Tor Browser 5.5.1 is released

Tor Browser 5.5.1 is now available from the Tor Browser Project page and also from our distribution directory.

Most notably, this release features fixes for regressions caused by our font fingerprinting defense: chinese users should have a functional Tor Browser again and emoji support is restored on OS X and Linux systems (we are still working on a fix for Windows).

Moreover, we fixed an oversight in one of our patches which broke some websites depending heavily on iframes.

The full changelog since 5.5 is:

Tor Browser 5.5.1 -- February 5 2016

  • All Platforms
    • Bug 18168: Don't clear an iframe's window.name (fix of #16620)
    • Bug 18137: Add two new obfs4 default bridges
  • Windows
  • OS X
  • Linux
Anonymous

February 05, 2016

Permalink

ok

Anonymous

February 05, 2016

Permalink

nice!!!

Anonymous

February 06, 2016

Permalink

Yaaaaaww

Anonymous

February 06, 2016

Permalink

how do I know that you are real Tor browser?
On my previous Tor browser , 6-7 months ago ,it was not updating itself,and every time
I use it, it asked me if I want to have Tor to be my default search engine and it was not updating?
That Tor browser from September 2016 was erased by accident and I downloaded another version from Google search ?
Also,there are few things different this time round in the main bar, there is orange
writing and on the bookmarks star is now blue not yellow and on the right hand side at the top the star is now blue and not yellow ?
When I use bookmarks bar to log in to outlook the green padlock shows as a sign of security,but when I want to log in to HTTPS://YAHOO there is no green padlock?
This time round Tor browser is updating itself and it is not in my main programs menu,where I can see and edit the content ?
I will appreciate if you explain these points
Thanks,Concerned Tor user

It sounds like you use to be using a version of Tor Browser more than a year old (from before Firefox went to aurora or whatever the present skin is called.) You should have been updating manually for every update back then.
Tor Browser is specifically designed to not integrate into the OS. That means it doesn't put itself into your start menu. Instead, you've got to start it from the shortcut located wherever you installed it. In fact, I don't know if there ever was a version that put itself on the start menu; you may have been using an unofficial build -- which isn't recommended.

Anonymous

February 06, 2016

Permalink

Windows 7 on VPN w/ 2FA enabled. Cannot open (full screen) browser window w. v5.5.1

Anonymous

February 06, 2016

Permalink

Flash player doesnt work for fb games and youtube videos. I am going to fall back to using Tor 4. Tor 3 and 4 work fine with flash.

Anonymous

February 06, 2016

Permalink

In Tails 1.8.2 and prior versions I connected to the internet by adding a username and password to a dsl connection in the network connections. In Tails 2.0 I can't find a dsl or equivalent where I can introduce a username and password to connect to the internet. I know this is not the right place to ask this but I don't know where else to go for help. So please, can anyone help me?

Hello again, fellow Tails user here. I reported your problem on the #tails channel on IRC. It is now tracked on Redmine at RiseUp as issue 11028 (https://labs.riseup.net/code/issues/11028) since 29 Jan. And (voice in the style of Futurama's Professor Farnsworth) "Good news, everyone!": there's a workaround.

Reading muri's investigation, he says the old nm-connection-editor GUI was superceded by a new Gnome3 one, and this can't be reversed (yet). However, if you open a Terminal, and type (I tried this, it works!):

<a href="mailto:amnesia@amnesia" rel="nofollow">amnesia@amnesia</a>:~$ nm-connection-editor &

the old GUI pops up in the middle of the screen. Click "Add" and I'm sure you'll find your way from there to DSL.

I know about Bug #11028,I've been following it ever since it went up. Unfortunately introducing the command line in a terminal, while it does bring up the connection manager with the dsl option and others, doesn't work. After I put in my username and password it simply doesn't connect. The problem is Debian 8, Debian 8 gnome desktop has the exact same problem as Tails 2, Debian 8 cinnamon has the dsl tab in the gui but it doesn't connect, just like Tails 2 with the above terminal command. Linux Mint Rosa (17.3) cinnamon works perfectly, it's the one I'm using now with TB, the same goes for Ubuntu 14.04.3 LTS and Ubuntu 15.10. I'll wait for a fix for the bug before I'll send them an email about whether or not the dsl connection works, as I'm not sure if a fix to gnome 3 would also fix the inability to connect with a dsl using the terminal command. Thanks for your reply, even though I didn't post the comment. I'm the op from the blog post where this comment first appeared. Probably somebody copy & pasted it here by accident. But, to all of those trolls who will undoubtedly start commenting that this is not a tails blog : "Stop whining!" Nobody cares what you say.

That is a common experience for Tor users. It happens when the website uses CloudFlare. See:
https://trac.torproject.org/projects/tor/wiki/org/doc/ListOfServicesBlo…

There is not much to do about it right now, other than solving the captchas or avoiding those websites. Here is a blog post on the subject:
https://blog.torproject.org/blog/call-arms-helping-internet-services-ac…

What are you talking about? For the last 1 to 2 weeks the captchas work without you needing to activate the java script. We don't need to worry about allowing java script and thus we can stay completely anonymous and cloudfare can keep doing it's thing, this is the best compromise.

clown sites under clownfare are dead - they do not even have ssl certificate. nobody can trust them. all your private info IS compromized. so it is https trust what is dead in reality.

Anonymous

February 06, 2016

Permalink

goood

TAILS doesn't give you administrative rights by default. So you cannot perform any updates. Moreover, if you are running tails on a DVD-R, you cannot change the codes since its not rewritable. To get the lastest version of the Tor browser, you need to update tails (keep to the latest version as possible).

Anonymous

February 06, 2016

Permalink

Why do I connect using only the first node 88.198.9.16 !!! DEU!
This can not be changed either by restarting or change of identity.
Can I still trust?
Ver .: Tor-Browser 5.5.1

The FAQ does not explain that:

> The solution is "entry guards": each Tor client selects a few relays at random to use as entry points [...]

One is certainly different from a few. Please stop misguiding people and explain what is going one.

you can set parameter to rotate guards every month(minimum) - check manual. and you can set number of guards.
please do not disinform.

Anonymous

February 06, 2016

Permalink

Nice.

Anonymous

February 06, 2016

Permalink

thank's

Anonymous

February 06, 2016

Permalink

I know I'd previously received notifications when maximizing Tor that it would give away your native screen resolution which could be used to identify you (it seemed like a long shot to me), so when I noticed in the latest release that I couldn't maximize, I figured it was a security 'feature' rather than a bug. Apparently I was wrong.

Anonymous

February 06, 2016

Permalink

The bridge is only 2, used to have three. Article 2 is too little, and some bridge didn't work.

Anonymous

February 06, 2016

Permalink

1. RE the question about size of browser window for which GK replied.

isn't maximising the browser window a bad idea because it aids data for fingerprinting by allowing a non-uniformity of user? This is why the browser window is the smaller size (for most) it is?

2. Unsure where else to post this so excuse me. I dont really wish to sign up to use the Tor mailing list (unfortunately)
malwarebytes scanner sometimes tells me a malicious website has been blocked, either when I'm connecting with Tor , or when I'm using Tor. I am aware there are issues with virus software giving false positives with Tor and Tails including when installing.

However is what I'm experiencing possibly a sign of an adversarial node attempting to make a, for example, packet injection?

3. just as a side note after reading through a lot of the comments for various posts. The revisiting ''NSA troll" - it would appear that one utility of such an actor (I just love the way that word is the one used in this context!! or is it syntax ) to the paymaster is to divide and conquer. Basically, chew up peoples time with useless shit as to make it harder to respond to genuine queries. If authentic actors (haha sorry couldn't resist) are able to discern when said "NSA troll" is posting surely just ignoring completely is going to shut that actor down. And then that actor is going to be unemployed in hollywood looking for a casting couch
And there's so many unemployed actors there

Anonymous

February 06, 2016

Permalink

super

Anonymous

February 06, 2016

Permalink

its really good browser i used this last three years and for my opinion tor browser is best