Tor Browser Bundle 3.5 is released

Update 12/20: Test builds of Pluggable Transport bundles are now available. See inline and see the FAQ link for more details.

The 2.x stable series of the Tor Browser Bundle has officially been deprecated, and all users are encouraged to upgrade to the 3.5 series.

Packages are now available from the Tor download page as well as the Tor Package archive.

For now, the Pluggable Transports-capable TBB is still a separate package, maintained by David Fifield. Download them here: https://people.torproject.org/~dcf/pt-bundle/3.5-pt20131217/. We hope to have combined packages available in a beta soon.

For people already using TBB 3.5rc1, the changes are not substantial, and are included below.

However, for users of TBB 2.x and 3.0, this release includes important security updates to Firefox. All users are strongly encouraged to update immediately, as we will not be making further releases in the 2.x or 3.0 series.

In terms of user-facing changes from TBB 2.x, the 3.x series primarily features the replacement of Vidalia with a Firefox-based Tor controller called Tor Launcher. This has resulted in a vast decrease in startup times, and a vast increase in usability. We have also begun work on an FAQ page to handle common questions arising from this transition -- where Vidalia went, how to disable JavaScript, how to check signatures, etc.

The complete changelog for the 3.x series describes the changes since 2.x.

The set of changes since the 3.5rc1 release is:

  • All Platforms
    • Update Tor to 0.2.4.19
    • Update Tor Launcher to 0.2.4.2
      • Bug 10382: Fix a Tor Launcher hang on TBB exit
    • Update Torbutton to 1.6.5.2
      • Misc: Switch update download URL back to download-easy

At that link it says:

"Where did the world map (Vidalia) go?

Vidalia has been replaced with Tor Launcher, which is a Firefox extension that provides similar functionality. Unfortunately, circuit status reporting is still missing, but we are working on providing it. "

My strong suggestion and humble request is that you provide it again very, very soon because without allowing users ther transparency to physically see the built circuits, userrs will feel nothing but suspicious of torproject having been pawned by the evil NSA deamons who seek to destroy the liberty of billions....

Anonymous

December 21, 2013

Permalink

Idea about new install package (I mean Nullsoft Install System) - IT'S VERY VERY BAD IDEA. Not portable - S**K. Please make 7z.
P.S. Sorry for my bad English.

Anonymous

December 21, 2013

Permalink

I'm using Tor 3.5 Windows version.

I can't get the Tor browser settings to work as they should, it won't save any cookies at all or if it does I can't view them (I see that part has already been mentioned) but also if I set the Tor browser options to Use custom settings for history and then also set Accept third-party cookies to "Never" it won't save the setting, it just resets back to never remember History the next time I check the setting, *After saying that I now can't get it to save the setting back to "Never remember history" so I don't know what's going on with it.

Anonymous

December 21, 2013

Permalink

I just checked perfomance of TOR browser on XP with two different versions of TOR browser
2.3.25-13 - work smoothly and fast
3.5 - work laggy, heavy load of processor

Why new TOR browser now works so badly ?

Anonymous

December 21, 2013

Permalink

As someone who is not a techie, this new version is a nightmare. I deleted the old tor browser on my computer when told there was an updated version (I run fedora) and downloaded the new one. When I open Tor Browser, it instantly says "Tor unexpectedly exited" and I know no way to fix this. I cannot re-install the old packages. Now I have no way to be anonymous online without spending hours banging my head against a screen and probably failing anyway because I am not literate in the technical conversations taking place here. I essentially have no way to use tor now. This is so frustrating.

This was happening to me too... but I realized I'd quit the old browser but still had Vidalia open. As soon as I quit everything else, it worked fine.

I have the same problem. Using a live USB running Precise Puppy v5.4 on a 32 bit PC I was very comfortable installing the frequent Tor updates over the last couple of years. This v3.5 downloads ok, but says "Tor unexpectedly exited" when you try to start it. I am not a techie and cannot fix this, or find an answer on the web. Any ideas anyone?

Anonymous

December 21, 2013

Permalink

why everytiime i download the version 3.5 i am getting the tor but when i check the application to start it say made in 1999 or its old as fuck someone help me out here i have been trying to get this update for a couple of days now

Anonymous

December 21, 2013

Permalink

This just in...

The release of Tor 3.5 (aka New Coke, Windows 8, etc.) has many users baffled where the Vidalia control panel as gone. Many users seem blind-sighted (aka struck by surprise from an unexpected direction). With all the confusion and frustration being expressed by it's user base, it waits to be seen if the developers will be soon releasing a Classic Tor or Tor Blue version within the coming weeks.

More news at 11...

Well, maybe you like the Vidalia standalone bundle?

Or maybe you would like to help maintain a bundle you prefer better, starting with fixing the growing set of bugs in Vidalia, which has alas been unmaintained for years?

Also, it's "blind-sided", not blind-sighted -- but let me take this opportunity to tell everybody to read Peter Watts's great book "Blindsight". :)

Vidalia Control Panel can still be manually loaded AFTER connection is established with Tor 3.5.
Download Vidalia Standalone from:
https://people.torproject.org/~erinn/vidalia-standalone-bundles/

The Tor Project has replaced Vidalia with a Firefox Plugin known as TorLauncher. A major reason being cited is because Tor loads faster this way, and indeed it does seem to. I still like Vidalia and still use it to view my Network Map, Tor bandwidth, to switch relay services on/off, and change other settings.

Anonymous

December 21, 2013

Permalink

The new version seems also to make trouble on sites with crappy old/weak TLS logins. Maybe an issue of FF or its cookie handling??? TBB Refuses connection without warnings or errors. So what are the options if you want to use a login on these particular sites? Using the old version of TBB with support of "bad cryptography" or using the new TBB with no cryptography (using unsecured http login)? Bruce Schneier has his personal opinion about this topic.

It seems to be more like a problem with cookie handling in private mode. After unchecking the Torbutton options "Don't record browsing history or website data (enables Private Browsing Mode)" all seems to be OK. Also the FF option under Privacy "Accept cookies from sites" have to be checked. 3rd-party cookies can be disabled. Is it also possible, that this preference is not corresponding with the Torbutton option "Restrict third party cookies and other tracking"?
If the FF option (also Privacy) "Always use private browsing mode" is checked no cookies are listed under "show Cookies...", if unchecked cookies are listed.

Anonymous

December 21, 2013

Permalink

This whole FF issue with removing the javascript preference in the content tab, coupled with the cookie "haze", should be viewed with suspicion. Sure, you can supposedly still disable JS by doing the about:config thing, but a lot of, if not most, people are going to trust in Tor or Noscript or whatever.

One can rightly say that not all exploits and other crap use javascript to execute, but JS is the easiest vector to manipulate to unmask people. That is Exactly why the NSA and the UK people use it.

Perhaps the tor project should look into partnering with other browsers that don't make it hard for the ordinary layperson to disable JS and cookies.

It was always understood as a FUNDAMENTAL thing - if you wat to surf safe, disable JS and cookies. Any org that makes it more and more difficult to do these basic things should be viewed suspiciously.

The other browsers lock down extensions even more in terms of what they can do to change browser behavior -- so a lot of the contortions that Tor Browser Button goes through:
https://www.torproject.org/torbutton/en/design/
https://www.torproject.org/projects/torbrowser/design/
are downright impossible in things like Chrome without a huge amount of rewriting (which in turn means that when they change their code your patch breaks).

https://www.torproject.org/docs/faq#TBBOtherBrowser
points to
https://blog.torproject.org/blog/google-chrome-incognito-mode-tor-and-f…
which lists some Chrome bugs that remain blockers for moving TBB to Chrome.

Unless you had a different free-software browser in mind?

Anonymous

December 21, 2013

Permalink

Isn't it kind of funny how people have such an emotional attachment to a simple utility like Vidalia? For years it's served as their assurance that everything is right in onionland and taking it away is like removing a baby from his mother's nipple. A valuable lesson for software projects...

In all seriousness arma deserves a round of applause for dealing with very frustrated people in such a friendly way.

... and users deserve to be able to see for themselves that a three hop circuit has been built over three different continents as apposed to not being able to see... leaving open the possibility of a one or two hop circuit with entry and exits both within the USA's cess pool of a country along with the inherrant likihood that the NSA will own one or both of those servers.

Unless I have been allowed the opportunity by the developers to see for myself the built cuirciuts (as used to be the case), I cannot have any confidence in tor because transparency is essential to trust.

First, you're welcome to hook up Vidalia and resume watching your circuits (see above FAQ). I hope we'll have that functionality in Tor Launcher soon too.

Second, you should learn more about Internet routing -- if you think that "has three relays in US" is unsafe and "has not all three relays in US" is safe, you're doing it wrong. :( The question is what networks the *links between relays* traverse. For example, traffic from Ecuador to Peru often goes through Miami. The Internet is centralized in a really scary way.

See also
http://freehaven.net/anonbib/#feamster:wpes2004
which led to
http://freehaven.net/anonbib/#ccs2013-usersrouted
which led to
https://blog.torproject.org/blog/improving-tors-anonymity-changing-guar…

Thanks.

What you're not seeing here is all the frustrated people who have been dealing with all the Vidalia bugs over the years (yes, actually years) that it's been unmaintained and rotting.

Totally agree.... torproject should lead by example in not forcing surfers to enable JavaScript.

I for one prefer to NEVER enable JS if at all possible for obvious reasons such as the NSA's MITM attacks seamlessly redirecting you to a Foxacid server to be fuggin owned regardless of the fact that the site you were attempting to view might have had a harmless JS script, the JS that that MITM page contains or calls may well not be benign and in fact likely will be malicious if it is from the NSA (Never Serve America).

In simple terms, leaving JS enabled even for sites you trust like Goggle (if your a dumb F@%K) or even DuckDuckgo or torproject leaves you completely open to the most malicious and 0-day JS out there if the NSA uses their fraudulent, stolen and illegitimate privileged positions on the WWW backbone to MITM or MOTS you.

Therefore torproject should NOT publish html pages with functionalities that are essential to users of the software that ONLY operate if JS is enabled.

Come on, get serious guys, not only should you lead by example with your own site by rejecting mandatory JS functionalities, you should adopt the policy of recommending to all your industry peers to do the same with their websites.

First, as far as I understand the Quantum attacks don't rely on Javascript in any way. Though I'll grant you that some of the Foxacid exploits use them -- but seriously, if that's your adversary, these people have like a 7 or 8 figure budget for buying browser exploits. We need way way better sandboxing in general before we can have those conversations.

As for whether atlas or globe use Javascript... they were both written by nice volunteers, and now we point people at them because we don't have better ones. If you want them to work better without Javascript, become one of the nice volunteers!

I guess we could throw them away, but there would be a lot more people yelling about "what did you do with atlas" than there are currently yelling about "omg atlas uses javascript".

Also, throwing away things written by nice volunteers is not a good way to have a community.

I understand and appreciate your point, it's a valid point, throwing away things written by nice volunteers is not a good way to have a community.

However I think that you are dangerously misplaced in so far as your assessment of the potential and actual harms in the situation being discussed.

Yes, the NSA is my and every bodies adversary because they are the predominant force committing these illegal and damaging hacks.

You might have given up any hope of defending from them, but thank god that many/most of us have not and never will.

Whatever can be done to defend, should be done, simple.

Even if it is just to defend against the NSA finding out one little minor piece of personal info that is not really vital or damaging because it is NONE OF THEIR DAMN BUSINESS and they are doing both minor and major infractions of privacy to MILLIONS of individuals daily adding up to untold and gargantuan suffering/hurt/harm amongst unsuspecting innocent humans both men, women and children.

Therefore, such things as a few hurt feelings that may be felt by a volunteer who's creation is removed or modified simply pales in comparison to the truly deeply damaging outcomes that can and do occur when the NSA gets root on a Linux box or drops a Trojan on a Winblows box.

I'm thinking of a activist who is working to promote knowledge amongst the general population of the systematic yet semi-covert stripping of the few remaining civil rights of the citizen against the unlimited power of the state.

The NSA identifies this individual via the repeated keywords of interest like 'civil liberties', 'protest', 'freedoms', 'tyrannic' etc etc that it keeps pulling from data steams of this individuals internet activities via Deep packet inspection using its fiber splitters in its secret rooms at the major ISP's

It then performs a MITM on this individual, redirecting them to a Foxacid server and uses a 0-day to compromise their OS.

From there, analysts pour over the PC's contents, determine that this individual is indeed a determined champion of personal liberties and is actively taking daily measures to work towards thwarting Big Govts Orwellian agenda.

The NSA then decides that this individual is a true threat to the Govt's planned totalitarian dictatorship and so contacts the FBI and hands over a dossier of info from the compromised PC (planted illegal materials) along with giving the FBI the PC's encryption key that they obtained from RAM.

They instruct the FBI to use 'parallel construction' to recreate the investigation trail to say that they obtained the password voluntarily from the PC's owner in a their word against ours scenario and proceed to federally prosecute the poor individual for whatever they planted on the PC.

They successfully remove the threat to their most evil plans.

All that is not to mention, senators whos PC's are breached and secrets stolen and used to blackmail them into silence and compliance in voting for whatever bills the blackmailers want them to vote on or reject.

Why do you think that congress recently just gave the NSA an additional 60 MILLION to spend on tightening security against whistle blowers ? No senator is going to vote for that of their own free will, just look at the slow turn of the tide of opinion amongst congressmen towards wanting to rein in the NSA. Knowing it is wrong and wanting to rein it in is their true desire from day one and is naturally showing through in time, voting to give the NSA an additional 50 Million to secure against future leaker's was blackmail.

Then there is journalists being blackmailed to maintain silence of sensitive issues that the public needs to know, political dissidents in cruel regimes being exposed and jailed or killed, there is non-violent drug users being prosecuted and jailed as a result of NSA snooping and subsequent FBI 'parallel construction' to recreate the investigation trail.

All that stuff is not conspiracy theories any more, it is known to be occurring as a matter of course on a daily basis, its info that is in the public domain now owing to the numerous and various disparate articles from both the mainstream media such as the guardian and WSJ and the independent media that is taking over, pulled together, the picture is that the articles show its all been going on for over a decade to the point where FBI sources have even been quoted normalizing it as routine.

And not surprisingly,sweet bugger all terrorists are being caught planning to commit terrorist acts other than those that the FBI has created themselves via solicitation and then entrapment.

So you see, a blanked avoidance on JS because of the NSA ability to perform MITM attacks in an automated fashion en mass is a critical and mandatory action that the entire WWW community need to adopt ASAP.

I don't see it as a choice, but a fundamental necessity to curtail the NSA's abilities.

No time to proof read this now, gotta run.

These things keep me up at night too. They're a big part of why many people work on Tor.

If turning off atlas.torproject.org would have any real impact on them, I would totally do it. But that makes no sense.

Um, I think that turning off atlas.torproject.org is only one action recommended as a part of a much wider plan strategy

It seems to me, and I agree with him/her on this wholeheartedly, that what they are trying to get across is that the very existence of and use of JS in web browsers is the major facilitator allowing the NSA to exploit innocent persons computers.

He/she then states "So you see, a blanked avoidance on JS because of the NSA ability to perform MITM attacks in an automated fashion en mass is a critical and mandatory action that the entire WWW community need to adopt ASAP. I don't see it as a choice, but a fundamental necessity to curtail the NSA's abilities."

I think the word 'blanket' rather than 'blanked' was intended in the quote above, but anyway, this person appears not only to be saying that atlas.torproject.org should be removed or a non JavaScript version implemented,but that JavaScript should be black banned and consciously shunned universally, by all WWW users, webmasters, and so on until it can be removed entirely as a specification from the Internet and web browsers for the express purpose of destroying a large percentage of the attack surface that the NSA uses to compromise systems.

That appears to me to be a great idea because it is one of very few actually effective measures that could be taken if we have the collective will.

In that sense, removing atlas seems like a desirable step amongst many millions of additional similar desirable steps..

Makes sense.

That said, I'm still unconvinced that this is where the fight is. For example, Flash has way more problems than JavaScript. The world is slowly winning the fight to make websites not expect that users will run Flash, but we have a long way to go.

*That* said, you have reminded me of another reason why the relay-search feature is useful: it does a bit of what atlas and globe do without demanding Javascript. I've added that point to the thread:
https://lists.torproject.org/pipermail/tor-talk/2013-December/031310.ht…

And see also
https://trac.torproject.org/projects/tor/ticket/10407

I know this is getting way off topic, so I'll make this my last comment here...

I think that YOU arma should use YOUR influence as being an insider within torproject to convince others that what the person above said needs to happen, and needs to happen ASAP.

Meaning, the torproject in collaboration with EFF and Mozilla and perhaps others could campaign to the rest of the WWW the critical importance of ridding the WWW of JS and Flash as a first priority above all else !

It is no secret that most of the technologies comprising the WWW were developed informally, outside governing bodies and in a ad-hock manner and by multiple different organizations. The WWW like most older cities in the world is a mess because it was not 'planned' from the beginning, but rather just developed piecemeal as it grew.

It need to be fixed properly, broken technologies need to be scrapped. The WWW will NEVER be able to be corrected by applying patches upon patches to technologies that are fundamentally flawed.

We got along just fine before JS and Flash were implemented into the WWW and could do so again by replacing them with style sheets and using only 'server side' scripting that stays out of the web browser until a properly developed and secured alternative using technologies that were not around when JS and Flash were created like strong sand-boxing, crypto and VM's or similar.

JS and Flash cannot now have these new technologies easily built into them given they were not in existence when JS and Flash's architectures were created so JS and Flash MUST GO, they're usefulness is over and they are now nothing but a serious liability that are very obviously undermining the WWW across the board.

Thinking about it, bandwidth has increased 100 fold over the last decade, so there is no reason that ALL scripting could not be done server side because nowadays any delays are virtually negligible for such small data streams as the output from a script run on a remote server. This would completely bypass an entire category of security vulnerabilities that now exist because these technologies are parsed within the browser on the clients PC.

If people like you and others in positions of influence don't get behind these principles, we will continue to have an insecure and broken WWW that unimaginably evil entities like the NSA can continue with impunity to exploit to inflict damage upon innocent persons en-mass in an completely automated fashion.

Can you imagine what a victory for individual and collective liberty it will be if we can stop the NSA dead in its tracks within only a couple of short months !

...you may say I'm a dreamer.... but I'm not the only one... i hope some day you'll join us.... and the world will be as one :) !

RT

Tor cells are 512 bytes, and Tor data cells use 498 of those 512 bytes for payload (that is, application-level traffic). So if you're sending an http get request and it takes 100 bytes, Tor still sends that in a 512-byte cell, leading to around 20% fullness in that data cell.

If most people are fetching medium to large things then the exit relays will generally see an average cell fullness near 100%, since most of the time there's a whole cell worth of data waiting to be "packaged".

I suggest asking for more details on irc, since the blog comments here aren't a great medium for this sort of question.

Anonymous

December 21, 2013

Permalink

I used to monitor the logs output from the control panel to confirm that my custom torcc file was parsed correctly and to confirm no other errors occurred that may concern me during startup and the building of a circuit etc.

I am not pleased to lose that ability... perhaps a little more brainstorming the consequences is in order before removing functionality from the software.

If you're launching TBB from the command line, it leaves Tor's log going to stdout (i.e. the terminal). I use that feature on Linux and hopefully it works on OS X too.

To see logs after startup, hooking up Vidalia to your TBB should work:
https://trac.torproject.org/projects/tor/wiki/doc/TorBrowserBundle3FAQ#…

But to see logs *during* startup, it probably won't do what you want. In that case your best bet for now is to add log lines to your torrc manually:
https://www.torproject.org/docs/faq#Logs
and in the long run to help encourage the Tor Launcher developers to make it easier for you to view messages and events from Tor.

Oh, and I should add that Tor launcher already has a "copy the logs to the clipboard" button, which you can use and then paste them into a text file to read. Not a great UI I agree, but it's there now.

Anonymous

December 21, 2013

Permalink

@arma I appreciate the humility and mirth with which you've fielded so many user comments on this issue, but I have a question the FAQ doesn't speak to:

For users seeking to reduce their attack surface, it seems as though exclusively relying on NoScript to disable javascript functionality may or may not defend against all javascript-based Firefox exploits, which seems to be what most grumpy users are concerned about.

So if a users wants to *completely* disable javascript, is there any potential value in *also* going to about:config in TBB, then typing in javascript.enabled, and then toggling the option to "disabled"?