Tor Browser Bundle 1.2.3 and 1.2.4 Released

by phobos | July 13, 2009

Tor Browser Bundle 1.2.3 was released on July 8, 2009. It contains the following changes:

  • Update Vidalia to 0.1.14
  • Update Tor to 0.2.1.17-rc
  • Update Pidgin to 2.5.8

TBB 1.2.3 was replaced by 1.2.4 on July 11, 2009 to include:

  • Include libeay32.dll from OpenSSL 0.9.8k to make QT happy
  • Update Vidalia to 0.1.15

TBB 1.2.4 is available at https://torproject.org/torbrowser.

Comments

Please note that the comment area below has been archived.

July 13, 2009

Permalink

Thanks for the update.
I know that certain Firefox Add Ons can compromise your security. But what about Cache Viewer? Would it be safe to install Cache Viewer for Firefox?

July 14, 2009

In reply to by Anonymous (not verified)

Permalink

I think it could compromise your security by allowing websites to see your cache info. Although I'm not really sure, maybe someone with more knowledge can jump in here.

July 14, 2009

Permalink

I have a stupid question

If I'm using 'tor' then can the people at my ISP see what websites I'm browsing etc.?

And can they generate a report of it?

of course cann't, the ISP can only see which ip you connneted, but the destination website is invisible, because all the stream data is encrypted between tor nodes.

If you can't access torproject.org from china, then you can't download the file either. We assume people in blocked countries are using mirrors, cdns, etc to get access to files.

yes/no?

July 15, 2009

Permalink

Noob or Newbe here.
I understand that Browsing with TOR is and will always be slow but can you guys integrate AdBlock Plus with TOR Browser so that When People access web page they don't have to load Crappy ads.
I think this will save Volunteer's bandwidth and Improve Browsing Experience for all Users.

I don't know if this is the rite place to request such add-on!

we don't want to make decisions for users. There are plenty of users who want to see relevant ads. Our goal is open access to information, not deciding what's good or bad for end users. If you want to block ads, there are plenty of ways to do it on the client side, such as Ad Block Plus, Request Policy, Privoxy with some ad lists, polipo with forbidden file regexes, pithhelmet, etc.

Do what you want with your experience, but we're not going to enforce it on everyone.

July 15, 2009

Permalink

I'd also like to see or be pointed to some analysis of which common FF security and privacy extensions are known to be safe (or unsafe) for use within TOR. I make great use of these in my "public" browser. Obviously turning on automatic updating of any kind would be inadvisable, but it is easy enough to get the updates elsewhere and import them. I also think that adblocking extensions could potentially help conserve TOR bandwidth while requiring minimal effort on the part of the TOR development team (although I admit I am not fully conversant with the details of what happens on the server vs the client side with adblocking utilities).

July 17, 2009

In reply to phobos

Permalink

Thank you very much for the pointer, Adblock Plus and NoScript will serve nicely. I apologize for not finding that page on my own search. The other extension I use regularly is CustomizeGoogle (with all settings locked down to eliminate Grap, not increase it - opposite of the defaults). When I'm confident that I have the first two working correctly, I'll experiment with CG and report results - to this place or is there a better forum? I'm also pretty sure I can figure out a way to use CLEO and FEBE to package updates from outside TOR and import them. For those of us who have the option of using a "browser in the clear" part of the time, why burden TOR net with the traffic, or risk inadvertently compromising our privacy to download updates?

I am currently using AdBlockPlus (with EasyList & EasyPrivacy subscriptions), BetterPrivacy, CookieCuller, CustomizeGoogle, Flashblock, NoScript, RefControl, and RequestPolicy, all at their most paranoid settings. I have successfully packaged those add-ons into a single xpi file using Chuck Baker's FEBE and CLEO utilities. I have also successfully captured the settings into a single prefs file with Baker's OPIE (thanks, Chuck!), except for BetterPrivacy and CookieCuller. CC is either on or off. Regarding BP, sometimes if an extension handles options in some new way, it may take Baker a couple of versions to accommodate, perhaps that is the case here. Note: it is necessary to package OPIE into the xpi as well so that it will be available to import the prefs file. In any event, all of those privacy enhancing FF add-ons load automatically with the Windows tor browser bundle v1.2.4, run quite happily, and show no signs of misbehaving (although I suppose I shall need to test for leaks with wireshark or equivalent). In fact, I had read in the mozilla.com comments on RequestPolicy that it appeared to speed up page loading significantly, and while it is always difficult to make such an analysis in tor due to the shifting network context, I do think that I notice an improvement .

July 23, 2009

Permalink

I am excited about Tor and want to use it. How does one determine if one has enough basic knowledge to use it successfuly? I have a good sense (I think!!) of maintaining the integrity of my computer locally - deleting temp files, and then using a disk redacter to overwrite all deleted charachters with 0's and 1's, and then defragging the hard drive. I currently have Spybot and Avast installed to keep the germs away.... do you think I have a good chance to install and configure Tor correctly?

I would volunteer to be a relay if I had the knowledge.

August 24, 2009

Permalink

I have been using Tor (TBB 1.2.7) with AddBlock Plus; BetterPrivacy; CookieCuller; CustomizeGoogle; FlashBlock; NoScript; RefControl; and RequestPolicy, with all settings in maximum privacy mode, for about a month with no issues, until tonight. I have all automatic updating (FF & extensions) disabled. When I started Tor this evening, FF informed me that one new extension had been added. When I reviewed the list, I found that _something_ had caused MS .Net Extensions add-on to be installed into portable Firefox in this bundle. I'm not reporting this as Tor bug since it may be (probably is) something that went wrong elsewhere (either with one of the "foreign" browser extensions or with Windows XP itself), nevertheless it was more than a bit disconcerting to have that happen. If I find any more information that sheds light on this, I will report it.

February 01, 2010

Permalink

Hello
When I connect to a blog or forum through Tor Polipo and Vidalia my local time appears on their sitemeter and with little search they can guess it's me . Different countries but same time zone inaccurate with country exit and same configuration of PC . Is there a way to change the time accordingly to exit country to be really anonymous? Thank you.
PS: Sorry I posted this already on the ''conversation with a donor'' page and it was not the right place.

May 11, 2011

Permalink

The Tor Network Map used to show 3 nodes per connection on the bottom right column. But as of 1.3.24 (Windows) some connections show only 2 nodes. Is this okay or is it that i missed noticing it earlier ?
Thanks.