New Tor Browser Bundles

The stable Tor Browser Bundles have all been updated to the latest Firefox 10.0.07esr release.

https://www.torproject.org/download

Tor Browser Bundle (2.2.38-2)

  • Update Firefox to 10.0.7esr
  • Update Libevent to 2.0.20-stable
  • Update NoScript to 2.5.2
  • Update HTTPS Everywhere to 2.2.1
Anonymous

August 29, 2012

Permalink

One thing that always have been bugging me, why is Noscript set to 'Allow scripts globally' by default?

Anonymous

August 29, 2012

Permalink

about:config --> browser.download.manager.scanWhenDone;true

why is this set "true"?

Previously, I was using Win7 with Microsoft Security Essentials, or whatever the standard Microsoft antivirus is called.

After downloading the latest torbrowser - through torbrowser, the downloaded file was scanned, and possibly (cannot verify this claim) some info was sent to microsoft about this download.

I understand their reasoning about collecting info about downloads "in the wild" to differentiate "good" applications from malicious. But I don't trust microsoft to view open source applications as good, and I definitely don't trust microsoft to protect my privacy. (So I may need to switch back to Linux again...)

Microsoft Denies Secret Backdoor Spy Ring...

https://encrypted.google.com/search?hl=en&sclient=psy-ab&q=microsoft+ba…

ps good going developers on 2.39-1 from I386 intel-mac version 10.5.8 perspective. The functioning is perfect. Was working with 2.2.37-2 which was perfect. Then went to upgrade to 2.2.38 and it crapped out. Currently 2.2.39 is perfect! So happy and fortunate for the Tor Software! 1000 Thanks!

Anonymous

August 29, 2012

Permalink

(ty.)

Vidalia dialog topics.
1. Vidalia feature request.
"Control Panel" to open main dialog should be default command, IMO.
Vidalia systray should open "Control Panel" from regular mouse click.
Also when context click menu, "Control Panel" should be separated in systray context menu. Perhaps at top of menu, and perhaps isolated by line separator(s).
Other systray menus bold the default command.

2. "Network Map" feature request.
I want to drag border to shrink atlas pane, or click "expander" thing to close atlas pane. allows to see full height of list in left inner pane of 3rd (lower left) pane that lists node basic info. Reason: to see which branch in right inner pane is my client-side connect node by comparing to ip reported by check.torproject.

3. Finding entry node IP in "Network Map"
Look at IP at https://check.torproject.org/
Look at IPs in the Network Map tree branches (the right subpane of Network Map lower left pane. 2 Columns. Headers are "Connection" and "Status").
When comparing IPs, I saw that my "entry" node was the last IP of a middle branch. Later I saw my entry node was the last IP in the end branch. So I can't just check a tree branch to know which node is my entry?

Anonymous

August 30, 2012

Permalink

I installed Tor Browser Bundle (2.2.38-2) 64-bit version on a

13-inch: 2.5 GHz
2.5GHz dual-core Intel Core i5
Turbo Boost up to 3.1GHz
4GB 1600MHz memory
500GB 5400-rpm hard drive1
Intel HD Graphics 4000
Built-in battery (7 hours)2

and using Mac OS 10.8.1 Lion .

I noticed that when pressing the "New Identity" button I have no popup notification informing me that a New Identity has been created. Possible to check this out ?

In former bundles I used to get a pop up.

if u were gttin pop ups earlier then ur new identity is created automaticallly evn without prompting pop ups ... u can chek ur active status by loadin new bundles ...

Anonymous

August 30, 2012

Permalink

It still has this error: [Warning] Warning from libevent: evsig_init: socketpair: Permission denied [WSAEACCES ]

Please fix it

Do you have some sort of firewall or antivirus program or something that is preventing Tor from talking to itself?

Most users don't have this problem, so I assume you have some overeager program installed to keep you "safe".

Anonymous

August 30, 2012

Permalink

When exactly was it updated? My Linux TBB told me five minutes ago, that there is a new version online. I just checked some hours ago (by starting the TBB and visiting the start-page) and there was nothing new.

Should I be concerned?

Anonymous

August 31, 2012

Permalink

Aug 31 11:27:34.059 [Warning] getsockname() to check for address change failed: Invalid argument [WSAEINVAL ] getting errror please check

Anonymous

August 31, 2012

Permalink

How exactly can I download the latest security update? is it necessary to download the whole bundle again?

Anonymous

August 31, 2012

Permalink

Thanks

Anonymous

August 31, 2012

Permalink

I try the Linux TBB since July 2012 instead of TOR as provided by my Linux distribution. Each time there is a update, I "blindly" remove the old TBB folder and upgrade to the newest TBB tarball : it is marked as a "security update" on the TBB Default Home Page and there is no easy way to evaluate the real importance of the update - no meaningful, useful ChangeLog or links.

The problem is that I have to reinstall and reconfigure all of my Firefox extensions, which is a important drawback compared to using TOR as provided by my Linux distribution (with a browser in a custom user account configured and dedicated to TOR browsing).

Is there a better way to do a "clean" upgrade that I didn't find in the documentation ? By "clean", I mean "without reinstalling and reconfiguring everything from scratch". Or maybe is this the way it is supposed to work, in which case I should be documented somewhere ?

Thanks, and keep on the good work : TOR and TBB are great ;)

Anonymous

August 31, 2012

Permalink

Tor Troubleshoot- Thanks for your assistance

I have downloaded current-- Tor Browser Bundle (2.2.38-2)

Problem- I trashed older version 2.2.37-2, thinking the newer version would simply upgrade the install

This is the report i receive----->

1.,There is no default application specified to open the document
“torbutton-current-1.xpi”.

2. Vidalia was unable to start the configured web browser

3. How do I fix the torbrowser (you are successfully using Tor)
after installing the current version 2.38

- seems the firefox-bin [4696] is missing. Is there a patch?

Process: firefox [4696]
Path: /Users/HD/Downloads/TorBrowser.app/Contents/MacOS/firefox
Identifier: org.mozilla.torbrowser
Version: ??? (???)
Code Type: X86-64 (Native)
Parent Process: launchd [4637]

Interval Since Last Report: 4824 sec
Crashes Since Last Report: 3
Per-App Interval Since Last Report: 0 sec
Per-App Crashes Since Last Report: 4

Date/Time: 2012-08-31 17:38:42.371 -0700
OS Version: Mac OS X 10.5.8 (9L31a)
Report Version: 6
Anonymous UUID: 96D8xxxxxxxxxxxxxx

Exception Type: EXC_BREAKPOINT (SIGTRAP)
Exception Codes: 0x0000000000000002, 0x0000000000000000
Crashed Thread: 0

Dyld Error Message:
unknown required load command 0x80000022

Anonymous

September 01, 2012

Permalink

using in china with bridges, previous bundles worked but now can't get past 5% bootstrapping (no route to host). tried previous bundles again, they also can't get past 5% now.

Anonymous

September 01, 2012

Permalink

I'm quiet new in tor and related anonymity being literature; came in here because I'm reading around trying to understand extensions and proxies. best regards

Anonymous

September 02, 2012

Permalink

Latest tor+vidalia seem to work, but Ff 10.0.7 ESR won't go anywhere. Have tried from clean install - no joy.

Anonymous

September 03, 2012

Permalink

Tor Browser Bundle (2.2.38-2) Version 2.2.38-2 - OS X (64-Bit) on mac I have this issue Sep 03 18:13:37.568 [Warning] ControlPort is open, but no authentication method has been configured. This means that any program on your computer can reconfigure your Tor. That's bad! You should upgrade your Tor controller as soon as possible.though I have stopped firewall

Anonymous

September 07, 2012

Permalink

I'm new to Tor (Firefox ESR 10.0.7?) and am running it on an intel iMac using OS X 10.6.8. As a 60-year-old unrepentent agitprop specialist I was naively excited about protecting my surly communications and browsing habits. I've concluded that I've become too old to learn (lack of remaining space on my pre-frontal lobe hard-drive) or am technologically retarded. It could be psychedelic residue built up on myelin sheaths, but am reluctant to do a self-biopsy of the brain,

Apparently the Tor browser keeps losing a port.conf file, so I've installed and re-installed a couple of times. Moreover, the browser doesn't want me to download anything deemed to be a file (movies, music, documents, etc.).

Tor is a fabulous concept that could serve the people well. But I've learned that it's not for artiste-fartiste types, and can remind them of the uselessness of liberal-arts post-grad studies. Preserving privacy is not for the feint of heart; fundamental hacking knowledge is, apparently, prerequisite.

Hope springs eternal because it's the very shadow of fear.

Keep up the good work.

Anonymous

September 08, 2012

Permalink

I think 2.2.38 infected, totally strange and different communication tha 2.237, try strange ports open, must waiting a week or month, I bet you will see interestnig thhings again, remember torbutton!!!

Anonymous

September 08, 2012

Permalink

I have to tell say that China government is succeed in blocking Obfsproxy again, I am waiting for your new releasing

Anonymous

September 09, 2012

Permalink

Vidalia really need to work on reducing the start-up CPU cycles. You would think it was from the same stable as Abobe Flash or something :-)

Anonymous

September 10, 2012

Permalink

i am leary of installing updates because of the possiblity of the 'baddies' comprimising the host and poking holes in tor / bundle and saying it needs to be updated to new comprimised version, endangering our security. how can i be sure this does not happen?

thanks much

Anonymous

September 10, 2012

Permalink

same poster as ast i bit the bullet and upgraded despite my concerns of the upgrade being comprimised ... and it crashed .. first time tor bundle has ever crashed... not happy 38% thru a dl on download them all

Anonymous

September 10, 2012

Permalink

Question.

Why do all the websites that use encryption (https) use AES (OR something inferior to AES like Camilla 256 or RC4 128 bit)??? Why have I seen NO websites that use Twofish or Serpent with 256 bit keys for their encryption????? Is this an AES CONSPIRACY???

Anonymous

September 11, 2012

Permalink

I'd just like to say Roger & Co are total badasses for running this project :)

I also think it must be somewhat stressful, a whole lot of people looking at you guys as if you're the problem on different levels, e.g. when somebody wiretaps somebody's version of Tor, or accuses you of aiding child pornographers/terrorists, whatever. They are missing the bigger picture, that much is logical, but people aren't always logical and so I guess that can be stressful for you guys at times. So, kudos.

It might not be easy to get the message out there but it is very necessary, because the downside when states become more Orwellian... is very very downsided indeed! I think people forget that things like communism and fascism are real threats, not mythical ones, they sorta assume we're vaguely civilized without questioning the foundation of what prevents a civilized society from becoming less so. I mean, they think this or that might be bad, but they don't envisage the entirety of society slipping from one level of freedom to a different state, which is what the history books tell us happens over and over, it is not even special.

Trends in the Americans, Europe. They are not good. We may be needing Tor on the home territories to defend western ideals, sooner than we would like to admit to ourselves.

I don't know much about Tor because I'm not a technical person, but I would like to make a suggestion, maybe it is obvious and said before a lot, but anyway.

If there was even an tiny incremental improvement to anonymity by running a relay e.g. you are on average 10% more anon or something.

Then the Tor Network's bandwidth issues would miraculously alleviate themselves imho. A lot of time needs to be invested in getting the incentive structure right and from that everything else should slip into place.

I'm sure the Tor team have thought about this extensively before, so what ideas did you guys run into?

Seems obvious that technical stuff aside, the main thing to improve efficiency is self interest.

p.s. also, my friends says Tor doesn't stand for The Onion Router. But Wikipedia says so, and there's an onion in your logo... Still he seems pretty convinced, who is correct?! Me or him? :)

p.p.s are you guys coming back to Europe any time soon? :)

Anonymous

September 11, 2012

Permalink

This version (running on Win7) seems to use a lot of RAM. After 30 mins of casual browsing, 10 tabs open and already using 650MB of RAM. I closed the tabs an keep 1 open and still 490MB.

I have to close Tor Browser every 30 mins because it is slowing down my computer.

thanks

Anonymous

September 11, 2012

Permalink

I want to run TORBROWSER with all its tweaks without having to run TOR locally. How can i do that?

Reason: I have a 2mbit/s up/down relay running up on the internets and i would like to just use my local connection from there (via SSH - Putty port forwarding). I can do that just fine but i've opened the Tor Browser Bundle and tried to run it from inside the "Firefox Portable" folder and it closes instanly... unless i start it from the 'proper' launcher, which fatally starts local tor as well.

Anyone can help me??!

Anonymous

October 11, 2012

Permalink

help ive updated tor but it keeps saying i need to update and it doesnt connect!i deleted every single tor file and start again and still says sam. the files says creted today but modified 11th sept\!??!?

Anonymous

October 13, 2012

Permalink

I'm finding codesigning errors for the latest 64-bit OSX bundles:

  1. <br />
  2. $ codesign -vv /xxx/Desktop/TorBrowser_en-US.app<br />
  3. /xxx/Desktop/TorBrowser_en-US.app: a sealed resource is missing or invalid<br />
  4. resource modified: /xxx/Desktop/TorBrowser_en-US.app/Contents/Resources/Data/Tor/geoip<br />
  5. resource modified: /xxx/Desktop/TorBrowser_en-US.app/Contents/Resources/Docs/Vidalia/LICENSE<br />
  6. resource modified: /xxx/Desktop/TorBrowser_en-US.app/Contents/Resources/Docs/changelog<br />
  7. resource missing: /xxx/Desktop/TorBrowser_en-US.app/Contents/Resources/Docs/Vidalia/LICENSE-OPENSSL<br />

This prevents me from running these bundles on OSX Mountain Lion (10.8).

I discovered that the files that fail codesigning are from PREVIOUS builds. If I copy the files from my previous bundle into the new bundle, codesigning then works correctly.

This is a build issue. Please make sure that codesigning occurs AFTER these license and change log files are copied into the target locations.