New Release: Tor Browser 8.5a1

by boklm | September 5, 2018

Tor Browser 8.5a1 is now available from the Tor Browser Project page and also from our distribution directory.

This release features important security updates to Firefox.

Tor Browser 8.5a1 is the first alpha release in the 8.5 series. It contains all the improvements from the new 8.0 release. In addition, we updated Tor to 0.3.4.7-rc and fixed an issue with Moat when a meek bridge has been configured.

The full changelog since Tor Browser 8.0a10 is:

  • All platforms
    • Update Firefox to 60.2.0esr
    • Update Tor to 0.3.4.7-rc
    • Update OpenSSL to 1.0.2p
    • Update Torbutton to 2.0.6
      • Bug 27401: Start listening for NoScript before it loads
      • Bug 27276: Adapt to new NoScript messaging protocol
      • Bug 26884: Use Torbutton to provide security slider on mobile
      • Bug 26962: Circuit display onboarding
      • Bug 26520: Fix sec slider/NoScript for TOR_SKIP_LAUNCH=1
      • Bug 26490: Remove the security slider notification
      • Bug 27301: Improve about:tor behavior and appearance
      • Bug 27097: Add text for Tor News signup widget
      • Bug 27214: Improve the onboarding text
      • Translations update
    • Update Tor Launcher to 0.2.16.4
      • Bug 25405: Cannot use Moat if a meek bridge is configured
      • Bug 27392: Update Moat URLs
      • Translations update
    • Update HTTPS Everywhere to 2018.8.22
    • Update NoScript to 10.1.9.1
    • Bug 26962: New feature onboarding
    • Bug 27403: The onboarding bubble is not always displayed
    • Bug 27283: Fix first-party isolation for UI tour
    • Bug 27213: Update about:tbupdate to new (about:tor) layout
    • Bug 26670: Make canvas permission prompt respect first-party isolation
    • Bug 26561: .onion images are not displayed
    • Bug 21787: Spoof en-US for date picker
    • Bug 21607: Disable WebVR for now until it is properly audited
    • Bug 21549: Disable wasm for now until it is properly audited
    • Bug 26614: Disable Web Authentication API until it is properly audited
    • Bug 27281: Enable Reader View mode again
    • Bug 26114: Don't expose navigator.mozAddonManager to websites
    • Bug 26048: Fix potentially confusing "restart to update" message
    • Bug 27221: Purge startup cache if Tor Browser version changed
    • Bug 26049: Reduce delay for showing update prompt to 1 hour
    • Bug 25405: Cannot use Moat if a meek bridge is configured
    • Bug 27268+27257+27262+26603 : Preferences clean-up
  • Windows
    • Bug 26381: Work around endless loop during page load and about:tor not loading
    • Bug 27411: Fix broken security slider and NoScript interaction on Windows
  • Build System
    • All Platforms
      • Bug 27061: Enable verification of langpacks checksums
      • Bug 27178+27179: Add support for xz compression in mar files

Comments

Please note that the comment area below has been archived.

No one special (not verified) said:

September 08, 2018

Permalink

+1 +1 +1 Please.

It seems to me that such an important, potentially identifying, fault must be rectified asap.
Thank you

Onde (not verified) said:

September 05, 2018

Permalink

How can i enable flash on tor? Some people are telling me it'll lower my privacy quality, but, i don't care. I just want to know if it can be done. With this new browser update, i'm hoping it'll be possible.

Anonymous (not verified) said:

September 05, 2018

Permalink

If I edited an about:config option to comply with a bug patch before the patch made it into a release, will the option continue to be updated by future automatic updates? Or should I do a fresh install?

We don't overwrite preference changes you made during an update as we don't touch your user profile (except for updating the extensions we ship). So, whatever you changed will still be there.

Anonymous (not verified) said:

September 05, 2018

Permalink

TB 8.5a stopped showing my bookmarks on the Bookmarks Toolbar, though they are still accessible from the Bookmarks==>Bookmarks Toolbar menu.
TB8.5a1 did not fix this as I hoped.
Please?

Anonymous (not verified) said:

September 05, 2018

Permalink

I'm using uMatrix add-on to block the 3-rd party requests that NoScript doesn't show, and recently noticed that uMatrix blocks the CSP requests created by NoScript. Details: https://github.com/gorhill/uBlock/issues/3260

[...] when a site [...] is blocked in NoScript, noscript.net appears as a blocked third-party domain in uBO's panel (and allowing it doesn't do nothing, i.e. still red/blocked).
[...]
NoScript's CSP reports only fire when the first party domain is not whitelisted in NoScript. This might result in fake-domain.noscript.net being able to reconstruct the browsing history
[...]
According to a statement from [NoScript's author] Giorgio Maone there's no privacy issue (browser history leakage):

"fake-domain.noscript.net", as the name implies, is a domain which does not resolve to anything, and since noscript.net is under my control I can make sure nobody makes it real domain. It's used as the report URI for the script-blocking CSP, in order to catch LOCALLY whatever has been blocked by NoScript and show it in the UI. As soon as the request is initiated, is processed LOCALLY by NoScript and blocked, so the information never leaves the browser. If, by accident (e.g. because you disable NoScript while a page with the CSP loaded is still active) the CSP report is fired and not caught, as I said the domain doesn't resolve and the request just times out."

uMatrix shows this well - if you use it, but most users won't see this.

Question: Are TorBrowser users left to trust that NoScript CSP requests will:

  • ALWAYS stay local,
  • their destination site will ALWAYS be unresolvable,
  • the future updates WILL NEVER CHANGE THAT,
  • there will be NO EXPLOITS of these CSP tricks revealing the browsing history,
  • etc., etc.

Is anyone going to verify these statements?
Who's going to (every day) check that the formerly venomous snake released in your house still does not bite?
Perhaps TorBrowser can use a bit more sanity?

Jack (not verified) said:

September 06, 2018

Permalink

Can't open certain pages with the new Tor 8.0. Can't change channels nor see which countries I'm using to access the internet anymore. Can't stay downgraded 'cause of automatic updates. It gets more complicated. Don't like these changes.

Which pages do not work? Could you give me an example? The circuit display moved to the "lock" icon in your URL bar to give you the circuit for that particular site. What do you mean with "Can't change channels"?

Anonymous (not verified) said:

September 07, 2018

Permalink

In 7.5.. was a line in the menu saying "change channels for this page", I guess he means the circuit display

"Can't open certain pages" is vague.
Do you see error messages?
If tab shows only what looks like blank white space without any messages, try looking for indications of the problem by using "view page source" (view-source) command.

Hej Jack, you can monitor the countries "you're using" by clicking site information. It's just relocated. Automatic updates can be deactivated in "Preferences". In the end it's not more complicated just a bit new. try it.

"you can monitor the countries "you're using" by clicking site information"

Site information???? Where the hell is that??? There is no "site information" aviable in the menues I've seen

Anonymous (not verified) said:

September 06, 2018

Permalink

Where the hell is "New identity" and "New circuit for this site" button? Wow, thanks.

One location for both is the hamburger menu. You get the circuit as well by clicking on the "lock" icon in the URL bar (see the user onboarding on the about:tor page for an introduction). We'll add a dedicated "New Identity" button to the toolbar soon, we just did not get the time to finish that before Tor Browser 8 needed to get out.

security level fan (not verified) said:

September 06, 2018

Permalink

Is there any chance that the security levels could also be moved to the hamburger menu? E.g. in the form of a submenu with 3 items for each level and a checkmark next to the current one. That would require one less click and no subwindows to get to the security settings.

Some kind of clear indicator of the current security level (maybe as an emblem over the torbutton icon?) would also make the use of this feature easier. As it is now the user has to spend a few clicks just to learn the current level, not to mention the possibility of loading a page with wrong knowledge of the current level (happens easily when you have to constantly switch between them for different sites).

I find the option of multiple security levels extremely useful in itself, it's just a shame that its UI is not very handy.

pjh (not verified) said:

September 06, 2018

Permalink

Why no Windows Vista compatible version , (I still use Windows Vista) , will this mean that I cannot continue using the old TOR , I really WANT TOR protection.

How should I proceed from here as I do not want to upgrade to the newest version of Windows spyware.

Advice (pretty please).

Thanks.

Firefox, on which Tor Broswer is based, no longer support Vista. Thus, Tor Browser doesn't either.

Please note that Vista no longer receives security updates. I strongly encourage you to update.

Tor Browser has recently upgraded to Firefox ESR 60, which requires at least Windows 7 to run.

If you are concerned the telemetry in Windows 7 and greater could compromise your security, then consider making a Tails live DVD or USB.

sandbox (not verified) said:

September 06, 2018

Permalink

security.sandbox.content.level on windows system is on 2 and not on 5 and now tor browser doesn't work with any another sand-boxing software

You mean having the level set to 5 works but 2 not? Which other sandboxing software are you talking about? FWIW: we think we have a fix for the issue that made sandboxing level 2 necessary for us. Should be released with Tor Browser 8.0.1.

Sandbox (not verified) said:

September 07, 2018

Permalink

Hello, no what i meant was that 2 is not as secure as 5, the sandbox software is Sandboxie, but actually with 32 bit version of tor browser it does work
Thanks for the Tor Browser 8.0.1 info

Anonymous (not verified) said:

September 06, 2018

Permalink

New Tor Browser doesn't allow / blocks(?) Google Captcha, it loads forever and doesn't show the images.

The version 7.5.6 had a better solution for this. The information was shown with the tor icon. All tor settings were together. This was a better solution.

1 (not verified) said:

September 06, 2018

Permalink

Problem after log in with facebook.com or facebookcorewwwi.onion. Pops dialog box Firefox.exe - Application error, The execption unknown software exception (0x400......) occured in the application at location 0x......, Click on ok to terminate the program. Won't work after reinstall tor or anything and same problem with friend who update his browser today.

1 (not verified) said:

September 08, 2018

Permalink

Windows 7 and tor just updated few days ago, with latest new release and tor is up to date. You just need to login facebook and after few seconds when it opens your main page it pops the same dialog box with application error, then clicking ok and it says Gah - Your tab just crashed, when restore this tab this same application error box instantly pops out and it happens over and over again. Other web pages working fine with new tor browser release, but only this facebook page error.

I just tested it on a Windows 7 machine and it is working fine for me. Can you try a clean, new Tor Browser in a different location? Do you see the same problem? Is that a 32bit or a 64bit Tor Browser? (We offer now 64bit versions which might solve your problem in case it is related to limited memory available)

1 (not verified) said:

September 11, 2018

Permalink

It was tor stable 8.0 version problem, it is latest automatic update version? Now I manually downloading tor 8.5a1 64-bit experimental and everything working fine. Thank you for responding and sorry for confusing wrong topic, was thinking it was updating to 8.5a1.

jack (not verified) said:

September 06, 2018

Permalink

this new version refuses to honor my configuration; to wit, colors. I have it set to use system colors, I also tried changing background/text colors, nothing has been affected by any changes. The background is white and the text is black and I repeatedly told it not to do that. As TOR is too painful to look at as of today, I personally consider this a critical bug.

jack (not verified) said:

September 06, 2018

Permalink

Just wrote about color UI, finally fixed it -- it's not in the settings menu, but requires making changes in the about:config page

Search for 'color', leave ui.use_native_colors alone ('true') but set
ui.use_standins_for_native_colors : false
*then* in options, set colors to 'use system' and override: always
( browser.display.document_color_use;2 )

M-Bolism (not verified) said:

September 06, 2018

Permalink

Freaking people out by hiding so many essential details in the "Lock" and "Customize" areas was a bad idea. Late newsflash - most people despise the new Firefox design, they are calling for a return to the simpler more user-friendly version

John (not verified) said:

September 06, 2018

Permalink

It used to be that if you left clicked on a page you would have the option with noscript to either allow or disallow scripts on the page you are on. That option has disappeared now if you left click there is just a symbol for noscript but no options like before. It seems much more confusing now, and I have found even without granting permissions media is playing on pages now. Why the change?

onlyme (not verified) said:

September 06, 2018

Permalink

TOR does not load. I can however get the following report.

[NOTICE] Bootstrapped 85%: Finishing handshake with first hop
9/7/18, 05:12:27.570 [NOTICE] Bootstrapped 90%: Establishing a Tor circuit
9/7/18, 05:12:27.676 [WARN] Rejecting SOCKS request for anonymous connection to private address [scrubbed].
9/7/18, 05:12:28.704 [NOTICE] Tor has successfully opened a circuit. Looks like client functionality is working.
9/7/18, 05:12:28.704 [NOTICE] Bootstrapped 100%: Done

bb (not verified) said:

September 07, 2018

Permalink

just updated to version 8, now browser won't work. message window opens saying: tor unexpectedly exited… pressing button: [Restart Tor] doesn't restart or open Tor. am running on Mac OS 10.9.5. help would be really nice.

Yes, that's an unfortunate bug as the current stable Tor version we ship is missing a patch to make it compatible with macOS 10.9 (which, by the way, does not get security updates anymore for two years). This will be fixed in Tor Browser 8.0.1, though. Meanwhile you can use Tor Browser 8.5a1 (https://sedvblmbog.tudasnich.de/projects/torbrowser.html.en#downloads-alpha), the alpha version which is almost the same as Tor Browser 8.0 but with a newer Tor version which contains the fix. Sorry for the inconvenience.

Anonymous (not verified) said:

September 07, 2018

Permalink

Disabled 3rd party cookies? Great, but what about all other elements from 3rd party sites? Loading any element from them leaves some fingerprint.
Another Firefox add-on, uMatrix, when installed together with NoScript, reveals a lot more linked sites that NoScript doesn't (try and compare at various sites). What's more, you can block those additional 3rd party elements from uMatrix (proof: the page often looks different after reloading), while NoScript seems to quietly allow them all.

I have the same problem. I save a website "Save Page As..." and it does not download the website. The pictures are missing and the layout is totally messed up. This error can be reproduced on most websites. Additionally, there is no need to download the website a second time. Just save it from the browsers cache.

cedric (not verified) said:

September 07, 2018

Permalink

le navigateur Tor déjà installé ne veut plus s'ouvrir après la dernière mise à jour. Je suis sur Mac os 10.9.5 .

jackiechan (not verified) said:

September 07, 2018

Permalink

always the useragent not possible change, WTF ? all work fine with the old version, now the useragent is the real !!!!

Help (not verified) said:

September 07, 2018

Permalink

Исправьте пожалуйста fix, после нового обновление на ubuntu, пропал значёк картинки тора зелёного , и стоит вопросительный знак серого цвета+ тор плохо очень грузит

Orka! (not verified) said:

September 07, 2018

Permalink

When i try to verify the signature of the package i get a error message:

Verify signatures failed: error while opening file. I use Ubuntu 16.04

Thanks

OnionDroid (not verified) said:

September 07, 2018

Permalink

I just recently updated to the latest TB & heres my problem

1. Useragent cannot be spoofed manually
2. Sandbox mode keep TB tabs crashing, running to the latest firejail

The UI doesn't interest me, Pls. fix this on your next update, I hope

M-Bolism (not verified) said:

September 07, 2018

Permalink

We've got a bigger problem now...ever since I updated to the new Tor, my PC has slowed down and started "crashing" / "freezing" every few minutes !

What operating system are you running? Windows I guess? You could try a clean 64bit Tor Browser bundle for Windows as it is said that Firefox is running much more stable with the 64bit than the 32bit version. That said another issue could be that your Antivirus/Firewall software is causing this. If you have any installed, please test after removing it temporarily (disabling is often not enough).

Anonymous (not verified) said:

September 07, 2018

Permalink

I'm fully aware of this being a Alpha release but why so slow?

1. I miss the Onion, I hope you guys are not removing that! I know about the Update arrow next to the URL lock but that's not the same thing. I wont remove the active website and restart in a new clean window. Also you can't see the countries.

2. I don't know if it's just because it's a alpha but I don't like the look of the new window tabs. They just look so, 1980 look a like. I prefer then being round in the corners with a more modern and a dark layout.

Keep up the good work with giving people privacy and freedom!

Criminals who do stupid shit can go to hell. But for normal people who just want some privacy we really do appreciate all the hard work you guys are doing!

If you agree with me about the last part, scroll up in top of this thread and hit the Donate button!
$1 is enough if everyone does it! Not much to ask for comparing for what you get in return for FREE!

Tommy785 (not verified) said:

September 07, 2018

Permalink

The Javascript error message is backwards. It says it's enabled when it's not and then it says it's not enabled when it is. It's programmed backwards with the new update. You should do a reverse update and bring back the old Tor.

This is the error. It's backwards:
You have JavaScript enabled, you are putting yourself at risk! Please disable it immediately!"

Where can I see this error message?

EDIT: Oh, I see. That's nothing we did but the website owner. If you don't like JavaScript disabled there is the security slider (see the onboarding in the upper left on the about:tor page) to change that.

Anonymous (not verified) said:

September 07, 2018

Permalink

I have problems everywhere with this new update, you are sure this isn't the beta tor browser released as stable ?

You just posted this comment in the alpha release blog post but I guess you are using Tor Browser 8.0? A good first start would be giving us some hints about your problems and your operating system you are using. Without that it's hard to explain things or help you.

tor (not verified) said:

September 08, 2018

Permalink

right click dont work on some sites = cant use wiew img or open in new tab so on .... left click = open several new windows in backgrond pop ups ... and need confirm every closing of window ... cant use this ver. like a virus .. what to do ?

Anonymous (not verified) said:

September 08, 2018

Permalink

no script is not keeping changes in its options, after restarting tor browser settings return to default.

tst (not verified) said:

September 08, 2018

Permalink

In the old tor i could see and chose witch circuit i want to use. Speed and so on.
Not its gone?
and i get the same circuit all the time and it also stands
"your guard node may not change" what and how to i change or chose another one

jim (not verified) said:

September 08, 2018

Permalink

I wouldn't be suprised if this release is full of exploit, the new Tor Browser is shit made by idiots or feds

Noscript work 50% of the time, tracker protection and DNT are not by default, duckduckgo as search engine (us based) etc
EDIT : IT ALSO LEAK YOUR NUMBERS OF CPU CORES AND OS, DON'T USE THE UPDATE

I feel its anonymity aspect has been compromised. This update is sloppy as a mother fucker
compromised by insiders

Yes, this new update is very buggy. It's not a good update at all. The Javascript error message is backwards. I really think this update was programmed by a bunch of elementary school students as a school project to teach them to program. It's really bad. Tor really should do a reverse update. Lol. It's bad.

Anonymous (not verified) said:

September 08, 2018

Permalink

NoScript auto-updated today (Sep. 8, 2018), and changed the General "Presets customization" checkboxes for Default and Untrusted. This is bad.

Default preset is now: Frame, Other
Trusted preset is now: Script, Media, Frame, Font, WebGL, Fetch, Other
Untrusted preset is now: Frame

Many sites don't load anymore after NoScript auto-updated unless I manually change the settings back.

5q8ss6f954 (not verified) said:

September 09, 2018

Permalink

The first node which is linked to my browser is always the same. Why is this node not allowed to change? Thank you! :)

Morris (not verified) said:

September 09, 2018

Permalink

I really DO NOT like the new "New identity" and "New circuit for this site" solution! So I will return to the last version before 8! Please change this back to the user friendly button! Thanks

Anonymous (not verified) said:

September 09, 2018

Permalink

New Identity:
[09-09 16:41:50] Torbutton NOTE: Exception on control port [Exception... "Component returned failure code: 0x804b000e (NS_ERROR_NET_TIMEOUT) [nsIBinaryInputStream.readBytes]" nsresult: "0x804b000e (NS_ERROR_NET_TIMEOUT)" location: "JS frame :: chrome://torbutton/content/torbutton.js :: torbutton_socket_readline :: line 707" data: no]

josh (not verified) said:

September 10, 2018

Permalink

getting message saying "Tor unexpectedly quit. This might be due to a bug..."
There no error log though?
Any idea on a fix?

axolotl (not verified) said:

September 10, 2018

Permalink

Hi Tor team, after update to version 8 the tor icon is not available. here is the icon path in desktop file:
Icon=/opt/tor-browser-linux64-7.5.3_en-US/tor-browser_en-US/Browser/browser/icons/mozicon128.png

could you please let me know the new image path in this version?

note: I realize that after last update the folder Icon=/opt/tor-browser-linux64-7.5.3_en-US/tor-browser_en-US/Browser/browser/icons/ is not longer available

thanks in advance

dfjsfklj (not verified) said:

September 11, 2018

Permalink

What I'm seeing with this user agent issue is that Mac users seemed to be the ones that had the compatibility issues and Linux users want the user agent changed back. I'm on Linux, and I've never had any OS compatibility issues with a spoofed Windows UA (probably because Linux is better about interoperability and sticking to standards than any proprietary OS). And even if I did, I would investigate it myself, like most Linux users. The "User will get frustrated and immediately cease usage of the program upon encountering any issues" problem may apply to Mac users, but it doesn't apply to most Linux users (otherwise they wouldn't be using Linux).

There are no downsides to changing it back either; yes, maybe in some cases websites will still be able to detect that you're using Linux, but some won't and even when they do spoofing a Windows UA won't be an issue since every other Tor Browser installation would be doing it too. Meanwhile, as it stands now the anonymity set is split between Linux users not spoofing a Windows UA and the (I assume considerably large) number of Linux users choosing to spoof it (as Linux users tend to be on the tech-savvier side and thus I imagine would have no problem installing an extension). So the problem was made worse and not better by this change, while ignoring the fact that there never was a problem in no-JS contexts.

Overall this change is eroding the trust many of your users have in you to make the most sensible default decisions. And people not trusting Tor Browser and rolling their own to whatever degree is a much bigger threat to its design than whatever esoteric OS fingerprinting issues you're worried about invalidating UA spoofing (which, like I said before, makes no sense anyway as even if your real OS is detected, them knowing you have a spoofed UA means nothing if every other Tor Browser is spoofing it too, just as it was in 7.x), even ignoring the fact that it's just not an issue in most no-JS contexts.

As for me I now have an extension installed to spoof my UA. It's open source but is it trustworthy? Hopefully it is. I gladly uninstalled my last UA spoofing extension years ago and now it feels like a major regression that I feel that I have no choice but to install another one.

Just giving into Mozilla's decision making on this issue is a lame excuse too. Has the Tor Browser team forgotten how to code? What's the point of a browser fork if it's not actually, you know, forked?

Overall I'm just annoyed because the logic behind this decision is so transparently flawed and people trust you to make better decisions than this. People shouldn't have to be investing their time in explaining the obvious to you but apparently they do now. I'm sorry for being snippy but this is a major violation of your mission.

I was already annoyed with you constantly dumbing down things UX-wise for the benefit of people who can't be bothered to read a single full sentence about a system that they're expecting to protect their anonymity (which is pointless as they will invariably find some way to screw things up due to their lack of knowledge no matter how many "dangerous" options you remove), but when it's gotten to the point of actually sacrificing privacy/anonymity because some random bozos report "I can't use my google docs!" (which they're probably signed into with an entirely identifiable account) to you (or some other stupid BS about corporate apps that probably can't even be used anonymously no matter what anyway as they all ask for phone numbers) then it's gone too far.

Maybe you can release two versions of Tor Browser? One for people who know what they're doing, are willing to read, and understand that everything might not work automaticaly, and one that's just Firefox with a pretty shade of green paint over it (which is what Tor Browser is trending toward)? Either way you need to do something to fix this because if you don't, you will eventually end up with the situation I just stated as a de facto reality due to a fork, at which point you will split the anonymity set of Tor users further and lose control over what that new team does. You need to make the right decision now before it's too late.

Anonymous (not verified) said:

September 18, 2018

Permalink

"That said, disabling JavaScript does not prevent OS detection on websites as the font set we ship is differing across platforms."

Browser's fonts can't be detected without javascript, can they?

Anonymous (not verified) said:

September 12, 2018

Permalink

it is open very fast but some web site

littel slow also movies or video slow.

Tor 9 new upgrade coming soon :)

JD (not verified) said:

September 12, 2018

Permalink

The new NoScript is HORRIBLE, absolutely terrible. Unusable, the program is basically dead, as must be the brains of the developers. This was known already from the "normal" version, but is all the more apparent now that Tor uses it too.
Tor does not work now with this prorgram, which is a kind of bug and certainly a liability.

Anonymous (not verified) said:

September 13, 2018

Permalink

08:25:22.894 Error: No handler registered for message "updateSettings" in context moz-extension://%noscript%/ui/options.html#;tab-main-tabs=3 1 Messages.js:422:12

Anonymous1234 (not verified) said:

September 13, 2018

Permalink

Dear and beloved Tor devs, please fix the user-agent issue! Using Tor Browser on Linux really really stands us out from the crowd! Please at least give us the ability to still enable classical Windows user-agent if we want! Or do you know of any workaround regarding this issue?

As of now, my user-agent header is

  1. <br />
  2. Mozilla/5.0 (X11; Linux x86_64; rv:60.0) Gecko/20100101 Firefox/60.0

Really, really bad! Progress should be toward more anonymity, not less! This is a really scary regression!

Thanks a lot for your work!

Anonymous (not verified) said:

September 14, 2018

Permalink

18:15:35.134 Loading failed for the with source “chrome://global/content/TopLevelVideoDocument.js”. 1 269.mp4:1

Anonymous (not verified) said:

September 14, 2018

Permalink

NI:
18:32:26.005 this.browser is null 1 ext-tabs-base.js:298
get frameLoader chrome://extensions/content/ext-tabs-base.js:298:5
get frameLoader chrome://browser/content/ext-browser.js:605:5
get width chrome://browser/content/ext-browser.js:678:5
convert chrome://extensions/content/ext-tabs-base.js:579:7
get chrome://browser/content/ext-tabs.js:572:18
InterpretGeneratorResume self-hosted:1259:8
next self-hosted:1214:9
get self-hosted:977:17
call/result< resource://gre/modules/ExtensionParent.jsm:772:57
withPendingBrowser resource://gre/modules/ExtensionParent.jsm:427:26
next self-hosted:1214:9
call resource://gre/modules/ExtensionParent.jsm:771:20
next self-hosted:1214:9
torbutton_send_ctrl_cmd chrome://torbutton/content/torbutton.js:753:10
torbutton_do_new_identity chrome://torbutton/content/torbutton.js:1117:10
torbutton_new_identity chrome://torbutton/content/torbutton.js:847:9
oncommand chrome://browser/content/browser.xul:1:1

Gaspode (not verified) said:

September 15, 2018

Permalink

I do not possess the technical knowledge many here do, but the new browser just doesn't seem to work well. Pages don't load, timeouts for well known sites (yes, I get that they could be down), I don't get the Tor landing page confirming Tor loaded fine and is secure, NoScript configuration is what, super-automatic and perfect now...it just seems off. For those of us that have come to rely on it for privacy with the older config options, I don't feel like I have control or knowledge that I am as secure as I used to be. Something just feels off.

missey (not verified) said:

September 15, 2018

Permalink

The new version 8 is very bad...
There's no option to change the ip-address.
Script handling is complicated. The old version is better
Now I only get message 'Your IP Address is banned' everywhere.

Anonymous (not verified) said:

September 17, 2018

Permalink

TBB-Firefox sends Linux kernel version in extensions blocklist update queries to Mozilla. 6 years old ticket closed https://trac.torproject.org/projects/tor/ticket/6734 without fix this privacy issue.

From Ubuntu 18.04.1 LiveCD
/v1/blocklist/3/%7Bec8030f7-c20a-464f-9b0e-13a3a9e97384%7D/60.2.0/Firefox/20180204030101/Linux_x86_64-gcc3/en-US/release/Linux 4.15.0-29-generic (GTK 3.22.30 libpulse 11.1.0)/default/default/1/1/new/

about:config
extensions.blocklist.url:
https://blocklists.settings.services.mozilla.com/v1/blocklist/3/%APP_ID…

Also it send TOTAL_PING_COUNT to tell mozilla how many days you use TBB.

Thank you very much for this information regarding, "TBB-Firefox sends OS+kernel in update queries to Mozilla".

Ticket #6734, which you pointed out, is closed. The final post in that ticket refers to two other tickets, one of which is closed and the other, #3555, is open. If you or anyone else would like to contribute to the discussion there, please do. Registration is quick with a username and password, no e-mail required. Thank you.

Tickets:

https://trac.torproject.org/projects/tor/ticket/3555
https://trac.torproject.org/projects/tor/ticket/6734

Terwilliger (not verified) said:

September 17, 2018

Permalink

I allowed Tor to update itself on Mac 10.9.5 system and now it doesn't run at all. Instantly goes to a crash window. Deleted everything from application support folder and the app itself, downloaded from this website, same exact effect.

titobob (not verified) said:

September 18, 2018

Permalink

adobe flash download demands "close mozilla". Is it not possible to install the adobe flash player with tor?

Anonymous (not verified) said:

September 21, 2018

Permalink

1537527087896 addons.manager WARN Exception calling callback: [Exception... "Component returned failure code: 0x80520012 (NS_ERROR_FILE_NOT_FOUND) [nsIFile.isDirectory]" nsresult: "0x80520012 (NS_ERROR_FILE_NOT_FOUND)" location: "JS frame :: resource://gre/modules/addons/PluginProvider.jsm :: get size :: line 415" data: no] Stack trace: get size()@resource://gre/modules/addons/PluginProvider.jsm:415
_updateView()@extensions.js:2933
show/<()@extensions.js:3020
safeCall()@resource://gre/modules/AddonManager.jsm:182
makeSafe/<()@resource://gre/modules/AddonManager.jsm:197

jimboza (not verified) said:

October 24, 2018

Permalink

OK so Tor is being like my wife In moving things around that I cant find anymore. So tell me where the picture of the routing Circuit has gone that you normally see when you click on the onion in the top left corner??