After 6 months of development, a significant release of the specialized browser Tor Browser 14.5 has been released, which continues to develop functionality based on the ESR branch of Firefox 128. The browser is focused on ensuring privacy and security, all traffic is redirected only through the Tor network. It is impossible to contact directly through the standard network connection of the current system (if the browser is hacked, attackers can gain access to the system network parameters, so to completely block possible leaks, you should use products such as Whonix). Tor Browser builds are prepared for Linux, Android, Windows and macOS.
For additional protection, the Tor Browser has the "HTTPS Only" setting enabled, which allows traffic encryption on all sites where possible. To reduce the threat of attacks using JavaScript and blocking plugins by default, the NoScript add-on is included. To combat blocking and traffic inspection, fteproxy and obfs4proxy are used. Alternative transports are offered to organize an encrypted communication channel in environments that block any traffic except HTTP.
To protect against user tracking and visitor-specific features, the WebGL, WebGL2, WebAudio, Social, SpeechSynthesis, Touch, AudioContext, HTMLMediaElement, Mediastream, Canvas, SharedWorker, WebAudio, Permissions, MediaDevices.enumerateDevices, and screen APIs are disabled or limited. orientation, and disabled telemetry sending tools, Pocket, Reader View, HTTP Alternative-Services, MozTCPSocket, “link rel=preconnect”, modified libmdns.
In the new version:
- The Android platform version now includes the Connection Assist interface, which was previously only available in Linux, Windows, and macOS builds. The interface allows you to automate the configuration of access to the Tor network based on the specifics of a particular user, without having to manually activate bridge nodes and select alternative transport in case of connection problems. Technically, the new feature is implemented thanks to the use of a common backend for desktop editions and Android.
- The desktop versions now have expanded tools for viewing the operation log, which reflects activity when connecting to Tor, as well as errors or warnings that occur during interaction with the network. The information added to the log does not contain sensitive data, such as websites opened, but can be useful for diagnosing problems. The information in the log window is now more visual and is updated as new entries are received (you no longer need to reopen the log window to update the information).
- The logic of the Connection Assist interface has been modernized, which now makes fewer calls to the moat toolkit, which uses the "domain fronting" technique, when diagnosing connection problems. Added output of warnings about failures when applying changed settings, for example, when changing bridge nodes (previously, the fact of a failure was not shown to the user in any way).
- On Android, shutting down via the Quit menu now performs additional actions to end background processes and clear recently running tasks.
- In the desktop and Android versions, localization for Belarusian, Bulgarian and Portuguese has been added. You can select the language in the settings "Settings > General > Language and Appearance > Language".
Source: opennet.ru
