Recently, Tor Browser was updated with minor version 11.5.5, which is the fifth update of Tor Browser version 11.5 after three months of its release. For users of the dark web, Tor Browser version 11.5 is an important release that brings many new features and even more claims to help users fight Internet censorship more easily.
The Tor Browser was created specifically for accessing websites through the Onion Routing (Tor) network, providing users with anonymity and privacy when accessing the information on the Internet.
The Tor network does this by routing traffic through nodes on the network and encrypting it at each step, with connections reaching their destination through exit nodes, which are used to relay information back to the user.
Tor Browser 11.5 releases in various versions are scheduled for
- July 7, 2022: Tor Browser 11.5
- July 16, 2022: Tor Browser 11.5.1
- August 23, 2022: Tor Browser 11.5.2
- August 29, 2022: Tor Browser 11.5.3
- October 11, 2022: Tor Browser 11.5.4
- October 20, 2022: Tor Browser 11.5.5
Automatic Censorship Detection and Circumvention
Updates to Tor Browser version 11.5 focus on censorship circumvention, a process that began a year ago with version 10.5 and was designed to improve the Tor connection experience.
In this new version, users no longer need to manually attempt a bridge configuration to unblock (block) against the Tor Browser.
Tor Browser version 11.5 comes with a new feature called Connection Assist, which automatically assigns a bridge configuration that is known to best suit the user's location.
The Tor Project release explains, "Connection Assist works by finding and downloading the latest list of country/region specific options to try to use for your location (with your consent)."
"It can successfully do this without the need to connect to the Tor network first. This is achieved by using a moat, the same domain prefix tool that Tor Browser uses to request a bridge to torproject.org."
While Connection Assist has reached its first stable release milestone, this is only version 1.0 and the Tor team welcomes user feedback and reports that will help them resolve any issues that exist and improve the system.
Redesigned Tor Network Settings
Version 11.5 of the Tor Browser has made significant improvements to the Network Settings menu. Tor Network Settings is now called Connection settings, which should make it easier to find and understand specific settings.
The user's last known connection status can now be found at the top of the tab, including the option to test the Internet connection without Tor using a moat.
Most notably, the bridge configuration and connection options have been redesigned for quick and easy checking and management.
Using emojis on saved bridges, the new interface provides visualization of the configuration for the first time, making it easy to identify the correct bridge and select it when needed.
In the past, bridges were virtually invisible, even when configured. Now, user-saved bridges appear in a convenient pile of bridge cards - including the new option to share bridges.
HTTPS enabled by default
HTTPS is now virtually ubiquitous, with all major web browsers natively supporting automatic upgrades to HTTPS. Firefox (the underlying browser on which the Tor Browser is based) calls this feature HTTPS-Only Mode.
Another important new feature in Tor Browser version 11.5 is the setting of "HTTPS-Only Mode" as the default browsing mode to allow connections through secure tunnels.
This ensures that all data exchange between the user and the server hosting the site is encrypted to prevent man-in-the-middle (MitM) attacks and to protect users from SSL stripping for malicious exit relays.
The Tor team assures users that SecureDrop will continue to work as expected despite the HTTPS-Everywhere extension, which acts as an onion name interpreter, being deprecated and replaced.
As for the Android version of the Tor browser, HTTPS-Only mode has also been enabled by default in Tor's Android browser as of the 11.5.4 update.
At the time of the 11.5 release, Tor's development team acknowledged the sluggishness of Android updates and promised to do more work on Android, release updates more frequently and regularly, fix the many bugs that had accumulated, and catch up with the Fenix (the Android version of Firefox) version.
Improved font support
One of Tor Browser's many fingerprinting defenses includes protection against font enumeration - an adversary can fingerprint the user using fonts installed on the system. To address this issue, Tor Browser comes with a standardized font package to replace the fonts installed on the user's system. However, there were some problems, with some writing scripts not rendering correctly and others not having fonts available in the Tor Browser at all.
To address this issue and to expand the number of writing systems supported by the Tor Browser, the Tor Project has bundled more fonts from the Noto family in this release, but also to find a balance between the number of fonts supported by the Tor Browser without overly increasing the size of the installer.
Some issues fixed by the version update
- Bridge cards aren't displaying, and toggle themselves off (11.5.1)
- "Continue to HTTP Site" button doesn't work on IP addresses (11.5.1)
- Tor Browser has two default bridges that share a fingerprint, and Tor ignores one (11.5.2)
- Backport Firefox 105 Android security fixes to 102.3-based Tor Browser (11.5.4)
- Enable uTLS and use the full bridge line for snowflake (11.5.5)
- Update meek default bridge (11.5.5)
You can download the latest Tor Browser from the official Tor website (https://www.torproject.org/download/).