Tor is a network of virtual tunnels that allows people and groups to improve their privacy and security on the Internet. It also enables software developers to create new communication tools with built-in privacy features.
How does the Tor Browser keep my internet activity anonymous?
The Tor Browser uses the Tor network, which consists of more than six thousand relays located worldwide, to hide the users’ location and online traffic. This ensures anonymity and avoids your activities from being seen by others.
What is Tor Browser?
The Tor Browser is the flagship product from the Tor Project. The web browser is based on a modified version of Mozilla Firefox ESR that includes extras like the Tor proxy, TorButton, TorLauncher, NoScript, and HTTPS Everywhere extensions.
Who uses the Tor Browser?
With Tor Browser having made Tor more accessible to everyday internet users and activists, Tor was an instrumental tool during the Arab Spring beginning in late 2010. It not only protected people’s identity online but also allowed them to access critical resources, social media, and websites which were blocked.
Individuals use Tor to keep websites from tracking them and their family members, or to connect to news sites, instant messaging services, or the like when these are blocked by their local Internet providers. Tor’s hidden services let users publish web sites and other services without needing to reveal the location of the site. Individuals also use Tor for socially sensitive communication: chat rooms and web forums for rape and abuse survivors, or people with illnesses.
Journalists use Tor to communicate more safely with whistleblowers and dissidents. Non-governmental organizations (NGOs) use Tor to allow their workers to connect to their home website while they’re in a foreign country, without notifying everybody nearby that they’re working with that organization.
Groups such as Indymedia recommend Tor for safeguarding their members’ online privacy and security. Activist groups like the Electronic Frontier Foundation (EFF) recommend Tor as a mechanism for maintaining civil liberties online. Corporations use Tor as a safe way to conduct competitive analysis, and to protect sensitive procurement patterns from eavesdroppers. They also use it to replace traditional VPNs, which reveal the exact amount and timing of communication. Which locations have employees working late? Which locations have employees consulting job-hunting websites? Which research divisions are communicating with the company’s patent lawyers?
A branch of the U.S. Navy uses Tor for open source intelligence gathering, and one of its teams used Tor while deployed in the Middle East recently. Law enforcement uses Tor for visiting or surveilling web sites without leaving government IP addresses in their web logs, and for security during sting operations.
Is Tor better than a VPN?
Tor is not a VPN. Tor is a free browser similar to Chrome or Firefox, but it includes features that encrypt your IP address, making your browsing sessions private. A VPN (Virtual Private Network) is software that can change your IP address when you use any browser installed on your PC. To learn more about VPNs, you can read this article.
What’s New
This release updates Firefox to 102.8, including bug fixes, stability improvements and important security updates. There were no Android-specific security updates to backport from the Firefox 110 release.
We use this opportunity to update various components of Tor Browser as well:
- NoScript 11.4.16
- OpenSSL 1.1.1t
Warning for NoScript users
Customized NoScript settings may be reset by the Tor Browser 12.0.3 upgrade. In order to preserve them, it is advisable to NoScript Options>Export before updating and NoScript Options>Import afterwards.
Credits
We would like to thank all of the community volunteers for their contributions this month! Specifically:
- t-m-w from CalyxOS for their fix for tor-browser#40536
- cypherpunks1 for their fixes for tor-browser#41424, tor-browser#41565, tor-browser#40717, and tor-browser#41578
- trinity-1686a for their fix for tor-browser#41066
- p13dz for their fix for tor-browser#40283
- bentham for heads up on tor-browser#41663
The full changelog since Tor Browser 12.0.2 is:
All Platforms
- Updated Translations
- Updated OpenSSL to 1.1.1t
- Updated NoScript to 11.4.16
- Bug tor-browser#40763: Stop using remote localized files in CFR
- Bug tor-browser#41424: Reduce disk activity by disabling some unnecessary tasks and telemetry
- Bug tor-browser#41565: Gate Telemetry Tasks behind AppConstants.MOZ_TELEMETRY_REPORTING
- Bug tor-browser#41601: Apply Snowflake Remove HelloVerify Countermeasure
Windows + macOS + Linux
- Updated Firefox to 102.8esr
- Bug tor-browser#32274: Bad screen-reader UX for Security Level/Shield button
- Bug tor-browser#41066: Circuit Isolation should take containers into account
- Bug tor-browser#41561: Maximize warning is broken (regression)
- Bug tor-browser#41572: Check for userContextId also in the circuit display
- Bug tor-browser#41588: Use better words for the Tor Network description in the onboarding
Windows
- Bug tor-browser#40717: UX: hide SSO
- Bug tor-browser#41578: Disable and lock Windows SSO
macOS
- Bug tor-browser-build#28124: Show Tor Browser icon as macOS volume (dmg) icon
Android
- Updated GeckoView to 102.8esr
- Bug tor-browser#40283: Can’t upload files with Tor browser on Android
- Bug tor-browser#40536: Proxy Refused if link from other app opens Android TBB
- Bug tor-browser#41616: Backport Android-specific security fixes from Firefox 110 to ESR 102.8-based Tor Browser
Build System
- All Platforms
- Bug tor-browser-build#40723: Update upload-update_responses-to-staticiforme step for new tor-browser-update-responses repository
- Bug tor-browser-build#40747: Remove empty line at the top of sha256sums-unsigned-build.txt
- Bug tor-browser-build#40748: When sha256sums-unsigned-build.txt contains an empty line, tools/dmg2mar prints a warning
- macOS
- Bug tor-browser-build#40744: HFS DMG are not deterministic
- Bug tor-browser-build#40755: libdmg-hfsplus fails to build on debian stable
- Android
- Bug tor-browser-build#40752: Wrong urls in download-android-*.json files