26205: Don't build the uninstaller for Windows during Firefox compilation
      • Bug 26206: Ship pthread related dll where needed
      • Bug 26396: Build libwinpthread reproducible
      • Bug 25837: Integrate fxc2 into our build setup for Windows builds
      • Bug 27152: Use mozilla/fxc2.git for the fxc2 repository
      • Bug 25894: Get a rust cross-compiler for Windows
      • Bug 25554: Bump mingw-w64 version for ESR 60
      • Bug 23561: Fix nsis builds for Windows 64
        • Bug 13469: Windows installer is missing many languages from NSIS file
      • Bug 23231: Remove our STL Wrappers workaround for Windows 64bit
      • Bug 26370: Don't copy msvcr100.dll and libssp-0.dll twice
      • Bug 26476: Work around Tor Browser crashes due to fix for bug 1467041
      • Bug 18287: Use SHA-2 signature for Tor Browser setup executables
      • Bug 25420: Update GCC to 6.4.0
      • Bug 16472: Update Binutils to 2.26.1
      • Bug 20302: Fix FTE compilation for Windows with GCC 6.4.0
      • Bug 25111: Don't compile Yasm on our own anymore for Windows Tor Browser
      • Bug 18691: Switch Windows builds from precise to jessie
    • OS X
      • Bug 24632: Update macOS toolchain for ESR 60
      • Bug 9711: Build our own cctools for macOS cross-compilation
      • Bug 25548: Update macOS SDK for Tor Browser builds to 10.11
      • Bug 26003: Clean up our mozconfig-osx-x86_64 file
      • Bug 26195: Use new cctools in our macosx-toolchain project
      • Bug 25975: Get a rust cross-compiler for macOS
      • Bug 26475: Disable Stylo to make macOS build reproducible
      • Bug 26489: Fix .app directory name in tools/dmg2mar
    • Linux
Anonymous

September 05, 2018

Permalink

On MacOS 10.9.5 today's update gets me a crashed Tor browser upon startup every time. I had to revert to the previous version.

Anonymous

September 05, 2018

Permalink

Automatic update just updated to this version.

With all the updated features, it looks like alot of heart and soul was put into a major remodeling. The added features are kind of cool.

but...

You can no longer can see circuits you are on :(. Vidalia was the most perfect expression of this, and since it was taken away, at least we could see the circuits. Now we see nothing. Threre are times I do not want a certain country code or tor node in the circuit (i.e. Liberia, Nigeria, Ukraine) and when so, I reset it. Until now.

You can no longer change fingerprint from the onion dropdown :(. I have to restart Tor for that now.

I tried the alpha version before this release and ran back to the 7.56 for the reasons above and because of update issues. Please stop taking away useful functionality when adding new stuff and bring the circuit view and change fingerprint back if only as selectable options.

Hej Ranger,
couldn't say it any better.
I also stepped back to 7.56 because of the missing visibility of circuits and possibility of resetting it.
I absolutely agree.

Yes, you can see your circuits and get a new Tor circuit for a website. As the blog post, the note after the update and the new user onboarding says: it moved to the "identity box" in the URL bar (the "lock" icon). That way it fits much better into the toolbar as it is making site-specific options available for the particular site you currently have open.

Anonymous

September 05, 2018

Permalink

so first firefox fuzzing up all there extensions with quantum. and now you are doing the same. al my fucking extensions has become legacy. sigh im so sick and tired of this shiz

Anonymous

September 05, 2018

Permalink

No more updates on XP and Vista? Are you serious?? Do you know how many people will no longer be able to use Tor at work since many businesses, including government/military/banks, STILL use XP and Vista?? Is there any way to fix this??

Anonymous

September 05, 2018

Permalink

OMG please revert back to old style. Where's the advanced settings to turn off plugins, even the about:config page is different. DuckDuckGo does not work, and of course when you're on full secure lock down, neither does Google.

I used to go security settings, HIGH, advanced, turn off all plugins, then about:config and turn off JAVA proper. Now I'm unsafe.

Anonymous

September 05, 2018

Permalink

The new about:tor page is really nice, but I miss the "am I on tor?" link.
And I agree with the others about the User Agent. If you don't fix this at least give us a tip to fix it in about:config

Anonymous

September 05, 2018

Permalink

No Script has a mind of its own now. New Tor circuit for site is gone too. And know matter how many years go by, no one is going to fix the incessant cloudfare problem? The fact that websites know that an incoming request is from a Tor user is something that should've been solved long ago as well. We aren't free to do simple internet searches anonymously.

I wish all of you the very best! I mean that! But the Tor infrastructure is hand-cuffed somewhere, and the primitive versions of Tor worked the best! Goodbye Tor! Hopefully we can re-enage one day, but this is getting far to fragmented and disorganized for the average user with ambiguous scalability for the ones who support you

"No, the New Tor circuit is not gone, it moved where it better belongs to: the URL bar, more specifcially behind the "lock" icon/identity box showing information about the website."

I'm not bothered by the new icon but I don't know why you think it "belongs" so much to the URL bar. IMO it wasn't worth losing so much time coding and developing a new icon when the Tor Button was doing the job perfectly.

The problem is/was that the icons on the toolbar are not for specific tabs but for the whole browsing session. For instance the update status (the blinking Torbutton icon if you run an outdated version) is not dependent on a particular tab. Yet the circuit display makes only sense with respect to a URL loaded in a particular tab. The mixing of tab-specific/non-tab-specific items in Torbutton was very confusing. We solved that for the circuit display by putting it directly into the identity box which is collecting all the site-specific information anyway.

Anonymous

September 05, 2018

Permalink

Can I remove the "flexible space" on either side of the address+search bar without compromising anonymity? I hate not being able to visually confirm the ends of URLs. Version 8.0 fades and hides the ends from view, so you have to click and scroll sideways each time.

Anonymous

September 05, 2018

Permalink

Tor browser przestał działać z czytnikami ekranu na systemie Windows takimi jak Nvda. Teraz aplikacja jest nie możliwa do używania przez osoby niewidome. Proszę o naprawienie.

Anonymous

September 05, 2018

Permalink

You reveal the IP, port, transport protocol, and most of the fingerprint of a bridge in the large GIF in the post under "Improved Bridge Fetching". Outing that bridge means its metadata is almost as quickly discoverable as those of the bundled bridges unless it was one before. Please consider that.

Anonymous

September 05, 2018

Permalink

My system is Vista and I use chrome+ff. it said I cant get the updates anymore from Tor. I cant afford to buy new system and i still stick to my old fashion one i got used to for up to10 years. please let me know if it is possible. I use Tor to be anonymous for some websites I most visit per day. I really want it back. I am not that young to learn the new thing and new systems :( please help me out of this :( make some exception for those old ones like me who can not change their habits.

Anonymous

September 05, 2018

Permalink

My initial thoughts:

sandboxed-tor-browser now doesn't work (and I imagine it probably never will again.) That's not unexpected, but it is sad.

I don't like the new about:tor. It feels like an advertisement, and I don't particularly want to be advertised to every time I start my browser. "Explore. Privately." is just plain tacky. As for "the world’s most private browsing experience", it feels like you're trying to draw a comparison to other software - but given that there isn't any other software in Tor's class, all that does is bring you down to their level.

It's hard to explain, but the old about:tor screen was friendly and calming. This one is much less so.

The tutorial obviously isn't meant for me, but I would point out that the word "onboarding" also feels like marketing-speak.

I don't like that the onion icon is not brightly colored. I spend a lot of time using both Tor Browser and Firefox, and I want to have an obvious visual cue to tell them apart. Like about:tor, the bright green onion was comforting. The new onion icon is quite hard to see, at least with the dark desktop theme I'm using.

The new NoScript menu consists entirely of cryptic icons. Well, as wonderful as NoScript is, it's never been a paragon of UI design, but this seems worse than before.

With all that said: *thank you* to everyone working on Tor Browser. I'm only griping because of how well-constructed the old UI was, and I hope and expect that in time, the new UI will be even better.

I agree about the "about:tor" page. It's now like those ridiculous Apple ads full of empty advertising jargon. Anonymity as a consumer good is a trend that Tor project should resist and not follow. It gives a sense of trickery and of constant changes for the sake of increasing market share.
The first page you see should be simple, informative - and as boring as bureaucracy. "You're connected to Tor, you're using this version, here's some links to more info." That gives the user more confidence that the Browser itself is an ordinary and boring (reliable!) tool.

Anonymous

September 05, 2018

Permalink

Just want to say a MASSIVE THANK YOU to everybody who works on these browsers and tor in general, those out front and behind the scenes. The unsung heroes and heroines (and whatever such label a non-binary person might use), you are LOVED. xo

Anonymous

September 05, 2018

Permalink

whoer.net now correctly detects my real OS no matter how many times I choose a New Identity; this never happened before!

Anonymous

September 06, 2018

Permalink

hi, can't use it in china, I can't open any dot onion website using 8.0 version, and when I click request a bridge from tor project, it shows unable to obtain a bridge from bridgeBD 0x805a2ff4, does anyone can tell me what to do? Im a little confused, thanks

The bug obtaining a bridge directly from BridgeDB should be fixed by now. Does it work better for you now? That said, dealing with China is tough. Last we heard the meek-azure transport is still working. Maybe that could be an option for you as well?

Anonymous

September 06, 2018

Permalink

All of the functions relating to Tor used to be in one place, the attention-grabbing TorButton icon, but in this version they are scattered in three or more places. It is less intuitive. "New Identity" and "New Circuit" are mixed in with the jumble of Firefox options in the hamburger menu (that we aren't supposed to touch lest our anonymity be jeopardized) and appear as if they have the same worth, i.e. to just ignore them rather than understand their importance and purposely use them.

That's only partly true. Yes, those options are available on the hamburger menu but only as "fallbacks". You have "New Circuit" option with the circuit display on the left site of the URL bar (clicking on the "i" icon) indicating that what you and choose for an option is directly tied to the URL you have open. "New Identity" will get an own button on the toolbar soon, we were not able to finish that item before Tor Browser 8 got out.

Anonymous

September 06, 2018

Permalink

Is the user agent spoofing broken in 8.0? Type user agent into duckduckgo and it is no longer showing Windows NT 6.1 but

Your user agent: Mozilla/5.0 (X11; Linux x86_64; rv:60.0) Gecko/20100101 Firefox/60.0
Other HTTP headers
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.5
Host: duckduckgo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:60.0) Gecko/20100101 Firefox/60.0
Content-Length: 12
Content-Type: application/x-www-form-urlencoded
UPGRADE-INSECURE-REQUESTS: 1

Anonymous

September 06, 2018

Permalink

Too many bugs. I'm listing up all issues, please do something!

1. There's so many "Firefox" word in about:preferences which you failed to replace them properly,
2. You forgot to check "Prevent accessibility service from accesing your browser"(IIRC) by default,
3. You forgot to disable "View Firefox Studies" link and its contents (Firefox Data collection and use section),
4. Just remove "Firefox Data Collection and Use" section because it is creepy,
5. In Permissions, Location/Camera/Microphone should have "Block new requests asking to access" checked-on by default,
6. When the user changed the search engine to other provider, Tor Browser forcefully changed it to DuckDuckgo,
7. When I visit https: .onion, the URL bar shows green onion + pad lock icon, but the browser complain about self-sign certificate. Can't you just ignore this already??
8. And your updater still deliver Windows 32bit version. Why I can't reveive 64-bit of TBB?

That's a long list. Let me answer you in reverse order:
8) Because your Tor Browser is asking for a 32bit update. Once you start with a 64bit Tor Browser that one will ask for a 64bit update. We have https://trac.torproject.org/projects/tor/ticket/24196 for updating 64bit capable Tor Browser users that use a 32bit build to 64bit.
7) Maybe? It seems to be a misconfiguration on the sever-side, though, to me. We have https://trac.torproject.org/projects/tor/ticket/13410 for that.
6) Could you give me steps to reproduce this bug?
5) I think we take care of that by not compiling WebRTC in and flipping related preferences.
re 4)-3) and 1): yes there is clean-up to be done on the about:preferenecs page see: e.g. https://trac.torproject.org/projects/tor/ticket/26504
2) I don't think we want to check that checkbox by default. That leaves users that depend on those tools with a broken Tor Browser.

Join the discussion...

This question is for testing whether or not you are a human visitor and to prevent automated spam submissions.

1 + 1 =
Solve this simple math problem and enter the result. E.g. for 1+3, enter 4.