A significant release of the specialized browser Tor Browser 11.0 has been formed, in which the transition to the ESR branch of Firefox 91 has been made. The browser is focused on ensuring anonymity, security and privacy, all traffic is redirected only through the Tor network. It is impossible to contact directly through the regular network connection of the current system, which does not allow tracking the real IP address of the user (in the case of a browser hack, attackers can access the system network settings, so products such as Whonix should be used to completely block possible leaks). Tor Browser builds are prepared for Linux, Windows and macOS. The formation of a new version for Android is delayed.
For additional security, Tor Browser includes the HTTPS Everywhere add-on, which allows you to use traffic encryption on all sites where possible. To mitigate the threat of JavaScript attacks and plugin blocking by default, the NoScript add-on is included. To combat blocking and traffic inspection, fteproxy and obfs4proxy are used.
To organize an encrypted communication channel in environments that block any traffic other than HTTP, alternative transports are proposed, which, for example, allow you to bypass attempts to block Tor in China. The WebGL, WebGL2, WebAudio, Social, SpeechSynthesis, Touch, AudioContext, HTMLMediaElement, Mediastream, Canvas, SharedWorker, WebAudio, Permissions, MediaDevices.enumerateDevices, and screen APIs are disabled or restricted to protect against tracking user movement and highlighting visitor-specific features. orientation, as well as the means of sending telemetry, Pocket, Reader View, HTTP Alternative-Services, MozTCPSocket, "link rel=preconnect", modified libmdns.
In the new version:
- Migration to the Firefox 91 ESR codebase and the new tor 0.4.6.8 stable branch has been made.
- The user interface reflects the significant design changes proposed in Firefox 89. Updated icon icons, unified the style of various elements, redesigned the color palette, redesigned the tab bar, restructured the menu, removed the ββ¦β menu built into the address bar, changed the design of information panels, and modal dialogs with warnings, confirmations and requests.
Of the interface changes specific to Tor Browser, the design of the screen for connecting to the Tor network, the display of selected chains of nodes, the interface for choosing a security level, and pages with errors when processing onion connections are noted. The "about:torconnect" page has been redesigned.
- A new TorSettings module has been implemented, which contains the functionality responsible for changing specific Tor Browser settings in the configurator (about:preferences#tor).
- Support for old onion services based on the second version of the protocol, which was deprecated a year and a half ago, has been discontinued. When trying to open an old 16-character onion address, the error βInvalid Onion Site Addressβ will now be displayed. The second version of the protocol was developed about 16 years ago and, due to the use of outdated algorithms, cannot be considered safe in modern conditions. Two and a half years ago, in release 0.3.2.9, users were offered the third version of the protocol for onion services, notable for the transition to 56-character addresses, more reliable protection against data leaks through directory servers, an extensible modular structure and the use of SHA3, ed25519 and curve25519 algorithms instead of SHA1, DH and RSA-1024.
Source: opennet.ru