Tor Blog | The Tor Project @blog.torproject.org.web.brid.gy

Tails 7.0~rc1 available for testing We are very excited to present you with a release candidate of the upcoming Tails 7.0. We plan to release Tails 7.0 officially on October 16. You can help us by testing this release candidate already. Tails 7.0 will be the first version of Tails based on Debian 13 (Trixie) and GNOME 48. It will bring new versions of many applications included in Tails. We have tested 7.0~rc1 with the same extensive automatic and manual test suites that we use for regular releases. But, Tails 7.0~rc1 might still contain undiscovered issues. We will provide automatic security upgrades for Tails 7.0~rc1, like we do for regular versions. ## Changes and updates * Replace _GNOME Terminal_ with _GNOME Console_. (#20161) We broke the _Root Terminal_ while working on this change. To open a root terminal, execute the following command in a regular _Console_. sudo -i * Replace _GNOME Image Viewer_ with _GNOME Loupe_ (#20640) * Remove _Kleopatra_ from the Favorites menu. (#21072) To start _Kleopatra_ choose **Apps ▸ Accessories ▸ Kleopatra**. * Remove the obsolete Network Connection option from the Welcome Screen. (#21074) ### Included software * Update the _Tor_ client to 0.4.8.17. * Update _Thunderbird_ to 128.13.0esr. * Update the _Linux_ kernel to 6.1.14. This improves support for newer hardware: graphics, Wi-Fi, and so on. * Update _Electrum_ from 4.3.4 to 4.5.8. * Update _OnionShare_ from 2.6.2 to 2.6.3. * Update _KeePassXC_ from 2.7.4 to 2.7.10. * Update _Kleopatra_ from 4:22.12 to 4:24.12 * Update _Inkscape_ from 1.2.2 to 1.4. * Update _GIMP_ from 2.10.34 to 3.0.4. * Update _Audacity_ from 3.2.4 to 3.7.3. * Update _Text Editor_ from 43.2 to 48.3. * Update _Document Scanner_ from 42.5 to 46.0. ### Removed software * Remove `unar`. (#20946) * Remove `aircrack-ng`. (#21044) * Remove `sq`. (#21042) ## Fixed problems * Fix selecting the correct keyboard for certain languages. (#12638) For more details, read our changelog. ## Known issues * Tails 7.0~rc1 requires 3 GB of RAM instead of 2 GB to run smoothly. (#18040) We estimated that less than 2% of current users will be affected. * Tails 7.0~rc1 takes 35% longer to start. (#21098) We plan to fix this in the final Tails 7.0. For more details, see the list of issues on the 7.0 milestone in GitLab. ## Send your feedback Please, report any new problem to either: * tails-testers@boum.org (public mailing list) * support@tails.net (private email) ## Get Tails 7.0~rc1 #### Direct download * For USB sticks (USB image) OpenPGP signature * For DVDs and virtual machines (ISO image) OpenPGP signature #### BitTorrent download * For USB sticks (USB image) * For DVDs and virtual machines (ISO image) ### To upgrade your Tails USB stick and keep your Persistent Storage You can do a manual upgrade to Tails 7.0~rc1. Automatic upgrades are not available to Tails 7.0~rc1. ### To install Tails 7.0~rc1 on a new USB stick Follow our installation instructions: * Install from Windows * Install from macOS * Install from Linux * Install from Debian or Ubuntu using the command line and GnuPG The Persistent Storage on the USB stick will be lost if you install instead of upgrading. ###### Tails * Home * How Tails works * Install Tails * Documentation * Support * News ###### Support * FAQs * Known issues * Warnings * Security advisories * Accessibility * Upgrade ###### Contribute * Contribute * Report an error * Translate * Source code * GitLab * Donate ###### About us * Contact * Mission and values * Social contract * Sponsors * Code of conduct * License * Jobs ###### News Subscribe to our newsletter Subscribe Tails is made by the Tor Project. ## Support and feedback For support and feedback, visit the Support section on the Tails website. * tails * releases

08.08.2025 18:56 — 👍 0 🔁 0 💬 0 📌 0

Arti 1.4.5 is released: Continued work on xon-based flow control, Conflux. Arti is our ongoing project to create a next-generation Tor client in Rust. We're happy to announce the latest release, Arti 1.4.5. This release of Arti continues our development efforts towards supporting xon-based (proposal 324) flow control and multi-legged tunnels in Arti via our Conflux feature. In addition to the ongoing client feature efforts, the Network Team continues working on the internals of Arti to make it ready for relay and bridge support, but no user-visible changes have occurred in this direction for this release. For full details on what we've done, including API changes, and for information about many more minor and less visible changes, please see the CHANGELOG. For more information on using Arti, see our top-level README, and the documentation for the `arti` binary. Thanks to everybody who's contributed to this release, including Dan Ballard, hashcatHitman, hjrgrn, nield, parazyd, and trinity-1686a. Also, our deep thanks to the Bureau of Democracy, Human Rights and Labor, and our other sponsors for funding the development of Arti! * announcements * releases

06.08.2025 15:01 — 👍 0 🔁 0 💬 0 📌 0

New Release: Tails 6.17 ## Changes and updates * Add a **Show Password** option when setting the screen locking password. * Update the _uBlock Origing_ extension for _Tor Browser_ to 1.62.0. * Update _Tor Browser_ to 14.5.4. ## Fixed problems * Display an empty page instead of the homepage of _Tor Browser_ when opening new tabs in the _Unsafe Browser_. (#21004) * Remove duplicated CPU microcode to reduce image size. (#21001) For more details, read our changelog. ## Get Tails 6.17 ### To upgrade your Tails USB stick and keep your Persistent Storage * Automatic upgrades are available from Tails 6.0 or later to 6.17. * If you cannot do an automatic upgrade or if Tails fails to start after an automatic upgrade, please try to do a manual upgrade. ### To install Tails 6.17 on a new USB stick Follow our installation instructions: * Install from Windows * Install from macOS * Install from Linux * Install from Debian or Ubuntu using the command line and GnuPG The Persistent Storage on the USB stick will be lost if you install instead of upgrading. ### To download only If you don't need installation or upgrade instructions, you can download Tails 6.17 directly: * For USB sticks (USB image) * For DVDs and virtual machines (ISO image) ## Support and feedback For support and feedback, visit the Support section on the Tails website. * tails * releases

06.08.2025 14:56 — 👍 0 🔁 0 💬 0 📌 0

Our commitment to donor privacy at Tor In this post, we want to share a little bit about the Customer Relationship Management (CRM) software, CiviCRM, that we use to store donation records and donor information. We hope this offers you confidence in how your personal data is handled and secured whenever you make a donation. At the Tor Project, transparency for a privacy project is not a contradiction: privacy is about choice, and we choose to be transparent in order to build trust and a stronger community. This is how we operate in all aspects of our work: we show you all of our projects, in source code, and in periodic project and team reports, and in collaborations with researchers who help assess and improve Tor. Transparency also means being clear about our values, promises, and priorities as laid out in our social contract. ## Why CiviCRM Since 2013, the Tor Project has been using CiviCRM as part of our stack to accept donations, manage donor profiles, and facilitate donor communications. As the only true open source CRM, CiviCRM and the Tor Project share a commitment to open and transparent technology. Choosing open source technology like CiviCRM allows us to fully control our systems and securely handle your personal information. This approach minimizes the risk of a system hack and prevents third-parties from accessing your data. We integrate CiviCRM with our self-hosted Drupal CMS, providing a robust and flexible platform for managing donor data. Our servers run Debian GNU/Linux and are protected using multiple layers of authentication. To reduce exposure of the CiviCRM API as much as possible, the donation web front-end only communicates with the CiviCRM back-end using a custom Redis key-value store via an encrypted tunnel, instead of connecting to the API directly over the Internet. As an open source organization, we're committed to collaborating with the CiviCRM community to improve open source tools like CiviCRM, making it more effective and user-friendly for everyone. Our collaboration with the community has led to several notable improvements, including: * **CiviCRM Standalone** : We expressed interest in running CiviCRM without a CMS, which motivated the project to prioritize this feature and make it a key part of CiviCRM 6.0. * **Flexible Premiums** : We contributed patches to allow perk options to have flexible key/value, making it easier to track items like T-shirt sizes. * **Usability Enhancements** : We provide regular feedback on the usability of CiviCRM, resulting in small but significant improvements. For example, a small change to the "View Contribution" page helps improve user experience. By actively participating in the development of open source technology, we've ensured that our needs are addressed and that the platform continues to evolve to meet the demands of users like us. This collaborative approach has allowed us to shape the future of CiviCRM, making it a more effective and user-friendly technology. ## Your privacy as a Tor donor First and foremost, we do not publish, sell, trade, or rent any information about you. The data we collect is used for three main purposes: keeping in touch with you as a donor, making budgets and reconciling our bank accounts, and reporting necessary information for tax purposes. For our records, we retain your name, the amount of your donation, the date of the donation, and your contact information. Access to that information is restricted inside the Tor Project to people who need it to do their work, for example by thanking you, sending a receipt, or mailing you a t-shirt. You can always contact us to view, change, or delete any information we may have stored in relation to a past donation. If you use third-party service providers such as PayPal or a cryptocurrency exchange to make your donation, unfortunately, the Tor Project has very little influence over how these service providers may collect and use your information. We recommend you familiarize yourself with their policies, especially if you have privacy concerns. Completely anonymous donations are also possible, like by sending a money order or gift card via postal mail, or via cryptocurrency if you have it set up in a way that preserves your anonymity. There are probably other ways to donate anonymously that we haven't thought of—maybe you will. Our commitment to maintain the privacy of our supporters is key to our mission. Your hard-earned money and choice to invest in the Tor Project is of utmost importance to us and we appreciate your trust. We will never publicly identify you as a donor without your permission. You can read more about our donor privacy policy here. ## Your impact We, as a Tor community, fight every day for everyone to have private access to an uncensored internet, and Tor has become the world's strongest tool for privacy and freedom online. But Tor is more than just a technology. It is a labor of love produced by an international community of people devoted to human rights. The Tor Project is deeply committed to transparency and the safety of its users. We are proud to have a Four-Star Charity rating from Charity Navigator, and have been awarded Candid’s Platinum Seal of Transparency. This demonstrates the Tor Project’s commitment to openness and honesty in how the organization manages its finances and uses your investment for a greater impact. If you have not done so this year, please consider making a donation today. Your donation is in good hands and goes a long way. * fundraising

06.08.2025 14:56 — 👍 0 🔁 0 💬 0 📌 0

06.08.2025 14:56 — 👍 0 🔁 0 💬 0 📌 0

New Release: Tails 6.16 ## Changes and updates * Update _Tor Browser_ to 14.5.3. * Update the _Linux_ kernel to 6.1.140. For more details, read our changelog. ## Get Tails 6.16 ### To upgrade your Tails USB stick and keep your Persistent Storage * Automatic upgrades are available from Tails 6.0 or later to 6.16. * If you cannot do an automatic upgrade or if Tails fails to start after an automatic upgrade, please try to do a manual upgrade. ### To install Tails 6.16 on a new USB stick Follow our installation instructions: * Install from Windows * Install from macOS * Install from Linux * Install from Debian or Ubuntu using the command line and GnuPG The Persistent Storage on the USB stick will be lost if you install instead of upgrading. ### To download only If you don't need installation or upgrade instructions, you can download Tails 6.16 directly: * For USB sticks (USB image) * For DVDs and virtual machines (ISO image) ## Support and feedback For support and feedback, visit the Support section on the Tails website. * tails * releases

06.08.2025 14:55 — 👍 0 🔁 0 💬 0 📌 0

New Release: Tor Browser 14.5.4 Tor Browser 14.5.4 is now available from the Tor Browser download page and also from our distribution directory. This version includes important security updates to Firefox. ## Send us your feedback If you find a bug or have a suggestion for how we could improve this release, please let us know. ## Full changelog The full changelog since Tor Browser 14.5.3 is: * All Platforms * Updated NoScript to 13.0.8 * Bug tor-browser#43783: Tighten up the SecurityLevel module to enforce new UX flow * Bug tor-browser#43784: Get confirmation from NoScript that settings are applied * Bug tor-browser#43885: Rebase stable onto 128.12.0esr * Bug tor-browser#43911: Backport security fixes from Firefox 140 * Windows + macOS + Linux * Updated Firefox to 128.12.0esr * Bug tor-browser#43782: Add new UX flow for changing security level (Desktop) * Android * Updated GeckoView to 128.12.0esr * Bug tor-browser#43786: Add new UX flow for changing security level (Android) * Build System * All Platforms * Bug tor-browser-build#41477: Update keyring/boklm.gpg for new subkeys (2025) * Bug tor-browser-build#41498: Update keyring/morgan.gpg with updated public key * Windows + Linux + Android * Updated Go to 1.23.10 * applications * releases

06.08.2025 14:55 — 👍 0 🔁 0 💬 0 📌 0

Arti 1.4.4 is released: Continued work on Counter Galois Onion, and Conflux. Arti is our ongoing project to create a next-generation Tor client in Rust. We're happy to announce the latest release, Arti 1.4.4. This release of Arti continues our development efforts towards supporting multi-legged tunnels in Arti via our Conflux feature. We have also continued preparing Arti for support of our Counter Galois Onion proposal feature. In addition to the ongoing client feature efforts, the Network Team continues to work towards making Arti ready for use by our Relay Operators, who run the Tor network. However, no user-visible changes have occurred in this direction for this release, but the team continue working on the internals of Arti to make it ready for Relay and Bridge support. For full details on what we've done, including API changes, and for information about many more minor and less visible changes as well, please see the CHANGELOG. For more information on using Arti, see our top-level README, and the documentation for the `arti` binary. Thanks to everybody who's contributed to this release, including hjrgrn, Lionel Goffaux, Neel Chauhan, Niel Duysters, playbahn, retort-dev, shivam37483, syphyr, Tobias Stoeckmann, and Vijaya Bhaskar. Also, our deep thanks to the Bureau of Democracy, Human Rights and Labor, and our other sponsors for funding the development of Arti! * announcements * releases

06.08.2025 14:55 — 👍 0 🔁 0 💬 0 📌 0

New Release: Tor Browser 14.5.5 Tor Browser 14.5.5 is now available from the Tor Browser download page and also from our distribution directory. This version includes important security updates to Firefox. ## Send us your feedback If you find a bug or have a suggestion for how we could improve this release, please let us know. ## Full changelog The full changelog since Tor Browser 14.5.4 is: * All Platforms * Updated Tor to 0.4.8.17 * Updated OpenSSL to 3.0.17 * Bug tor-browser#43979: Rebase Tor Browser Stable onto 128.13.0esr * Bug tor-browser#43993: Backport Security Fixes from Firefox 141 * Bug tor-browser-build#41508: Switch built-in meek bridge to meek-unredacted * Windows + macOS + Linux * Updated Firefox to 128.13.0esr * Android * Updated GeckoView to 128.13.0esr * Build System * Windows + Linux + Android * Updated Go to 1.23.11 * applications * releases

06.08.2025 14:55 — 👍 0 🔁 0 💬 0 📌 0

New Release: Tails 6.18 ## New features ### _WebTunnel_ bridges You can now use _WebTunnel_ bridges to connect to the Tor network from Tails. _WebTunnel_ is a bridge technology that is particularly good at circumventing censorship and might work from places where _obfs4_ bridges are blocked. _WebTunnel_ disguises your connection as ordinary web traffic. To get _WebTunnel_ bridges, visit https://bridges.torproject.org/. ## Changes and updates * Update _Tor Browser_ to 14.5.5. * Update _Thunderbird_ to 128.12.0. For more details, read our changelog. ## Get Tails 6.18 ### To upgrade your Tails USB stick and keep your Persistent Storage * Automatic upgrades are available from Tails 6.0 or later to 6.18. * If you cannot do an automatic upgrade or if Tails fails to start after an automatic upgrade, please try to do a manual upgrade. ### To install Tails 6.18 on a new USB stick Follow our installation instructions: * Install from Windows * Install from macOS * Install from Linux * Install from Debian or Ubuntu using the command line and GnuPG The Persistent Storage on the USB stick will be lost if you install instead of upgrading. ### To download only If you don't need installation or upgrade instructions, you can download Tails 6.18 directly: * For USB sticks (USB image) * For DVDs and virtual machines (ISO image) ## Support and feedback For support and feedback, visit the Support section on the Tails website. * tails * releases

06.08.2025 14:55 — 👍 0 🔁 0 💬 0 📌 0

Arti 1.4.6 is released: Hidden Service resilience; work on flow control, Conflux, and CGO. Arti is our ongoing project to create a next-generation Tor client in Rust. We're happy to announce the latest release, Arti 1.4.6. This release of Arti has some improvements for Onion Service (Hidden Service) operators. There's better resistance to denial-of-service (Proposal 362) and an experimental new utility for migration of Hidden Service identity key from a C Tor keystore to Arti. Also included are further developments towards supporting xon-based (Proposal 324) flow control, multi-legged tunnels in Arti via our Conflux feature, and improving the cryptography used for data transfer (Counter Galois Onion, Proposal 359). Meanwhile we are continuing our work on the foundations of Arti to support Relay and Bridge --- but there are no visible changes for this in 1.4.6. Much of this work is currently occurring outside of the Arti mainline. For full details on what we've done, including API changes, and for information about many more minor and less visible changes, please see the CHANGELOG. For more information on using Arti, see our top-level README, and the documentation for the `arti` binary. Thanks to everybody who's contributed to this release, including hashcatHitman, hjrgrn, nield, and tcyrus. Also, our deep thanks to our sponsors for funding the development of Arti! * announcements * releases

06.08.2025 14:55 — 👍 0 🔁 0 💬 0 📌 0

New Release: Tor Browser 14.5.4 Tor Browser 14.5.4 is now available from the Tor Browser download page and also from our distribution directory. This version includes important security updates to Firefox. ## Send us your feedback If you find a bug or have a suggestion for how we could improve this release, please let us know. ## Full changelog The full changelog since Tor Browser 14.5.3 is: * All Platforms * Updated NoScript to 13.0.8 * Bug tor-browser#43783: Tighten up the SecurityLevel module to enforce new UX flow * Bug tor-browser#43784: Get confirmation from NoScript that settings are applied * Bug tor-browser#43885: Rebase stable onto 128.12.0esr * Bug tor-browser#43911: Backport security fixes from Firefox 140 * Windows + macOS + Linux * Updated Firefox to 128.12.0esr * Bug tor-browser#43782: Add new UX flow for changing security level (Desktop) * Android * Updated GeckoView to 128.12.0esr * Bug tor-browser#43786: Add new UX flow for changing security level (Android) * Build System * All Platforms * Bug tor-browser-build#41477: Update keyring/boklm.gpg for new subkeys (2025) * Bug tor-browser-build#41498: Update keyring/morgan.gpg with updated public key * Windows + Linux + Android * Updated Go to 1.23.10 * applications * releases

31.07.2025 12:43 — 👍 0 🔁 0 💬 0 📌 0

New Release: Tails 6.16 ## Changes and updates * Update _Tor Browser_ to 14.5.3. * Update the _Linux_ kernel to 6.1.140. For more details, read our changelog. ## Get Tails 6.16 ### To upgrade your Tails USB stick and keep your Persistent Storage * Automatic upgrades are available from Tails 6.0 or later to 6.16. * If you cannot do an automatic upgrade or if Tails fails to start after an automatic upgrade, please try to do a manual upgrade. ### To install Tails 6.16 on a new USB stick Follow our installation instructions: * Install from Windows * Install from macOS * Install from Linux * Install from Debian or Ubuntu using the command line and GnuPG The Persistent Storage on the USB stick will be lost if you install instead of upgrading. ### To download only If you don't need installation or upgrade instructions, you can download Tails 6.16 directly: * For USB sticks (USB image) * For DVDs and virtual machines (ISO image) ## Support and feedback For support and feedback, visit the Support section on the Tails website. * tails * releases

31.07.2025 12:43 — 👍 0 🔁 0 💬 0 📌 0

New Release: Tor Browser 14.5.3 Tor Browser 14.5.3 is now available from the Tor Browser download page and also from our distribution directory. This version includes important security updates to Firefox. ## Send us your feedback If you find a bug or have a suggestion for how we could improve this release, please let us know. ## Full changelog The full changelog since Tor Browser 14.5.2 is: * All Platforms * Updated NoScript to 13.0.6 * Bug tor-browser#43811: Backport security fixes from Firefox 139 * Bug mullvad-browser#439: Rebase Mullvad Browser stable onto 128.11.0esr * Windows + macOS + Linux * Updated Firefox to 128.11.0esr * Android * Updated GeckoView to 128.11.0esr * Build System * Android * Bug tor-browser#43809: Allow tba-fetch-deps.sh to fetch prebuilt artifacts from tor-browser-build from nightlies * applications * releases

31.07.2025 12:43 — 👍 1 🔁 0 💬 0 📌 0

New Release: Tor Browser 14.5.5 Tor Browser 14.5.5 is now available from the Tor Browser download page and also from our distribution directory. This version includes important security updates to Firefox. ## Send us your feedback If you find a bug or have a suggestion for how we could improve this release, please let us know. ## Full changelog The full changelog since Tor Browser 14.5.4 is: * All Platforms * Updated Tor to 0.4.8.17 * Updated OpenSSL to 3.0.17 * Bug tor-browser#43979: Rebase Tor Browser Stable onto 128.13.0esr * Bug tor-browser#43993: Backport Security Fixes from Firefox 141 * Bug tor-browser-build#41508: Switch built-in meek bridge to meek-unredacted * Windows + macOS + Linux * Updated Firefox to 128.13.0esr * Android * Updated GeckoView to 128.13.0esr * Build System * Windows + Linux + Android * Updated Go to 1.23.11 * applications * releases

31.07.2025 12:43 — 👍 0 🔁 0 💬 0 📌 0

New Release: Tails 6.17 ## Changes and updates * Add a **Show Password** option when setting the screen locking password. * Update the _uBlock Origing_ extension for _Tor Browser_ to 1.62.0. * Update _Tor Browser_ to 14.5.4. ## Fixed problems * Display an empty page instead of the homepage of _Tor Browser_ when opening new tabs in the _Unsafe Browser_. (#21004) * Remove duplicated CPU microcode to reduce image size. (#21001) For more details, read our changelog. ## Get Tails 6.17 ### To upgrade your Tails USB stick and keep your Persistent Storage * Automatic upgrades are available from Tails 6.0 or later to 6.17. * If you cannot do an automatic upgrade or if Tails fails to start after an automatic upgrade, please try to do a manual upgrade. ### To install Tails 6.17 on a new USB stick Follow our installation instructions: * Install from Windows * Install from macOS * Install from Linux * Install from Debian or Ubuntu using the command line and GnuPG The Persistent Storage on the USB stick will be lost if you install instead of upgrading. ### To download only If you don't need installation or upgrade instructions, you can download Tails 6.17 directly: * For USB sticks (USB image) * For DVDs and virtual machines (ISO image) ## Support and feedback For support and feedback, visit the Support section on the Tails website. * tails * releases

31.07.2025 12:43 — 👍 0 🔁 0 💬 0 📌 0

Our commitment to donor privacy at Tor In this post, we want to share a little bit about the Customer Relationship Management (CRM) software, CiviCRM, that we use to store donation records and donor information. We hope this offers you confidence in how your personal data is handled and secured whenever you make a donation. At the Tor Project, transparency for a privacy project is not a contradiction: privacy is about choice, and we choose to be transparent in order to build trust and a stronger community. This is how we operate in all aspects of our work: we show you all of our projects, in source code, and in periodic project and team reports, and in collaborations with researchers who help assess and improve Tor. Transparency also means being clear about our values, promises, and priorities as laid out in our social contract. ## Why CiviCRM Since 2013, the Tor Project has been using CiviCRM as part of our stack to accept donations, manage donor profiles, and facilitate donor communications. As the only true open source CRM, CiviCRM and the Tor Project share a commitment to open and transparent technology. Choosing open source technology like CiviCRM allows us to fully control our systems and securely handle your personal information. This approach minimizes the risk of a system hack and prevents third-parties from accessing your data. We integrate CiviCRM with our self-hosted Drupal CMS, providing a robust and flexible platform for managing donor data. Our servers run Debian GNU/Linux and are protected using multiple layers of authentication. To reduce exposure of the CiviCRM API as much as possible, the donation web front-end only communicates with the CiviCRM back-end using a custom Redis key-value store via an encrypted tunnel, instead of connecting to the API directly over the Internet. As an open source organization, we're committed to collaborating with the CiviCRM community to improve open source tools like CiviCRM, making it more effective and user-friendly for everyone. Our collaboration with the community has led to several notable improvements, including: * **CiviCRM Standalone** : We expressed interest in running CiviCRM without a CMS, which motivated the project to prioritize this feature and make it a key part of CiviCRM 6.0. * **Flexible Premiums** : We contributed patches to allow perk options to have flexible key/value, making it easier to track items like T-shirt sizes. * **Usability Enhancements** : We provide regular feedback on the usability of CiviCRM, resulting in small but significant improvements. For example, a small change to the "View Contribution" page helps improve user experience. By actively participating in the development of open source technology, we've ensured that our needs are addressed and that the platform continues to evolve to meet the demands of users like us. This collaborative approach has allowed us to shape the future of CiviCRM, making it a more effective and user-friendly technology. ## Your privacy as a Tor donor First and foremost, we do not publish, sell, trade, or rent any information about you. The data we collect is used for three main purposes: keeping in touch with you as a donor, making budgets and reconciling our bank accounts, and reporting necessary information for tax purposes. For our records, we retain your name, the amount of your donation, the date of the donation, and your contact information. Access to that information is restricted inside the Tor Project to people who need it to do their work, for example by thanking you, sending a receipt, or mailing you a t-shirt. You can always contact us to view, change, or delete any information we may have stored in relation to a past donation. If you use third-party service providers such as PayPal or a cryptocurrency exchange to make your donation, unfortunately, the Tor Project has very little influence over how these service providers may collect and use your information. We recommend you familiarize yourself with their policies, especially if you have privacy concerns. Completely anonymous donations are also possible, like by sending a money order or gift card via postal mail, or via cryptocurrency if you have it set up in a way that preserves your anonymity. There are probably other ways to donate anonymously that we haven't thought of—maybe you will. Our commitment to maintain the privacy of our supporters is key to our mission. Your hard-earned money and choice to invest in the Tor Project is of utmost importance to us and we appreciate your trust. We will never publicly identify you as a donor without your permission. You can read more about our donor privacy policy here. ## Your impact We, as a Tor community, fight every day for everyone to have private access to an uncensored internet, and Tor has become the world's strongest tool for privacy and freedom online. But Tor is more than just a technology. It is a labor of love produced by an international community of people devoted to human rights. The Tor Project is deeply committed to transparency and the safety of its users. We are proud to have a Four-Star Charity rating from Charity Navigator, and have been awarded Candid’s Platinum Seal of Transparency. This demonstrates the Tor Project’s commitment to openness and honesty in how the organization manages its finances and uses your investment for a greater impact. If you have not done so this year, please consider making a donation today. Your donation is in good hands and goes a long way. * fundraising

31.07.2025 12:43 — 👍 0 🔁 0 💬 0 📌 0

31.07.2025 12:43 — 👍 0 🔁 0 💬 0 📌 0

Arti 1.4.4 is released: Continued work on Counter Galois Onion, and Conflux. Arti is our ongoing project to create a next-generation Tor client in Rust. We're happy to announce the latest release, Arti 1.4.4. This release of Arti continues our development efforts towards supporting multi-legged tunnels in Arti via our Conflux feature. We have also continued preparing Arti for support of our Counter Galois Onion proposal feature. In addition to the ongoing client feature efforts, the Network Team continues to work towards making Arti ready for use by our Relay Operators, who run the Tor network. However, no user-visible changes have occurred in this direction for this release, but the team continue working on the internals of Arti to make it ready for Relay and Bridge support. For full details on what we've done, including API changes, and for information about many more minor and less visible changes as well, please see the CHANGELOG. For more information on using Arti, see our top-level README, and the documentation for the `arti` binary. Thanks to everybody who's contributed to this release, including hjrgrn, Lionel Goffaux, Neel Chauhan, Niel Duysters, playbahn, retort-dev, shivam37483, syphyr, Tobias Stoeckmann, and Vijaya Bhaskar. Also, our deep thanks to the Bureau of Democracy, Human Rights and Labor, and our other sponsors for funding the development of Arti! * announcements * releases

31.07.2025 12:43 — 👍 0 🔁 0 💬 0 📌 0

Arti 1.4.5 is released: Continued work on xon-based flow control, Conflux. Arti is our ongoing project to create a next-generation Tor client in Rust. We're happy to announce the latest release, Arti 1.4.5. This release of Arti continues our development efforts towards supporting xon-based (proposal 324) flow control and multi-legged tunnels in Arti via our Conflux feature. In addition to the ongoing client feature efforts, the Network Team continues working on the internals of Arti to make it ready for relay and bridge support, but no user-visible changes have occurred in this direction for this release. For full details on what we've done, including API changes, and for information about many more minor and less visible changes, please see the CHANGELOG. For more information on using Arti, see our top-level README, and the documentation for the `arti` binary. Thanks to everybody who's contributed to this release, including Dan Ballard, hashcatHitman, hjrgrn, nield, parazyd, and trinity-1686a. Also, our deep thanks to the Bureau of Democracy, Human Rights and Labor, and our other sponsors for funding the development of Arti! * announcements * releases

31.07.2025 12:43 — 👍 0 🔁 0 💬 0 📌 0

New Release: Tails 6.18 ## New features ### _WebTunnel_ bridges You can now use _WebTunnel_ bridges to connect to the Tor network from Tails. _WebTunnel_ is a bridge technology that is particularly good at circumventing censorship and might work from places where _obfs4_ bridges are blocked. _WebTunnel_ disguises your connection as ordinary web traffic. To get _WebTunnel_ bridges, visit https://bridges.torproject.org/. ## Changes and updates * Update _Tor Browser_ to 14.5.5. * Update _Thunderbird_ to 128.12.0. For more details, read our changelog. ## Get Tails 6.18 ### To upgrade your Tails USB stick and keep your Persistent Storage * Automatic upgrades are available from Tails 6.0 or later to 6.18. * If you cannot do an automatic upgrade or if Tails fails to start after an automatic upgrade, please try to do a manual upgrade. ### To install Tails 6.18 on a new USB stick Follow our installation instructions: * Install from Windows * Install from macOS * Install from Linux * Install from Debian or Ubuntu using the command line and GnuPG The Persistent Storage on the USB stick will be lost if you install instead of upgrading. ### To download only If you don't need installation or upgrade instructions, you can download Tails 6.18 directly: * For USB sticks (USB image) * For DVDs and virtual machines (ISO image) ## Support and feedback For support and feedback, visit the Support section on the Tails website. * partners * releases

26.07.2025 08:30 — 👍 1 🔁 0 💬 0 📌 0

New Release: Tails 6.15.1 This release is an emergency release to fix important security vulnerabilities in Tor Browser. ## Changes and updates * Update _Tor Browser_ to 14.5.2, which fixes Mozilla Foundation Security Advisory 2025-37. These vulnerabilities allow an attacker to perform an out-of-bounds read or write on a JavaScript object, but don't allow breaking out of the Firefox sandbox. * Update _Thunderbird_ to 128.10.1. * Remove the _Tor Browser_ and _Tor Browser (persistent)_ folders: they are not necessary anymore, thanks to the more flexible confinement of _Tor Browser_ we introduced in Tails 6.14.1. (#15028) ## Fixed problems * Fix the _Unsafe Browser_ appearing in the window list with the _Tor Browser_ icon. (#20934) * Make reporting an error using _WhisperBack_ more robust. (#20921) * Fix _USB tethering_. (#20940) For more details, read our changelog. ## Get Tails 6.15.1 ### To upgrade your Tails USB stick and keep your Persistent Storage * Automatic upgrades are available from Tails 6.0 or later to 6.15.1. * If you cannot do an automatic upgrade or if Tails fails to start after an automatic upgrade, please try to do a manual upgrade. ### To install Tails 6.15.1 on a new USB stick Follow our installation instructions: * Install from Windows * Install from macOS * Install from Linux * Install from Debian or Ubuntu using the command line and GnuPG The Persistent Storage on the USB stick will be lost if you install instead of upgrading. ### To download only If you don't need installation or upgrade instructions, you can download Tails 6.15.1 directly: * For USB sticks (USB image) * For DVDs and virtual machines (ISO image) ## Support and feedback For support and feedback, visit the Support section on the Tails website. * partners * releases

24.07.2025 06:31 — 👍 2 🔁 1 💬 0 📌 0

New Release: Tor Browser 14.5.4 Tor Browser 14.5.4 is now available from the Tor Browser download page and also from our distribution directory. This version includes important security updates to Firefox. ## Send us your feedback If you find a bug or have a suggestion for how we could improve this release, please let us know. ## Full changelog The full changelog since Tor Browser 14.5.3 is: * All Platforms * Updated NoScript to 13.0.8 * Bug tor-browser#43783: Tighten up the SecurityLevel module to enforce new UX flow * Bug tor-browser#43784: Get confirmation from NoScript that settings are applied * Bug tor-browser#43885: Rebase stable onto 128.12.0esr * Bug tor-browser#43911: Backport security fixes from Firefox 140 * Windows + macOS + Linux * Updated Firefox to 128.12.0esr * Bug tor-browser#43782: Add new UX flow for changing security level (Desktop) * Android * Updated GeckoView to 128.12.0esr * Bug tor-browser#43786: Add new UX flow for changing security level (Android) * Build System * All Platforms * Bug tor-browser-build#41477: Update keyring/boklm.gpg for new subkeys (2025) * Bug tor-browser-build#41498: Update keyring/morgan.gpg with updated public key * Windows + Linux + Android * Updated Go to 1.23.10 * applications * releases

24.07.2025 06:30 — 👍 1 🔁 0 💬 0 📌 0

New Release: Tor Browser 14.5.5 Tor Browser 14.5.5 is now available from the Tor Browser download page and also from our distribution directory. This version includes important security updates to Firefox. ## Send us your feedback If you find a bug or have a suggestion for how we could improve this release, please let us know. ## Full changelog The full changelog since Tor Browser 14.5.4 is: * All Platforms * Updated Tor to 0.4.8.17 * Updated OpenSSL to 3.0.17 * Bug tor-browser#43979: Rebase Tor Browser Stable onto 128.13.0esr * Bug tor-browser#43993: Backport Security Fixes from Firefox 141 * Bug tor-browser-build#41508: Switch built-in meek bridge to meek-unredacted * Windows + macOS + Linux * Updated Firefox to 128.13.0esr * Android * Updated GeckoView to 128.13.0esr * Build System * Windows + Linux + Android * Updated Go to 1.23.11 * applications * releases

24.07.2025 06:30 — 👍 1 🔁 0 💬 0 📌 0

Arti 1.4.5 is released: Continued work on xon-based flow control, Conflux. Arti is our ongoing project to create a next-generation Tor client in Rust. We're happy to announce the latest release, Arti 1.4.5. This release of Arti continues our development efforts towards supporting xon-based (proposal 324) flow control and multi-legged tunnels in Arti via our Conflux feature. In addition to the ongoing client feature efforts, the Network Team continues working on the internals of Arti to make it ready for relay and bridge support, but no user-visible changes have occurred in this direction for this release. For full details on what we've done, including API changes, and for information about many more minor and less visible changes, please see the CHANGELOG. For more information on using Arti, see our top-level README, and the documentation for the `arti` binary. Thanks to everybody who's contributed to this release, including Dan Ballard, hashcatHitman, hjrgrn, nield, parazyd, and trinity-1686a. Also, our deep thanks to the Bureau of Democracy, Human Rights and Labor, and our other sponsors for funding the development of Arti! * announcements * releases

24.07.2025 06:30 — 👍 0 🔁 0 💬 0 📌 0

Arti 1.4.4 is released: Continued work on Counter Galois Onion, and Conflux. Arti is our ongoing project to create a next-generation Tor client in Rust. We're happy to announce the latest release, Arti 1.4.4. This release of Arti continues our development efforts towards supporting multi-legged tunnels in Arti via our Conflux feature. We have also continued preparing Arti for support of our Counter Galois Onion proposal feature. In addition to the ongoing client feature efforts, the Network Team continues to work towards making Arti ready for use by our Relay Operators, who run the Tor network. However, no user-visible changes have occurred in this direction for this release, but the team continue working on the internals of Arti to make it ready for Relay and Bridge support. For full details on what we've done, including API changes, and for information about many more minor and less visible changes as well, please see the CHANGELOG. For more information on using Arti, see our top-level README, and the documentation for the `arti` binary. Thanks to everybody who's contributed to this release, including hjrgrn, Lionel Goffaux, Neel Chauhan, Niel Duysters, playbahn, retort-dev, shivam37483, syphyr, Tobias Stoeckmann, and Vijaya Bhaskar. Also, our deep thanks to the Bureau of Democracy, Human Rights and Labor, and our other sponsors for funding the development of Arti! * announcements * releases

24.07.2025 06:30 — 👍 0 🔁 0 💬 0 📌 0

New Release: Tails 6.17 ## Changes and updates * Add a **Show Password** option when setting the screen locking password. * Update the _uBlock Origing_ extension for _Tor Browser_ to 1.62.0. * Update _Tor Browser_ to 14.5.4. ## Fixed problems * Display an empty page instead of the homepage of _Tor Browser_ when opening new tabs in the _Unsafe Browser_. (#21004) * Remove duplicated CPU microcode to reduce image size. (#21001) For more details, read our changelog. ## Get Tails 6.17 ### To upgrade your Tails USB stick and keep your Persistent Storage * Automatic upgrades are available from Tails 6.0 or later to 6.17. * If you cannot do an automatic upgrade or if Tails fails to start after an automatic upgrade, please try to do a manual upgrade. ### To install Tails 6.17 on a new USB stick Follow our installation instructions: * Install from Windows * Install from macOS * Install from Linux * Install from Debian or Ubuntu using the command line and GnuPG The Persistent Storage on the USB stick will be lost if you install instead of upgrading. ### To download only If you don't need installation or upgrade instructions, you can download Tails 6.17 directly: * For USB sticks (USB image) * For DVDs and virtual machines (ISO image) ## Support and feedback For support and feedback, visit the Support section on the Tails website. * partners * releases

24.07.2025 06:30 — 👍 0 🔁 0 💬 0 📌 0

Happy Families: new certificates for faster and easier relay management Frequently relay operators (individuals or organization) want to operate more than one relay. In order to advertise this fact, they declare that their relays belong to a "Relay Family" together. Within the Tor protocol, Relay Families help make sure that an honest relay operator is never in a position to appear in the same circuit or observe two points of a circuit to mount a traffic correlation attack.1 Outside of its role in the Tor protocol, Relay Families help Tor's Network Health Team to keep an eye on how many relays are operated by the same people, and to diagnose issues with relay deployments. Families give honest operators a transparent way to tell the world, "I'm not running a Sybil attack; I'm being transparent with my relays." ## So what's the problem? When we added relay families back in 2004, we made the implementation simple: Two relays are considered to belong to the same family if and only if each one lists the other one in its list of family members. So if relay A lists relay B, and vice versa, they are treated as belonging to a family. But if only one lists the other as belonging to its family, then they aren't in a family together. (Given the role of families in routing decisions, it would be Bad if an attacker's relay could put itself in a "fake family" containing all the relays that _aren't_ administered by the attacker!) But this means that in order to represent a relay family with N members, each member needs to list N-1 other members, requiring a total of O(N2) listed relays in order to represent the whole family. As the Tor network grows, so do family sizes. Right now, something like 85% of the total space used for microdescriptors in a full Tor directory is taken up by family declarations! (Even after compression, it's still 32%.) What's more, declaring families is annoying. When a relay family adds a new member, _every relay in the family_ needs to be reconfigured to list that member as part of its family. Tools like ansible-relayor make this easier to do, but it's still harder than it needs to be. ## What's the solution? Family certificates! Instead of listing one another to indicate that they belong to the same family, relays should use cryptography! (Okay, _more_ cryptography.) In place of a list of other relays in the same family, each relay should carry a "family certificate" that proves its membership in a family. The family certificate is signed with a private key that identifies the family: only relays signed with the same key are considered to belong to the same family. Now, instead of O(N2) listed relays, each family just needs to list one signed certificate. This will make microdescriptors smaller and decrease download sizes. The full solution was specified first in proposal 242 and later extended in proposal 321. This solution is now implemented in Arti and in the 0.4.9.x (alpha) versions of the C Tor implementation. If you're running a relay family, see the community portal for information about how to deploy it with 0.4.9.x. ## So, when will we see the full benefits? Old Tor clients don't understand family certificates. That means that relays are going to have to keep advertising families in the old way until we can be sure that nearly all clients have upgraded. In the coming months, after Tor 0.4.9.x is stable, please expect us to be encouraging as many clients and relays to upgrade. The faster everyone moves, the sooner directory authorities can retire the old format. For now, you can help test the feature with the next alpha release. ## What else will shrink directories in 0.4.9.x? To make microdescriptors even smaller, and thereby lower download sizes, Tor 0.4.9.x is going to stop listing obsolete RSA "TAP keys" in them. These keys account for yet more of the microdescriptor sizes, but nothing uses them any more! Once long family lists _and_ TAP keys are gone, we estimate that the aggregate size of compressed microdescriptors will be something like 25% of their current size. Since microdescriptors are currently around 70% of the directory information needed to bootstrap a client (the rest is a consensus document and a set of certificates), the bandwidth to bootstrap a fresh connection to the network will be something around 50% of what it is now. ## And what might grow directories again? We're working on designs to make Tor's cryptography stronger against quantum computation. Although cryptographically relevant quantum computers (CRQCs) are still a thing of the future2, we want to make sure that Tor's encryption algorithms will be strong enough to resist them, in order to defeat any adversary who records traffic today in hopes of decrypting it later, once the future arrives. (TLS is going through a similar transition.) Fortunately, we can make these cryptographic improvements without any significant cost in directory bandwidth! But eventually, when CRQCs are closer, we'll also need to resist _active_ attacks, by attackers who can use a CRQC _online_ to impersonate a relay. To do this, we may need to distribute _more_ information in the directories again: current post-quantum key encapsulation schemes use longer keys than the ones we use today. So some of the space that we're freeing now may eventually be needed for other work. ## Thanks Thanks to everybody who's worked to make any version of this proposal better, and/or reported bugs and issues with the code! Also, thanks to all the individual donors who made this work possible. This project wasn't funded by any restricted grant or contract; only your donations made it possible. * * * 1. But surprisingly enough, some research suggests that this requirement may be _bad_ for security if rigidly enforced! We're looking into this, and developing alternative designs.↩ 2. How far in the future? Estimates vary! Still, it pays to be cautious.↩ * announcements * releases

24.07.2025 06:30 — 👍 0 🔁 0 💬 0 📌 0

New Release: Tor Browser 14.5.3 Tor Browser 14.5.3 is now available from the Tor Browser download page and also from our distribution directory. This version includes important security updates to Firefox. ## Send us your feedback If you find a bug or have a suggestion for how we could improve this release, please let us know. ## Full changelog The full changelog since Tor Browser 14.5.2 is: * All Platforms * Updated NoScript to 13.0.6 * Bug tor-browser#43811: Backport security fixes from Firefox 139 * Bug mullvad-browser#439: Rebase Mullvad Browser stable onto 128.11.0esr * Windows + macOS + Linux * Updated Firefox to 128.11.0esr * Android * Updated GeckoView to 128.11.0esr * Build System * Android * Bug tor-browser#43809: Allow tba-fetch-deps.sh to fetch prebuilt artifacts from tor-browser-build from nightlies * applications * releases

24.07.2025 06:30 — 👍 0 🔁 0 💬 0 📌 0

Our commitment to donor privacy at Tor In this post, we want to share a little bit about the Customer Relationship Management (CRM) software, CiviCRM, that we use to store donation records and donor information. We hope this offers you confidence in how your personal data is handled and secured whenever you make a donation. At the Tor Project, transparency for a privacy project is not a contradiction: privacy is about choice, and we choose to be transparent in order to build trust and a stronger community. This is how we operate in all aspects of our work: we show you all of our projects, in source code, and in periodic project and team reports, and in collaborations with researchers who help assess and improve Tor. Transparency also means being clear about our values, promises, and priorities as laid out in our social contract. ## Why CiviCRM Since 2013, the Tor Project has been using CiviCRM as part of our stack to accept donations, manage donor profiles, and facilitate donor communications. As the only true open source CRM, CiviCRM and the Tor Project share a commitment to open and transparent technology. Choosing open source technology like CiviCRM allows us to fully control our systems and securely handle your personal information. This approach minimizes the risk of a system hack and prevents third-parties from accessing your data. We integrate CiviCRM with our self-hosted Drupal CMS, providing a robust and flexible platform for managing donor data. Our servers run Debian GNU/Linux and are protected using multiple layers of authentication. To reduce exposure of the CiviCRM API as much as possible, the donation web front-end only communicates with the CiviCRM back-end using a custom Redis key-value store via an encrypted tunnel, instead of connecting to the API directly over the Internet. As an open source organization, we're committed to collaborating with the CiviCRM community to improve open source tools like CiviCRM, making it more effective and user-friendly for everyone. Our collaboration with the community has led to several notable improvements, including: * **CiviCRM Standalone** : We expressed interest in running CiviCRM without a CMS, which motivated the project to prioritize this feature and make it a key part of CiviCRM 6.0. * **Flexible Premiums** : We contributed patches to allow perk options to have flexible key/value, making it easier to track items like T-shirt sizes. * **Usability Enhancements** : We provide regular feedback on the usability of CiviCRM, resulting in small but significant improvements. For example, a small change to the "View Contribution" page helps improve user experience. By actively participating in the development of open source technology, we've ensured that our needs are addressed and that the platform continues to evolve to meet the demands of users like us. This collaborative approach has allowed us to shape the future of CiviCRM, making it a more effective and user-friendly technology. ## Your privacy as a Tor donor First and foremost, we do not publish, sell, trade, or rent any information about you. The data we collect is used for three main purposes: keeping in touch with you as a donor, making budgets and reconciling our bank accounts, and reporting necessary information for tax purposes. For our records, we retain your name, the amount of your donation, the date of the donation, and your contact information. Access to that information is restricted inside the Tor Project to people who need it to do their work, for example by thanking you, sending a receipt, or mailing you a t-shirt. You can always contact us to view, change, or delete any information we may have stored in relation to a past donation. If you use third-party service providers such as PayPal or a cryptocurrency exchange to make your donation, unfortunately, the Tor Project has very little influence over how these service providers may collect and use your information. We recommend you familiarize yourself with their policies, especially if you have privacy concerns. Completely anonymous donations are also possible, like by sending a money order or gift card via postal mail, or via cryptocurrency if you have it set up in a way that preserves your anonymity. There are probably other ways to donate anonymously that we haven't thought of—maybe you will. Our commitment to maintain the privacy of our supporters is key to our mission. Your hard-earned money and choice to invest in the Tor Project is of utmost importance to us and we appreciate your trust. We will never publicly identify you as a donor without your permission. You can read more about our donor privacy policy here. ## Your impact We, as a Tor community, fight every day for everyone to have private access to an uncensored internet, and Tor has become the world's strongest tool for privacy and freedom online. But Tor is more than just a technology. It is a labor of love produced by an international community of people devoted to human rights. The Tor Project is deeply committed to transparency and the safety of its users. We are proud to have a Four-Star Charity rating from Charity Navigator, and have been awarded Candid’s Platinum Seal of Transparency. This demonstrates the Tor Project’s commitment to openness and honesty in how the organization manages its finances and uses your investment for a greater impact. If you have not done so this year, please consider making a donation today. Your donation is in good hands and goes a long way. * fundraising

24.07.2025 06:30 — 👍 0 🔁 0 💬 0 📌 0

Latest posts by blog.torproject.org.web.brid.gy on Bluesky