New Release: Tor Browser 9.5a2

Tor Browser 9.5a2 is now available from the Tor Browser Alpha download page and also from our distribution directory.

Note: this is an alpha release, an experimental version for users who want to help us test new features. For everyone else, we recommend downloading the latest stable release instead.

This new alpha release contains various bug fixes and improvements. Among them, we improved the letterboxing experience. Additionally, we added a banner on the starting page for our fundraising campaign Take Back the Internet with Tor.

Known Issue

As with the stable release, we currently have a reproducible build issue. We recently made some progress on the issue and are getting closer to having a fix.

The full changelog since Tor Browser 9.5a1 is:

  • All Platforms
    • Update NoScript to 11.0.7
      • Bug 21004: Don't block JavaScript on onion services on medium security
      • Bug 27307: NoScript marks HTTP onions as not secure
    • Bug 30783: Fundraising banner for EOY 2019 campain
    • Bug 32321: Don't ping Mozilla for Man-in-the-Middle-detection
    • Bug 32318: Backport Mozilla's fix for bug 1534339
    • Bug 32250: Backport enhanced letterboxing support (bug 1546832 and 1556017)
    • Bug 31573: Catch SessionStore.jsm exception
    • Bug 27268: Preferences clean-up
  • Windows + OS X + Linux
    • Update Tor to 0.4.2.3-alpha
    • Update Tor Launcher to 0.2.20.2
      • Bug 32164: Trim each received log line from tor
      • Translations update
    • Bug 31803: Replaced about:debugging logo with flat version
    • Bug 31764: Fix for error when navigating via 'Paste and go'
    • Bug 32169: Fix TB9 Wikipedia address bar search
    • Bug 32210: Hide the tor pane when using a system tor
    • Bug 31658: Use builtin --panel-disabled-color for security level text
    • Bug 32188: Fix localization on about:preferences#tor
    • Bug 32184: Red dot is shown while downloading an update
    • Bug 27604: Fix broken Tor Browser after moving it to a different directory
    • Bug 32220: Improve the letterboxing experience
    • Bug 30683: Backport upstreamed fix from Mozilla (bug 1581537)
  • Android
    • Bug 32342: Crash when changing the browser locale
    • Bug 32303: Obfs4 is broken on Android Q
  • Build System
    • All Platforms
    • Android
      • Bug 28803: Integrate building Pluggable Transports for Android
Anonymous

November 19, 2019

Permalink

Developer!

In all versions of 9.. *. * For android devices, the following vulnerabilities were discovered:

1) The cache is not cleared from the standard browser menu in online mode!

2) switching cookie management modes does not work. Cookies are accepted even in the "Disabled" mode!

For 1), what do you mean by "online mode"? Currently you have to close the application and open it again to clear the cache. But we are planning to implement a "New Identity" features similar to the Desktop one: https://trac.torproject.org/projects/tor/ticket/28800

For 2), where did you change cookies settings? Preventing cookies completely is not recommended as it will change the fingerprint of your browser.

Anonymous

November 20, 2019

Permalink

[Exception... "Component returned failure code: 0x80040111 (NS_ERROR_NOT_AVAILABLE) [nsIContentSniffer.getMIMETypeFromContent]" nsresult: "0x80040111 (NS_ERROR_NOT_AVAILABLE)" location: "JS frame :: resource:///modules/FaviconLoader.jsm :: onStopRequest :: line 277" data: no] FaviconLoader.jsm:277:24
onStopRequest resource:///modules/FaviconLoader.jsm:277
AsyncFunctionNext self-hosted:839

Anonymous

November 20, 2019

Permalink

Handler function threw an exception: [Exception... "Component returned failure code: 0x80040111 (NS_ERROR_NOT_AVAILABLE) [nsICacheInfoChannel.isRacing]" nsresult: "0x80040111 (NS_ERROR_NOT_AVAILABLE)" location: "JS frame :: resource://devtools/server/actors/network-monitor/network-response-listener.js :: NetworkResponseListener.prototype._getSecurityInfo< :: line 334" data: no]
Stack: NetworkResponseListener.prototype._getSecurityInfo<@resource://devtools/server/actors/network-monitor/network-response-listener.js:334:26
exports.makeInfallible/<@resource://devtools/shared/ThreadSafeDevToolsUtils.js:111:22
onStartRequest@resource://devtools/server/actors/network-monitor/network-response-listener.js:226:10
Line: 334, column: 0 ThreadSafeDevToolsUtils.js:90:13
reportException resource://devtools/shared/ThreadSafeDevToolsUtils.js:90
makeInfallible resource://devtools/shared/ThreadSafeDevToolsUtils.js:117
onStartRequest resource://devtools/server/actors/network-monitor/network-response-listener.js:226

Anonymous

November 22, 2019

Permalink

TypeError: this.messageManager is null 3 browser-custom-element.js:1553:11
purgeSessionHistory chrome://global/content/elements/browser-custom-element.js:1553
observe chrome://global/content/elements/browser-custom-element.js:224
torbutton_do_new_identity chrome://torbutton/content/torbutton.js:933
torbutton_new_identity chrome://torbutton/content/torbutton.js:835
oncommand chrome://browser/content/browser.xul:1

Anonymous

November 23, 2019

Permalink

Could you guys fix the bad favicons for both DuckDuckGo search engines (regular and Tor)? They have been like this for a long time.

Bad favicons? What do you see? According to the source html of their webpages, these are their favicons:
https://duckduckgo.com/favicon.ico
https://3g2upl4pq6kufc4m.onion/favicon.ico

Those look the same as DDG Onion's button in Tor Browser. DDG's .com button looks like those, but the red circle doesn't have a white line border. I like that I can tell them apart so I don't click the wrong one by accident.

Anonymous

November 24, 2019

Permalink

I've been trying to download the Tor browser for a couple of days. All the other links on the download page are live, but not the download link. I've tried with multiple browsers and on different computers. I know my ISP doesn't block it. Is there a current issue with the download? Thanks!

Anonymous

November 24, 2019

Permalink

EFF (Full): A new ruleset bundle has been released, but it is older than the extension-bundled rulesets it replaces. Skipping. util.js:26:15

Anonymous

November 27, 2019

Permalink

Hi. I am using torbrowser with 5-6 opened profiles. And only one of these - use tor connection. the others have different proxy.
I am afraid to upgrade to newest version because of torbutton integrated. Can I use this version for non-tor browsing?

Anonymous

November 28, 2019

Permalink

WTF?
Dropping text on the webpage resulted in the tab destroyed with

Hmm. That address doesn’t look right.

Please check that the URL is correct and try again.

and no history to go back!
Log:
Ignoring response to aborted listener for 824
[11-29 03:36:19] Torbutton INFO: The DataTransfer is available
[11-29 03:36:21] Torbutton INFO: The DataTransfer is available 2
[11-29 03:36:21] Torbutton INFO: Inspecting the data transfer: 0
[11-29 03:36:21] Torbutton INFO: Type is: text/_moz_htmlcontext
[11-29 03:36:21] Torbutton INFO: Type is: text/_moz_htmlinfo
[11-29 03:36:21] Torbutton INFO: Type is: text/html
[11-29 03:36:21] Torbutton INFO: Type is: text/plain
TypeError: docShell.failedChannel is null NetErrorChild.jsm:844:32

Anonymous

December 08, 2019

Permalink

Please can someone in plain Fu**ing Englih tell me how the fuck you verify tor download for ubuntu, 3 fucking weeks I have been trying to work it out ffs pull your heads out of your arses

Join the discussion...

We encourage respectful, on-topic comments. Comments that violate our Code of Conduct will be deleted. Off-topic comments may be deleted at the discretion of the post moderator. Please do not comment as a way to receive support or report bugs on a post unrelated to a release. If you are looking for support, please see our support portal or ways to get in touch with us.

This question is for testing whether or not you are a human visitor and to prevent automated spam submissions.

6 + 7 =
Solve this simple math problem and enter the result. E.g. for 1+3, enter 4.