New Release: Tor Browser 7.5.6

Tor Browser 7.5.6 is now available from the Tor Browser Project page and also from our distribution directory.

This release features important security updates to Firefox.

Tor Browser 7.5.6 updates Firefox to 52.9.0esr and includes newer versions of NoScript and HTTPS Everywhere. Moreover, we added the latest Tor stable version, 0.3.3.7.

This Tor Browser version additionally contains a number of backported patches from the alpha, most notably the feature to treat cookies set by .onion domain as secure as well.

For Windows users we activated an option that prevents an accidental proxy bypass when dealing with UNC paths.

The full changelog since Tor Browser 7.5.5 is:

  • All platforms
    • Update Firefox to 52.9.0esr
    • Update Tor to 0.3.3.7
    • Update Tor Launcher to 0.2.14.5
      • Bug 20890: Increase control port connection timeout
    • Update HTTPS Everywhere to 2018.6.21
      • Bug 26451: Prevent HTTPS Everywhere from freezing the browser
    • Update NoScript to 5.1.8.6
    • Bug 21537: Mark .onion cookies as secure
    • Bug 25938: Backport fix for cross-origin header leak (bug 1334776)
    • Bug 25721: Backport patches from Mozilla's bug 1448771
    • Bug 25147+25458: Sanitize HTML fragments for chrome documents
    • Bug 26221: Backport fix for leak in SHA256 in nsHttpConnectionInfo.cpp
  • Windows
    • Bug 26424: Disable UNC paths to prevent possible proxy bypasses
Anonymous

June 28, 2018

Permalink

FWIW, I experienced no problems with verifying the detached sig or running TB 7.5.6.

Thanks to everyone at TP for all your hard work, and please do not fail to disobey any gag orders accompanying an NSL handed to TP! We need that kind of protection too...

Anonymous

June 29, 2018

Permalink

Game over for Torbrowser?

A 'littke' marketing problem for Torbrowser is that it is usually framed as highly suspicious,
people that are not really into tech are easily to convince that torbrowser is almost using criminal stuff as well.

And now this marketing/framing threat is getting a little bigger, suddenly there is a standard -aka normal- browser that has tor functionality and is pretending, claiming in suggestion that it can offer tor-privacy as well with special 'tor-tabs' in this browser.

This browser is calling herself, brave.
A very attrackting, maybe even very convincing name for the normal internet user.
But how brave is it?

Is it really brave enough to fight all the privacy attacks that torbrowser can survive?
I am very curious.
Curious because I like Torbrowser and bevause it would be a shame if some new project is stealing the tor privacy olympic title when even not really offering the same lkind of real privacy.

So, when comparing Brave browser vs Torbrowser, who is the best?
I want to know, and you want to know this too!
Don't let others steal your marketshare, not with false hope, and maybe not when the claims are kind of true, try to be better!

Privacy marketing is a real threat to people when it is not offering real privacy protection, and it is a real threat to Tor when bad products are associated with it.

What does the real tor community think of brave vs torbrowser?

Anonymous

June 29, 2018

Permalink

Not sure if this is a 'my end' problem or a 'your end problem' or even if relevant or helpful but here ya go -
Fresh install 7.5.6 32 bit running under Knoppix 8.2-2018-05-10.EN boot-strap failed / hung. Re-tried using an obfs4 bridge, same result (twice) but worked when selecting an obfs3. System date/time/timezone set correctly.

06/29/18 21:41:33.600 [NOTICE] DisableNetwork is set. Tor will not make or accept non-control network connections. Shutting down all existing connections.
06/29/18 21:41:33.600 [NOTICE] DisableNetwork is set. Tor will not make or accept non-control network connections. Shutting down all existing connections.
06/29/18 21:41:33.600 [NOTICE] DisableNetwork is set. Tor will not make or accept non-control network connections. Shutting down all existing connections.
06/29/18 21:41:33.600 [NOTICE] Opening Socks listener on 127.0.0.1:9150
06/29/18 21:41:33.600 [NOTICE] Renaming old configuration file to "/home/knoppix/.local/share/torbrowser/tbb/i686/tor-browser_en-US/Browser/TorBrowser/Data/Tor/torrc.orig.1"
06/29/18 21:41:34.400 [NOTICE] Bootstrapped 5%: Connecting to directory server
06/29/18 21:41:34.400 [NOTICE] Bootstrapped 10%: Finishing handshake with directory server
06/29/18 21:41:34.500 [NOTICE] Bootstrapped 15%: Establishing an encrypted directory connection
06/29/18 21:41:34.600 [NOTICE] Bootstrapped 20%: Asking for networkstatus consensus
06/29/18 21:41:34.600 [NOTICE] Bootstrapped 25%: Loading networkstatus consensus
06/29/18 21:41:35.800 [NOTICE] I learned some more directory information, but not enough to build a circuit: We have no usable consensus.
06/29/18 21:41:35.900 [NOTICE] Bootstrapped 40%: Loading authority key certs
06/29/18 21:41:36.400 [NOTICE] Bootstrapped 45%: Asking for relay descriptors
06/29/18 21:41:36.400 [NOTICE] I learned some more directory information, but not enough to build a circuit: We need more microdescriptors: we have 0/6340, and can only build 0% of likely paths. (We have 0% of guards bw, 0% of midpoint bw, and 0% of exit bw = 0% of path bw.)
06/29/18 21:41:36.500 [NOTICE] Bootstrapped 50%: Loading relay descriptors
06/29/18 21:41:37.900 [NOTICE] Bootstrapped 57%: Loading relay descriptors
06/29/18 21:41:38.300 [NOTICE] Bootstrapped 66%: Loading relay descriptors
06/29/18 21:41:38.400 [NOTICE] Bootstrapped 71%: Loading relay descriptors
06/29/18 21:41:38.500 [NOTICE] Bootstrapped 80%: Connecting to the Tor network
06/29/18 21:41:39.300 [WARN] Failed to find node for hop #1 of our path. Discarding this circuit.
06/29/18 21:41:40.400 [WARN] Failed to find node for hop #1 of our path. Discarding this circuit.
06/29/18 21:41:41.300 [WARN] Failed to find node for hop #1 of our path. Discarding this circuit.

<< DUPLICATE ERROR MESSAGES DELETED >>

06/29/18 21:42:35.300 [WARN] Failed to find node for hop #1 of our path. Discarding this circuit.
06/29/18 21:42:36.300 [WARN] Failed to find node for hop #1 of our path. Discarding this circuit.
06/29/18 21:42:36.500 [NOTICE] Bootstrapped 85%: Finishing handshake with first hop
06/29/18 21:42:37.300 [WARN] Failed to find node for hop #1 of our path. Discarding this circuit.
06/29/18 21:42:38.300 [WARN] Failed to find node for hop #1 of our path. Discarding this circuit.
06/29/18 21:42:39.300 [WARN] Failed to find node for hop #1 of our path. Discarding this circuit.

<< DUPLICATE ERROR MESSAGES DELETED >>

06/29/18 21:46:41.300 [WARN] Failed to find node for hop #1 of our path. Discarding this circuit.
06/29/18 21:46:42.000 [WARN] Received NETINFO cell with skewed time (OR:128.31.0.34:9101): It seems that our clock is ahead by 3 hours, 59 minutes, or that theirs is behind. Tor requires an accurate clock to work: please check your time, timezone, and date settings.
06/29/18 21:46:42.000 [WARN] Problem bootstrapping. Stuck at 85%: Finishing handshake with first hop. (Clock skew 14399 in NETINFO cell from OR; CLOCK_SKEW; count 1; recommendation warn; host 9695DFC35FFEB861329B9F1AB04C46397020CE31 at 128.31.0.34:9101)
06/29/18 21:46:42.100 [NOTICE] Closing no-longer-configured Socks listener on 127.0.0.1:9150
06/29/18 21:46:42.100 [NOTICE] DisableNetwork is set. Tor will not make or accept non-control network connections. Shutting down all existing connections.
06/29/18 21:46:42.100 [NOTICE] Closing old Socks listener on 127.0.0.1:9150
06/29/18 21:46:42.300 [NOTICE] Delaying directory fetches: DisableNetwork is set.

<< START UP HUNG AT ABOUT 85% ON PROGRESS BAR >>

Anonymous

June 30, 2018

Permalink

Ive just done an update, but the home page looks different, and I get the following messages.

Congratulations. This browser is configured to use Tor

However, it does not appear to be Tor Browser.

I tried a system restore to go back to past version, but this did not work.
Ideas?

Anonymous

July 03, 2018

Permalink

Wondering if anyone can help. Updated to latest Tor and now it displays a simple home page without graphics and says,

Something Went Wrong!

Tor is not working in this browser.
WARNING: this browser is out of date.
ALSO, this browser is out of date.
Click on the onion and then choose Check for Tor Browser Update.

Had no issues with Tor until now, on a Mac btw.

Anonymous

July 03, 2018

Permalink

I have Firefox 60 and tor running on my Mac high sierra and when I disable cookies on my Firefox browser Tor doesn't work on the same web site showing "please enable cookies" it appears Firefox and tor are sharing files. the site is https://www.zoominfo.com/c/Toronto-Public-Library/245366994 and when I try to complete the capcha it continues to repeat the captch even though it states I am not a robot.

Anonymous

July 04, 2018

Permalink

Tor Browser 7.5.6 shows me the following problem:

Tor failed to establish a Tor network connection.

Loading authority certificates failed ( Clock skew -6475 in microdesc flavor consensus from CONSENSUS - ? )

Anonymous

July 09, 2018

Permalink

Hi guys, thanks a lot for the continuous updates.

Humble feedback at your disposal. Upto v7.5.4, setup was running smooth out of the box, no special configs were required for plugs & bridges. Couldn't say the same for later ones.
v7.5.5 wasn't working at all, stuck at "not connecting to tor network". Finally v7.5.6 came out but again quite disappointing, so started diggin around, tried all built-in bridges [fte, obfs 3 & 4], nothing worked. Tried manually received bridges [plug-transport=none], same result. Then tried meek [azure], took a while but it delivered. Tor is up & running now, though quite a bit slower @50-60kbps than the good-old-vanilla (~200kbps). Strangely enough, TAILSv3.8 has same tor7.5.6 but it doesn't require any bridge configuration..

What's missing here?

Thanks a lot folks!

Anonymous

July 10, 2018

Permalink

Greetings Tor Users,

I come in peace: to provide insight regarding the new release Tor version 7.5.6 for MAC OSX 64. Which exits unexpectedly for more than three iterations, upon downloading. Happy testing.??‍???

Anonymous

July 13, 2018

Permalink

I use Linux. I downloaded the Tor 756 but it did not work. did not link to Firefox. so I downloaded Tor 8.0a9.
with it I was able to enter the Tor. But some problems arose with the opening of images and access to some links. What to do ? I would like to continue with the 756 ...

Anonymous

July 16, 2018

Permalink

WTH with Trac?

Content Encoding Error

The page you are trying to view cannot be shown because it uses an invalid or unsupported form of compression.

Please contact the website owners to inform them of this problem.

Anonymous

July 20, 2018

Permalink

The automatic updates bother me. How do we know they aren't tampered? When version 5.0 was new, we were emphatically told to NOT upgrade using the check for update mechanism.

Anonymous

July 21, 2018

Permalink

I am using translation software, and the language may not be smooth. How can I start the tor built-in browser directly? The tor route is not configured at startup. I use it in China because the built-in browser is very secure, so I want to use it to browse the web, and I don't need a tor route.

Anonymous

July 27, 2018

Permalink

I can't get my proxy settings to work with this update. After hours of trying and online research, I just reinstalled old version. Now it's auto-updated again, and I'm not restarting, because I don't have time. Any solutions to this?

Anonymous

August 16, 2018

Permalink

I am thinking of installing Bitdefender Internet Security and am currently testing it.

Under ‘Protection / Online threat prevention / Web attack prevention’ it says: “Checks every page you access for threats to avoid them being downloaded on your device”

This may be a silly question, but does this mean that it ‘sees’ every page I go to via Tor?

I know Tor is sandboxed. Does this prevent Bitdefender from seeing the pages?

This may be something that other users – not just those using Bitdefender ( as all the latest internet protection programs seem to have this ‘web-page checking facility’) – would like an answer to, so could I/we please have one from the developers?

Keep up the good work

Thanks

Anonymous

August 18, 2018

Permalink

I just tried to install TOR. When I try to execute it, I get a message "couldn't load XPCOM". I have no idea what that means. Any idea what's happening? Is there a simple fix for this?

Anonymous

August 27, 2018

Permalink

signing sub-key expired. can't verify download.

gpg: Note: This key has expired!
Subkey fingerprint: A430 0A6B C93C 0877 A445 1486 D148 3FA6 C3C0 7136

Anonymous

August 29, 2018

Permalink

Hi all very new to this not sure other than wanting to surf without being followed around, not up to anything out of the ordinary, just don't think anyone has the right o invade our privacy other than GOD Himself lol thanks for working so hard to make that happen!

Anonymous

September 11, 2018

Permalink

dieser bescheuerte browser macht was er will. keine updates heißt nicht installieree updates wie du lustig bist :(

Join the discussion...

This question is for testing whether or not you are a human visitor and to prevent automated spam submissions.

1 + 0 =
Solve this simple math problem and enter the result. E.g. for 1+3, enter 4.