Tor Browser 7.0.6 is released

by boklm | September 28, 2017

Tor Browser 7.0.6 is now available from the Tor Browser Project page and also from our distribution directory.

[UPDATE: the dist server was temporarily messed up, but it should be better now. Sorry for the troubles!]

This release features important security updates to Firefox.

This release includes security updates for Firefox (52.4.0esr) and a new Tor stable version (0.3.1.7), the first one in the 0.3.1 series. In addition to that we updated the HTTPS Everywhere and NoScript extensions we ship. Moreover, we fixed minor usability issues and a bug which, under particular circumstances, caused all tabs to crash after closing single one.

Note: The release date in the changelog displayed after the update is incorrect. The actual release date is September 28.

The full changelog since Tor Browser 7.0.5 is:

  • All Platforms
    • Update Firefox to 52.4.0esr
    • Update Tor to 0.3.1.7
    • Update Torbutton to 1.9.7.7
      • Bug 22542: Security Settings window too small on macOS 10.12 (fixup)
      • Bug 20375: Warn users after entering fullscreen mode
    • Update HTTPS-Everywhere to 2017.9.12
    • Update NoScript to 5.0.10
    • Bug 21830: Copying large text from web console leaks to /tmp
    • Bug 23393: Don't crash all tabs when closing one tab
  • OS X
    • Bug 23404: Add missing Noto Sans Buginese font to the macOS whitelist

Comments

Please note that the comment area below has been archived.

Anonymous (not verified) said:

September 28, 2017

Permalink

How much longer will the Tor Browser be based on Firefox ESR? I like Tor, but I disdain Firefox ESR. I want to reap the benefits of the latest Firefox features like the Quantum Project and have my internet traffic flow through Tor.

That's hard to say, probably for a while. We need to audit all the new code and write patches if needed every six weeks which is a lot of work. That's just one of the issues. Another one is that Mozilla needs much more candidate builds to get the release right (for Firefox 56 they needed 6), thus there is a considerable increase in release engineering workload for us included as well even though the issues they had this time could be seen as an exception. And it would drastically reduce our own time for testing our release builds.

OMG noooo! Too much crap features, stay with the more stable ESR. Actually Firefox should reversely base their ESR on Torbrowser ESR (that would become the Firefox TESR version) because the torbrowser version is the best ESR version. Probably simpy because it has even more stripped the crap out of the browser code.
Mac OS X users should know that by experience because on older (OS X) versions Firefox was instable from version 31 (a bit) to 38 (more) to 45 (just unusable) whlie Torbrowser ESR kept on working just fine. Therefor it is still a tragic that torproject keeps following mozilla (ditching users).
One could almost redifine the earlier question like "How much longer will the Tor Browser be based on Firefox?" But then the question is, what would be a good alternative?

Nothing can replace Firefox as a basis for Tor. Firefox is even backporting a truckload of Tor Browser patches into main Firefox, so the proximity between the two browsers is actually increasing, along with the relationship between their respective developers

How much longer will the Tor Browser be based on Firefox ESR?

IMO, I hope TorBrowser never switches off of ESR - that is, unless they switch off of Firefox completely.

I want to reap the benefits of the latest Firefox features like the Quantum Project and have my internet traffic flow through Tor.

And I'm looking to avoid most of the so-called "features" of the new Firefox - particularly the new extension system that breaks every extension out there - most of them unfixably. I like the idea of browser-agnostic extensions, but why couldn't they keep the old extension system running concurrently while they figure out and fix all the shortcomings of the new one? Oh, I forgot, Firefox doesn't have any shortcomings - all the features they've taken out were taken out because you didn't need them, anyway. :-Þ

7.0.6 (not verified) said:

September 28, 2017

Permalink

Update HTTPS-Everywhere to 2017.9.12 : it runs fine , thank you.
Update NoScript to 5.0.10 : it runs fine , thank you.

Bug #23620 and others are caused by HTTPS-Everywhere. With it disabled:

[xx/xx/2017 00:46:29.300 [NOTICE] Heartbeat: Tor's uptime is x days xx:59 hours, with 3 circuits open. I've sent xxx.xx MB and received x.xx GB.
xx/xx/2017 00:46:29.300 [NOTICE] Average packaged cell fullness: 61.493%. TLS write overhead: 5%

Enabled it:

xx/xx/2017 01:40:00.800 [NOTICE] Our directory information is no longer up-to-date enough to build circuits: We're missing descriptors for some of our primary entry guards
xx/xx/2017 01:40:00.800 [NOTICE] I learned some more directory information, but not enough to build a circuit: We're missing descriptors for some of our primary entry guards
xx/xx/2017 01:56:44.400 [NOTICE] Application request when we haven't used client functionality lately. Optimistically trying directory fetches again.

No anonymous way to report bugs other than through these comments. OFTC doesn't work over Tor.

Hm. I don't really see how HTTPS-Everywhere would have an effect here as this traffic is originating in tor not in the browser and hence the extension has no influence over it. How is that supposed to happen?

mk (not verified) said:

September 29, 2017

Permalink

I tried to update my Tor browser twice today, but each time the update was going on forever, without being completed - are there still problems?

Anonymous (not verified) said:

September 29, 2017

Permalink

Is it possible to configure this Tor Browser release in order to use the "ConnectionPadding =1" option included in the Tor 3.1.7 ? Does it make sense?

Cheers
Anonymous

Unfortunately here isn't much we can do to stop it. Tor saves lives, and that responsibly disclosing bugs to us is far better than participating in Zerodium's program would put lives at risk.

Anonymous (not verified) said:

September 29, 2017

Permalink

Does some of these environment variables doesn't work anymore??:

TOR_CONFIGURE_ONLY TOR_SOCKS_HOST TOR_SOCKS_PORT TOR_CONTROL_HOST TOR_CONTROL_PORT TOR_CONTROL_COOKIE_AUTH_FILE

After the update the torbrowser can't reach my separately started tor process anymore.
Is there any workaround?

Found the solution. The environment variables still working. But the tor argument "ControlListenAddress IP:PORT" is not working anymore. Instead you have to use "ControlPort IP:PORT"

About the Same… (not verified) said:

September 29, 2017

Permalink

Why was the shorthand pgp verification syntax removed for Linux in the docs (it remains for OS X). I seem to remember it used to be shown for both. It works fine for Linux. For example:

gpg --verify tor-browser-linux64-7.0.6_en-US.tar.xz{.asc*,}

I don't have to man gpg because I KNOW the syntax I gave originally works. You think I just posted that without having used that syntax before and it working under Linux perfectly???

Why should I have to type both arguments in the long syntax why I can just type the short syntax and have it work? That would be wasteful and stupid. My question was not whether the syntax works, which it does, but why the Tor documentation shows it as only working for Mac, when it works for LInux as well.

Anonymous (not verified) said:

September 29, 2017

Permalink

tiny bug:
noscript (update 5.1.0) icons disappear after clicking TBB 'new identity' twice.

edwin (not verified) said:

September 30, 2017

Permalink

ok?

HelloWorld (not verified) said:

September 30, 2017

Permalink

ProtonMail gets stuck on the decryption page with this version. Anyone else having this problem? Any workarounds?

Yes I am, this is bullshit. I can't enable two factor encryption because by the time it finishes the calculation, the 30 second timeout has already passed so I get the message two factor setup failed. I tried dozens of times. We need a way to disable this!

Nanny McFee (not verified) said:

September 30, 2017

Permalink

7.0.6 won't download. It starts, then completely hangs. Every time I have tried, thus far.

Noscript issue (not verified) said:

September 30, 2017

Permalink

Since then, Noscript has auto-updated to 5.1.0 and has now vanished from both Tor and regular Firefox. One of the reasons auto update can be a really bad thing.

Anonymous (not verified) said:

September 30, 2017

Permalink

Before this update I could watch youtube streams without problem on lowest security setting.
That is no longer the case, as the videos are now just buffering; forever.

Before this update I could watch them on the medium security setting, but not any more.

I just get error messages. Previously i also had all the functionality of Youtube when not going through Tor, but this has disappeared as wel.

Will we be able to get back to the former situation any time soon?

Thanks

What do you mean with "Previously i also had all the functionality of Youtube when not going through Tor". Are you running Tor Browser? If so, how did you configure it to not run over Tor?

I just tested the medium settings and after whitelisting some media it works for me on Youtube. But that has been needed in previous versions as well. How have you been used to watch videos on a medium-high setting?

No-one in particular (not verified) said:

October 05, 2017

Permalink

What I mean by the "functionality of Youtube" is all of the features of YouTube that I had when not watching it over Tor.

Yes, previously (I can't remember the Tor version, as I don't watch YT much) with, in about:config, Javascript Enabled 'True' left as it is and with medium security on the slider, I could watch YT normally, without any whitelisting.

didier.amann@l… (not verified) said:

September 30, 2017

Permalink

bonjour
j'ai souvent ce message à l'ouverture d'un site, savez-vous pourquoi? comment faire?

This page can't be displayed. Contact support for additional information.
The incident ID is: 1182314419488.

merci

gk

gk said:

October 02, 2017

Permalink

Not sure where this is coming from but it seems the website that you want to go to is blocking Tor users. There is, alas, not much we can do to prevent that as all of (exit) server are public. I think the best would be to contact this website asking them to allow Tor users as well.

101 (not verified) said:

October 02, 2017

Permalink

si c'est souvent ; ce n'est pas normal : votre système est mal configuré.
si vous êtes sous linux , vous pouvez me joindre ici [ list101 at elude.in ].
si non, vous devriez envisager d'utiliser un vpn en plus de tor_ il y en a de gratuit.

pourquoi : votre demande en utilisant Tor est considéré comme une menace, une attaque, un accès non-autorisé : bloqué.
comment faire : configurer mieux votre o.s voire utiliser un vpn et essayer un bridge avec Tor.
on peut aussi tricher en accèdant au site par un lien indirect ou dans une autre langue.

éviter les serveurs anglais et américains : le blocage est le signe d'une surveillance accrue.

Freddie The Fixer (not verified) said:

September 30, 2017

Permalink

So the bottom line is TOR, as of this release, will no longer work for the bunch of us still clinging to WinXP SP3? Don't know why I was under the impression TOR would continue to update allowing XP users to stay safe. Hope I'm missing something here.

Tor Browser will be working for XP users until we switch to Firefox 59 ESR which will happen with Tor Browser 8 around June 2018. That said, we can't help you staying secure, though, as Windows XP does not get any security updates anymore for a while now.

Anonymous (not verified) said:

October 02, 2017

Permalink

Don't think that only silly persons use XP! Of course, to stay secure people use POSReady updates until April 2019, and Mozilla betrayed them.

JR (not verified) said:

September 30, 2017

Permalink

Browser won't update ("Failure (unknown reason)"). I've tried a buch of times on different days and circuits.
Using Tor 7.0.4 linux 64bit (20170202040101)

Is that still a problem for you? I just downloaded a "fresh" 7.0.4 and updated to 7.0.6 without problems on my 64bit Linux box. If the problem still persists could you set app.update.log to true and open the browser console (Ctrl+Shift+J) before you are starting the update to check whether you get some error messages in it?

googletor (not verified) said:

September 30, 2017

Permalink

Problem with google captcha. After successfully completing the Google captcha I get the following message even though I have allowed noscript to allow temporary scripts.

Our systems have detected unusual traffic from your computer network. Please try your request again later. Why did this happen?

IP address: 51.15.37.97
Time: 2017-10-01T04:37:52Z
URL: https://www.google.nl/search?q=nslookup+online&ie=utf-8&oe=utf-8&client…

Chuck Rhode (not verified) said:

September 30, 2017

Permalink

I'm not seeing a way to "temporarily enable *javascript* for ['this' or any particular] site." I believe there used to be some *noscript* menu options in the onion menu. These seem to be gone now on all security slider settings. Perhaps the new *noscript* has a different interface. Is there a *noscript* icon somewhere I should be clicking on?

Chuck Rhode (not verified) said:

October 02, 2017

Permalink

Not today :-)

I could have sweared I restarted a couple of times the other day, though. Maybe I wasn't looking for the *noscript* icon in the right place then. Today it's showing (in spot 2 of 2) to the right of the *https everywhere* icon.

The *noscript* icon has its own context menu with the functionality I require.

Thanks for your response.

bug?! (not verified) said:

October 03, 2017

Permalink

- do not restart : it does not work , it came from the update of noscript (5.1.1).
- download another tar.z : it works without trouble.
another funny bug : i do not remember how many i reported it since the beginning of the year , 10 ? 20 ? bug bounty should be less deaf about these alerts from users ... who give them a good opportunity to make money & have a job ... ;)

I actually think the NoScript icon (and NoScript working) is indeed coming back after a restart.

Regarding the bug bounty program: feel free to report your findings to hackerone.com/torproject and we'll look at them.

Anonymous (not verified) said:

October 06, 2017

Permalink

NoScript 5.1.1 icons and contextual menu disappear if you click "Forget about browsing history" *twice* in one session. NoScript appears to still be running. Reappear if you quit and restart. (Win 7)

certifiable (not verified) said:

October 11, 2017

Permalink

i think this refers to "Forget about this site" in History panel ctrl+h (or in ctrl+shift+h)

Anonymous (not verified) said:

October 01, 2017

Permalink

You need to fix the add-on icon situation.
It's like every time I use Tor Browser for an extended period of time, after a while the add-ons (I think sometimes through updates) will change whether they're on left or right side, visible or non-visible (on the panel). This must have identification-implications. To solve this you should have some add-on wide rule (show all in panel vs hide all) that locks them like this and preventing add-on updates from changing this.

I think your latest issue is caused b< https://trac.torproject.org/projects/tor/ticket/23724 and we hope to have a fix for that one soon. Apart from that I am not aware of any icons floating around on the toolbar. It certainly did not happen to me over the years and we are trying to make sure the icons stay at their place. Do you have steps to reproduce the problems you have seen in the past?

Alan (not verified) said:

October 01, 2017

Permalink

Tor crashes / won't open until I disable Trusteer Rapport - A big problem as I need to remember to re-enable it

tortor (not verified) said:

October 01, 2017

Permalink

My Yosemite Mac has 2 torbrowser process when torbrowser is started up. Is this correct operation?

Yes, it shows that the content sandbox is active (which is good). The parent process which is responsible for all the browser menus and other privileged parts/code is starting the content process soon after start-up where all the websites run in. That allows to enforce security policies which should make it harder to exploit the browser.

tortor (not verified) said:

October 02, 2017

Permalink

Then something is wrong with the operation. After restarting my Mac running Yosemite I no longer see 2 tor browser process when I start up the Tor browser, I only see one process.

certifiable (not verified) said:

October 11, 2017

Permalink

for what it's worth, in Windows 7, in TBB 7.0.6 (based on Mozilla Firefox 52.4.0) (32-bit), copied from about:support:
Multiprocess Windows 1/1 (Enabled by default)

certifiable (not verified) said:

October 11, 2017

Permalink

Also, web search for
about:support "Safe Mode false"
finds (from late 2015 into 2017) differing values for the Multiprocess Windows line

Anonymous (not verified) said:

October 02, 2017

Permalink

This update skipped all the settings I had done manually in NoScript Options dialog menu. I disabled java and javascript much time before now and they were stored across all previous updates, but after this one I revealed that java and javascript were enabled again without any notification. (Button "Crossed S in the red circle" changed to "S! and no red circle")

Anonymous (not verified) said:

October 02, 2017

Permalink

I restored my settings immediately on noticing that the button changed to S! So I can't say how torbrowser would have behaved after restart in case I haven't touched settings. And yes, the (manually) restored settings are now persistent across restarts.

SMP (not verified) said:

October 02, 2017

Permalink

I just updated loaded 6.0,7 But when I started Tor it says I am out of date and is offering me a 61.1 MB update.
Does this make sense or am I being hacked?

After the update, which version number is showing up in the upper right corner on the about:tor page? If it is 7.0.6, do you still get the offer to update when you click on the hamburger menu on the right side of the toolbar and then on the "?" and then on "About Tor Browser"?

Anonymous (not verified) said:

October 04, 2017

Permalink

Noscript with more practicality(?) is working normal with JavaScript disabled in
about:config. HTTPS-Everywhere should do, too?
If not, may introduce a usefull setting for blocking ALL http-traffic in about:config?

JavaScript generally on for running WebExtensions is a .....little wild idea especially when you are running pure Firefox without NoScript.

tortor (not verified) said:

October 02, 2017

Permalink

I have noticed that the Tor circuit always shows "Bridge: Obfs4 (United States)", when I look at my "Tor circuit for this site". It never changes from (United States). Is that normal?

tortor (not verified) said:

October 15, 2017

Permalink

how do I tell Torbrowser not to use bridges? I thought this is the default operation of torbrowser is to use Tor bidges such as OBFS4, OBFS3, meek-azure, meek-amazon.

Anonymous (not verified) said:

October 03, 2017

Permalink

noscript doesn't block frames/iframes

You can try on ebay: Look for any item, click on any offer. Usually you get a description of the item/offer in an iframe. If frames and iframes are forbidden in the settings of noscript you will have to click on the noscript icon on the upper left corner of the frame in order to get the description of the item offered on ebay.. This works correctly with noscript 5.1.1 in a regular firefox, but not within tor browser. The last version of noscript did block the frames, but the noscript icon was missing. This behaviour seems to be due to the tor browser and / or the noscript version of tor browser, because it doesn't occur within the regular firefox.

Another point concernig noscript: On several sites you will see the bottom of the page instead of the top. Try it on: "http://www.duden.de/" – for instance. This behaviour seems to be due to noscript, because it has been occurring for several versions of noscript, both in the tor browser and the regular firefox

Could you upload a screenshot for the bottom/top issue? I am not sure whether I am understanding you correctly.

Regarding the frame issue: is it a problem in a freshly downloaded Tor Browser as well? If so, how do you configure your NoScript?

anonymous (not verified) said:

October 03, 2017

Permalink

I can no longer play video using my tor browser. I recently upgraded to MAC high sierra. I am unable to uninstall high sierra. What do I need to do to fix?

BB (not verified) said:

October 03, 2017

Permalink

Hello!

1) In 99% of the cases my 1st proxy in the Tor circuit comes from Germany. Is there a way to forbid Tor to connect to any proxy in Germany (or to any other country)?

2) Once Tor has connected to a page, the 1st proxy never changes. Even if I request a new identity the 1st proxy stays, thus I have no other choice but to delete and reinstall Tor and hope that by the next installation it does change.

Thanks.

Anonymous (not verified) said:

October 05, 2017

Permalink

When I used one baggy HS I sometimes do NEWNYM and kill -1 for tor. Once I noticed this:

Oct 05 XX:19:18.000 [notice] Tried for 120 seconds to get a connection to [scrubbed]:80. Giving up. (waiting for circuit)
Oct 05 XX:19:42.000 [notice] Received reload signal (hup). Reloading config and resetting internal state.
Oct 05 XX:19:42.000 [notice] Read configuration file "/usr/share/tor/tor-service-defaults-torrc".
Oct 05 XX:19:42.000 [notice] Read configuration file "/etc/tor/torrc".
Oct 05 XX:19:42.000 [notice] Tor 0.3.1.7 (git-5fa14939bca67c23) opening log file.
Oct 05 XX:19:43.000 [warn] connection_ap_attach_pending(): Bug: 0xXXXXXXXXXXXX is no longer in circuit_wait. Its current state is waiting for rendezvous desc. Why is it on pending_entry_connections? (on Tor 0.3.1.7 )
Oct 05 XX:21:43.000 [notice] Tried for 120 seconds to get a connection to [scrubbed]:80. Giving up. (waiting for circuit)

Do I have something to worry about? Is is safe to report that XXXXXXXXXXXX which follows "Bug" word? Is it related to https://trac.torproject.org/projects/tor/ticket/19926 ? I can speculate that HS is extensively used, DDoSed and some HSDirs may censor its descriptor. All that results in unreliable connection.

Anonymous (not verified) said:

October 06, 2017

Permalink

OK, then I can disclose that it was:

Bug: 0x564a96ed6ff0 is no longer in circuit_wait.

Thanks for reopening that ticket. I don't know Tor protocol well, but could speculate that tor client requests HS descriptor from time to time. If HS is intensively used during those requests, due to time lag it may happen that old descriptor cannot be used, but new one is not prepared yet. I remember that sometimes I also experienced another error with this HS:

[warn] Query '[scrubbed]' didn't have valid rend desc in cache. Failing.

These problems may be related. Anyway, does it harm my anonymity? Is it just technical internal error not related to deanonymization of HS clients?

Me-55 (not verified) said:

October 05, 2017

Permalink

I have used the Tor Browser under Suse Linux for more than one year - until now it was never a problem to update Tor upon the messages to do so (I use version 7.0.5 currently). Yet the update to 7.0.6 does not work, though I tried to update more than 10 times in the meantime. Could you please suggest a solution? - Thx.

What does "not work" mean? Does it not download? Does the update not apply properly? Could you open about:config in your Tor Browser and set app.update.log to true. Make sure to restart and then open the browser console with Ctrl+Shift+J you should now see the update log in case an update is tried. You can trigger that by clicking on the hamburger menu in the upper right corner and selecting "?" and "About Tor Browser". Does the log give some hint on what is going wrong?

Andre745 (not verified) said:

October 05, 2017

Permalink

This problem happened, 2 days after updating
1- NoScript icon change position
2- NoScript>>>Options>>>Embeddings>>> I had in Forbid, are now Enabled!

Example:
https://img11.hostingpics.net/pics/803825problem.jpg

I reinstalled the Torbrowser, and now I have no problems, but I want to know, that was what happened, this had never happened before with my browser

Someone hack me or is a problem with the update?

I appreciate the opportunity to express my problem
I hope an answer, Thank you!

Anonymous (not verified) said:

October 06, 2017

Permalink

FYI, Tor circuit viewer on Tor Browser was broken (didn't show up) for years on my Windows 7, but after I believe updating tor.exe to 0.3.1.7 it now started showing up again. Could you confirm? I haven't seen anything in the changelogs of Tor and Tor Browser relating to this issue

вывы (not verified) said:

October 06, 2017

Permalink

07.10.2017 7:48:34.800 [NOTICE] Bootstrapped 85%: Finishing handshake with first hop
07.10.2017 7:50:10.600 [WARN] Problem bootstrapping. Stuck at 85%: Finishing handshake with first hop. (Connection refused [WSAECONNREFUSED ]; CONNECTREFUSED; count 10; recommendation warn; host 7BF46AD9A0F7F7CFC5CC131417E71DF1A516368F at 82.161.50.30:9002)
07.10.2017 7:50:10.600 [WARN] 9 connections have failed:
07.10.2017 7:50:10.600 [WARN] 8 connections died in state handshaking (TLS) with SSL state SSLv3 read finished A in HANDSHAKE
07.10.2017 7:50:10.600 [WARN] 1 connections died in state connect()ing with SSL state (No SSL object)
07.10.2017 7:50:32.800 [NOTICE] Closing no-longer-configured Socks listener on 127.0.0.1:9150
07.10.2017 7:50:32.800 [NOTICE] DisableNetwork is set. Tor will not make or accept non-control network connections. Shutting down all existing connections.
07.10.2017 7:50:32.800 [NOTICE] Closing old Socks listener on 127.0.0.1:9150
07.10.2017 7:50:32.800 [WARN] Problem bootstrapping. Stuck at 85%: Finishing handshake with first hop. (DONE; DONE; count 11; recommendation warn; host B6904ADD4C0D10CDA7179E051962350A69A63243 at 81.2.209.10:80)
07.10.2017 7:50:32.800 [WARN] 11 connections have failed:
07.10.2017 7:50:32.800 [WARN] 9 connections died in state handshaking (TLS) with SSL state SSLv3 read finished A in HANDSHAKE
07.10.2017 7:50:32.800 [WARN] 2 connections died in state connect()ing with SSL state (No SSL object)
07.10.2017 7:50:39.500 [WARN] Problem bootstrapping. Stuck at 85%: Finishing handshake with first hop. (DONE; DONE; count 12; recommendation warn; host 4CE25D32F42026361317F069A2E49F300DD56DA6 at 188.213.170.104:443)
07.10.2017 7:50:39.500 [WARN] 12 connections have failed:
07.10.2017 7:50:39.500 [WARN] 10 connections died in state handshaking (TLS) with SSL state SSLv3 read finished A in HANDSHAKE
07.10.2017 7:50:39.500 [WARN] 2 connections died in state connect()ing with SSL state (No SSL object)
07.10.2017 7:50:39.500 [WARN] Problem bootstrapping. Stuck at 85%: Finishing handshake with first hop. (DONE; DONE; count 13; recommendation warn; host E2382981C6D5876D26237FEACED9DBE324724194 at 173.212.228.203:443)
07.10.2017 7:50:39.500 [WARN] 14 connections have failed:
07.10.2017 7:50:39.500 [WARN] 11 connections died in state handshaking (TLS) with SSL state SSLv3 read finished A in HANDSHAKE
07.10.2017 7:50:39.500 [WARN] 3 connections died in state connect()ing with SSL state (No SSL object)
07.10.2017 7:50:39.500 [NOTICE] Delaying directory fetches: DisableNetwork is set.

Tor sucks (not verified) said:

October 07, 2017

Permalink

hey when are you going to fix this stupid shit. Every time I exit I get a message from Windows 8 "Tor Browser has stopped working". This has been going on since last 2 updates.

october 11 2017 eee (not verified) said:

October 11, 2017

Permalink

After normal TBB shutdown (clicking upper right corner "X"), I have seen Windows crash error in Vista before Microsoft's April EOL, and in Windows 7 since switching to Windows 7.
https://img.raymond.cc/blog/wp-content/uploads/2009/08/program_has_stop…
(off-topic comment: to reduce "clues" sent out about TBB use, I always choose the second choice "Close the program".)

Maybe the TBB profile has accumulated "cruft"?
My profile had been the same for years on Vista.
I had copied my profile from Vista to the fresh Windows 7 installation.
Exception: Firefox allows no good way to export places.sqlite to .url files ("favorites"), so I very recently set aside my accumulated huge places.sqlite, and let TBB's next startup generate a new places.sqlite. I deleted Mozilla's default bookmarks and have added only about 11.

Other non-standard settings:
Accumulated about:config prefs, and some that may be obsolete.
Noscript settings
Other than places.sqlite, some .sqlite files data, such as form history?
Few words added to Spelling dictionary.
Rare https cert exceptions.

I intend to download the current full TBB.
Run it once. I doubt it will crash at shutdown.
Then try some diff type comparison of this new TBB profile against my accumulated profile.
Gradually I will research the differences, and "rebuild" the new profile.

anon (not verified) said:

October 07, 2017

Permalink

I've looked all over the place and can't seem to find a link to which versions of OSX are now supported (I'm now getting 'your browser is out-of-date but the latest version is not supported on your system. upgrade your OS' messages, but my machine is AT the max OS it can handle).

Can anybody point me to the link; if there IS one? Tnx.

Anonymous (not verified) said:

October 08, 2017

Permalink 

  1. [warn] Tried connecting to router at X.X.X.X:9001, but RSA identity key was not as expected: wanted XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX + no ed25519 key but got XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX + XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX.<br />

Is it some bug in tor code or is it just node with bug? (0.3.1.7)

Anonymous (not verified) said:

October 10, 2017

Permalink

Ever since upgrading from 7.0.3 to 7.0.4 the warning for maximizing Tor disappeared.Upgrading to 7.0.5 did not fix the problem for me and the latest 7.0.6 did not fix it either.Of course I know that the page should not be maximized , but there are occasions that some trusted person uses my machine and they don't see the warning when maximizing the page and keep using it at that size until I see it and tell them.I use Windows 7 Ultimate , 64-bit.
I use Kaspersky Internet Security Suit and I wonder if that might have some tricks to do stop the warning . Last year , I was using Bitdefender and I always got the warning.I write from Iran.

Anonymous (not verified) said:

October 11, 2017

Permalink

First issue:top / bottom problem:

Sorry for not having reacted so far – too much work and I had to try out several combinations of setting on different sites.

So I'll have another try to explain the point I'm aiming at:

1. load the following page:

http://www.ebay.com/itm/Professional-Use-Small-Washing-Machine-Useful-T…

2. change security slider:

a) low > you will see the top of the page
b) middle > you will see the bottom of the page
c) high > you will see the bottom of the page

3. Why is the bottom of the page displayed with the security slider on middle and high?

4. Can't this behaviour be changed in general so that the top of such pages will always be displayed? Since you get the “clickomania” and “scrollomania” on sites with search fields on sites of dictionaries like “http://www.duden.de/” where you maybe have 50 words to look up.

Thanks for checking!

Anonymous (not verified) said:

October 11, 2017

Permalink

Second issue: icon problem:no noscript icon on iframes is missing

1. load the following page:

http://www.ebay.com/itm/Professional-Use-Small-Washing-Machine-Useful-T…

2. check if all settings are in the original state (security slider and noscript)

3. change settings in noscript:

a) click on click on “Embeddings”
b) check “forbid iframes”
c) click on “OK”

4. reload the above page

5. effect:

a) iframe is forbidden = yellowish frame – that is correct

b) HOWEVER:

The noscript icon is missing! It should be displayed on the left upper corner of the frame, shouldn't it?

The noscript icon is missing only in the tor browser. In the regular firefox with the regular noscript installed, the noscript icon is displayed on the left upper corner of the frame.

I hope I've put it more understandable and the effect of the missing noscript icon is reproducible now.

I'd be grateful if you could check if that is a normal behaviour …

Thanks a lot!

Anonymous (not verified) said:

October 12, 2017

Permalink

"FIREFOX browsers will soon block "fake news" flagged by George Soros-linked left-wing groups"

It's that true?

http://uk.businessinsider.com/mozilla-new-initiative-counter-fake-news-…
https://www.activistpost.com/2017/08/mozilla-joins-george-soross-effort…
https://www.theguardian.com/technology/2017/aug/08/fake-news-full-fact-…

I dont need modzilla or any other to tell me what is"truth and facts", that's not democracy

Tor user (not verified) said:

October 17, 2017

Permalink

Thank you for your good work with Tor and Tor browser, but with the latest release I have some crash with the extensions control tab, with previous release nothing. My system is Windows 7 Ultimate 32 bit.

Tor user (not verified) said:

October 20, 2017

Permalink

To explain in detail my problem to show when I open the extensions list tab and, for example, switching to plugin list tab and return to extensions list tab tor browser is very slow and crash, therefore I to reboot the application. This problem not show always but very often; It is very bother. I hope us to fix it because with old versions I not had any problem. Thank you.

Tor user (not verified) said:

October 23, 2017

Permalink

No, I not have any plugins listed in the plugins tab and the extensions are the default bundled in Tor browser. The problem is like the application does not load correctly the extensions tab and crash all application. I will test new Tor browser versions to this problem and I'll let you know. System is Windows 7 Ultimate 32 bit.

Paul K. (not verified) said:

October 19, 2017

Permalink

Today's Tor for Mac v 7.0.7 update appeared on MacUpdate, yet the latest version on the TOR site is still 7.0.6. The new one does download if you replace the version numbers in the link, but when 7.0.7 runs it reports TOR is out of date, and checking for updates returns no update available. Bizarre.

From the comments on MacUpdate it seems this happened with 7.0.6 as well. What gives?

ham (not verified) said:

December 30, 2017

Permalink

dear tor team
how can i say thanks when i living in dictatorship.
god bless you

kali.debian (not verified) said:

March 03, 2018

Permalink

rspctd gk.

i m at 8.0a2 beta on win 64 sys last few hrs getting in known w Tor. Thanks!

still reading all the docs for d sake of my surf and Tor as well

wud u b so kind to hint me on html5 audio enabling for I dont wanna poisonn Tor w any jscript? pls.

afterwards, i d ask you on how to begin on w. bridge networking.. i v got bridge keys, still cant make an input in config.

d love to do any for the \tor.network

thnnx in advnc.

p.s.
Tor rebooted sev times still no audio (html5)

err " Your browser does not seem to support HTML5 WebAudio; please try a recent version of Firefox, Chrome, Opera or Safari; or switch to Java."

bsht lol