New Tor Browser and Obfsproxy Bundles

The alpha Tor Browser Bundles have all been updated to the latest Tor 0.2.3.20-rc release candidate as well as being updated with some bugfixes. We're getting closer and closer to releasing the 0.2.3.x series as stable, so please give these bundles a lot of testing and help us shake out all of the remaining bugs! The regular bundles have also been updated.

https://www.torproject.org/download

The Tor Obfsproxy Browser Bundles have also been brought up to date with all of the same software as the regular alpha Tor Browser Bundles. These are still a work in progress, so please remember to report bugs! You can download them from the obfsproxy page.

Tor Browser Bundle (2.3.20-alpha-1)

  • Update Tor to 0.2.3.20-rc
  • Update NoScript to 2.5
  • Change the urlbar search engine to Startpage (closes: #5925)
  • Firefox patch updates:
    • Fix the Tor Browser SIGFPE crash bug (closes: #6492)
    • Add a redirect API for HTTPS-Everywhere (closes: #5477)
    • Enable WebGL (as click-to-play only) (closes: #6370)
khled.8@hotmai.com

August 13, 2012

Permalink

As Firefox for Android is becoming really good and NoScript (planned for September) and HTTPSEverywhere (not ready yet) are preparing Fennec/Electrolysis versions, I would like to suggest that the wonderfulTor Browser Bundle should be built for Android, too (maybe start with the Firefox Beta channel).

At least provide a build script for Linux developers to try their own builds, i.e.
https://gitweb.torproject.org/torbrowser.git/blob_plain/HEAD:/build-scr…

https://trac.torproject.org/projects/tor/ticket/5709 Tor Browser Bundle for Android
https://trac.torproject.org/projects/tor/ticket/2471 HTTPSEverywhere for Fennec

Climate-friendly greetings from Germany,
René

khled.8@hotmai.com

August 15, 2012

Permalink

I had a hard time learning the download location of Alpha packages. Please make it clearer. Thanks.

khled.8@hotmai.com

August 15, 2012

Permalink

Hi Torproject!
I offer to you. Please lay on your website checksums (MD5 / SHA256) TorBrowser, ObfsProxyBrowser etc. It will be VERY CONVENIENT!

Not all people have the opportunity to verify signature .asc
And check the MD5-hash is available to all.

Thanks.

khled.8@hotmai.com

August 15, 2012

Permalink

CYBEROM FIREWALL BLOCKING US!

Sirs,

We are a group of whistleblowers working in the mining sector. As you know there are a lot of instances of corruption, illegal activities and human rights violation to which the higher officials indulge in as a matter of routine, we had formed an association of certain whisteblowers to apprise the public in general and human right organisations of the human rights violations of the downtrodden, bonded labourers and child labourers who are not even given two times meal a day, not to speak of giving them monthly remuneration! Due to our hidden but dedicated efforts that went on successfully in curbing the menace to a large extent (all thanks to Tails and TOR networks), a nationwide protest followed against the mine owners and mafia due to which many bonded labourers were got freed.

As the companies knew that only the people working for them (insiders) could leak the sensitive information about the things going on behind the four walls of the areas, to the outside world, they have set up a networking department and implemented a system called CYBEROM firewall due to which we have become helpless because both TAILS and TOR don’t work/run on any computer.

In order to access the internet, we have to use our username and password (allotted to us by the NETWORKING DEPARTMENT). This firewall doesn’t allow any proxy, TOR and Tails. Even if we succeed in getting the dummy firewall account (with username and password), yet TOR will not work after logging into that firewalled dummy account.

How it works:
(1) When we start computer, we have to go to network properties/settings to fill in (feed) some IP addresses, eg.. my computer has IP address 192.168.41.88. Another friend deployed in another building has IP address of 192.168.57.29. (here the internal IP parts “41” and “57” denote the building code; and the parts 88 and 29 show the computer code.) So if we send any email to anyone (without TOR or Tails which don’t run), the email header shows the following IP address: “192.168.41.88 [115.118.47.22 ISP’s external IP address]”
(2) So you see, they have installed this firewall to trace or find out the person who blows the whistle against their illegal activities and illegal utilization of natural resources for personal use.

Kindly give us solution to use TAILS or TOR on such firewalled network.

If any person has any way out or technique to bypass this firewall, kindly tell us about that.

Thanking you in anticipaton,
Mc Peterson.

Have you tried using bridges?
https://www.torproject.org/docs/bridges

If that does not work, you could try the obfsproxy browser bundle:
https://www.torproject.org/projects/obfsproxy.html.en

can anyone of you explain to me how to make a http proxy connection. I need it badly to do a legal pen testing in my home town. but unfortunately the law in my place make it so damn hard. I using windows platform in which that's why I needed an advice on how to add polipo. I had make vidalia run polipo but the message is cannot attach the polipo with vidalia.
Can anyone of you explain on how to make the polipo and the config.txt run automatically in TBB for windows. Thank you very much for your advice.

Why in the world would you want to enable WebGL with a click. That is asking for trouble.

Very important:
Sir, generally people like to use TOR over VPN (which according to TOR is not at all a safe thing to do) just because they want to hide their usage of TOR from the ISP.

In such a case, should one use Obfsproxy Bundle because it hides the traffic of TOR and shows as an innocent traffic? Does this bundle also use 3 nodes in addition to the initial node which interacts with the ISP?

Hi,

Tor uses 3 hop circuits, it doesn't use "3 nodes in addition to the initial node".

The obfsproxy bundle does the exact same thing, but it also obfuscates your connection to the initial node. The obfsproxy bundle *does not change anything else*, apart from adding that obfuscation.

Also, note that the obfuscation of obfsproxy is not provably secure. If your ISP invests lots of resources to detect that obfuscation it will probably be able to find it.

Take care.

Some time before, I really needed to buy a good house for my organization but I didn't have enough money and could not buy something. Thank heaven my mate suggested to try to take the mortgage loans from trustworthy bank. Thus, I did so and was happy with my car loan.

I've seen posts like this on other forums and still cannot figure them out.

Look like spam but there is no URL or other contact, brand name, etc.

Anyone know?

They - or whatever *they* should be called - the bots place theURL in name or title field, but I guess they still try when there is no such fields. I know this stuff from experience with my blog too - pieces of text that, up to a point, look incredibly reasonable for something that makes incredibly little sense :p

Thanks for the Tor Browser Bundle (2.3.20-alpha-1)!!! Greatly decreased time from start to green onion. Doesn't hang frequently at 'Bootstrapped 50%' as other earlier versions did. Decreased latency ( do you still have 3 hops as default setting )? Oh, and all this on my Dialup account! Simply amazing how this alpha version runs so much faster than earlier versions I used. Thanks again.

I have installed tor-0.2.3.20.rc-tor.1.rh17.i686.rpm following the instructions in the Tor docs to my new Fedora 17. Everything went OK with the install, and with Torbutton I have a confirmed connection to Tor,although I'm not sure I chose the correct version from the rpm repository.
I don't seem to have Vidalia, Noscript or HTTPS Everywhere. Can you advise on this , please?

If you want the normal client experience, you should probably download the Tor Browser Bundle instead.