Tor Browser in numbers
Tor Browser is the secure and anonymous way to browse the web and access onion services. Tor Metrics' new visualization of Tor Browser downloads and updates shows that Tor Browser is downloaded 100,000 times from the Tor website every day! These could be new Tor users or existing users who are downloading it again.
The Signature downloads subgraph shows that between 5,000 and 15,000 users per day tried to verify that Tor Browser was signed by our developers after downloading it. Verifying the signature is the surest way to know that that executable is the legitimate version from Tor and not a benign or malicious third-party one. It is important to increase the number of users that verify their downloads in the future through education and assistance, and knowing the numbers is the first step.
The Update pings subgraph shows ~2,000,000 checks for a new Tor Browser version being made every day. Each running instance of Tor Browser makes a minimum of two such requests per day, and another request at the start of each session. As of now, we don't have any data on how long a typical Tor Browser session lasts or how often users restart their browser. But the update number is still useful to observe trends. For instance, look at the sharp drop of update pings at the end of January. We don't yet know what happened there, though it coincides with the Tor Browser 6.5 release, and the pattern looks similar to what happened when the first version of the 6.0 series was released. We use these graphs to recognize such anomalies, investigate them, and track our explanations here.
Lastly, the Update requests subgraph shows spikes every few weeks with peaks between 750,000 and 1,000,000 requests. This happens when a new Tor Browser version is released, which tells us that automated updates are working!
We sourced the data used above from Tor Project web server logs. Don't worry—we don't record what we do not need (your IP addresses or time of day of requests) and remove potentially identifying information (such as request parameters and the user agent string) before processing. We also delete the original logs afterwards and only keep a sanitized version.
Come back to Tor Metrics often! All of our graphs and tables are updated daily, and we are working to add additional ones in the future. We also encourage you to dig through the data we use and tell us if you find something interesting.
We would like to thank the generous community donations for funding our work. Donations to Tor Project not only help fund new work, but lessen our dependencies on institutions for funding. Keep us independent by donating today!
This seems unrelated to Tor Browser metrics based on sanitized web server logs, but still worth considering for the Tor Browser developers. Thanks for sharing the link.
Thanks. Yes, external applications can bypass Tor Browser's defenses. I just had wished the folks had shown the warning dialog we provide as well in their demo (as they said in the text). But they disabled that one, probably to make the demo fancier. Now it looks like we would just easily allow a user to open an external helper application and boom! Anyway, alas there is not much we can do here.
"TorBrowser does warn you that 3rd party files can expose your IP address and should be accessed in tails. This is not an attack against Tor or the TorBrowser directly but a useful way that could be leveraged to identify people attempting to access illegal media content."
It's not a vulnerability, just social engineering.