Tor Browser 9.5 is out with major usability improvements

[Karlston]

Tor Browser 9.5 is out with major usability improvements

Tor Browser 9.5 has been released on June 3, 2020. The new version of the web browser includes security updates and several usability improvements.

 

Tor Browser 9.5 can be downloaded from the official download page; the Android version is available on Google Play already and should arrive soon on F-Droid as well.

 

Tor Browser is based on Firefox ESR, and as such, incorporates security updates whenever they are made available by Mozilla. The new release focuses on usability improvements, or, as the team behind the browser puts it, "on helping users understand onion services".

Websites can announce onion support

 

Websites may add information about onion support to HTTP headers to announce that the site is accessible via the network. Users may use the information to connect to the site using the onion service.

 

A click on "always prioritize onions" makes connections via the onion network the default choice so that Tor Browser will connect to sites that support it automatically (provided they reveal the info).

 

 

Tor users may change the setting in the options by loading about:preferences#privacy in the web browser's address bar. There they may switch between "always" and "ask every time" under onion services.

Error pages for Onion Services

Previous versions of Tor Browser displayed Firefox's error pages when a site could not be loaded or other errors occurred in the browser. Tor Browser 9.5 comes with Tor-specific error pages that better highlight why something did not work correctly, e.g. why an onion address could not be loaded in the browser instead of just displaying that the site could not be reached.

 

Onion names

 

 

Just like IP addresses, onion addresses are not easily memorable for the majority of users. Imagine having to remember a -- rather short -- onion address such as http://expyuzz4wqqyqhjn.onion/index.html.

 

The introduction of Onion names changes that for the better and works similar to how DNS works. Instead of having to load http://xpxduj55x2j27l2qytu2tcetykyfxbjbafin3x4i3ywddzphkbrd3jyd.onion/, you can now load http://theintercept.securedrop.tor.onion/ instead.

 

Onion names are currently being tested and evaluated, and only a small number of sites has been selected for participation in the test. It is very likely that support will become available publicly at one point in time, and that means that any onion site may use these easier to read and remember names.

Security Indicators in the URL Bar have changed

 

Major browsers like Firefox or Chrome have changed security indicators in the address bar in recent time. The main idea was to shift from a "this site is secure" announcement to a system that focuses on revealing to users if a site is not secure.

 

Tor Browser uses a similar system. Secure sites are shown with a gray onion icon, insecure sites have a red slash that indicates that the site is not secure to the user.

Onion authentication

The final change adds an option layer of security to the interaction between sites and Tor users. Sites need to configure the extra layer  by setting a pair of keys for authentication. Tor clients need to provide an authentication credential to connect to the site.

 

It uses a public - private key system. Tor users may manage keys on the privacy settings page: about:preferences#privacy.

 

 

Tor Browser 9.5 is out with major usability improvements

 

[ Frontpaged here... Tor Browser 9.5 ]