Tor Project released Tor Browser 8.5.1 for Windows, Mac, Linux, and Android

A new version of the popular Tor Browser was released by the Tor Project, it is Tor Browser 8.5.1 for Windows, Mac, Linux, and Android.

The Tor Project has released Tor Browser 8.5.1 for Windows, Mac, Linux, and Android, the new version of the popular anonymizing browser.

This release includes a temporary fix for a known WebGL fingerprinting technique. Tor 8.5.1 can be downloaded for free from the Tor Browser download page and from the distribution directory.

The development team disabled WebGL readPixel() function that could be abused to fingerprint a Tor Browser user.

“Tor Browser 8.5.1 is the first bugfix release in the 8.5 series and aims at mostly fixing regressions and providing small improvements related to our 8.5 release.” reads the announcement from the Tor Project. “Additionally, we disable the WebGL readPixel() fingerprinting vector, realizing, though, that we need a more holistic approach when trying to deal with the fingerprinting potential WebGL comes with.”

The developers defined this fix a temporary solution that needs a more holistic approach.

Bwloe the full changelog since Tor Browser 8.5:

All platforms
- Update Torbutton to 2.1.10
  - Bug 30565: Sync nocertdb with privatebrowsing.autostart at startup
  - Bug 30464: Add WebGL to safer descriptions
  - Translations update
- Update NoScript to 10.6.2
  - Bug 29969: Remove workaround for Mozilla’s bug 1532530
- Update HTTPS Everywhere to 2019.5.13
- Bug 30541: Disable WebGL readPixel() for web content
Windows + OS X + Linux
- Bug 30560: Better match actual toolbar in onboarding toolbar graphic
- Bug 30571: Correct more information URL for security settings
Android
- Bug 30635: Sync mobile default bridges list with desktop one
Build System
- All platforms
  - Bug 30480: Check that signed tag contains expected tag name

[adrotate banner=”9″]

[adrotate banner=”12″]

Pierluigi Paganini

(SecurityAffairs – Tor Browser 8.5.1, Tor Project)

[adrotate banner=”5″]

[adrotate banner=”13″]

Pierluigi Paganini

Pierluigi Paganini is member of the ENISA (European Union Agency for Network and Information Security) Threat Landscape Stakeholder Group and Cyber G7 Group, he is also a Security Evangelist, Security Analyst and Freelance Writer. Editor-in-Chief at "Cyber Defense Magazine", Pierluigi is a cyber security expert with over 20 years experience in the field, he is Certified Ethical Hacker at EC Council in London. The passion for writing and a strong belief that security is founded on sharing and awareness led Pierluigi to find the security blog "Security Affairs" recently named a Top National Security Resource for US. Pierluigi is a member of the "The Hacker News" team and he is a writer for some major publications in the field such as Cyber War Zone, ICTTF, Infosec Island, Infosec Institute, The Hacker News Magazine and for many other Security magazines. Author of the Books "The Deep Dark Web" and “Digital Virtual Currency and Bitcoin”.