New Release: Tor Browser 9.0

Update [7:30 UTC]: Clarified the amount of locales we support. It's 32 with Tor Browser 9.0.

Update [10:45 UTC]: Added a section about letterboxing.

Tor Browser 9.0 is now available from the Tor Browser download page and also from our distribution directory.

This release features important security updates to Firefox.

Tor Browser 9.0 is the first stable release based on Firefox 68 ESR and contains a number of updates to other components as well (including Tor to and OpenSSL to 1.1.1d for desktop versions and Tor to for Android).

In addition to all the needed patch rebasing and toolchain updates, we made big improvements to make Tor Browser work better for you.

We want everyone in the world to be able to enjoy the privacy and freedom online Tor provides, and that's why over the past couple years, we've been working hard to boost our UX and localization efforts, with the biggest gains first visible in Tor Browser 8.0.

In Tor Browser 9.0, we continue to build upon those efforts with sleeker integration and additional localization support.

Goodbye, Onion Button

We want your experience using Tor to be fully integrated within the browser so how you use Tor is more intuitive. That's why now, rather than using the onion button that was in the toolbar, you can see your path through the Tor network and request a New Circuit through the Tor network in [i] on the URL bar.

Tor Browser - circuit display - dark theme


Hello, New Identity Button

Tor Browser - Toolbar - New Identity Button

Instead of going into the onion button to request a New Identity, we've made this important feature easier to access by giving it its own button in the toolbar.

Tor Browser - New Identity

You can also request a New Identity, and a New Circuit, from within the [=] menu on the toolbar.

Torbutton and Tor Launcher Integration

Now that both extensions are tightly integrated into Tor Browser, they'll no longer be found on the about:addons page.

Tor Browser - about preferences

We redesigned the bridge and proxy configuration dialogs and include them directly into the browser's preference settings as well.

Rather than being a submenu behind the onion button, Tor Network Settings, including the ability to fetch bridges to bypass censorship where Tor is blocked, are easier to access on about:preferences#tor.


Tor Browser, in its default mode, is starting with a content window rounded to a multiple of 200px x 100px to prevent fingerprinting the screen dimensions. The strategy here is to put all users in a couple of buckets to make it harder to single them out. That worked until users started to resize their windows (e.g. by maximizing them or going into fullscreen mode). Tor Browser 9 ships with a fingerprinting defense for those scenarios as well, which is called Letterboxing, a technique developed by Mozilla and presented earlier this year. It works by adding white margins to a browser window so that the window is as close as possible to the desired size while users are still in a couple of screen size buckets that prevent singling them out with the help of screen dimensions.

Better Localization Support

If we want all people around the world to be able to use our software, then we need to make sure it's speaking their language. Since 8.0, Tor Browser has been available in 25 languages, and we added 5 locales more in Tor Browser 8.5. Today, we add support for two additional languages: Macedonian (mk) and Romanian (ro), bringing the number of supported languages to 32.

We also fixed bugs in our previously shipped localized bundles (such as ar and ko).

Many thanks to everyone who helped with these, in particular to our translators.

Known Issue

As usual when preparing Tor Browser releases, we verified that the build is bit-for-bit reproducible. While we managed to get two matching builds, we found that in some occasions the builds differ (we found this happening on the Linux i686 and macOS bundles). We are still investigating the cause of this issue to fix it.

Give Feedback

If you find a bug or have a suggestion for how we could improve this release, please let us know. Thanks to all of the teams across Tor, and the many volunteers, who contributed to this release.


The full changelog since Tor Browser 8.5.6 is:

  • All Platforms
    • Update Firefox to 68.2.0esr
    • Bug 31740: Remove some unnecessary RemoteSettings instances
    • Bug 13543: Spoof smooth and powerEfficient for Media Capabilities
    • Bug 28196: about:preferences is not properly translated anymore
    • Bug 19417: Disable asmjs on safer and safest security levels
    • Bug 30463: Explicitly disable MOZ_TELEMETRY_REPORTING
    • Bug 31935: Disable profile downgrade protection
    • Bug 16285: Disable DRM/EME on Android and drop Adobe CDM
    • Bug 31602: Remove Pocket indicators in UI and disable it
    • Bug 31914: Fix eslint linter error
    • Bug 30429: Rebase patches for Firefox 68 ESR
    • Bug 31144: Review network code changes for Firefox 68 ESR
    • Bug 10760: Integrate Torbutton into Tor Browser directly
    • Bug 25856: Remove XUL overlays from Torbutton
    • Bug 31322: Fix about:tor assertion failure debug builds
    • Bug 29430: Add support for meek_lite bridges to bridgeParser
    • Bug 28561: Migrate "About Tor Browser" dialog to tor-browser
    • Bug 30683: Prevent detection of locale via some *.properties
    • Bug 31298: Backport patch for #24056
    • Bug 9336: Odd wyswig schemes without isolation for
    • Bug 27601: Browser notifications are not working anymore
    • Bug 30845: Make sure internal extensions are enabled
    • Bug 28896: Enable extensions in private browsing by default
    • Bug 31563: Reload search extensions if extensions.enabledScopes has changed
    • Bug 31396: Fix communication with NoScript for security settings
    • Bug 31142: Fix crash of tab and messing with about:newtab
    • Bug 29049: Backport JS Poison Patch
    • Bug 25214: Canvas data extraction on local pdf file should be allowed
    • Bug 30657: Locale is leaked via title of link tag on non-html page
    • Bug 31015: Disabling SVG hides UI icons in extensions
    • Bug 30681: Set security.enterprise_roots.enabled to false
    • Bug 30538: Unable to comment on The Independent Newspaper
    • Bug 31209: View PDF in Tor Browser is fuzzy
    • Translations update
  • Windows + OS X + Linux
    • Update Tor to
    • Update OpenSSL to 1.1.1d
      • Bug 31844: OpenSSL 1.1.1d fails to compile for some platforms/architectures
    • Update Tor Launcher to
      • Bug 28044: Integrate Tor Launcher into tor-browser
      • Bug 32154: Custom bridge field only allows one line of input
      • Bug 31286: New strings for about:preferences#tor
      • Bug 31303: Do not launch tor in browser toolbox
      • Bug 32112: Fix bad & escaping in translations
      • Bug 31491: Clean up the old meek http helper browser profiles
      • Bug 29197: Remove use of overlays
      • Bug 31300: Modify Tor Launcher so it is compatible with ESR68
      • Bug 31487: Modify moat client code so it is compatible with ESR68
      • Bug 31488: Moat: support a comma-separated list of transports
      • Bug 30468: Add mk locale
      • Bug 30469: Add ro locale
      • Bug 30319: Remove FTE bits
      • Translations update
    • Bug 32092: Fix Tor Browser Support link in preferences
    • Bug 32111: Fixed issue parsing user-provided bridge strings
    • Bug 31749: Fix security level panel spawning events
    • Bug 31920: Fix Security Level panel when its toolbar button moves to overflow
    • Bug 31748+31961: Fix 'Learn More' links in Security Level preferences and panel
    • Bug 28044: Integrate Tor Launcher into tor-browser
    • Bug 31059: Enable Letterboxing
    • Bug 30468: Add mk locale
    • Bug 30469: Add ro locale
    • Bug 29430: Use obfs4proxy's meek_lite with utls instead of meek
    • Bug 31251: Security Level button UI polish
    • Bug 31344: Register SecurityLevelPreference's 'unload' callback
    • Bug 31286: Provide network settings on about:preferences#tor
    • Bug 31886: Fix ko bundle bustage
    • Bug 31768: Update onboarding for Tor Browser 9
    • Bug 27511: Add new identity button to toolbar
    • Bug 31778: Support dark-theme for the Circuit Display UI
    • Bug 31910: Replace meek_lite with meek in circuit display
    • Bug 30504: Deal with New Identity related browser console errors
    • Bug 31929: Don't escape DTD entity in ar
    • Bug 31747: Some onboarding UI is always shown in English
    • Bug 32041: Replace = with real hamburguer icon ≡
    • Bug 30304: Browser locale can be obtained via DTD strings
    • Bug 31065: Set network.proxy.allow_hijacking_localhost to true
    • Bug 24653: Merge into torbutton.dtd
    • Bug 31164: Set up default bridge at Karlstad University
    • Bug 15563: Disable ServiceWorkers on all platforms
    • Bug 31598: Disable warning on window resize if letterboxing is enabled
    • Bug 31562: Fix circuit display for error pages
    • Bug 31575: Firefox is phoning home during start-up
    • Bug 31491: Clean up the old meek http helper browser profiles
    • Bug 26345: Hide tracking protection UI
    • Bug 31601: Disable recommended extensions again
    • Bug 30662: Don't show Firefox Home when opening new tabs
    • Bug 31457: Disable per-installation profiles
    • Bug 28822: Re-implement desktop onboarding for ESR 68
  • Windows
    • Bug 31942: Re-enable signature check for language packs
    • Bug 29013: Enable stack protection for Firefox on Windows
    • Bug 30800: ftp:// on Windows can be used to leak the system time zone
    • Bug 31547: Back out patch for Mozilla's bug 1574980
    • Bug 31141: Fix typo in font.system.whitelist
    • Bug 30319: Remove FTE bits
  • OS X
    • Bug 30126: Make Tor Browser compatible with macOS 10.15
    • Bug 31607: App menu items stop working on macOS
    • Bug 31955: On macOS avoid throwing inside nonBrowserWindowStartup()
    • Bug 29818: Adapt #13379 patch for 68esr
    • Bug 31464: Meek and moat are broken on macOS 10.9 with Go 1.12
  • Linux
    • Bug 31942: Re-enable signature check for language packs
    • Bug 31646: Update abicheck to require newer
    • Bug 31968: Don't fail if /proc/cpuinfo is not readable
    • Bug 24755: Stop using a heredoc in start-tor-browser
    • Bug 31550: Put curly quotes inside single quotes
    • Bug 31394: Replace "-1" with "−1" in start-tor-browser.desktop
    • Bug 30319: Remove FTE bits
  • Android
    • Update Tor to
    • Bug 31010: Rebase mobile patches for Fennec 68
    • Bug 31010: Don't use addTrustedTab() on mobile
    • Bug 30607: Support Tor Browser running on Android Q
    • Bug 31192: Support x86_64 target on Android
    • Bug 30380: Cancel dormant by startup
    • Bug 30943: Show version number on mobile
    • Bug 31720: Enable website suggestions in address bar
    • Bug 31822: Security slider is not really visible on Android anymore
    • Bug 24920: Only create Private tabs in permanent Private Browsing Mode
    • Bug 31730: Revert aarch64-workaround against JIT-related crashes
    • Bug 32097: Fix conflicts in mobile onboarding while rebasing to 68.2.0esr
  • Build System
    • All Platforms
      • Bug 30585: Provide standalone clang 8 project across all platforms
      • Bug 30376: Use Rust 1.34 for Tor Browser 9
      • Bug 30490: Add cbindgen project for building Firefox 68 ESR/Fennec 68
      • Bug 30701: Add nodejs project for building Firefox 68 ESR/Fennec 68
        • Bug 31621: Fix node bug that makes large writes to stdout fail
      • Bug 30734: Add nasm project for building Firefox 68 ESR/Fennec 68
      • Bug 31293: Make sure the lo interface inside the containers is up
      • Bug 27493: Clean up mozconfig options
      • Bug 31308: Sync mozconfig files used in tor-browser over to tor-browser-build for esr68
    • Windows
      • Bug 29307: Use Stretch for cross-compiling for Windows
      • Bug 29731: Remove faketime for Windows builds
      • Bug 30322: Windows toolchain update for Firefox 68 ESR
        • Bug 28716: Create mingw-w64-clang toolchain
        • Bug 28238: Adapt firefox and fxc2 projects for Windows builds
        • Bug 28716: Optionally omit timestamp in PE header
        • Bug 31567: NS_tsnprintf() does not handle %s correctly on Windows
        • Bug 31458: Revert patch for #27503 and bump mingw-w64 revision used
      • Bug 9898: Provide clean fix for strcmpi issue in NSPR
      • Bug 29013: Enable stack protection support for Firefox on Windows
      • Bug 30384: Use 64bit containers to build 32bit Windows Tor Browser
      • Bug 31538: Windows bundles based on ESR 68 are not built reproducibly
      • Bug 31584: Clean up mingw-w64 project
      • Bug 31596: Bump mingw-w64 version to pick up fix for #31567
      • Bug 29187: Bump NSIS version to 3.04
      • Bug 31732: Windows nightly builds are busted due to mingw-w64 commit bump
      • Bug 29319: Remove FTE support for Windows
    • OS X
      • Bug 30323: MacOS toolchain update for Firefox 68 ESR
      • Bug 31467: Switch to clang for cctools project
      • Bug 31465: Adapt tor-browser-build projects for macOS notarization
    • Linux
      • Bug 31448: gold and lld break linking 32bit Linux bundles
      • Bug 31618: Linux32 builds of Tor Browser 9.0a6 are not matching
      • Bug 31450: Still use GCC for our ASan builds
      • Bug 30321: Linux toolchain update for Firefox ESR 68
        • Bug 30736: Install yasm from wheezy-backports
        • Bug 31447: Don't install Python just for Mach
      • Bug 30448: Strip Browser/gtk2/
    • Android
      • Bug 30324: Android toolchain update for Fennec 68
        • Bug 31173: Update android-toolchain project to match Firefox
        • Bug 31389: Update Android Firefox to build with Clang
        • Bug 31388: Update Rust project for Android
        • Bug 30665: Get Firefox 68 ESR working with latest android toolchain
        • Bug 30460: Update TOPL project to use Firefox 68 toolchain
        • Bug 30461: Update tor-android-service project to use Firefox 68 toolchain
      • Bug 28753: Use Gradle with --offline when building the browser part
      • Bug 31564: Make Android bundles based on ESR 68 reproducible
      • Bug 31981: Remove require-api.patch
      • Bug 31979: TOPL: Sort dependency list
      • Bug 30665: Remove unnecessary build patches for Firefox

Wouldn't Wireshark show encrypted Tor traffic? In the case of spyware Tor is a double edged sword because it's not easy to monitor what data leaves your computer if the spyware uses Tor.

When I want to test what data some program sends out I do it in a Whonix workstation. I'm not sure that's possible with Tor browser inside Whonix though.

Would love to hear about some other possible setups to both analyze the traffic and send it over Tor. Or, leaving Tor aside, some way to trick a program or the OS into sending requests even when not connected to the Internet so that you can see what requests would be sent to the outside world.

Since telemetry is on the Firefox side rather than in the tor binary, it seems theoretically possible to deproxy the browser so it communicates via the normal internet and so Tor's encryption is absent, but the telemetry data itself, if sent, is probably wrapped in Mozilla's TLS certificate. But OP left out that about:telemetry says, "upload is disabled."

> When I want to test what data some program sends out I do it in a Whonix workstation. I'm not sure that's possible with Tor browser inside Whonix though.

The idea is that you have a test machine running Whonix and a monitoring machine running Tails (say) which is behind the LAN tap at bottom of the "T". To anthropomorphize, the test machine has no idea that the LAN tap even exists, much less that it is copying every packet sent from the test machine to the router (or vice versa; you need two test machines and two captures to study bidirectional traffic). You take the capture on the monitoring machine using tcpdump with the option to drop privileges and later study the capture using wireshark (on a Debian machine, say). The last step does not require root privileges since you are using wireshark to study an existing packet dump not to make one (which would be dangerous to do using wireshark with root privileges).

You can also use Tails to capture WLAN traffic using airodump-ng, and later study the packets using Wireshark.

None of this tests what happens after traffic leaves your LAN or local WiFi.
Tails is very useful for all kinds of other things besides legitimate monitoring of your own devices/network, of course.


October 23, 2019



After I upgraded to 9, there is NO OPTION to set custom proxy
and the browser is IGNORING extensions.torbutton.use_nontor_proxy congiguration.

I NEED TO USE my proxy with tor browser. I was able to disablr tor addons and use any proxy.



October 23, 2019


Has anyone else had their twitter accounts locked out and about to be suspended after the new Tor update? I just lost my account after the new update and noticing before I was locked out Tor looked completely different with a large white border around the screen which made all pages online smaller. Could whatever Tor did in their update have made twitter accounts using Tor seem as "suspicious activity?"

Twitter was asking me to confirm my phone number. Before all they would ask is just type in your phone number. Today after the new Tor update it was asking me to CONFIRM the phone number I would need the actual phone in order to do so. The twitter account I have isn't originally mine and the person whose account it originally belonged to no longer has access to that phone number.

The ONLY other time this happened to me was weeks ago I lost two twitter accounts after installing an addon that would revert back to twitter's classic theme instead of the God-awful forced new twitter interface. The addon was just a simple user-agent switcher they explained it as it makes it appear as IE instead of as "mobile." The two accounts I lost at that time were also asking for me to confirm the phone number instead of just typing in the phone number which would let you log in normally.

I just got an email back from twitter's support saying they have unlocked the account. Now I'm afraid I might lose it again.

Here's how the new update looks with the new thick white border and it's how ALL pages online look regardless of where you go. The scroll bar on the right never appeared before either. Pages now at default zoom show that scroll bar on the right suggesting it's a larger screen when it's not.

Windows TBB 9.0

I just got an email back from twitter's support saying they have unlocked the account. Now I'm afraid I might lose it again.

Write Twitter back to tell them that you use Tor because you represent a majority of internet users who support greater personal privacy [1, 2, 3, 4, 5, 6, 7, 8, 9] and that Twitter's automated defenses, not your behavior or content, are preventing you from being their return customer or "maximizing user engagement".

Link to this comment if you want, but I don't think would be as effective as your own personal stories.


October 23, 2019


не работает после обновления выдает ошибку на windows 7 32 bit "запуск программы невозможен так как на компьютере отсутствует api-ms-win-crt-convert-l1-1-0.dll 2019" как мне исправить это? до этого обновления браузер работал отлично!


October 23, 2019


if somebody has troubles to launch TBB (standalone) with firejail:
old launcher - ALL tabs crashing, no browsing:
Exec=firejail sh -c '"PATH/tor-browser_en-US/Browser/start-tor-browser" --detach || ([ ! -x "PATH/tor-browser_en-US/Browser/start-tor-browser" ] && "$(dirname "$*")"/Browser/start-tor-browser --detach)' dummy %k
new launcher - works properly:
Exec=firejail PATH/tor-browser_en-US/Browser/start-tor-browser


October 23, 2019


Bug 25214: Canvas data extraction on locale pdf file should be allowed


October 23, 2019


big bugg after the update
the tor browser opens in start and not the other so i cant use bridges


October 23, 2019


New torbrowser can't be started with system tor on a Linux machines. Tor launcher cat't be deleted


October 23, 2019


context menu (rightclick) on a link or button doesn't work properly. it opens the link immediately. happens in tbb only.


October 23, 2019


looks like the changes with the proxy settings broke stuff like zeronet, i2p and freenet (probably because it seems like there's no option to block the proxy on certain addresses), and foxyproxy doesn't seem to help it. i'll back off to 8.0 again, but this should really be fixed, messing with what works can be annoying.


October 23, 2019


first of all as always i appreciate all the hard work you guys put into keeping us safe out there!

but this version 9.0 isnt that supposed to be a stable version?

i cant run tor i fullscreen, theres missing like 15mm on each side of the screen.

also i miss the old blog version, this one looks really messy. cant see who wrote what to who and where the new comment comes in.

beside that great work!

It is a stable version, yes. You can disable the letterboxing feature (see the blog text for what it is about) in your about:config by flipping a preference (privacy.resistFingerprinting.letterboxing to false).

The blog is a sad story. We try to get that fixed but it seems that it is hard. The worked is tracked in http://ea5faa5po25cf7fb.onion/projects/tor/ticket/31114.

thanks for your respons gk, really appreaciate it because it made me go back to the outdated version that kept crasching. about the old version 8.5.5. it refuse to update from the browser. well the the update starts but then it refuse to launch the browser when the update is done. just wanted to let you know, there seem to be something hindering it from launching.

hope you guys find a fix for the blog. also i wish to have a dark version of the blog because this one (white/light) kills my eyes.

how can i give the tor browser a dark theme? i saw someone mentioned that there is a dark theme. much appreciated!

> it refuse to launch the browser when the update is done.

Check if your drive has enough space on the partition where you installed Tor Browser.

> how can i give the tor browser a dark theme?

Hamburger menu [≡] -> Add-ons (Ctrl+Shift+A) -> Themes
The letterbox border is not colored yet. It is planned to be.

> The blog is a sad story.

I worry about the fact that the PKI cert is so different from what I expect for a sensitive site. I am concerned that the blog I see may be a malicious clone of the real blog because I cannot reasonably assure myself of its relationship to Tor Project from the cert. If you disagree that this is an issue, please ask a TP expert to post explaining why it is not a serious issue.

It would also be very helpful to have a post advising how to use TB properly. E.g. I suspect most users do not know how to take advantage of sandboxing and try to store downloaded files in the wrong directory, or to use terminals in the wrong directory, etc.

If I understand you correctly, you are in the habit of deliberately maximizing the TB window. If so, can you explain?

As a user who loudly demanded the new letterboxing protection against too easy window size fingerprinting, because I sometimes *accidently* maximize the window, I am sorry to see how much confusion it is causing. I hope the users who are unhappy soon find you can live with it.

I too have technical problems with the blog, but only if I forget to change the security setting from "Safest" to "Safer" before submitting a comment. I can live with that. The way I see it, quashing bugs, doing research into growing the Tor network, expanding the Debian onions to other distros, to CRAN, Raspbian, etc, and keeping them healthy, reaching out to some of the more reasonable members of the Fourth Estate to combat FBI's anti-Tor FUD, etc, etc. is more important. But yeah if TP can fix all those it would be great to improve the blog :-)

all levels of security are much appreciated! however not everyone is living in a dictator state, hiding from the the fbl or being a criminal. i simply just choose my time when i need extra level of security, for example when doing bank transactions and not for all times. i use tor for everything and in long terms some of the features can get really annoying. i didnt buy a bigger screen so that i could see smaler windows. stay safe out there, unless youre a bad person then i couldnt care less what happen to you guys because i dont think bad people deserve any kind of protection what so ever :)

> all levels of security are much appreciated! however not everyone is living in a dictator state

You seem to not have read the basic overview that Tor's effectiveness depends on strength in numbers. No matter where you live or what you do with it, the protection you enjoy depends in part on whether your co-users, bouncing around the global Tor network and out of exit nodes, look like you when you all come out wherever your exit nodes happen to be. I would love so much for you and every newbie to interact with the map of circuits that was in Vidalia. Tor is not meant to act or be used differently for people logging into their local bank or watching meme videos than it is for people facing criminalization by whichever government's present-day incarnation of laws you happen to be subject to offline. Competency in using Tor demands a global perspective. Walk in someone else's shoes -- That is what the mutualist biome you enter when you layer up and travel through the Tor network tries to do for you, digitally, if you just let it.

maybe it is easier to accept it if it has black edges instead of white because it really looks like a bug that makes the window smaler than it actually is. because when you clearly see it is the wrong size it gets really annoying.

but as gk mentioned it is easy fixed for those who want it in its original size. the more security, anonymous and privacy settings it has the better as long as people can choose to opt out from them if they are not nessaccary.

i think the biggest problem is when people are not computer geeks but still want privacy and security they dont know how to change all these things. in that case, next to the blog link there could be a tutorial link for example. with videos and images showing and explaining. im sure there are volunteres out there with some video and photoshop skills who can make an easy understood and still profesional looking guide for those who need.


October 23, 2019


why have you guys changed the "new identity" icon? i liked the onion one. no big deal really but it was easier to see and therefore find.

in privacy settings i unchecked all search suggestion results but i still keep getting sucksuckgo up while im writing in the adress bar.

im on kubuntu 19.04

thx in advance

If you don't want to have DuckDuckGo just remove it from your search engines in about:preferences or don't set it not as the default engine at least?

The onion was _not_ the icon for New Identity but rather the toolbar button into the depth of the Torbutton menu where New Identity was just one of the options to pick from. So, we tried with the broom to give a better visualization for what is going on when you press the New Identity button.


October 23, 2019


Security Level radio buttons are still positioned above and below other intriguing buttons that people should not be tempted to touch. People commented under older blog posts that they did change them, and other people cautioned Tor Project about the layout. TP added a new preferences tab for Tor network preferences, but TBB's security levels should also be distinctly separated from Firefox preferences.

Other than that, 9.0 feels faster than 8.5.5, and I wish there had been a migrate/export notice about losing the Description field of bookmarks. It's unrecoverable now, I guess.

Agree about the annoying place of security level buttons. I often change security levels because some sites are broken without JS. I change the level just for one specific page load, then change back right away. There's a bit too much clicking involved just for doing that.