Hi,I'm on gnu/linux slackware 14.2 x86_64.I've downloaded saturday last version of tor browser bundle 8.5.5.The 8.5.4 version works well.But 8.5.5 crash at start with this internal error log:

Tor Browser Bundle 8.5.4

Download Zip: https://urlcod.com/2vGyoI

[notice] Tor 0.4.1.5 (git-439ca48989ece545) running on Linux withLibevent 2.1.8-stable, OpenSSL 1.0.2s, Zlib 1.2.11, Liblzma N/A, and Libzstd N/A.[notice] Read configuration file "tor-browser_en-US/Browser/TorBrowser/Data/Tor/torrc-defaults".[notice] Read configuration file "tor-browser_en-US/Browser/TorBrowser/Data/Tor/torrc".[notice] Opening Control listener on 127.0.0.1:9151[notice] Opened Control listener on 127.0.0.1:9151[notice] DisableNetwork is set. Tor will not make or accept non-control network connections.Shutting down all existing connections.[notice] Parsing GEOIP IPv4 file /PATH_TO/tor-browser_en-US/Browser/TorBrowser/Data/Tor/geoip.[notice] Parsing GEOIP IPv6 file /PATH_TO/tor-browser_en-US/Browser/TorBrowser/Data/Tor/geoip6.[notice] Bootstrapped 0% (starting): Starting [notice] Starting with guard context "default"[notice] Delaying directory fetches: DisableNetwork is set.[notice] New control connection opened from 127.0.0.1.[notice] DisableNetwork is set. Tor will not make or accept non-control network connections.Shutting down all existing connections.[notice] New control connection opened from 127.0.0.1.[notice] DisableNetwork is set. Tor will not make or accept non-control network connections.Shutting down all existing connections.[notice] DisableNetwork is set. Tor will not make or accept non-control network connections.Shutting down all existing connections.[notice] DisableNetwork is set. Tor will not make or accept non-control network connections.Shutting down all existing connections.[notice] Opening Socks listener on 127.0.0.1:9150[notice] Opened Socks listener on 127.0.0.1:9150

= T= 1567790158 INTERNAL ERROR:Raw assertion failed at src/lib/malloc/map_anon.c:218:noinherit_result == tor-browser_en-US/Browser/TorBrowser/Tor/tor(dump_stack_symbols_to_error_fds+0x33)[0x55ff75f58743] tor-browser_en-US/Browser/TorBrowser/Tor/tor(tor_raw_assertion_failed_msg_+0x86)[0x55ff75f58e26] tor-browser_en-US/Browser/TorBrowser/Tor/tor(tor_mmap_anonymous+0xca)[0x55ff75f57f3a] tor-browser_en-US/Browser/TorBrowser/Tor/tor(crypto_fast_rng_new_from_seed+0x35)[0x55ff75f009f5] tor-browser_en-US/Browser/TorBrowser/Tor/tor(crypto_fast_rng_new+0x2b)[0x55ff75f00a9b] tor-browser_en-US/Browser/TorBrowser/Tor/tor(get_thread_fast_rng+0x45)[0x55ff75f00c35] tor-browser_en-US/Browser/TorBrowser/Tor/tor(circuit_reset_sendme_randomness+0x21)[0x55ff75e02fb1] tor-browser_en-US/Browser/TorBrowser/Tor/tor(+0x8342b)[0x55ff75dd142b] tor-browser_en-US/Browser/TorBrowser/Tor/tor(origin_circuit_new+0x8f)[0x55ff75dd3aef] tor-browser_en-US/Browser/TorBrowser/Tor/tor(origin_circuit_init+0x22)[0x55ff75dcceb2] tor-browser_en-US/Browser/TorBrowser/Tor/tor(circuit_establish_circuit+0x37)[0x55ff75dcf877] tor-browser_en-US/Browser/TorBrowser/Tor/tor(circuit_launch_by_extend_info+0x9c)[0x55ff75de6b2c] tor-browser_en-US/Browser/TorBrowser/Tor/tor(+0x99859)[0x55ff75de7859] tor-browser_en-US/Browser/TorBrowser/Tor/tor(connection_ap_handshake_attach_circuit+0x321)[0x55ff75de8251] tor-browser_en-US/Browser/TorBrowser/Tor/tor(connection_ap_attach_pending+0x1b0)[0x55ff75dec6b0] ./TorBrowser/Tor/libevent-2.1.so.6(+0x22395)[0x7fdac04cc395] ./TorBrowser/Tor/libevent-2.1.so.6(event_base_loop+0x55f)[0x7fdac04ccc6f] tor-browser_en-US/Browser/TorBrowser/Tor/tor(do_main_loop+0xe5)[0x55ff75dbce95] tor-browser_en-US/Browser/TorBrowser/Tor/tor(tor_run_main+0x1225)[0x55ff75daa8d5] tor-browser_en-US/Browser/TorBrowser/Tor/tor(tor_main+0x3a)[0x55ff75da7d5a] tor-browser_en-US/Browser/TorBrowser/Tor/tor(main+0x19)[0x55ff75da78b9] /lib64/libc.so.6(__libc_start_main+0xf0)[0x7fdabf6497d0] tor-browser_en-US/Browser/TorBrowser/Tor/tor(+0x59909)[0x55ff75da7909]

I'm still using Orfox+Orbot. Just to be clear, we're supposed to uninstall Orfox and install Tor Browser for Android, right? Can I still use Orbot, even though TB bundles the tor executable? I have to be able to use Orbot to torrify other apps.

Now, my concern: When I have many background youtube tabs open that I haven't clicked on, and then I click New Identity, the tabs do not all close at once like if I had clicked the X to close the browser. Instead, New Identity closes the tabs one by one in succession very fast, and when each closes, the next background tab becomes the active tab and partially loads the site before its tab closes and moves to the next (background) tab. The browser appears to quickly try to access the media files (and maybe other content files) in the now-active tab before that tab closes.

Tor Browser 8.5.4 contains updates to a number of its components. Above all, we include Firefox 60.8.0esr which contains important security fixes. Moreover, after some testing in the alpha series, we start shipping Tor 0.4.0.5 and update OpenSSL to 1.0.2s for the desktop platforms.

The IP addresses should not be hidden in your torrc file. They should just not get publicly posted on the Internet. If you are using the default bridges we ship, no, they stay the same within your torrc file (if we don't remove them from the bundle).

On my Mac with Tor configured to "Tor censored in my country" if I open the torrc file it has 11 OBFS4 files starting with "Bridge obfs4" then the IP address of each bridgeis listed. This makes the obfs4 bridges visible. These are the only bridges the Tor browser uses and this occurs on 2 Mac OS's.

My torrc fle does not match the file you provided. For example there are bridges for "snowflake" I have never seen that bridge even when I go to " " also all the bridges are obfs4 your example also has meek. Since the upgrade to 8.5.4 the bridge list is different.

Posts from Daniel Kahn Gilmore and R. J. Hansen make it clear that the key poisoning is very serious and has the potential to make it difficult for anyone to use GPG/PGP keys to verify the integrity of Tor Browser bundle downloads, Tails ISO images, Debian install ISO images, etc. Coming at a time when many Debian users are installing Buster (new stable) this attack has the potential to be particularly damaging. Unfortunately, it seems that debian.org has not yet posted prominent warnings to avoid trying to download the latest version of signing keys from the SKS keyserver network.

FYI, I just downloaded the 8.5.4 release. My current 8.5.3 release also automatically updated to 8.5.4. When I restarted tor, Norton anti-virus threw a firewall error - "tor does not have a valid digital signature". I deleted my current tor installation and installed a new copy from the 8.5.4 release and had no error. Support may encounter this problem.

However, I'm writing to you today to ask why it is now taking around four to five minutes to load the keyring. Noticed this when typing out "torbrowser-launcher" (without the quotes, naturally) in Terminal and waited . . . and waited . . . until, finally, my patience was rewarded with the launch of the TOR Browser.

It seems that there may be workarounds which may decrease the chance that a user will import a poisoned key, but once that happens your GPG is broken and cannot easily be fixed, which is devastating for those who always follow past TP Best Practice advice by using GPG detached signatures to verify the latest Tor Browser bundle before unpacking on our machine.

But I have yet to find anything which tells users how to obtain safely (?) the latest subkey of a signing key, which we will need to verify future editions of Tor Browser, Tails, etc. Not from an SKS keyserver, certainly, but if not there, where? I have been using Tor since well before the introduction of Tor Browser bundle and I have no idea how to address this. And Tor Project, Tails Project, Debian Project, are not saying anything at all, not even warning newbies to avoid breaking their GPG keyring by importing the TB signing key from an SKS keyserver. This is not good.

If considered as a threat, the bug mentioned above is trivial for the end user to "solve" by just changing permissions of /tor-browser_en-US/Browser/.local/share to prevent Tor Browser to write to it, the directory is superfluous for Tor Browser to function.

My point was that it might be helpful to implement a brief description of the most relevant long-term issues on -manual.torproject.org/known-issues/ and maybe link to it on the tor browser release announcement to help users to keep track of those, which - with trac.torproject.org as the only source, is rather cumbersome right now, to put it mildly .

Is their a bug ?Tor Browser 8.5.4 updated July 9 2019Every time i visit ' YouTube ' In the address bar, i have grey lock with an orange triangle. Mixed content is not blocked not secure. I have to reload each page to have HTTPS Green Secure Connection. Before this latest update, their was always a green lock for a fully secure page. I never had to keep reloading the same page.

you have removed some bridges and the current bridges available obsf4 and meek-azure have slowed the browser it a lot, until I have got this update the speed was totally fine even for Tor but now I had to switch to VPN, I hope these circumstances are just temporarily and that we will get improved bridges with good speed

For Your interest: The Tor project Developers PGP key is poisoned. I was unable to verify the downloadedtor browser because the key contains more then 100000 signatures which makes pgp inoperable.Please do something, e.g. upload the key to hkps://keys.openpgp.org or make it available via some other meansthen the keyservers. For details see for example

Ever since the update, Tor is somehow defaulting to "Remember browsing and download history". (IE: I have to go into preferences every time I restart tor to turn it off.) This seems counter-intuitive to how tor is supposed to function. Is there some setting in config that got bricked during the update that I can fix by hand? It's really annoying to have to change that setting every time. I'm on OSX 10.14.5, tor 8.5.4. 2ff7e9595c