New Release: Tor Browser 9.5a1

Tor Browser 9.5a1 is now available from the Tor Browser Alpha download page and also from our distribution directory.

Note: this is an alpha release, an experimental version for users who want to help us test new features. For everyone else, we recommend downloading the latest stable release instead.

This release features important security updates.

Tor Browser 9.5a1 is the first release in the 9.5 alpha series. It contains all the improvements and fixes from the 9.0 release as well as other new features: We enabled WASM on the standard security level, fixed circuit display for bridges without a fingerprint, and we re-enabled jemalloc for Windows users.

The full changelog since Tor Browser 9.0a8 is:

  • All Platforms
    • Update Firefox to 68.2.0esr
    • Bug 31740: Remove some unnecessary RemoteSettings instances
    • Bug 30681: Set security.enterprise_roots.enabled to false
    • Bug 31144: Review network code changes for Firefox 68 ESR
    • Bug 21549: Enable WASM on standard security level
  • Windows + OS X + Linux
    • Update Tor Launcher to
      • Bug 32154: Custom bridge field only allows one line of input
      • Bug 32112: Fix bad & escaping in translations
      • Bug 31286: Update to tor settings related strings
      • Translations update
    • Bug 32125: Fix circuit display for bridge without a fingerprint
    • Bug 32076: Upgrade to goptlib v1.1.0
    • Bug 32061: Bump snowflake version to b4f4b29a03
    • Bug 32092: Fix Tor Browser Support link in preferences
    • Bug 32111: Fixed issue parsing user-provided bridge strings
    • Bug 31749: Fix security level panel spawning events
    • Bug 31920: Fix Security Level panel when its toolbar button moves to overflow
    • Bug 31748+31961: Fix 'Learn More' links in Security Level preferences and panel
    • Translations update
  • Android
    • Bug 32097: Fix conflicts in mobile onboarding while rebasing to 68.2.0esr
    • Bug 26529: Notify user about possible proxy-bypass before opening external app
  • Build System
    • Windows
      • Bug 32132: Re-enable jemalloc for Windows users
      • Bug 31989: Backport backout of old mingw-gcc patch
    • Android
      • Bug 30461: Clean up tor-android-service project

October 28, 2019


I'am so extremly disapointed about the latest tor-browser releases:
Without the posibility to allow 'third-party-cookies' you cannot log into several websites like any disqus based forums.
That makes tor-browser totally useless! Who the hell has decided this bunk?!
It is like removing the wheels from a car in order to make driving more secure!
I hope I will find an older version somewhere which allows the user at last to make some decisions on himself...

So, first of all: we did not touch any of the per-site cookie settings. You should probably use those anyway as you very likely do not want to allow third party cookies on any website just because you need to log in to some.

But even if you think that's okay and are fine with third-party cookies generally then you still have the option to allow those. You need to adjust the respective preference, network.cookie.cookieBehavior in about:config to the value you want to have. has possible values and 0 seems to be the one you are looking for.

Finally, if you already had third party cookies enabled the update did not touch anything in that regard.

Works for me on my Linux box after allowing the click-to-play by NoScript. Do you have steps to reproduce?

black screen on my win 7.

Rename New Identity broom, please, because it has a name conflict with Identity Indicator in Firefox < 70:…

According to that post, the panel is titled "Site Information". The post's author uses the word "identity" simply to describe some things in the panel. Moreover, the panel is clearly about the site's credentials and not the user. I don't think renaming is necessary.

Hallo Leute
Nachdem ich euren neuen tor browser auf mein Handy samsung s2 neu installiert habe funktioniert er nicht mehr!
Der Tor browser bleibt mit der Meldung:Tor Programm wird gestartet...
Was ist passiert?
Vier mal neu installiert und geht nicht. ...

What Android version/operating system are you running on it? I wonder whether your issue is another instance of

Android 4.1.2

Do you see any log messages if you swipe on your screen from the right to the left? There should be status messages visible about what Tor is trying to do.

Since the new version (9x) my about:config settings like (proxy.type, remote_dns) get reset every browser re-start.

Please tell me how to make them stick. What is resetting them to defaults?

undefined is not a valid URL. background.js:321
onBeforeRequest moz-extension://[uuid]/background-scripts/background.js:321
apply self-hosted:4417
applySafeWithoutClone resource://gre/modules/ExtensionCommon.jsm:588
fire resource://gre/modules/ExtensionChild.jsm:1171
receiveMessage resource://gre/modules/ExtensionChild.jsm:1175
_callHandlers resource://gre/modules/MessageChannel.jsm:914
_callHandlers resource://gre/modules/MessageChannel.jsm:913
promise resource://gre/modules/MessageChannel.jsm:992
_handleMessage resource://gre/modules/MessageChannel.jsm:989
_handleMessage self-hosted:1005
receiveMessage resource://gre/modules/MessageChannel.jsm:225
forEach self-hosted:266
receiveMessage resource://gre/modules/MessageChannel.jsm:218

untested NoScript jumped in...

Join the discussion...

We encourage respectful, on-topic comments. Comments that violate our Code of Conduct will be deleted. Off-topic comments may be deleted at the discretion of the post moderator. Please do not comment as a way to receive support or report bugs on a post unrelated to a release. If you are looking for support, please see our support portal or ways to get in touch with us.

This question is for testing whether or not you are a human visitor and to prevent automated spam submissions.

3 + 1 =
Solve this simple math problem and enter the result. E.g. for 1+3, enter 4.