Tor Browser 4.0.5 is released

A new release for the stable Tor Browser is available from the Tor Browser Project page and also from our distribution directory.

Tor Browser 4.0.5 is based on Firefox ESR 31.5.3, which features important security updates to Firefox. Additionally, it contains updates to Tor and NoScript.

Note to Tor Browser alpha users: There won't be a corresponding alpha release based on Firefox ESR 31.5.3 this time as we are currently in the midst of preparing releases based on ESR 31.6.0. Alpha users that can't wait another week are strongly recommended to use the Tor Browser 4.0.5 meanwhile.

Here is the changelog since 4.0.4:

  • All Platforms
    • Update Firefox to 31.5.3esr
    • Update Tor 0.2.5.11
    • Update NoScript to 2.6.9.19

It came down to a bug in Kleopatra that is shipped with Gpg4Win 2.2.3. GPA works fine and verifies the signature properly and also shows the right subkeys.

k239

March 25, 2015

Permalink

from today i cant acces marketglory.com by tor browser.Cloud flare repeats infinetly.Is this site blocked for tor users?

k239

March 25, 2015

Permalink

cloudflare captcha worked fine before update 4.0.5 now i enter the text and it just refreshes the screen with a new captcha. why did you break cloudflare captcha?

k239

March 25, 2015

Permalink

is anyone else not able to open after updating? Getting #11999 error forcing try again, but when you click try again, it flashes back to error screen.

k239

March 25, 2015

Permalink

Starting with 4.0.4, Tor Browser is having problems downloading some images from posts on Tumblr. This may be related to Tumblr moving some of this content out into a content development network on edgecast.net.

From any browser on a static IP, the photos will download. From any node on the Tor Network, the photos will give errors that the server refuses to download with AccessDenied.

Here is a photo of a famous singer that is in a Tumblr post and it gives a server AccessDenied from every Tor Node I could test, but works from every static IP I tested:

https://gs1.wac.edgecastcdn.net/8019B6/data.tumblr.com/15166cf2c8442ce5…

Is the Tor Network being specifically blocked? Is there any workaround for this?

Yes I use Tumler and have the same problem in 4.04. A few photos show but most don't. It may be they are using more JS scripts than before as of course that is disabled in TOR, or at least it is by anyone with any sense!! Similar problems on flickr if JS is not enabled.

What's coming out next week? A new Tor Browser alpha?

Yes, plus a new stable both based on ESR 31.6.0.

I d/l'd the Tor Brower Bundle Update to update from 4.0.4 to 4.0.5 but it won't update. I keep getting an error box which says:

"The update could not be installed. Please make sure there are no other copies of Firefox running on your computer, and then restart Firefox to try again."

But I don't have any other copies of Firefox running. I've tried numerous times but keep getting the same error. Any help would be appreciated.

Thanks.

BTW, I have Windows 7

Hmm... Where did you put your 4.0.4? Do you have write access there?

Your reply prompted me to move 4.0.4 back to where I d/l'd the 4.0.5 bundle and it installed fine.

Thanks!

The the built-in updater broke my tbb install after restarting tbb.
it failed to start properly.
Debian 8 x64.

Which error do you get? How can I reproduce your problem?

Hello there, I'm having a problem but I don't know if my IP censored it or not. I didn't have problems last night until 12-12:30AM (North America Eastern time). The tor browser just wasn't responding (loading pictures on tumblr and other sites) so I changed the identity but when I did that I was signed out. I tried to connect again but the loading bar always stops at "Loading Network Status" and never goes past that stage. Is this IP censorship or is there something going on with the Tor network?

Just checking that you all over at tor are keeping the deployment of "Stingray" in your sights.

http://www.extremetech.com/mobile/184597-stingray-the-fake-cell-phone-t…

Now, the ability to track and locate my whereabouts isn't important to me.

But "stingray is a false cell phone tower that can force phones in a geographical area to connect to it. Once these devices connect, the stingray can be used to either hone in on the target’s location or, with some models, actually eavesdrop on conversations, text messages, and web browser activity."

Please tell me you're ahead of the curve - and likely to stay there...

PLEASE HELP

The past few TBB issues have the spelling-checker disabled and I can find no way to reverse this.

My regular Mozilla browser, with the same settings, isn't similarly afflicted. And I can't accept I'm the only person with this complaint. It's a serious security issue. Imagine being able to identify others simply through their consistently repeated spelling errors?

I have posted here on this topic before but there was a distinct lack of any response.

Do your good deed for 2015 - it's not to late...

TIA

Which version did work for you? Do you have dictionaries installed in your Tor Browser? What did you try to enable spell-checking?

@ GK

As I wrote above, my FF settings and TBB settings Tools/Options/Advanced/General settings are identical.

As are both Options/Content settings except for, ooops, "Allow pages to choose their own fonts" - disabled on FF but enabled on TBB.

Now my font colour stays black instead of blue, as I'd prefer and TBB 4.0.6 - just downloaded - now has an active spell check. Why would this setting - or rather - should this setting influence spell check?

I started this post with FF, copied it, downloaded and installed TBB 4.0.6 over 4.0.5 - that's a first - and then re-posted this using 4.0.6.

Usually, I delete the old browser - CCleaner then cleans the Registry - and then install the new 'un for my own security reasons. Never mind. I'll do it properly when I sign off here.

So I'm up and running again. But I'm still mystified.

Thank you for your interest. Any further insights would be welcome...

@ GK

Me again.

I've now installed 4.0.6 matching, as far as possible, my Mozilla browser which functions perfectly on regular sites - spell checker included.

The TBB spell checker works on this site but not on regular sites and not on tor sites. That previous "ooops" nonsense is just that. Sorry!

The only major difference I can find between the two browsers is that FF Options/Content/Advanced/Fonts has a Latin fonts designation while TBB ditto has a Western fonts designation. ??

Please let me have your opinion on this matter. Thank you for your patience...

Still no response to this security issue? LOL I'm also curious and I've thus also been waiting for some sort of clarity on this spell check matter from Tor.

Me again...

Here's another take on "stingray" fyi.

http://www.nytimes.com/2015/03/16/business/a-police-gadget-tracks-phone…

I'm alarmed!

In response to the above:

"Such data “from all wireless devices in the immediate area of the F.B.I. device [cell site simulater] that subscribe to a particular provider may be incidentally recorded, including those of innocent, nontarget devices.”"

Wow, now I know why people in the U.S. are so paranoid, their government wants to know EVERYTHING about them, to use it against them should the opportunity arise. "it's in the name of Homeland Security!" they say, but then what constitutes protecting "homeland security"? If someone were to whistleblow, say like something about 9/11, the government could label this as a "threat" to homeland security and take these measures so long as it protects their interests. I don't know why there aren't public protests against this kind of stuff.

This is what I am getting when trying to download tor on torproject website for tor browser 4.0. 6?? am typing in https://www.torproject.org
Not Found

The requested URL /torbrowser/4.0.6/torbrowser-install-4.0.6_en-US.exe was not found on this server.
Apache Server at dist.torproject.org Port 443

I deleted my old tor 4.0.5 seeing that on this tor website that 4.0.6 is out and got that apache message and 404 error..now stuck without tor! this is the message I got again, plus I cannot dwnload tor at all...so what is going on?
Not Found

The requested URL /torbrowser/4.0.6/torbrowser-install-4.0.6_en-US.exe was not found on this server.
Apache Server at dist.torproject.org Port 443

Thank you for fixing the problem. I was able to download the new version 4.0.6! love tor great work!

Right -- it was a temporary problem while we uploaded 4.0.6.

I've opened
https://trac.torproject.org/projects/tor/ticket/15530
so we have fewer of those problems in the future. Thanks!

using 4.5a5 (based on Mozilla Firefox 31.6.0, one site always gets Access Denied" no matter how many times I get "New Identity".

http://www.foxnews.com/ yields an:
---------------------------------
Access Denied
You don't have permission to access "http://www.foxnews.com/404error/" on this server.

Reference #18.16bd7a5c.1429010305.6ee5f69
----------------------------------

odd that. There have been many favorable, or at least neutral, articles on FN re Tor.

Last year ther was no problem. I don't recall exactly when it became impossible.

For the last couple of days, i cannot get past google captcha screen. I enter the parameters but it asks for another captcha over and over...so annoying...Why did you try to fix something that already works?

TOR works for me when i first tried it ilove tor

Cloudflare Captcha appears for me e.g. on 4chan, and it;s the hardest type to solve. I got quite good at solving them and occasionally I get one which I am sure was correctly entered, but I am **ALWAYS** without fail given another Captcha. I did screw with TOR's about:config to set lots of options to false, and I note the latest versions of Tor have some change to NoScript ClearClick (which was giving an issue with Tor + Captcha) but this hasn;t helped me.

About 1/3 of the internet is unusable to me.
It's ok when i can use a startpage proxy at the end of Tor to get there, but with just Tor, it gves me ENDLESS Captchas.
Any ideas??

Anyone Else?