After 8 months of development, a major release of the specialized browser Tor Browser 11.5 has just been presented, which continues to develop features based on the Firefox 91 ESR branch.
For those who are unaware of this browser, they should know that is focused on providing anonymity, security and privacy, all traffic is routed through the Tor network only. It is impossible to contact directly through the regular network connection of the current system, which does not allow the user's real IP to be traced.
For added security, Tor Browser comes with an HTTPS Everywhere plugin that allows you to use traffic encryption on all sites where possible. To mitigate the threat of JavaScript attacks and block plugins by default, the NoScript plugin is included. To combat traffic blocking and inspection, fteproxy and obfs4proxy are used.
Main news of Tor Browser 11.5
In this new version it is highlighted that added Connection Assist interface to automate configuration of bypass blocking access to the Tor network. Previously, in the case of traffic censorship, the user had to manually obtain and activate the bridge nodes in the configuration. In the new version, lock bypass is configured automatically, without manually changing the settings; in case of connection problems, the blocking functions in different countries are taken into account and the best way to bypass them is selected. Depending on the user's location, a set of settings is loaded prepared for your country, a functional alternative transport is selected and a connection is established via bridge nodes.
To load the list of bridge nodes, moat is used, which uses the «domain fronting» technique, the essence of which is to access HTTPS with a fictitious host specified in the SNI and the actual transmission of the name of the requested host in the HTTP header of the host within the TLS session (for example, delivery networks can be used as content to avoid the lock).
Another change that stands out is that the layout of the configurator section has been changed with the configuration of the parameters of the Tor network. The changes are intended to simplify the manual configuration of bypass locks in the configurator, which may be necessary in case of problems with the automatic connection.
It is also mentioned that the Tor configuration section was renamed to “Connection Settings”, At the top of the settings tab, the current status of the connection is displayed and a button is provided to check if the direct connection (not via Tor) is working, allowing you to diagnose the source of problems. Connection.
Changed the design of the information cards with bridge node data, with which you can save working bridges and share them with other users. In addition to the buttons to copy and send the bridge node map, a QR code has been added that can be scanned in the Android version of Tor Browser.
If there are multiple maps saved, they are grouped into a compact list, whose elements expand when clicked. The bridge in use is marked with a “✔ Connected” icon. For a visual separation of the parameters of the bridges, “emoji” images are used. Removed long list of fields and options for bridge nodes, moved available methods to add a new bridge to a separate block.
In addition to this, it is also noted that the main structure includes documentation from the tb-manual.torproject.org site, to which there are links from the configurator. Thus, in case of connection problems, the documentation is now available offline.
Of the other changes that stand out from this new version:
- The documentation can also be viewed via the “Application Menu > Help > Tor Browser Manual” menu and the “about:manual” service page.
- By default, HTTPS Only mode is enabled, in which all requests made without encryption are automatically redirected to secure page options
- Improved font support. To protect against system identification when listing available sources, Tor Browser ships with a fixed set of sources and access to system sources is blocked.
Finally if you are interested in knowing more about it, you can check the details in the following link