Tor Browser 6.0.4 is released

Tor Browser 6.0.4 is now available from the Tor Browser Project page and also from our distribution directory.

This release finally brings Tor Browser users the latest Tor stable, 0.2.8.6, and avoids pinging Mozilla's servers for system extensions.

Pinging Mozilla's servers was responsible for users getting an extension into their Tor Browser that resulted in annoying and confusing "Your Firefox is out of date" notifications on start-up (bug 19890). Thanks to Mozilla engineers, who fixed that issue as quickly as possible on their side, the extension is not shipped to Tor Browser users anymore since August 11 13:00 UTC. This takes care of getting the add-on removed as well in case it got installed into Tor Browser (as does the fix we ship in Tor Browser 6.0.4) which should have happened/is happening during the next extension update ping. For further information see the discussion in our bug tracker.

Users that are on the alpha channel or are using the hardened Tor Browser were not affected. The same goes for Tails users as far as we know.

The full changelog since Tor Browser 6.0.3 is:

Tor Browser 6.0.4 -- August 16

  • All Platforms
    • Update Tor to 0.2.8.6
    • Update NoScript to 2.9.0.14
    • Bug 19890: Disable installation of system addons
Anonymous

August 16, 2016

Permalink

So, the question is: Tor Browser 6.0.3 included in Tails is different? And why? Or what else?

Yes, there appear to be a few differences [1]. Mostly, just preference adjustments and adding the Add Block Plus addon. Most modifications appear to be required since the Tor daemon, which is responsible for connecting to the Tor network, and the browser are not intertwined. This allows for better security in tails by running the Tor daemon in as a different user. Also, it allows to connect to the Tor network before the browser is opened, speeding up things, and allows sharing one single tor daemon for all network traffic.

[1]: https://git-tails.immerda.ch/tails/tree/config/chroot_local-includes/et…

Anonymous

August 16, 2016

Permalink

Hello All. My name is Don, and I am obviously new to TOR, but am finding the privacy features of this browser to be very usefull in maintaining my online privacy, which is a refreshing new status.I will do my best to make using TOR a part of my daily web surfing. Thank you for creating such a wonderful product!

Agreed. NSA did not make TOR.
I don't know who for sure to thank but another version I heard is the U. S. Navy created it. Probably just another Myth. Of course I'm sure HIV was actually created by CIA and was supposed to target only GAY's! RRRRIIIIIIGGGGHHHHT!!

LoL, "outofdate-notifications@mozilla.org" !! once-upon-a-time found this in a situation (couldn't recall) & asked myself: What "Mozilla" has got to do with anything -OutOfDate- that is related =Exclusively= to TBB! .. Thought -even- it might leak usage practice --innocently- to an (agent) on the other end ;)

However, today -THANKFULLY- you answered my thoughts, but a bit sad: Why wasn't me who must report this"BUG" to you, ..Well, no-problem.. at least my thoughts were -almost- Right :)

Thanks again TBB team, & best of luck to you ALL..

Anonymous

August 16, 2016

In reply to by Anonymous (not verified)

Permalink

You ask youself Why wasn't me who report this bug.

You say: I need to move the chair in the corner. You do not move the chair until maybe years later.

Same reason. No fault.

Is there going to be away of using Tor with out agreeing to the new terms and conditions contract MS is going make everyone sign ?

. I refuse to sign anything I don't agree with .

How can I even have windows on my devices with out signing those intrusive agreements ?

Using either or both will probably give you a more distinct fingerprint. Privacy Badger "learns" as it is used, changing the users fingerprint. Given that most use cases of ublock involve blocking specific sites, you're going to end up with a unique fingerprint there as well. There's a reason why NoScript in TB has been modified to not allow site-specific white/blacklisting.

Of course, installing any addon has standard risks involving fingerprinting and attack vectors. Privacy Badger and ublock are just particularly bad for specific reasons. They're good addons, but they fail to deal with specific concerns for most TB use cases.

Hi Tor Team, can you clarify what "...NoScript in TB has been modified.." means, is it not an original NoScript add-on that comes with TBB? Thank you.

Great, so what am I supposed to use to catalog pages I frequent? A pencil & paper? What the hell is this browser good for then? Or I should say FOOD for?

i don;t see how a webpage could access bookmarks.

for small set of "bookmarks", you could drag urls into a text editor, then load that text file into tor browser as webpage.

but does this create a new privacy risk? (None seems obvious to me)

bookmarks are not threat to anonymity. They could only be used if your PC was taken by police and they opened your tbb. But you can have full disk encryption or just have your tor browser inside encrypted container. But don't forget to unmount it or shutdown PC when you exit home or open door.

Anonymous

August 16, 2016

Permalink

Здравствуйте меня зовут Руслан Мне интересно можно перевдить в Тор веб -сайты на Русский язык если это возможно то как подскажите?Спасибо Удачи!!!

Anonymous

August 16, 2016

Permalink

Could we get a heads up before having the update forced on us? I prefer to download and reinstall myself.
You talk about freedom, how about that freedom?
Thank you for your great work!

dude, a little humility goes a long way..just thank the Tor programmers like u would any soldier who's defending ur dignity and and move on.

Anonymous

August 16, 2016

Permalink

It wasn't just annoying and confusing. It also broke non-Tor Firefox browsers. Why you would thank Mozilla engineers for anything is suspicious. They intentionally created and included the extension. And it proves Tor is easily hacked by big brother.

Tor Browser will no longer load such add-ons. Also, the list of add-ons Mozilla is deploying must be public so any malicious attempt would be caught easily.

Hi, are you able to explain further how Tor maybe hacked hijack etc.
Privacy is important to me; I've no real knowledge of computers.
Is there a simple list of things not to do...

thanks for your time...
Cash

Anonymous

August 16, 2016

Permalink

tor did not connect to dir auth servers successfully.
are there any changes fetching the consensus/descs at firstrun ?

Anonymous

August 16, 2016

Permalink

Here in Syria we must use TOR to avoid mass surveillance have here, my friend was sent to prison because internet surveillance.

I afraid but I will never stop to use internet to send photos of this awful government.

Thank you.

i just decided i ,m gonna set up a relay to help free! internet only thing is i am gonnna need some help with this if there is ANYONE OUTTHERE HELP me with this issue so how to set up a relay on a mac system. is nnot there a program for it Who knows pleAS REPLAY..............

The comments area to this blog is a terrible place to ask for help, I'd expect no one to bother answering you here on this, especially when you can just read the documentation provided by the Tor Project itself.

You can find your starting point for how to set up a relay here:

http://expyuzz4wqqyqhjn.onion/docs/tor-relay-debian.html.en

I have deliberately given you the onion service link, which you can only reach using Tor itself. You look eager, but very fresh, and running a relay is serious work. Needing to use Tor to reach the onion service ensures you're actually using Tor yourself, otherwise you're likely to screw up.

You'll need to decide whether you'll just be a middle relay (fairly harmless, but helps), or an exit node (which can be a real headache if you are too naive about legal repercussions*).

* Hint: If you need to ask what legal repercussions, you're probably too naive!

Anonymous

August 16, 2016

Permalink

Перестало работать расширение NoSquint (((

Это очень плохо, т.к. это часть браузера, скачай и поставь заново. Как так получилось?

Anonymous

August 16, 2016

Permalink

ok