Tor Browser 6.0.6 is released

Tor Browser 6.0.6 is now available from the Tor Browser Project page and also from our distribution directory.

This release features important security updates to Firefox.

This release is updating Firefox to 45.5.0esr. Moreover, other components got an update as well: Tor to 0.2.8.9, HTTPS-Everywhere to 5.2.7, and OpenSSL to 1.0.1u.

We fixed a lot of usability bugs, some caused by Apple's macOS Sierra (meek did not work anymore and windows could not be dragged either). We moved directly to DuckDuckGo as our search engine avoiding a roundtrip to Disconnect.me first. Finally, we added a donation banner shown in some localized bundled starting on Nov 23 in order to point to our end-of-the-year 2016 donation campaign.

Here is the full changelog since 6.0.5:

  • All Platforms
    • Update Firefox to 45.5.0esr
    • Update Tor to 0.2.8.9
    • Update OpenSSL to 1.0.1u
    • Update Torbutton to 1.9.5.12
      • Bug 20414: Add donation banner on about:tor for 2016 campaign
      • Translation updates
    • Update Tor Launcher to 0.2.9.4
      • Bug 20429: Do not open progress window if tor doesn't get started
      • Bug 19646: Wrong location for meek browser profile on OS X
    • Update HTTPS-Everywhere to 5.2.7
    • Update meek to 0.25
      • Bug 19646: Wrong location for meek browser profile on OS X
      • Bug 20030: Shut down meek-http-helper cleanly if built with Go > 1.5.4
    • Bug 19838: Add dgoulet's bridge and add another one commented out
    • Bug 20296: Rotate ports again for default obfs4 bridges
    • Bug 19735: Switch default search engine to DuckDuckGo
    • Bug 20118: Don't unpack HTTPS Everywhere anymore
  • Windows
    • Bug 20342: Add tor-gencert.exe to expert bundle
  • OS X
    • Bug 20204: Windows don't drag on macOS Sierra anymore
    • Bug 20250: Meek fails on macOS Sierra if built with Go < 1.7
  • Build system
    • All platforms

just the same here:
Artemis!5DEFB87498BC
Artemis!39E8FB7DB6F9
Artemis!A8B534817E99
Artemis!EB71C6C55A6D

Exact same issue here with McAfee AV detecting those same 4 Artemis Trojans.
I don't just want to assume they are false positives without some confirmation... Any news about this yet?

Thanks

That is very likely a false positive where your antivirus software is trying to outsmart us who are building Tor Browser from source and are making sure that the build result on at least two different machines is exactly the same.

Anonymous

November 18, 2016

Permalink

I discovered the same result as the poster above. Noticed this yesterday, after upgrading to the latest version. I believe it was 6.0.6.

It was detected as a trojan/trojan-like via McAfee's artemis heuristic engine. This was the detection: artemis!39E8FB7DB6F9

Anonymous

November 18, 2016

Permalink

On the Tor Browser home/about page it still says: "Search securely with Disconnect.me".

Anonymous

November 19, 2016

Permalink

Why does searching with DuckDuckGo direct me to their clearnet side instead of their .onion site now?

That did not change. Before you reached the DuckDuckGo clearnet site via Disconnect.me. Now, we save this round-trip and use DuckDuckGo directly. You still can choose the .onion version in your search settings, though.

Hello gk.
What are the downsides to setting DuckDuckGo at https://3g2upl4pq6kufc4m.onion/html/ as default search engine? It says that the certificate is for duckduckgo.com, isn't it safe to ignore that warning? Doesn't this require compromising the certificate authorities AND the hidden service protocol, whereas breaking duckduckgo.com just requires compromised CA?
I know I'm missing something. Any thoughts are welcome.
Have a good day.

The certificate is one issue. Then it is not clear to us whether the onion service would be able to cope with the load of search requests once it is used by default by all Tor Browser users.

Anonymous

November 19, 2016

Permalink

same here, McAffe found multiple artemis Trojans during the upgrade

Anonymous

November 19, 2016

Permalink

On a Mac OS transport meek-azure does not work and the transport FTE is stil mising.

Anonymous

November 20, 2016

Permalink

updated TOR and tried to log on but got message "your IP address is blacklisted." Never had this message before and don't know why my IP would be blacklisted. Anyone got the same message and if yes what did they do about it?

I, too, recently got that message about my IP having been blacklisted, though I have ever and still now use whatever DHCP address my ISP (Vodafon/Kabeldeutschland) allocates.

I did actually nothing (nothing effective, that is) about that. In the meanwhile, though, that message does not get shown and I am able again to browse the internet (apparently) normallly.

My impression has been, that either my email protesting the blacklisting of my ISP provided IP finally brought results or the problem simply got handled anyways after awhile. For awhile (over the weekend) I simply was not able to use the internet from this (LinuxMint17.3 running) desktop and saw myself reduced to only being able to surf using my Lenovo Thinkpad laptop (running Trisquel 7, freshly updated at every session start). I avoided the message there by using Firefox Nightly (also always freshly updated at every session start), which made it possible for me to send off that complaint emaill.

Anonymous

November 20, 2016

Permalink

Had the same issue when installing TOR 6.0.6. Got the ARTEMIS trojan warning from McAffee when I was installing the browser and when I scanned the TOR executable for viruses (McAffee).

I read online that this ARTEMIS might be a false positive. It's often triggered by heuristic analysis of files, but still...

Anonymous

November 20, 2016

Permalink

if tor connect gui starts before wlan0 in linux is connected, connection wont happen even if wifi does subsequently connect
wrote this code to start tor browser on boot only after wifi has connected distro is puppy linux but perhaps you caneven use the code somehow in the gui itself

  1. #!/bin/bash</p>
  2. <p>HIIP=20</p>
  3. <p>until [ $HIIP -lt 0 ]; do<br />
  4. echo -n " : HIone " $HIIP</p>
  5. <p> ifconfig wlan0>>/tmp/Test.txt</p>
  6. <p> RegExStr="addr:[0-9].[0-9].[0-9].[0-9]"<br />
  7. egrep -o $RegExStr "/tmp/Test.txt" > /tmp/Test2.txt<br />
  8. rm /tmp/Test.txt<br />
  9. while read p; do<br />
  10. TEST=${p}<br />
  11. done </tmp/Test2.txt<br />
  12. rm /tmp/Test2.txt</p>
  13. <p>echo -n "test is qnow" $TEST</p>
  14. <p> if [ $TEST ]; then tor-browser & exit<br />
  15. fi<br />
  16. let HIIP-=1<br />
  17. let X=20-$HIIP<br />
  18. echo -n " : HItwo" $HIIP<br />
  19. echo -n " :X is " $X<br />
  20. sleep $X<br />
  21. done</p>
  22. <p>exit 0<br />

it not elegant code but it serves it purpose

Anti viruses use very paranoid heuristics in an attempt to detect polymorphic viruses.
These heuristics are easy to overcome for anyone trying to overcome them, but any legit program that uses a slightly unorthodox build system gets blocked.
If you want to be secure there is no perfect solution, but here's a much better solution than running Windows with an antivirus;

Replace Windows with QubesOS(unlike what you hear about Linux, QubesOS doesn't require command lines, terminals, typing, wizardry, reading, etc. It has a simple, user-friendly GUI with very small learning curve).

If you get a virus in QubesOS, you just close the application and re-open it, and it automatically gets a whole fresh operating in under a second without you having to do anything. It's like running TAILS and restarting it every time you close a program, but it only takes a s-lit second to restart, and most important EASY TO JSE REQUIRING NO TECHNICAL KNOWLEDGE.
https://www.qubes-os.org/downloads/

Anonymous

November 21, 2016

Permalink

Using macOS Sierra 10.12.1, I`ve updated TorBrowser to 6.0.6. Everything works fine.

After that, I`ve updated the alpha version to 6.5a4. Everything works fine too.

But now I can`t open my 6.0.6. any more. When trying it, I get the following message:

"Tor wurde unerwartet beendet. Dies kann die Folge eines Fehlers in ihrer "Torrc"-Datei sein, ein Fehler in Tor, einem anderen Programm in ihrem System oder fehlerfafter Hardware. Bis die Ursache beseitigt wurde und Tor neugestartet wurde, wird der TorBrowser nicht starten."

Any idea? I´m sure that there isn`t a mistake in my hardware.

The problem is that the current alpha is using a feature that is not available in the stable series but both are sharing the same browser profile. Thus, until we fix that problem (e.g. by taking this into account the next time we design such a new alpha feature) you can either install the alpha and the stable into different locations (e.g. one into /Applications and the other on your desktop). Or you need to get rid of your profile in order to get the stable running again. I guess you installed Tor Browser into /Applications. Then your profile directory, TorBrowser-Data, should be at ~/Library/Application Support.

Anonymous

November 21, 2016

Permalink

Start TBB is opening 2 TBB windows.
This is conditional on startupCache.4.little file?

Anonymous

November 21, 2016

Permalink

If I reinstall the same 6.06 version on a Mac OS I get the message a newer one already already exists.

"A newer item named “TorBrowser.app” already exists in this location. Do you want to replace it with the older one you’re moving?"

Anonymous

November 22, 2016

Permalink

Question.

What does "client-versions" and "server-versions" in consensus
mean?

in consensus:
client-versions 0.2.4.27,0.2.5.12,0.2.7.6,0.2.8.9,0.2.9.4-alpha,0.2.9.5-alpha
server-versions 0.2.4.27,0.2.5.12,0.2.7.6,0.2.8.9,0.2.9.4-alpha,0.2.9.5-alpha

In all Tor Release notes "[...] All Tor users should upgrade to this version [...]". Why older Tor versions like 0.2.4.27, has a Guard
Flag ?

in consensus,too: e.g.
default Tor 0.2.4.19 153.163.177.44
default 0.2.4.19 83.233.76.111
torfoo 0.2.4.23 212.129.42.9
default 0.2.4.23 91.106.139.225
TorExitJejaringOrg Tor0.2.4.20 14:38:22 185.61.149.193

These versions are very old and older as 0.2.4.27 in consensus.
Why you support those?

Anonymous

November 22, 2016

Permalink

The newly discovered Trojans in Tor might have something to do with the fact that FBI placed their malware in Tor to identify pedophiles, according to this article:
http://thedailyhaze.com/fbi-hosted-tor-child-pornography/
...and that the police in Norway recently discovered a large pedophile network, that the FBI is said to having been tipped the Norwegian police about.
https://www.flashback.org/t2783686

/Just wondering...

If you are talking about the ones mentioned on this blog post and that were included in freshly downloaded Tor Browser versions or our updates, then very likely "no". We built those directly from the source on different machines and got the exact same output which we shipped. It is much more likely that those issues are false positives due to the firewall/AV software running on the machines.

Anonymous

November 22, 2016

Permalink

> Add donation banner on about:tor for 2016 campaign
a donation banner appeared a week later , what does it mean ?!

Anonymous

November 23, 2016

Permalink

great