Tor Browser Bundle for Windows 1.3.7 Released

by phobos | July 5, 2010

On July 4th, we released Tor Browser Bundle 1.3.7 for Microsoft Windows. This is merely a security update release for Firefox and Pidgin. You can download this at https://torproject.org/torbrowser.

The only changes are:

update to Firefox 3.5.10 to fix some security issues
update to Pidgin 2.7.1r2 to fix some security issues

applications

Comments

Please note that the comment area below has been archived.

Well, just to bump into this blog entry, i could suggest you also to update the Tor Browser Bundle for Linux!!!!!!! You copied my idea to ship it with libpng14, and i'm so happy you did it!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!! So, it'll work even in ArchLinux!!!!! But you've also to keep the software up to date!!! There is a remotely exploitable bug in the 1.4.2 version of libpng!!! http://www.libpng.org/pub/png/libpng.html «Buffer overflow in pngpread.c in libpng before 1.2.44 and 1.4.x before 1.4.3, as used in progressive applications, might allow remote attackers to execute arbitrary code via a PNG image that triggers an additional data row.»

~bee!!!!!!

Thanks for letting us know,

Thanks for letting us know, bee! I'm uploading some new Linux TBBs tonight.

arrrg! Please don't feed the

arrrg!

Please don't feed the trolls. If bee was helpful that's fine, but please don't make it seem like he was very helpful or it will never go away!

The only troll I'm seeing

The only troll I'm seeing around here offering nothing of worth is you. Please, go away yourself.

Maybe so, but bee has to go,

Maybe so, but bee has to go, I for one think you are bee, I think bee posts the way normal freaking people post when he wants to pretend he's someone else.

P.S. would you also say the same to Mike Perry who has also had it with bee? Or to any other devs who also seem to have had it with bee? Bee is a troll, plain and simple.

Relax, man. Bee != troll.

Hi erinn!!!!! You're

Hi erinn!!!!! You're welcome!!!!!! I'm glad it was useful information!!!!!! And, i'm happy you're so nice and polite!!!!!!!!!!! (i couldn't say the same for somebody else!!!!) Thank you!!!

bye!!!!!!!!!
~bee!!!!!

the latest version of

the latest version of firefox is now 3.6.6.
i do realise that it takes time to implement the updates into your framework.
but these days browser vulnerabilities are becoming "weaponised" by hackers quicker and quicker after their discovery, coupled with the fact that malicious exit nodes can tamper with the data you receive in your browser, i would think having the latest, most secure version of firefox in the tor browser bundle would be a very high priority.

What attacks exist in

What attacks exist in 3.5.10?

Even with 3.6.6, your security risks are unlikely to change.

Your anonymity risks change drastically if we haven't had time to analyze the firefox source and adapt.

feel free to help our half-a-person working on torbutton to keep up with the firefox changes.

What I wanted to aks, if I

What I wanted to aks, if I download a file, lets say, pdf file, using right click and 'save link as' in Tor browser, does they have my IP then? Or it goes through onion chain of people?

It goes through tor. But

It goes through tor. But beware that Adobe PDF reader allows PDF javascript to run, which can connect back to a server directly and skip your proxy settings, thus de-anonymizing you.

Is this an issue with Foxit

Is this an issue with Foxit PDF reader too?

Hi!!!!!! I never heard of

Hi!!!!!!

I never heard of that application, it seems to work only in WINDOWS!!!!!

Well, whatever, i discovered this way to view PDF files safely everywhere!!!

You need to download GIMP!! It's a very powerful images editor, maybe you've already got it installed!!! It's free and open source, it works even in Windows!!!!(this is why this system works everywhere!!!) Download it from: http://www.gimp.org/downloads/ !!!!!!!!!!
You've to install it and run it once, so it'll create the configuration folder in your user directory!!!! You've to go in "EDIT->PREFERENCES" and set "Size of thumbnails" to "No thumbnails"!!! Click "OK" and close GIMP!!!!
Now, you've to download this script: http://flashingtwelve.brickfilms.com/GIMP/Scripts/sg-save-all-layers.scm and move it in the scripts folder of GIMP!!! It's "/home/$USERNAME/.gimp-2.6/scripts" in Linux, or the manual says "C:\Documents and Settings\$USERNAME\.gimp-2.6\scripts" in Windows, it's probably "C:\Documents and Settings\Administrator\.gimp-2.6\scripts" for the most!!!!!!!!
Now, you can open GIMP again!!!!!!! You could use the menu "FILE->OPEN..." to choose the PDF file you want to open!!!
When you've done, a dialog window will ask you what pages you want to open, you can click on "SELECT ALL", or enter a range!!!! Ensure to have the option "Open pages as:" set to "LAYERS"!!! and then click on "IMPORT"!!!
Well, what you've to do now, is to save the pages!!!! Use the menu "FILE->SAVE ALL LAYERS..." (it's the item on the bottom, it's the item created by the "sg-save-all-layers.scm" script above!!!).
A dialog window will ask you where to save the files!!!! You you'd better to enter a full path like: "/tmp/frame_~~~~.png" in LINUX, or something like "C:\frame_~~~~.png" in windows!!!!!!! When you've done, click "OK"!!!
I guess, you'll find in "C:" the saved files!!!! They should be named: frame_0001.png, frame_0002.png, frame_0003.png and so on!!!! You can use any image viewer to open them!!!!! i remember they're saved in reverse order, so the last page is "0001"!!! just press "go back" in your image viewer, to look at the next page!!! hahah!!!!!!!!!!!!!!!! this is funny!!!!

bye!!!!!!!!!
~bee!!!!!!

but what can make tor browse

but what can make tor browse again in nigeria? is it the ip, or bridges. or maybe we need to download a newer version i.e 1.3.7? cos other browsers are working fine ecxept tor. or is it the tor server having problem we are tryna blame mtn or those china cracks employed by mtn? no, tor is dead and its gonna rise again. pls help cos my antivirus is almost getting out of date. i need to update and i will never be a cyber cafe slave in my life again. vidalia tor, wetting dey happen? jones.ferrari naija

please is the Linux okey for

please is the Linux okey for those using windows 7. please i need your reply.

Why is tor not connecting

Why is tor not connecting with mtn network in nigeria... using this ip 10.199.212.2 port 8080 http/https why? I have tried using it with all the bridges in the site and the once sent to me by my gmail but nothing to write home about pls tell us because they are charging us heavily in our conutry.. Nigeria...

thats nice, but i wanna ask

thats nice, but i wanna ask if the new update to tor +firefox will make tor still work in nigeria? ferrrari

moderator so lazy. Where

moderator so lazy. Where msgs?

msgs are here. moderator

msgs are here. moderator not lazy.

moderator so lazy. Where

moderator so lazy. Where msgs?

Can I post a tech support

Can I post a tech support question here? I have been having a VERY difficult time getting Tor to work properly on my Windows 7 PC. No matter what I do, even though I see the green onion, i always see the "Sorry. You are not using Tor" page. So I figured that I would try this browser bundle since it appeared to be pretty much idiot proof. I extracted the files and ran the "Start Tor Browser.exe" program. Everything starts fine, green onion, browser starts, and "Sorry. You are not using Tor!" How is this possible? I made NO changes to the bundle software. Can someone please tell me where I should start looking to try to fix this problem?

It's possible, but unlikely,

It's possible, but unlikely, that you've hit a false negative, where the exit node you are using is not in the list of exit relays that check.torproject.org knows about at that time.

Does this still happen everytime you try it?

Yes, every time. The IP

Yes, every time. The IP address that the page shows is indeed my IP.

Just a test, when tor

Just a test, when tor browser starts up, does Firefox show torbutton enabled?

Yes, the button says tor

Yes, the button says tor enabled. I went into the torbutton options and pressed the test settings button. This was the result: Tor proxy test FAILED! Check your proxy and Polipo settings.

I've got it working now.

I've got it working now. Apparently, my flatmate installed another proxy program without telling me. When I disabled this program, the Tor bundle works just fine. Sorry for the trouble and thanks for all your help. =)

Pls I need the new settings

Pls I need the new settings for tor, I have downloaded the latest version, yet, it's not working,pls my E-mail add is martins2552002@yahoo.com. I'll appreciate if I can get the settings as soon as possible

hello

pls i need the latest

pls i need the latest settings for tor that works with mtn.my email is buddy014real@gmail.com..thanks

plz help us we in nigeria

plz help us we in nigeria cannot use tor

pls can any body in the

pls can any body in the house help me with the new settings for tor,this my email address skinpee212@yahoo.com

I download the leaked

I download the leaked documents from wikileaks over the tor bundle. After the half download the circuit breaks and it downloads per direct connection (not over tor)
what the hell is that? this is not good at all

I tested this with the

I tested this with the latest tor browser bundle we ship. It downloaded successfully over tor for me. Do you have a download manager or something?

No, but I had the normal

No, but I had the normal firefox started beside the tor bundle. I use win xp with latest patches.

I can't reproduce it

I can't reproduce it anymore. When I break the circuit manually, the download stops completely. When I had this bug, I could break the circuit and it downloaded further on another. And after a while it connected direct to the server. But Thanks for all your hard work...

I download a document over

I download a document over the bundle. The circuit breaks and it connects Direct to the server (not over the bundle)
This is BS!