Support all your favorite nonprofits with a single donation.

Donate safely, anonymously & monthly, in any amount. It's a smarter way to give online. Learn more
The Tor Project
Dedham, MA
givvers: emerssso + 4 others

Tor is free software and an open network that helps you defend against a form of network surveillance that threatens personal freedom and privacy, confidential business activities and relationships, and state security known as traffic analysis.

The Tor Project is a 501(c)3 organization.

Latest News

Jun 23, 2016

Georg Koppen is a longtime Tor browser developer. He and Tor developer Mike Perry worked to integrate Selfrando into Tor browser.

Tell us about Selfrando, the new code being tested for Tor Browser.

Selfrando randomizes Tor browser code to ensure that an attacker doesn't know where the code is on your computer. This makes it much harder for someone to construct a reliable attack--and harder for them to use a flaw in your Tor Browser to de-anonymize you. 

How were you and Tor's Mike Perry involved in the project?  

We mainly worked on integrating Selfrando in Tor Browser where needed and tested it as well as we could. We closely read the paper and helped to improve it. The bulk of the work was done by the other researchers. These are Mauro Conti, Stephen Crane, Tommaso Frassetto, Andrei Homescu, Per Larsen, Christopher Liebchen, and Ahmad-Reza Sadeghi.

Can you talk about Tor's relationship with the research community?

Tor relies on the research community to ethically investigate unsolved issues with Tor software. We work closely with research groups in the anonymity space, the security space, in privacy research, etc. 

Tor is the focus of many researchers. We have rigorous documentation and open, transparent development processes. We also have a working product, Tor Browser, that easily reaches 1 to 2 million users, with testing channels where one can try new defenses first and refine them as needed, as we are doing with the Selfrando project. 

When will Selfrando be available for ordinary Tor users (in the stable version)?

The first thing to note here is that Selfrando is currently only available for a fraction of our users; those who have a 64-bit Linux systems. The Selfrando folks are working on a version for Windows which is not yet ready. 

I think that Tor browser version 6.5 might be a bit too early for a stable release. However, if user testing shows this is okay, Selfrando will make it in. A more conservative approach is pointing to Tor browser version 7.0.

That’s a pretty long time from now (next Spring!) How can people help Tor speed it up?

We need more users testing things--more experienced people trying out our nightly/alpha builds. 

Selfrando's development is good so far and the browser integration work has not been so tricky; the main problem is being confident enough that it does not break some random user setups while everything is fine and working on our testing machines.

Specifically, we need more experienced people running Linux 64-bit operating systems to download and try our hardened nightly builds. They can download the latest hardened nightly build and look for the latest "nightly-hardened" build in general at https://people.torproject.org/~linus/builds/. Obviously, these are test versions of the Tor Browser--we're trying to look for bugs.

Will there will be future collaborations with these researchers?

To port Selfrando to Windows and OSX and make it available to our users, yes!

How do you feel about the fact that the research community is teaming up with Tor to strengthen Tor browser against attacks?

I think this is great as it gives us another valuable ally to make our users safer. And in the longer run, all other users with "normal" browsers could benefit from that, too.

______________________________________________________________

The researchers behind Selfrando will present their project in July at the Privacy Enhancing Technologies Symposium in Darmstadt, Germany.

An advance copy of their research paper is available here.

Selfrando is available for use in other open-source projects on Github.

Jun 22, 2016

Good news for data enthusiasts who trust numbers more than words: The Tor Project has just received an award from Mozilla's Open Source Support program to improve Tor metrics over the next 12 months.

While some analytics programs collect data in ways that violate the privacy of users, Tor's metrics program seeks to keep users safe as we collect and analyze data. We use the data to develop ways to allow more people to access the free Internet via Tor, and we make all data available to the world, so that Tor users, developers, journalists, and funders can see and understand the ways that people use Tor worldwide.

Mozilla's mission is to ensure the Internet is a global public resource, open and accessible to all. Mozilla Open Source Support (MOSS) is an awards program specifically focused on supporting the Open Source and Free Software movement. Their Mission Partners track is open to any open source/free software project undertaking an activity which significantly furthers Mozilla's mission.

Over the coming year, our main goals for this project will be:

1. To make CollecTor (our primary data collection service) more resilient to single-point failures, by enabling multiple CollecTor instances to gather data independently and exchange it in an automated fashion. Doing this will reduce the number of gaps in our data, and make it less likely that an error at one server will make the data invalid.

2. To create an easy-to-use observation kit containing DescripTor (our library for parsing and analyzing Tor servers' descriptions of themselves) together with user-friendly tutorials for evaluating Tor network data. This will make it easier for programmers to write tools that examine historical and current data about the servers that make up the Tor network.

3. To set up more instances of the network status service Onionoo to improve its availability, and work on the most pressing usability issues of the Atlas network status service;

4. To further reduce the amount of sensitive usage data (such as bandwidth totals and connections-per-country) stored on Tor relays and reported to the Tor directory authorities. While we believe that this data is safe the way we handle it today, we believe that improved cryptographic and statistical techniques would allow us to store and share even less data.

5. To improve the accuracy of performance measurements by developing better methods and tools to analyze and simulate average user behavior;

6. To make the Tor Metrics website more usable, so that users, developers, and researchers can more easily find, compare, and interpret information about Tor's usage and performance.

We're excited about this news for a great many reasons.

First, it is one more important step in diversifying Tor's funding.

Second, while the project focuses on improving six important aspects of Tor metrics, it also aims at more general improvements to make Tor metrics software more stable, scalable, maintainable, and usable. These improvements are typically harder to "sell" in funding proposals because their results are less visible to funders. It's reassuring that Mozilla understands that these improvements are important, too.

Third, this award is the first one awarded to Tor's young metrics team, only established 12 months ago in June, 2015. It's an appreciation of the initial work done by the metrics team and a very good basis for the upcoming 12 months.

Writing the award proposal was a successful cooperation of a number of Tor people: it would simply not have happened without Isabela, who made contact with Mozilla people; it would not have been readable without Cass's remarkable ability to translate from tech to English; it would not have contained as many good reasons for getting accepted without iwakeh's invaluable input; and it would not have been accepted without Shari's efforts in asking a leading security expert to write an endorsement of our award request. Finally, this blog post would certainly not have been as readable without Kate's and Nick's editorial capabilities. And now let's go write some code.

Jun 21, 2016

Tor Browser 6.0.2 is now available from the Tor Browser Project page and also from our distribution directory.

Tor Browser 6.0.2 is a fixup release to address the most pressing issues we found after switching to Firefox 45.2.0esr.

In particular, we resolved a possible crash bug visible e.g. on Faceboook or mega.nz and we fixed the broken PDF download button in the PDF reader.

Note: In version 6.0 we started code signing the OS X bundle for Gatekeeper support. A side effect of this signature is that it makes it harder to compare the bundles we ship with the bundles produced using reproducible builds, therefore we plan to post instructions for removing the OS X code signing parts on our website soon. An other effect is that the incremental update will not be working for users who installed the previous version using the .dmg file, due to bug 19410. The internal updater should still work, though, doing a complete update.

Update (June 23, 12:38 UTC): We have still some users that report crashes on Facebook and mega.nz. We suspect this happens because those users are not using Tor Browser in its default configuration but have left the Private Browsing Mode. There are at least two workarounds for this: 1) Using a clean new Tor Browser 6.0.2 (including a new profile) solves the problem. 2) As files cached by those websites in the Tor Browser profile are causing the crashes, deleting them helps as well. See bug 19400 for more details in this regard.

Here is the full changelog since 6.0.1:

  • All Platforms
    • Update Torbutton to 1.9.5.5
    • Bug 19401: Fix broken PDF download button
    • Bug 19411: Don't show update icon if a partial update failed
    • Bug 19400: Back out GCC bug workaround to avoid asmjs crash
  • Windows
    • Bug 19348: Adapt to more than one build target on Windows (fixes updates)
  • Linux
    • Bug 19276: Disable Xrender due to possible performance regressions

Jun 21, 2016

Today and tomorrow, the Electronic Frontier Foundation is partnering with the Tor Project and a broad coalition of groups for a Worldwide Day of Action protesting changes to Rule 41 of the US Federal Rules of Criminal Procedure. These changes will allow federal magistrate judges to grant search warrants to the Department of Justice (including the FBI) to legally hack into computing devices that use Tor or a VPN—-wherever the devices are--starting on December 1, 2016. EFF has organized a coalition of organizations and companies—from Fight for the Future to PayPal—to oppose these rules—but this is an uphill climb, and we need your help.

The broad search warrants allowable under these new rules will apply to people using Tor in any country—even if they are journalists, members of a legislature, or human rights activists. They will allow the FBI to hack into a person’s computer or phone remotely and search through and remove their data.

There are already examples of the FBI using one warrant to gain access to thousands of computers, and US Senator Ron Wyden has said that "Under the proposed rules, the government would now be able to obtain a single warrant to access and search thousands or millions of computers at once."

This pattern of abuse will only be exacerbated by more judges issuing these hacking warrants. The warrants must still be part of a criminal investigation and issued by a judge, but we're deeply concerned about the dramatic rise in government hacking this rule change is likely to cause.

The purpose of tomorrow’s Worldwide Day of Action is to educate people and mobilize them to act--either by signing a petition or emailing US Congress (depending on where they live). Then, members of US Congress will use this public pressure to try to pass the “Stop Mass Hacking Act” (#SMHAct), draft legislation that would block these rule changes.

Senator Wyden (D-OR) and a bipartisan group of members of Congress
are sponsoring this bill. They are deeply troubled that such sweeping infringement on personal privacy is happening through a seemingly trivial rule change.

Already, many Tor users can view the campaign banner on the Tor website and click through to sign the petition or contact US Congress. A special campaign website (NoGlobalWarrants.org) will launch starting at about 9:30 am UTC Tuesday. If the banner isn’t working for you, go directly to NoGlobalWarrants.org after that time.

Please sign the petition or contact Congress, and then tweet and retweet about this situation--all day if you can. Email your lists. Tell your friends. Tweet photos of yourself (or your cat) with a handwritten sign.

Do whatever you think will help get people to act.

Jun 15, 2016

Tor 0.2.8.4-rc has been released! You can download the source from the Tor website. Packages should be available over the next week or so.

Tor 0.2.8.4-rc is the first release candidate in the Tor 0.2.8 series. If we find no new bugs or regressions here, the first stable 0.2.8 release will be identical to it. It has a few small bugfixes against previous versions.

PLEASE NOTE: This is a release candidate. We think that we solved all
of the showstopper bugs, but crucial bugs may remain. Please only run
this release if you're willing to test and find bugs. If no
showstopper bugs are found, we'll be putting out 0.2.8.5 as a stable
release.

Changes in version 0.2.8.4-rc - 2016-06-15

  • Major bugfixes (user interface):
    • Correctly give a warning in the cases where a relay is specified by nickname, and one such relay is found, but it is not officially Named. Fixes bug 19203; bugfix on 0.2.3.1-alpha.
  • Minor features (build):
    • Tor now builds once again with the recent OpenSSL 1.1 development branch (tested against 1.1.0-pre5 and 1.1.0-pre6-dev).

 

  • Minor features (geoip):
    • Update geoip and geoip6 to the June 7 2016 Maxmind GeoLite2 Country database.
  • Minor bugfixes (compilation):
    • Cause the unit tests to compile correctly on mingw64 versions that lack sscanf. Fixes bug 19213; bugfix on 0.2.7.1-alpha.
  • Minor bugfixes (downloading):
    • Predict more correctly whether we'll be downloading over HTTP when we determine the maximum length of a URL. This should avoid a "BUG" warning about the Squid HTTP proxy and its URL limits. Fixes bug 19191.

Jun 07, 2016

A new hardened Tor Browser release is available. It can be found in the 6.5a1-hardened distribution directory and on the download page for hardened builds.

This release features important security updates to Firefox.

Tor Browser 6.5a1-hardened is the first hardened release in our 6.5 series. It updates Firefox to 45.2.0esr and contains all the improvements that went into Tor Browser 6.0. Compared to that there are additional noteworthy things that went into this alpha release: we bumped the Tor version to 0.2.8.3-alpha and backported additional security features: exploiting the JIT compiler got made harder and support for SHA1 HPKP pins got removed.

On the infrastructure side, we are now using fastly to deliver the update files. We thank them for their support.

Note: There is no incremental update from 6.0a5-hardened available due to bug 17858. The internal updater should work, though, doing a complete update.

Here is the complete changelog since 6.0a5-hardened:

  • All Platforms
    • Update Firefox to 45.2.0esr
    • Update Tor to 0.2.8.3-alpha
    • Update Torbutton to 1.9.6
      • Bug 18743: Pref to hide 'Sign in to Sync' button in hamburger menu
      • Bug 18905: Hide unusable items from help menu
      • Bug 17599: Provide shortcuts for New Identity and New Circuit
      • Bug 18980: Remove obsolete toolbar button code
      • Bug 18238: Remove unused Torbutton code and strings
      • Translation updates
      • Code clean-up
    • Update Tor Launcher to 0.2.8.5
      • Bug 18947: Tor Browser is not starting on OS X if put into /Applications
    • Update HTTPS-Everywhere to 5.1.9
    • Update meek to 0.22 (tag 0.22-18371-3)
    • Bug 19121: The update.xml hash should get checked during update
    • Bug 12523: Mark JIT pages as non-writable
    • Bug 19193: Reduce timing precision for AudioContext, HTMLMediaElement, and MediaStream
    • Bug 19164: Remove support for SHA-1 HPKP pins
    • Bug 19186: KeyboardEvents are only rounding to 100ms
    • Bug 18884: Don't build the loop extension
    • Bug 19187: Backport fix for crash related to popup menus
    • Bug 19212: Fix crash related to network panel in developer tools
    • Bug 18703: Fix circuit isolation issues on Page Info dialog
    • Bug 19115: Tor Browser should not fall back to Bing as its search engine
    • Bug 18915+19065: Use our search plugins in localized builds
    • Bug 19176: Zip our language packs deterministically
    • Bug 18811: Fix first-party isolation for blobs URLs in Workers
    • Bug 18950: Disable or audit Reader View
    • Bug 18886: Remove Pocket
    • Bug 18619: Tor Browser reports "InvalidStateError" in browser console
    • Bug 18945: Disable monitoring the connected state of Tor Browser users
    • Bug 18855: Don't show error after add-on directory clean-up
    • Bug 18885: Disable the option of logging TLS/SSL key material
    • Bug 18770: SVGs should not show up on Page Info dialog when disabled
    • Bug 18958: Spoof screen.orientation values
    • Bug 19047: Disable Heartbeat prompts
    • Bug 18914: Use English-only label in <isindex/> tags
    • Bug 18996: Investigate server logging in esr45-based Tor Browser
    • Bug 17790: Add unit tests for keyboard fingerprinting defenses
    • Bug 18995: Regression test to ensure CacheStorage is disabled
    • Bug 18912: Add automated tests for updater cert pinning
    • Bug 16728: Add test cases for favicon isolation
    • Bug 18976: Remove some FTE bridges
  • Linux
    • Bug 19189: Backport for working around a linker (gold) bug
  • Build System
    • All PLatforms
      • Bug 18333: Upgrade Go to 1.6.2
      • Bug 18919: Remove unused keys and unused dependencies
      • Bug 18291: Remove some uses of libfaketime
      • Bug 18845: Make zip and tar helpers generate reproducible archives

Jun 07, 2016

A new alpha Tor Browser release is available for download in the 6.5a1 distribution directory and on the alpha download page.

This release features important security updates to Firefox.

Tor Browser 6.5a1 is the first release in our 6.5 series. It updates Firefox to 45.2.0esr and contains all the improvements that went into Tor Browser 6.0. Compared to that there are additional noteworthy things that went into this alpha release: we bumped the Tor version to 0.2.8.3-alpha and backported additional security features: exploiting the JIT compiler got made harder and support for SHA1 HPKP pins got removed.

On the infrastructure side, we are now using fastly to deliver the update files. We thank them for their support.

Here is the complete changelog since 6.0a5:

  • All Platforms
    • Update Firefox to 45.2.0esr
    • Update Tor to 0.2.8.3-alpha
    • Update Torbutton to 1.9.6
      • Bug 18743: Pref to hide 'Sign in to Sync' button in hamburger menu
      • Bug 18905: Hide unusable items from help menu
      • Bug 17599: Provide shortcuts for New Identity and New Circuit
      • Bug 18980: Remove obsolete toolbar button code
      • Bug 18238: Remove unused Torbutton code and strings
      • Translation updates
      • Code clean-up
    • Update Tor Launcher to 0.2.9.3
      • Bug 18947: Tor Browser is not starting on OS X if put into /Applications
    • Update HTTPS-Everywhere to 5.1.9
    • Update meek to 0.22 (tag 0.22-18371-3)
      • Bug 18904: Mac OS: meek-http-helper profile not updated
    • Bug 19121: The update.xml hash should get checked during update
    • Bug 12523: Mark JIT pages as non-writable
    • Bug 19193: Reduce timing precision for AudioContext, HTMLMediaElement, and MediaStream
    • Bug 19164: Remove support for SHA-1 HPKP pins
    • Bug 19186: KeyboardEvents are only rounding to 100ms
    • Bug 18884: Don't build the loop extension
    • Bug 19187: Backport fix for crash related to popup menus
    • Bug 19212: Fix crash related to network panel in developer tools
    • Bug 18703: Fix circuit isolation issues on Page Info dialog
    • Bug 19115: Tor Browser should not fall back to Bing as its search engine
    • Bug 18915+19065: Use our search plugins in localized builds
    • Bug 19176: Zip our language packs deterministically
    • Bug 18811: Fix first-party isolation for blobs URLs in Workers
    • Bug 18950: Disable or audit Reader View
    • Bug 18886: Remove Pocket
    • Bug 18619: Tor Browser reports "InvalidStateError" in browser console
    • Bug 18945: Disable monitoring the connected state of Tor Browser users
    • Bug 18855: Don't show error after add-on directory clean-up
    • Bug 18885: Disable the option of logging TLS/SSL key material
    • Bug 18770: SVGs should not show up on Page Info dialog when disabled
    • Bug 18958: Spoof screen.orientation values
    • Bug 19047: Disable Heartbeat prompts
    • Bug 18914: Use English-only label in <isindex/> tags
    • Bug 18996: Investigate server logging in esr45-based Tor Browser
    • Bug 17790: Add unit tests for keyboard fingerprinting defenses
    • Bug 18995: Regression test to ensure CacheStorage is disabled
    • Bug 18912: Add automated tests for updater cert pinning
    • Bug 16728: Add test cases for favicon isolation
    • Bug 18976: Remove some FTE bridges
  • OS X
    • Bug 18951: HTTPS-E is missing after update
    • Bug 18904: meek-http-helper profile not updated
    • Bug 18928: Upgrade is not smooth (requires another restart)
  • Linux
    • Bug 19189: Backport for working around a linker (gold) bug
  • Build System
    • All PLatforms
      • Bug 18333: Upgrade Go to 1.6.2
      • Bug 18919: Remove unused keys and unused dependencies
      • Bug 18291: Remove some uses of libfaketime
      • Bug 18845: Make zip and tar helpers generate reproducible archives

Jun 07, 2016

Tor Browser 6.0.1 is now available from the Tor Browser Project page and also from our distribution directory.

This release features important security updates to Firefox.

Tor Browser 6.0.1 is the first point release in our 6.0 series. It updates Firefox to 45.2.0esr, contains fixes for two crash bugs and does not ship the loop extension anymore.

Update (June, 8, 12:28 UTC): We just found out that our incremental updates for Windows users were not working. After a short investigation this issue could get resolved and incremental updates are working again. One of the unfortunate side effects of this bug was that all users upgrading from 6.0 got the English 6.0.1 version. The safest way to get a properly localized Tor Browser again is to download it from our homepage. We are sorry for any inconvenience due to this.

Update 2 (June, 10, 9:17 UTC): Linux users that hit serious performance regressions with Tor Browser 6.x might want to try setting gfx.xrender.enabled to false. For a detailed discussion of this problem see bug 19267.

Update 3 (June, 10, 9:22 UTC): We plan to post instructions for removing the OS X code signing parts on our website soon. This should make it easier to compare the OS X bundles we build with the actual bundles we ship.

Update 4 (June, 15, 8:34 UTC): There are a number of users reporting crashes on mega.nz and Facebook. We are still investigating this bug and are working on a fix. Meanwhile there are at least two ways to avoid those crashes: 1) Using a clean new Tor Browser 6.0.1 (including a new profile) solves the problem. 2) As files cached by those websites in the Tor Browser profile are somehow related to the crashes, deleting them helps as well. See bug 19400 for more details in this regard.

Here is the full changelog since 6.0:

  • All Platforms

    • Update Firefox to 45.2.0esr
    • Bug 18884: Don't build the loop extension
    • Bug 19187: Backport fix for crash related to popup menus
    • Bug 19212: Fix crash related to network panel in developer tools
  • Linux

    • Bug 19189: Backport for working around a linker (gold) bug