Tor Browser Bundle 1.1.12 released

by phobos | April 13, 2009

Updated Tor Browser and Tor IM Browser bundles are released. The updated bundles can be found at https://sedvblmbog.tudasnich.de/torbrowser/

The changes from 1.1.11 are:

  • Update OpenSSL to 0.9.8k
  • Update Tor to 0.2.1.14-rc

    • Also fixes a bug where Chinese (zh_CN) translations weren't being used in Vidalia, see http://archives.seul.org/or/cvs/Apr-2009/msg00001.html for details.

    Tor Browser and Tor IM Browser Bundles are also known as the "Zero Install Client" for Windows.

Comments

Please note that the comment area below has been archived.

Tsadik (not verified) said:

April 13, 2009

Permalink

Hey guys,
I am having a really weird issue now since I installed the latest stable win32 version of the tor bundle on my windows vista laptop. IE and FF will not connect to any page, although I can connect via Google Chrome. This problem persists no matter if the software is running or not. I am totally at a loss as to what is going on, is there anything you can think of? I have turned the windows firewall on and off, that does not help. I have uninstalled/reinstalled the tor bundle and that did not help either.

Any help will be appreciated

PETER (not verified) said:

April 14, 2009

Permalink

hey Tsadik i think u didnt install properly or u dont know how 2 install . it is working 4 me perfectly without any problems. iam also using windows vista in my laptop.I think u bette try it once again or check the instructions which is shown in the above posted link. By the way phobosthanx 4 updating new tbb bundle. Keep it going dont stop.

Anonymous (not verified) said:

April 15, 2009

Permalink

I have downloaded the zero install and plain install bundles for Windows (XP) and tried to verify the signature of Andrew using GnuPG and receive a BAD verification warning. Near as I can figure, the only difference appears to be the fact that the key installed from the server has a date of "Created: 7/16/2003" while on your site it says "pub 1024D/31B0974B 2003-07-17", a one day mismatch. Would that cause the Bad verification warning?.

No, that should not cause a bad signature warning. Are you sure you have the full bundle? I've noticed people seem to get 90% of the download sometimes, this will fail the signature check.

Are you using gpg in the Windows command prompt or via cygwin?

Feel free to open a bug, for I'm very interested in how this is occurring. https://bugs.torproject.org/

I've heard from two people in China their signatures always read as bad, even when the sha1 files match.

I'm glad people are checking gpg signatures!

Anonymous (not verified) said:

April 16, 2009

Permalink

Vidalias memory footprint is always increasing and something needs to be done. Qt is probably the problem. Can you make the map and graph into dlls that can be deleted if they are the cause?

Vidalia's memory usage is generally due the bulk data structures it keeps for geoip location, active circuits, and then the map in Qt.

We welcome help in reducing memory usage without a similar reduction in functionality.

zorg (not verified) said:

April 17, 2009

Permalink

Hi all.
I'm a long time Opera user and I've come accross this neat bundle called OperaTor.
It uses Polipo as a web proxy.
I wonder if it hides my browsing habbits from the network admin.
Supposedly it does, but then my concern is those sites with javascript induced popup windows.
Anyone know if enabling javascript in your browser will void anomimity?
Thanx a bunch.

JavaScript can be dangerous in a few different ways:
* Poor JavaScript implementations often allow buffer overflow attacks. An advanced attacker might exploit these vulnerabilities to install spyware on your computer. The spyware can then compromise your anonymity.
* Dangerous things like Java and Flash are often wrapped in JavaScript. If you enable JavaScript, you will have to ensure these things are blocked separately.
* JavaScript will volunteer a wide variety of information about you, including your screen size, that will make you much less anonymous. This is potentially fixable, if JavaScript could be told to fake this information, but the above two problems remain. Fortunately the information disclosed in this way does not include your IP address.

The Torbutton FAQ says it protects you against scripts that continue running when you switch between using Tor and direct connection, not from all that.

JavaScript is really dangerous, but if you really need it, at least only enable it for specific websites (for Firefox you may use NoScript, built-in solutions exist for Konqueror and, I believe, Opera), and, if you are not using Torbutton, be careful about switching off Tor.

JavaScript is not safe, period. NoScript is just a form of risk management. If I surf with JavaScript disabled, there may be once in a while a site I really need to use which requires me to use JavaScript. If I determine that my need of the feature is greater than my need for security and I believe the website is trustworthy, I may enable JavaScript only for that website using NoScript.

The JavaScript problem I am really most concerned about is buffer overflows or other vulnerabilities that might allow arbitrary code execution.

However, the Torbutton design document does not mention "buffer overflow" anywhere.

https://sedvblmbog.tudasnich.de/torbutton/design/

Is that true?

Why is the tor using only very few different circuits and most time all of the same country?
How do I exclude countries completely?

Some of the NSA spynodes(nixnix....) is known to "hijack" circuits witch leeds to you end up using them very often.

First you have to be running the development version series = alpha(A) or Release Candidate(RC)
if you want to use countrycodes(like this:
Excludenodes {US}, {CA},{BR},{AR}
for example), you do need a file named geoIP, after installing you should have it in your tor directory here:
C:\Documents and Settings\{username}\Application Data\Tor\

If Vidalia somehow "forgot" to install the file you can find it here:
http://git.torproject.org/checkout/tor/master/src/config/geoip
You would then need version 0.2.1.6A-0.2.1.15RC

If you want to block the country by using IP adresses instead like this:

ExcludeNodes 1.0.0.0/8,2.1.0.0/16,4.111.111.111/32.....
You would then need version 0.2.1.3A-0.2.1.15RC

If you have a good IPlist this is safer than using the countrycode option, because they have some errors(don't know if this is on purpose or not) in there list here and they don't block new IPranges given to a country which you can do by using your own IPlist.

By the way (admin) where is the download for version 0.2.1.3A can't find it anymore?
And why do you force people to use cookies to post ?

explain to me how you determined these are NSA spynodes? If they're bad nodes modifying traffic, we can block them at the directory authorities. If the NSA/CIA/FSB/etc named a node "fluffy bunny of love" would you think it's ok?

Anonymous (not verified) said:

May 29, 2009

Permalink

"explain to me how you determined these are NSA spynodes?"
If you haven't figured this out yourself yet, i will have to leave you in the dark here, my information on that is classified.

"If they're bad nodes modifying traffic, we can block them at the directory authorities."
If you for example use a torrc file that doesn't give any node an advantage in the selecting process, let tor create let's say 100 000 000 circuits, record all created circuits, compare the likelihood for each node being chosen in each position with what it's "true" likelihood should have been according to tor's chosingpatern during the time the sample circuits were made taken into account the time each nodes been up during this test time and there respective exit configurations.
If it's statistically certain that a node is chosen to often then this would confirm its "hijacking" the circuits/circuitbuildingprocess and giving itself an advantage.
In the case of nixnix it has been confirmed to do so, and by that giving the NSA(who controlls this node) an higher percentage of the Tor traffic to monitor.

Im sorry to say so but you have no way to stop them, they just start up more nodes(witch people know even less about) in other country's if you start blocking there US nodes. You certainly must know that they uses foreign nodes too.

"If the NSA/CIA/FSB/etc named a node "fluffy bunny of love" would you think it's ok?"
Of course not, it doesen't matter what the GRU/NSA/... is calling there nodes.
lets take the famous bettyboop node(IP Address: 149.9.0.27), just because it's named bettyboop doesn't make it any less of an NSA node. It's still controlled by them no matter what they name it.

Every node that is not controlled by me or people that i personally know & trust has the potential of being a "bad node".

Very little is known about OperaTor. It appears to be Opera and Tor combined into a bundle with Polipo for http proxy caching. However, it's unknown if the software is modified in any way. At last check, there were no instructions for how to build your own OperaTor bundle from source packages or code.

Anonymous (not verified) said:

May 04, 2009

Permalink

I've read about a new open source browser that will be released at Defcon 2009 by xerobank guys. They claim it will be more secure than firefox, and users will be immune to many side channel attacks.
They also will release a DeAnonymizer that perform side channel attack, defeating all anonymity networks.
What do you think?

Anonymous (not verified) said:

May 08, 2009

Permalink

Vidalia crashes constantly. It will barely get a Tor connection up before the app disappears and I get an error from Windows saying that it crashed.

comer (not verified) said:

May 09, 2009

Permalink

Using lates tor bundle with FireFox for Win. When FF exits Vidalia crashes with exception in QtCore4.dll
Tried replacing Vidalia with latest release (0.2.0) and Qt DLLs with 4.5.1. Still the same.

Anonymous (not verified) said:

May 10, 2009

Permalink

Hi there.
I'd like to set up a tor relay.Unfortunately I'm behind a firewall.I can make any outbound connections so I can connect to the tor network without a problem.Is there any way to open ports for the upcoming connections?

Well, if you can't control the firewall, unlikely. If it allows upnp, then possibly you can do it via vidalia.

presario (not verified) said:

May 11, 2009

Permalink

Last Friday, my tor was not work. The error messages are

May 11 18:29:09.968 [notice] Tor v0.2.0.34 (r18423). This is experimental softwa
re. Do not rely on it for strong anonymity. (Running on Windows XP Service Pack
3 [workstation] {terminal services, single user})
May 11 18:29:10.015 [notice] Configuration file "C:\Documents and Settings\presario\Application Data\tor\torrc" not present, using reasonable defaults.
May 11 18:29:10.015 [notice] Initialized libevent version 1.4.9-stable using met
hod win32. Good.
May 11 18:29:10.015 [notice] Opening Socks listener on 127.0.0.1:9050
May 11 18:29:10.343 [notice] No current certificate known for authority moria1;
launching request.
May 11 18:29:10.343 [notice] No current certificate known for authority tor26; l
aunching request.
May 11 18:29:10.343 [notice] No current certificate known for authority dizum; l
aunching request.
May 11 18:29:10.343 [notice] No current certificate known for authority ides; la
unching request.
May 11 18:29:10.343 [notice] No current certificate known for authority gabelmoo
; launching request.
May 11 18:29:10.343 [notice] No current certificate known for authority dannenbe
rg; launching request.
May 11 18:29:10.359 [notice] I learned some more directory information, but not
enough to build a circuit: We have no network-status consensus.
May 11 18:29:10.359 [notice] No current certificate known for authority moria1;
launching request.
May 11 18:29:10.359 [notice] No current certificate known for authority tor26; l
aunching request.
May 11 18:29:10.359 [notice] No current certificate known for authority dizum; l
aunching request.
May 11 18:29:10.359 [notice] No current certificate known for authority ides; la
unching request.
May 11 18:29:10.359 [notice] No current certificate known for authority gabelmoo
; launching request.
May 11 18:29:10.359 [notice] No current certificate known for authority dannenbe
rg; launching request.

Please, someone can help me. Thank you very much.

NDR (not verified) said:

May 13, 2009

Permalink

So ever since I got Vista I havent been able to get tor to work. My college has a filter and stuff so sometimes even only certain programs will work. But Tor had worked fine b4 that. In the allowed ports after i checked the box named my firewall only lets me connect to certain ports, 80,443. But this is what it says in the message log.

May 13 10:17:02.022 [Notice] No current certificate known for authority moria1; launching request.
May 13 10:17:02.023 [Notice] No current certificate known for authority tor26; launching request.
May 13 10:17:02.023 [Notice] No current certificate known for authority dizum; launching request.
May 13 10:17:02.023 [Notice] No current certificate known for authority ides; launching request.
May 13 10:17:02.023 [Notice] No current certificate known for authority gabelmoo; launching request.
May 13 10:17:02.023 [Notice] No current certificate known for authority dannenberg; launching request.
May 13 10:19:03.029 [Notice] No current certificate known for authority moria1; launching request.
May 13 10:19:03.029 [Notice] No current certificate known for authority tor26; launching request.
May 13 10:19:03.029 [Notice] No current certificate known for authority dizum; launching request.
May 13 10:19:03.029 [Notice] No current certificate known for authority ides; launching request.
May 13 10:19:03.029 [Notice] No current certificate known for authority gabelmoo; launching request.
May 13 10:19:03.029 [Notice] No current certificate known for authority dannenberg; launching request.
May 13 10:24:08.029 [Notice] No current certificate known for authority moria1; launching request.
May 13 10:24:08.029 [Notice] No current certificate known for authority tor26; launching request.
May 13 10:24:08.030 [Notice] No current certificate known for authority dizum; launching request.
May 13 10:24:08.030 [Notice] No current certificate known for authority ides; launching request.
May 13 10:24:08.030 [Notice] No current certificate known for authority gabelmoo; launching request.
May 13 10:24:08.030 [Notice] No current certificate known for authority dannenberg; launching request.

It sounds like you can't get a connection to the directory authorities at all. Perhaps you need to configure bridges.

Many people have tor working in Vista, so it's generally not Vista per se.

Dave Wavey (not verified) said:

May 13, 2009

Permalink

I understand how the outgoing TOR connection works and is anonymous etc etc etc. What I would like some help understanding is how the return journey is anonymous.

Once the exit node has the response how does it get it back to the initial user in an anonymous way? The documentation i have read says that each node encrypts it with (presumably with its private key) and then sends it back along the same path. When it reaches the originating node they decrypt the lot and get the data out. I am sure there is something wrong in my undersatanding because anyone could decrypt the return data by churning through all the public keys for the known routers. Once someone has done this the last layer to be removed is the originator.

Any help would be much appreciated as this has stumped me and my friends for a while.

thanks for any help!

Montiff (not verified) said:

May 13, 2009

Permalink

Hey guys I've had tor working properly for a while. Then recently I have got this error.

May 13 18:36:38.302 [Notice] No current certificate known for authority dizum; launching request.
May 13 18:36:38.302 [Notice] No current certificate known for authority ides; launching request.
May 13 18:36:38.302 [Notice] No current certificate known for authority gabelmoo; launching request.

etc....

Any ideas on how to fix this??

We know nothing about operaTor. It's closed source, and no one has completed a security analysis of what it contains. It may be Tor, it may be a modified Tor, it might be something else. No one seems to know about it, so users beware.

Anonymous (not verified) said:

June 01, 2009

Permalink

Hello,

To help to not use the nsa node, i block the rang with "iplist" for linux or PG2 for windows and create a list of banned exit node, so only a few time i am connected to there...

The last version 0.2.1.15 rc 1-1 help really to use exit with more different node it's appeare..

my best

Yes using PG2(PeerGuardia 2) and creating a blocklist blocking the iprange 149.9.0.0-149.9.255.255 would stop tor from using the NSA nodes in that range(149.9.X.X) from becoming an entrynode, but there are ways to go around PG2 so you should also block that range in your firewall.

To block them from becoming middlenode or exitnode you have to block them in your torrc

If your using version 0.2.1.3A or later use IP's
Excluenodes 149.9.0.0/16

If your using older 0.2.1.2A or earlier or the stable 0.2.0.34 series you have to use fingerprints of nicknames (nixnix,bettyboop....)
Excludenodes nixnix,bettyboop, .........

Anonymous (not verified) said:

June 02, 2009

Permalink

Thanks for your tip, that's why sometime it was able to connect to them with PG2, so i have write the command to block it...

Are Excluenodes 149.9.0.0/16 enough to block all rang from NSA?

I have another question, almost 20 node are blacklisted, need i accept it or just stay blocked?

In all case are enough other node and seem to be gouv ip, 66.....

I will be happy too when peoples know about the security of jondofox..

My best

iwannahelpyou … (not verified) said:

June 02, 2009

Permalink

im keen to be a volunteer but i monitored the bandwidth - theres nothing at all.
i enabled relay traffic for the network, there no relays channeled to me.
am i really being protected?i tracked my IP with the tor running but my IP is still the same always. should it change? are my packets being channeled throughout relays?

sorry if my question seemed obvious but i would like to know more.

Anonymous (not verified) said:

June 08, 2009

Permalink

I don't know a lot about computers so please have some patience with me. My problem is this: I start the tor browser bundle from my USB flash drive, everything works fine for a few seconds, then Vidalia shuts down. I can still use Tor and firefox, but I can't use the Vidalia start panel or change my IP anymore and so on. I can't even close tor when I'm done. I'm using a public computer if that matters. Is there a way to fix this?
I have another question too: when I go to showmyip.com/torstatus, I get the message that I'm not connected to the Tor network, but I have a new IP address. Is that something to worry about and if it is, what can I do about it?
Any help would be very appreciated.

You can install tor in debian, and then point opera socks5 at tor and see if that works.

Lilly (not verified) said:

November 06, 2009

Permalink

Sorry if this is a stupid request but I'm new with computers and I need help. I downloaded the browser bundle and would now like to remove it. There's no uninstall right? The problem is my web browsing is so slow now. I followed the intstruction on the tor site and went to speedtest.net and it says I'm in Russia when I'm actually in the Philippines.

Anonymous (not verified) said:

May 29, 2010

Permalink

pls what and how can i solve the problem I 'm expressing with tor browser it works today and fail tomorrow pls help me out thanks.

Anonymous (not verified) said:

June 07, 2010

Permalink

Hey guys, Please what should I do? I just observe that Tor refuses to connect on my Windows 7, but when I use the same settings and configurations ofeither of Windows Vista or XP, it'll connect and browse. I later re-installed the Windows 7 and it worked just once and refuses to work again (with the same settings/configurations) Please what else could be wrong? What else should I do?
Thanks in advance for your response and advices.