Not long ago we talked here on the blog about the news about Tor developers' decision to start including Rust within the browser, with which in the future it is intended that this programming language replaces C in the development of Tor.
And now after ten months of development, a new version has been released important of the browser reaching its version "Tor 10.5" in which functionalities based on the ESR branch of Firefox 78 continue to be developed.
For those who are still unfamiliar with the browser, they should know that this focuses on providing anonymity, security and privacy, all traffic is redirected only through the Tor network.
For additional protection, the Tor browser includes HTTPS Everywhere plugin, which allows you to use traffic encryption on all sites whenever possible. To reduce the threat of JavaScript attacks and block plugins by default, a NoScript plugin is included. To combat traffic blocking and inspection, fteproxy and obfs4proxy are used.
Main new features of Tor 10.5
Of the most important changes that are presented in this new version of Tor 10.5 we can highlight the browser building capabilities with Wayland support on Linux.
Another important change is that old onion V2 services have been deactivated, which have already been declared obsolete for a year. The complete removal of the code associated with the second version of the protocol is expected in the fall.
The second version of the protocol was developed about 16 years ago and due to the use of outdated algorithms, it cannot be considered safe under modern conditions. Two and a half years ago, in version 0.3.2.9, users were offered the third version of the protocol for onion services, notable for the transition to 56-character addresses, more reliable protection against data leaks through directory servers. , an extensible modular structure and the use of SHA3, ed25519 and curve25519 algorithms instead of SHA1, DH and RSA-1024.
It also stands out in this new version the new 'Snowflake' gatewayto built-in bridge gateways that are used to connect to Tor lockdown locations, using a network of volunteer-managed proxy servers.
In functionality, snowflake resembles a flash proxy, but differs in NAT troubleshooting. Interaction with proxies is carried out using the P2P WebRTC protocol, which supports bypassing address translators.
Currently around 8000 proxies are active daily, running on different networks around the world. Maintaining a large network of proxy servers is facilitated by the fact that to start your proxy you do not need to run a server application, but rather install a special browser plug-in on the user's system. The initial connection uses the »front domain« technique, which allows HTTPS to be addressed by specifying a dummy host in the SNI and passing the requested host name in the HTTP host header within a TLS session (for example, you can use networks distribution to avoid blocking).
In addition, also the interface for the first connection to the Tor network has been improved, which has been moved from the panel to the main screen and has been implemented in the form of a new service page "About: torconnect". The browser now automatically detects the work of censored networks and offers bridged gateways to avoid blocking and also The connection flow for browser users has been improved.
Finally, in the announcement of this new version, it is also mentioned that NoScript 11.2.9, Tor Launcher 0.2.30, libevent 2.1.12 and support for CentOS 6 have been removed.
If you want to know more about it of this new version of the browser, you can consult the original note In the following link.
Download Tor 10.5
For those who are interested in being able to use the new version, they can download the browser from the following link.