Most Frequently Asked Questions

Tor Browser prevents people from knowing the websites you visit. Some entities, such as your Internet Service Provider (ISP), may be able to see that you're using Tor, but they won't know where you're going when you do.

Tor Browser can certainly help people access your website in places where it is blocked. Most of the time, simply downloading the Tor Browser and then using it to navigate to the blocked site will allow access. In places where there is heavy censorship we have a number of censorship circumvention options available, including pluggable transports.

For more information, please see the Tor Browser User Manual section on censorship.

It's strongly discouraged to install new add-ons in Tor Browser, because they can compromise your privacy and security. Tor Browser already comes installed with two add-ons — HTTPS Everywhere and NoScript — and adding anything else could deanonymize you.

Tor Browser is currently available on Windows, Linux and macOS.

For Android, The Guardian Project maintains the Tor-powered apps Orbot and Orfox.

There is no official version of Tor for iOS yet, though we recommend Onion Browser.

Generally speaking, we don't recommend using a VPN with Tor unless you're an advanced user who knows how to configure both in a way that doesn't compromise your privacy.

You can find more detailed information about Tor + VPN at our wiki.

Tor Browser

Digital signature is a process ensuring that a certain package was generated by its developers and has not been tampered with. Below we explain why it is important and how to verify that the Tor program you download is the one we have created and has not been modified by some attacker.

Each file on our download page is accompanied by a file with the same name as the package and the extension ".asc". These .asc files are OpenPGP signatures. They allow you to verify the file you've downloaded is exactly the one that we intended you to get. For example, torbrowser-install-win64-8.5.4_en-US.exe is accompanied by torbrowser-install-win64-8.5.4_en-US.exe.asc.

We now show how you can verify the downloaded file's digital signature on different operating systems. Please notice that a signature is dated the moment the package has been signed. Therefore every time a new file is uploaded a new signature is generated with a different date. As long as you have verified the signature you should not worry that the reported date may vary.

Installing GnuPG

First of all you need to have GnuPG installed before you can verify signatures.

For Windows users:

If you run Windows, download Gpg4win and run its installer.

In order to verify the signature you will need to type a few commands in windows command-line, cmd.exe.

For macOS users:

If you are using macOS, you can install GPGTools.

In order to verify the signature you will need to type a few commands in the Terminal (under "Applications").

For GNU/Linux users:

If you are using GNU/Linux, then you probably already have GnuPG in your system, as most GNU/Linux distributions come with it preinstalled.

In order to verify the signature you will need to type a few commands in a terminal window. How to do this will vary depending on your distribution.

Fetching the Tor Developers key

The Tor Browser team signs Tor Browser releases. Import the Tor Browser Developers signing key (0xEF6E286DDA85EA2A4BA7DE684E2C6E8793298290):

gpg --auto-key-locate nodefault,wkd --locate-keys torbrowser@torproject.org

This should show you something like:

gpg: key 4E2C6E8793298290: public key "Tor Browser Developers (signing key) <torbrowser@torproject.org>" imported
gpg: Total number processed: 1
gpg:               imported: 1
pub   rsa4096 2014-12-15 [C] [expires: 2020-08-24]
      EF6E286DDA85EA2A4BA7DE684E2C6E8793298290
uid           [ unknown] Tor Browser Developers (signing key) <torbrowser@torproject.org>
sub   rsa4096 2018-05-26 [S] [expires: 2020-09-12]

After importing the key, you can save it to a file (identifying it by fingerprint here):

gpg --output ./tor.keyring --export 0xEF6E286DDA85EA2A4BA7DE684E2C6E8793298290

Verifying the signature

To verify the signature of the package you downloaded, you will need to download the corresponding ".asc" signature file as well as the installer file itself, and verify it with a command that asks GnuPG to verify the file that you downloaded.

The examples below assume that you downloaded these two files to your "Downloads" folder.

The result of the command should produce something like this:

gpgv: Signature made 07/08/19 04:03:49 Pacific Daylight Time
gpgv:                using RSA key EB774491D9FF06E2
gpgv: Good signature from "Tor Browser Developers (signing key) <torbrowser@torproject.org>"

For Windows users:

gpgv --keyring .\tor.keyring Downloads\torbrowser-install-win64-8.5.4_en-US.exe.asc Downloads\torbrowser-install-win64-8.5.4_en-US.exe

For macOS users:

gpgv --keyring ./tor.keyring ~/Downloads/TorBrowser-8.5.4-osx64_en-US.dmg{.asc,}

For GNU/Linux users (change 64 to 32 if you have the 32-bit package):

gpgv --keyring ./tor.keyring tor-browser-linux64-8.5.4_en-US.tar.xz{.asc,}

You may also want to learn more about GnuPG.

Whenever we release a new stable version of Tor Browser, we write a blog post that details its new features and known issues. If you started having issues with your Tor Browser after an update, check out blog.torproject.org for a post on the most recent stable Tor Browser to see if your issue is listed. If your issue is not listed, please file a bug report about what you're experiencing.

Most antivirus or malware protection allows the user to "whitelist" certain processes that would otherwise be blocked. Please open your antivirus or malware protection software and look in the settings for a "whitelist" or something similar. Next, exclude the following processes:

  • For Windows
    • firefox.exe
    • tor.exe
    • obfs4proxy.exe (if you use bridges)
  • For macOS
    • TorBrowser
    • tor.real
    • obfs4proxy (if you use bridges)

Finally, restart Tor Browser. This should fix the issues you're experiencing. Please note that some antivirus clients, like Kaspersky, may also be blocking Tor at the firewall level.

The file you download and run prompts you for a destination. If you don't remember what this destination was, it's most likely your Downloads or Desktop folder.

The default setting in the Windows installer also creates a shortcut for you on your Desktop, though be aware that you may have accidentally deselected the option to create a shortcut.

If you can't find it in either of those folders, download it again and look for the prompt that asks you to choose a directory to download it in. Choose a directory location that you'll remember easily, and once the download finishes you should see a Tor Browser folder there.

Flash is disabled in Tor Browser, and we recommend you do not enable it. We don’t think Flash is safe to use in any browser — it's a very insecure piece of software that can easily compromise your privacy or serve you malware. Fortunately, most websites, devices, and other browsers are moving away from the use of Flash.

Only Tor Browser's traffic will be routed over the Tor network. Any other application on your system (including other browsers) will not have their connections routed over the Tor network, and will not be protected. They need to be configured separately to use Tor. If you need to be sure that all traffic will go through the Tor network, take a look at the Tails live operating system which you can start on almost any computer from a USB stick or a DVD.

It's strongly discouraged to install new add-ons in Tor Browser, because they can compromise your privacy and security. Tor Browser already comes installed with two add-ons — HTTPS Everywhere and NoScript — and adding anything else could deanonymize you.

Unfortunately, we don't yet have a version of Tor Browser for Chrome OS.

Modifying the way that Tor creates its circuits is strongly discouraged. You get the best security that Tor can provide when you leave the route selection to Tor; overriding the entry / exit nodes can compromise your anonymity. If the outcome you want is simply to be able to access resources that are only available in one country, you may want to consider using a VPN instead of using Tor. Please note that VPNs do not have the same privacy properties as Tor, but they will help solve some geolocation restriction issues.

If you run Tor Browser and another browser at the same time, it won't affect Tor's performance or privacy properties. However, be aware that your other browser is not keeping your activity private, and you may forget and accidentally use that non-private browser to do something that you intended to do in Tor Browser.

Sorry, but there is currently no official support for running Tor Browser on *BSD. There is something called the TorBSD project, but their Tor Browser is not officially supported.

You might be on a censored network, and so you should try using bridges. Some bridges are built in to Tor Browser, and you can use those bridges by choosing "configure" (then following the prompts) in the Tor Launcher window that pops up when you open Tor Browser for the first time. If you need other bridges, you can get them at our Bridges website. For more information about bridges, see the Tor Browser manual.

That is normal Tor behavior. The first relay in your circuit is called an "entry guard" or "guard". It is a fast and stable relay that remains the first one in your circuit for 2-3 months in order to protect against a known anonymity-breaking attack. The rest of your circuit changes with every new website you visit, and all together these relays provide the full privacy protections of Tor. For more information on how guard relays work, see this blog post and paper on entry guards.

One of the most common issues that causes connection errors in Tor Browser is an incorrect system clock. Please make sure your system clock and timezone are set accurately. If this doesn't fix the problem, see the Troubleshooting page on the Tor Browser manual.

Click the button labelled "Copy Tor Log To Clipboard" that appears in the dialog window when Tor Browser is first connecting to the network. If Tor Browser is already open, click on the Torbutton icon (the small green onion at the top-left of the screen), then "Open Network Settings", then "Copy Tor Log To Clipboard". Once you have copied the log, you will be able to paste it into a text editor or email client.

Using Tor Browser can sometimes be slower than other browsers. The Tor network has over a million daily users, and just over 6000 relays to route all of their traffic, and the load on each server can sometimes cause latency. You can help improve the speed of the network by running your own relay, or encouraging others to do so. That said, Tor is much faster than it used to be and you may not actually notice any change in speed from other browsers.

DuckDuckGo is the default search engine in Tor Browser. DuckDuckGo does not track its users nor does it store any data about user searches. Learn more about DuckDuckGo privacy policy.

Please see the DuckDuckGo support portal. If you believe this is a Tor Browser issue, please report it on our bug tracker.

Please see the NoScript FAQ. If you believe this is a Tor Browser issue, please report it on our bug tracker.

Please see the HTTPS Everywhere FAQ. If you believe this is a Tor Browser issue, please report it on our bug tracker.

You can update Tor Browser as soon as a new version is released.

Tor Browser will prompt you to update the software once a new version has been released.

The Torbutton icon (the little onion in the top left corner of the browser) will display a yellow triangle.

Check for Tor Browser Update

You may see a written indication when Tor Browser opens telling you that an update is available.

New release alert

Tor browser will install the updates.

New release alert

Removing Tor Browser from your system is simple:

  • Locate your Tor Browser folder or application. The default location on Windows is the Desktop; on macOS it is the Applications folder (on macOS, you have to move it into the Applications folder when you complete the installation process). On Linux, there is no default location, however the folder will be named "tor-browser_en-US" if you are running the English Tor Browser.
  • Delete the Tor Browser folder or application.
  • Empty your Trash.
  • Note that your operating system’s standard "Uninstall" utility is not used.

Tor Browser has two ways to change your relay circuit — "New Identity" and "New Tor Circuit for this Site".

Both options are located in the Menu, but you can also access the New Circuit option inside the site information menu, in the URL bar.

New Identity

This option is useful if you want to prevent your subsequent browser activity from being linkable to what you were doing before.

Selecting it will close all your tabs and windows, clear all private information such as cookies and browsing history, and use new Tor circuits for all connections.

Tor Browser will warn you that all activity and downloads will be stopped, so take this into account before clicking "New Identity".

Tor Browser Menu

New Tor Circuit for this Site

This option is useful if the exit relay you are using is unable to connect to the website you require, or is not loading it properly. Selecting it will cause the currently-active tab or window to be reloaded over a new Tor circuit.

Other open tabs and windows from the same website will use the new circuit as well once they are reloaded.

This option does not clear any private information or unlink your activity, nor does it affect your current connections to other websites.

New Circuit for this Site

Tor Browser prevents people from knowing the websites you visit. Some entities, such as your Internet Service Provider (ISP), may be able to see that you're using Tor, but they won't know where you're going when you do.

Tor Browser often makes your connection appear as though it is coming from an entirely different part of the world. Some websites, such as banks or email providers, might interpret this as a sign that your account has been compromised, and lock you out.

The only way to resolve this is by following the site’s recommended procedure for account recovery, or contacting the operators and explaining the situation.

You may be able to avoid this scenario if your provider offers 2-factor authentication, which is a much better security option than IP-based reputations. Contact your provider and ask them if they provide 2FA.

Tor Browser is currently available on Windows, Linux and macOS.

For Android, The Guardian Project maintains the Tor-powered apps Orbot and Orfox.

There is no official version of Tor for iOS yet, though we recommend Onion Browser.

There is currently no supported method for setting Tor Browser as your default browser. The Tor Browser works hard to isolate itself from the rest of your system, and the steps for making it the default browser are unreliable. This means sometimes a website would load in the Tor Browser, and sometimes it would load in another browser, this type of behavior can be dangerous and anonymity-breaking.

Running Tor Browser does not make you act as a relay in the network. This means that your computer will not be used to route traffic for others. If you'd like to become a relay, please see our Tor Relay Guide.

We configure NoScript to allow JavaScript by default in Tor Browser because many websites will not work with JavaScript disabled. Most users would give up on Tor entirely if we disabled JavaScript by default because it would cause so many problems for them. Ultimately, we want to make Tor Browser as secure as possible while also making it usable for the majority of people, so for now, that means leaving JavaScript enabled by default.

For users who want to have JavaScript disabled on all HTTP sites by default, we recommend changing your Tor Browser's security slider (in the Tor Browser Onion menu under "Security Settings"). The standard level allows JavaScript, but the safer and safest levels both block JavaScript on HTTP sites.

Unfortunately, some websites deliver CAPTCHAs to Tor users, and we are not able to remove CAPTCHAs from websites. The best thing to do in these cases is to contact the website owners, and inform them that their CAPTCHAs are preventing users such as yourself from using their services.

We do not recommend running multiple instances of Tor Browser, and doing so may not work as anticipated on many platforms.

We want everyone to be able to enjoy Tor Browser in their own language. Tor Browser is now available in 25 different languages, and we are working to add more. Want to help us translate? See here

You can also help us testing the next languages we will release, by installing and testing Tor Browser Alpha releases.

When using Tor Browser, no one can see the websites that you visit. However, your service provider or network admins may be able to see that you're connecting to the Tor network, though they won't know what you're doing when you get there.

Sometimes JavaScript-heavy websites can have functional issues over Tor Browser. The simplest fix is to click on the "onion menu," then click on the security slider. Set your security to "Standard".

Tor Browser is a modified version of Firefox specifically designed for use with Tor. A lot of work has been put into making the Tor Browser, including the use of extra patches to enhance privacy and security. While it is technically possible to use Tor with other browsers, you may open yourself up to potential attacks or information leakage, so we strongly discourage it. Learn more about the design of Tor Browser.

In Tor Browser, every new domain gets its own circuit. The Design and Implementation of Tor Browser document further explains the thinking behind this design.

With the release of Tor Browser 6.0.6, we switched to DuckDuckGo as the primary search engine. For a while now, Disconnect has had no access to Google search results which we used in Tor Browser. Since Disconnect is more of a meta search engine which allows users to choose between different search providers, it fell back to delivering Bing search results which were basically unacceptable quality-wise.

Tor Browser is built using Firefox ESR, so errors regarding Firefox may occur. Please be sure no other instance of Tor Browser is already running, and that you have extracted Tor Browser in a location that your user has the correct permissions for. If you are running an anti-virus, please see My antivirus/malware protection is blocking me from accessing Tor Browser, it is common for anti-virus / anti-malware software to cause this type of issue.

You can certainly use another browser while you are also using Tor Browser. However, you should know that the privacy properties of Tor Browser will not be present in the other browser. Be careful when switching back and forth between Tor and a less safe browser, because you may accidentally use the other browser for something you intended to do using Tor.

Unfortunately, there is no supported way to make Tor Browser your default browser.

Sometimes websites will block Tor users because they can't tell the difference between the average Tor user and automated traffic. The best success we've had in getting sites to unblock Tor users is getting users to contact the site administrators directly. Something like this might do the trick:

"Hi! I tried to access your site xyz.com while using Tor Browser and discovered that you don't allow Tor users to access your site. I urge you to reconsider this decision; Tor is used by people all over the world to protect their privacy and fight censorship. By blocking Tor users, you are likely blocking people in repressive countries who want to use a free internet, journalists and researchers who want to protect themselves from discovery, whistleblowers, activists, and ordinary people who want to opt out of invasive third party tracking. Please take a strong stance in favor of digital privacy and internet freedom, and allow Tor users access to xyz.com. Thank you."

In the case of banks, and other sensitive websites, it is also common to see geography-based blocking (if a bank knows you generally access their services from one country, and suddenly you are connecting from an exit relay on the other side of the world, your account may be locked or suspended).

If you are unable to connect to an onion service, please see I cannot reach X.onion!

Tor Browser can certainly help people access your website in places where it is blocked. Most of the time, simply downloading the Tor Browser and then using it to navigate to the blocked site will allow access. In places where there is heavy censorship we have a number of censorship circumvention options available, including pluggable transports.

For more information, please see the Tor Browser User Manual section on censorship.

We strongly recommend against using Tor in any browser other than Tor Browser. Using Tor in another browser can leave you vulnerable without the privacy protections of Tor Browser.

Tor Messenger

No. After eleven beta releases, we discontinued support of Tor Messenger. We still believe in Tor's ability to be used in a messaging app, but we don't have the resources to make it happen right now. Do you? Contact us.

Tor Mobile

Tor on Android is provided by The Guardian Project. More information can be found on the Orbot and Orfox web pages. Orfox is for web browsing, and Orbot can route other apps on your Android phone over the Tor network.

The Guardian Project maintains Tor (and other privacy applications) on Android. More info can be found on the Guardian Project's website.

We recommend an iOS app called Onion Browser, which is open source, uses Tor routing, and is developed by someone who works closely with the Tor Project. However, Apple requires browsers on iOS to use something called Webkit, which prevents Onion Browser from having the same privacy protections as Tor Browser. Learn more about Onion Browser.

There is currently no supported method for running Tor on Windows Phone.

We are currently working on Tor Browser for Android, and you can test our alpha releases. Please watch our blog for future announcements and details regarding this project.

GetTor

If you can't download Tor Browser through our website, you can get a copy of Tor Browser delivered to you via GetTor. GetTor is a service that automatically responds to messages with links to the latest version of Tor Browser, hosted at a variety of locations that are less likely to be censored, such as Dropbox, Google Drive, and GitHub.

Send an email to gettor@torproject.org. Write your operating system (such as Windows, macOS, or Linux) in the body of the message and send. GetTor will respond with an email containing links from which you can download Tor Browser, the cryptographic signature (needed for verifying the download), the fingerprint of the key used to make the signature, and the package’s checksum. You may be offered a choice of "32-bit" or "64-bit" software: this depends on the model of the computer you are using; consult documentation about your computer to find out more.

To get links for downloading Tor Browser, send a direct message to @get_tor with one of the following codes in it (you don't need to follow the account):

  • Linux
  • macOS (OS X)
  • Windows

To get links for downloading Tor Browser, send a message to gettor@torproject.org with one of the following codes in it:

  • Linux
  • macOS (OS X)
  • Windows

Connecting To Tor

One of the most common issues that causes connection errors in Tor Browser is an incorrect system clock. Please make sure your system clock and timezone are set accurately. If this doesn't fix the problem, see the Troubleshooting page on the Tor Browser manual.

If you’re having trouble connecting, please select the option to "copy Tor log to clipboard." Then paste the Tor log into a text file or other document. You should see one of these common log errors (look for the following lines in your Tor log):

Common log error #1: Proxy connection failure
2017-10-29 09:23:40.800 [NOTICE] Opening Socks listener on 127.0.0.1:9150
2017-10-29 09:23:47.900 [NOTICE] Bootstrapped 5%: Connecting to directory server
2017-10-29 09:23:47.900 [NOTICE] Bootstrapped 10%: Finishing handshake with directory server
2017-10-29 09:24:08.900 [WARN] Proxy Client: unable to connect to xx..xxx..xxx.xx:xxxxx ("general SOCKS server failure")

If you see lines like these in your Tor log, it means you are failing to connect to a SOCKS proxy. If a SOCKS proxy is required for your network setup, then please make sure you’ve entered your proxy details correctly. If a SOCKS proxy is not required, or you’re not sure, please try connecting to the Tor network without a SOCKS proxy.

Common log error #2: Can’t reach guard relays
11/1/2017 21:11:43 PM.500 [NOTICE] Opening Socks listener on 127.0.0.1:9150
11/1/2017 21:11:44 PM.300 [NOTICE] Bootstrapped 80%: Connecting to the Tor network
11/1/2017 21:11:44 PM.300 [WARN] Failed to find node for hop 0 of our path. Discarding this circuit.
11/1/2017 21:11:44 PM.500 [NOTICE] Bootstrapped 85%: Finishing handshake with first hop
11/1/2017 21:11:45 PM.300 [WARN] Failed to find node for hop 0 of our path. Discarding this circuit.

If you see lines like these in your Tor log, it means your Tor failed to connect to the first node in the Tor circuit. This could mean that you’re on a network that’s censored.

Please try connecting with bridges, and that should fix the problem.

Common log error #3: Failed to complete TLS handshake
13-11-17 19:52:24.300 [NOTICE] Bootstrapped 10%: Finishing handshake with directory server 
13-11-17 19:53:49.300 [WARN] Problem bootstrapping. Stuck at 10%: Finishing handshake with directory server. (DONE; DONE; count 10; recommendation warn; host [host] at xxx.xxx.xxx.xx:xxx) 
13-11-17 19:53:49.300 [WARN] 10 connections have failed: 
13-11-17 19:53:49.300 [WARN]  9 connections died in state handshaking (TLS) with SSL state SSLv2/v3 read server hello A in HANDSHAKE 
13-11-17 19:53:49.300 [WARN]  1 connections died in state connect()ing with SSL state (No SSL object)

If you see lines like this in your Tor log, it means that Tor failed to complete a TLS handshake with the directory authorities. Using bridges will likely fix this.

Common log error #4: Clock skew
19.11.2017 00:04:47.400 [NOTICE] Opening Socks listener on 127.0.0.1:9150 
19.11.2017 00:04:48.000 [NOTICE] Bootstrapped 5%: Connecting to directory server 
19.11.2017 00:04:48.200 [NOTICE] Bootstrapped 10%: Finishing handshake with directory server 
19.11.2017 00:04:48.800 [WARN] Received NETINFO cell with skewed time (OR:xxx.xx.x.xx:xxxx): It seems that our clock is behind by 1 days, 0 hours, 1 minutes, or that theirs is ahead. Tor requires an accurate clock to work: please check your time, timezone, and date settings.

If you see lines like this in your Tor log, it means your system clock is incorrect. Please make sure your clock is set accurately, including the correct timezone. Then restart Tor.

If you cannot reach the onion service you desire, make sure that you have entered the 16-character or, the newest format, 56-character onion address correctly: even a small mistake will stop Tor Browser from being able to reach the site. If you are still unable to connect to the onion service, please try again later. There may be a temporary connection issue, or the site operators may have allowed it to go offline without warning.

You can also ensure that you're able to access other onion services by connecting to DuckDuckGo's onion service.

Censorship

Tor Browser can certainly help people access your website in places where it is blocked. Most of the time, simply downloading the Tor Browser and then using it to navigate to the blocked site will allow access. In places where there is heavy censorship we have a number of censorship circumvention options available, including pluggable transports.

For more information, please see the Tor Browser User Manual section on censorship.

Sometimes websites will block Tor users because they can't tell the difference between the average Tor user and automated traffic. The best success we've had in getting sites to unblock Tor users is getting users to contact the site administrators directly. Something like this might do the trick:

"Hi! I tried to access your site xyz.com while using Tor Browser and discovered that you don't allow Tor users to access your site. I urge you to reconsider this decision; Tor is used by people all over the world to protect their privacy and fight censorship. By blocking Tor users, you are likely blocking people in repressive countries who want to use a free internet, journalists and researchers who want to protect themselves from discovery, whistleblowers, activists, and ordinary people who want to opt out of invasive third party tracking. Please take a strong stance in favor of digital privacy and internet freedom, and allow Tor users access to xyz.com. Thank you."

In the case of banks, and other sensitive websites, it is also common to see geography-based blocking (if a bank knows you generally access their services from one country, and suddenly you are connecting from an exit relay on the other side of the world, your account may be locked or suspended).

If you are unable to connect to an onion service, please see I cannot reach X.onion!

If you can't download Tor Browser through our website, you can get a copy of Tor Browser delivered to you via GetTor. GetTor is a service that automatically responds to messages with links to the latest version of Tor Browser, hosted at a variety of locations that are less likely to be censored, such as Dropbox, Google Drive, and GitHub.

You might be on a censored network, and so you should try using bridges. Some bridges are built in to Tor Browser, and you can use those bridges by choosing "configure" (then following the prompts) in the Tor Launcher window that pops up when you open Tor Browser for the first time. If you need other bridges, you can get them at our Bridges website. For more information about bridges, see the Tor Browser manual.

If you’re having trouble connecting, please select the option to "copy Tor log to clipboard." Then paste the Tor log into a text file or other document. You should see one of these common log errors (look for the following lines in your Tor log):

Common log error #1: Proxy connection failure
2017-10-29 09:23:40.800 [NOTICE] Opening Socks listener on 127.0.0.1:9150
2017-10-29 09:23:47.900 [NOTICE] Bootstrapped 5%: Connecting to directory server
2017-10-29 09:23:47.900 [NOTICE] Bootstrapped 10%: Finishing handshake with directory server
2017-10-29 09:24:08.900 [WARN] Proxy Client: unable to connect to xx..xxx..xxx.xx:xxxxx ("general SOCKS server failure")

If you see lines like these in your Tor log, it means you are failing to connect to a SOCKS proxy. If a SOCKS proxy is required for your network setup, then please make sure you’ve entered your proxy details correctly. If a SOCKS proxy is not required, or you’re not sure, please try connecting to the Tor network without a SOCKS proxy.

Common log error #2: Can’t reach guard relays
11/1/2017 21:11:43 PM.500 [NOTICE] Opening Socks listener on 127.0.0.1:9150
11/1/2017 21:11:44 PM.300 [NOTICE] Bootstrapped 80%: Connecting to the Tor network
11/1/2017 21:11:44 PM.300 [WARN] Failed to find node for hop 0 of our path. Discarding this circuit.
11/1/2017 21:11:44 PM.500 [NOTICE] Bootstrapped 85%: Finishing handshake with first hop
11/1/2017 21:11:45 PM.300 [WARN] Failed to find node for hop 0 of our path. Discarding this circuit.

If you see lines like these in your Tor log, it means your Tor failed to connect to the first node in the Tor circuit. This could mean that you’re on a network that’s censored.

Please try connecting with bridges, and that should fix the problem.

Common log error #3: Failed to complete TLS handshake
13-11-17 19:52:24.300 [NOTICE] Bootstrapped 10%: Finishing handshake with directory server 
13-11-17 19:53:49.300 [WARN] Problem bootstrapping. Stuck at 10%: Finishing handshake with directory server. (DONE; DONE; count 10; recommendation warn; host [host] at xxx.xxx.xxx.xx:xxx) 
13-11-17 19:53:49.300 [WARN] 10 connections have failed: 
13-11-17 19:53:49.300 [WARN]  9 connections died in state handshaking (TLS) with SSL state SSLv2/v3 read server hello A in HANDSHAKE 
13-11-17 19:53:49.300 [WARN]  1 connections died in state connect()ing with SSL state (No SSL object)

If you see lines like this in your Tor log, it means that Tor failed to complete a TLS handshake with the directory authorities. Using bridges will likely fix this.

Common log error #4: Clock skew
19.11.2017 00:04:47.400 [NOTICE] Opening Socks listener on 127.0.0.1:9150 
19.11.2017 00:04:48.000 [NOTICE] Bootstrapped 5%: Connecting to directory server 
19.11.2017 00:04:48.200 [NOTICE] Bootstrapped 10%: Finishing handshake with directory server 
19.11.2017 00:04:48.800 [WARN] Received NETINFO cell with skewed time (OR:xxx.xx.x.xx:xxxx): It seems that our clock is behind by 1 days, 0 hours, 1 minutes, or that theirs is ahead. Tor requires an accurate clock to work: please check your time, timezone, and date settings.

If you see lines like this in your Tor log, it means your system clock is incorrect. Please make sure your clock is set accurately, including the correct timezone. Then restart Tor.

Bridge relays are Tor relays that are not listed in the public Tor directory. That means that ISPs or governments trying to block access to the Tor network can't simply block all bridges. Bridges are useful for Tor users under oppressive regimes, and for people who want an extra layer of security because they're worried somebody will recognize that they are contacting a public Tor relay IP address.

A bridge is just a normal relay with a slightly different configuration. See How do I run a bridge for instructions.

Several countries, including China and Iran, have found ways to detect and block connections to Tor bridges. Obfsproxy bridges address this by adding another layer of obfuscation. Setting up an obfsproxy bridge requires an additional software package and additional configurations. See our page on pluggable transports for more info.

HTTPS

Tor prevents eavesdroppers from learning sites that you visit. However, information sent unencrypted over the internet using plain HTTP can still be intercepted by exit relay operators or anyone observing the traffic between your exit relay and your destination website. If the site you are visiting uses HTTPS, then the traffic leaving your exit relay will be encrypted, and won't be visible to eavesdroppers.

https

If you are using HTTPS, your website URL will begin with "https://".

https

This visualization shows what information is visible to eavesdroppers with and without Tor Browser and HTTPS encryption.

Operators

For the most in-depth resource on running a relay, see the Tor Relay Guide.

  • Run "apt-get install tor" (as root).
  • Make sure your clock, date, and timezone are set correctly. Install the ntp or openntpd (or similar) package to keep it that way.
  • Edit /etc/tor/torrc to look like the following:
## The IP address or hostname for incoming connections (leave commented and Tor will guess)
#Address noname.example.com

## A handle for your relay, so people don't have to refer to it by key.
Nickname ididnteditheconfig

## Set your own contact info
ContactInfo 0xFFFFFFFF Random Person <nobody AT example dot com>

## If you control multiple relays, include them in the family
#MyFamily $keyid,$keyid,...

ORPort 9001
DirPort 9030

## Set your bandwidth rate (leave commented and Tor will run without bandwidth caps)
#RelayBandwidthRate 30 MBytes
#RelayBandwidthBurst 100 MBytes

ExitPolicy reject *:*
  • Run "service tor reload" (as root)
  • After your relay connects to the network, it will try to determine whether the ports you configured are reachable from the outside. This step is usually fast, but it may take a few minutes.
  • Look for a log entry in /var/log/syslog such as "Self-testing indicates your ORPort is reachable from the outside. Excellent." If you don't see this message, it means that your relay is not reachable from the outside. You should re-check your firewalls, check that the IP and ports you specified in your torrc are correct, etc.
  • When it confirms that it's reachable, it will upload a "server descriptor" to the directory authorities to let clients know what address, ports, keys, etc your relay is using.
  • After a few hours (to give it enough time to propagate), you can query Metrics to see whether your relay has successfully registered in the network. If it hasn't, re-check firewalls, IP and ports again.

For the most in-depth resource on running a relay, see the Tor Relay Guide.

  • Review our Exit relay guidelines
  • Run "apt-get install tor" (as root).
  • Make sure your clock, date, and timezone are set correctly. Install the ntp or openntpd (or similar) package to keep it that way.
  • Edit /etc/tor/torrc to look like the following:
## A handle for your relay, so people don't have to refer to it by key.
Nickname ididnteditheconfig

## Set your own contact info
ContactInfo 0xFFFFFFFF Random Person <nobody AT example dot com>

ORPort 9001
DirPort 9030

## The IP address or hostname for incoming connections (leave commented and Tor will guess)
#Address noname.example.com

## Set your bandwidth rate (leave commented and Tor will run without bandwidth caps)
#RelayBandwidthRate 30 MBytes
#RelayBandwidthBurst 100 MBytes

## If you control multiple relays, include them in the family
#MyFamily $keyid,$keyid,...
  • Run "service tor reload" (as root)
  • After your relay connects to the network, it will try to determine whether the ports you configured are reachable from the outside. This step is usually fast, but it may take a few minutes.

    Look for a log entry in your /var/log/syslog such as "Self-testing indicates your ORPort is reachable from the outside. Excellent." If you don't see this message, it means that your relay is not reachable from the outside. You should re-check your firewalls, check that the IP and ports you specified in your torrc are correct, etc.

  • When it confirms that it's reachable, it will upload a "server descriptor" to the directory authorities to let clients know what address, ports, keys, etc your relay is using.

After a few hours (to give it enough time to propagate), you can query Metrics to see whether your relay has successfully registered in the network. If it hasn't, re-check firewalls, IP and ports again.

Consider if you'd like to switch to the Reduced exit policy.

For the most in-depth resource on running a relay, see the Tor Relay Guide.

  • Run "pkg install tor" (as root).
  • Make sure your clock, date, and timezone are set correctly. Enabling ntpd is suggested.
  • Edit /usr/local/etc/tor/torrc to look like the following:
## A handle for your relay, so people don't have to refer to it by key.
Nickname ididnteditheconfig

## Set your own contact info
ContactInfo 0xFFFFFFFF Random Person <nobody AT example dot com>

ORPort 9001
DirPort 9030

## Set your bandwidth rate (leave commented and Tor will run without bandwidth caps)
#RelayBandwidthRate 30 MBytes
#RelayBandwidthBurst 100 MBytes

ExitPolicy reject *:*

## If you control multiple relays, include them in the family
#MyFamily $keyid,$keyid,...

RunAsDaemon 1
Log notice file /var/log/tor/notices.log
  • Make sure tor starts on boot by running "sysrc tor_enable=YES" (as root)
  • Run "service tor start" (as root)
  • After your relay connects to the network, it will try to determine whether the ports you configured are reachable from the outside. This step is usually fast, but it may take a few minutes.
  • Look for a log entry in /var/log/tor/notices.log such as "Self-testing indicates your ORPort is reachable from the outside. Excellent." If you don't see this message, it means that your relay is not reachable from the outside. You should re-check your firewalls, check that the IP and ports you specified in your torrc are correct, etc.
  • When it confirms that it's reachable, it will upload a "server descriptor" to the directory authorities to let clients know what address, ports, keys, etc your relay is using.
  • After a few hours (to give it enough time to propagate), you can query Metrics to see whether your relay has successfully registered in the network. If it hasn't, re-check firewalls, IP and ports again.

  • Do not use the packages in Ubuntu's repositories. They are not reliably updated. If you use them, you will miss important stability and security fixes.
  • Determine your Ubuntu version by running the following command:
     $ lsb_release -c
    
  • As root, add the following lines to /etc/apt/sources.list. Replace 'version' with the version you found in the previous step:
     $ deb https://deb.torproject.org/torproject.org version main
     $ deb-src https://deb.torproject.org/torproject.org version main
    
  • Add the gpg key used to sign the packages by running the following commands:
     $ curl https://deb.torproject.org/torproject.org/A3C4F0F979CAA22CDBA8F512EE8CBC9E886DDD89.asc | sudo apt-key add -
    
  • Run the following commands to install tor and check its signatures:
     $ sudo apt-get update
     $ sudo apt-get install tor deb.torproject.org-keyring
    

See our obfs4 setup guide to learn how to set up an obfs4 bridge.

No. If law enforcement becomes interested in traffic from your exit relay, it's possible that officers will seize your computer. For that reason, it's best not to run your exit relay in your home or using your home internet connection.

Instead, consider running your exit relay in a commercial facility that is supportive of Tor. Have a separate IP address for your exit relay, and don't route your own traffic through it. Of course, you should avoid keeping any sensitive or personal information on the computer hosting your exit relay.

Onion Services

Websites that are only accessible over Tor are called "onions" and end in the TLD .onion. For example, the DuckDuckGo onion is https://3g2upl4pq6kufc4m.onion. You can access these websites by using Tor Browser. The addresses must be shared with you by the website host, as onions are not indexed in search engines in the typical way that vanilla websites are.

Onion services allow people to browse but also to publish anonymously, including publishing anonymous websites.

Onion services are also relied on for metadata-free chat and file sharing, safer interaction between journalists and their sources like with SecureDrop or OnionShare, safer software updates, and more secure ways to reach popular websites like Facebook.

These services use the special-use top level domain (TLD) .onion (instead of .com, .net, .org, etc..) and are only accessible through the Tor network.

When accessing a website that uses an onion service, Tor Browser will show at the URL bar an icon of a little green onion displaying the state of your connection: secure and using an onion service.

Onion icon

And if you're accessing a website with HTTPS and onion service, it will show an icon of a green onion and a padlock.

Green onion with a padlock

If you cannot reach the onion service you desire, make sure that you have entered the 16-character or, the newest format, 56-character onion address correctly: even a small mistake will stop Tor Browser from being able to reach the site. If you are still unable to connect to the onion service, please try again later. There may be a temporary connection issue, or the site operators may have allowed it to go offline without warning.

You can also ensure that you're able to access other onion services by connecting to DuckDuckGo's onion service.

Misc

The community team has developed this Glossary of terms about and related to Tor

A

add-on, extension, or plugin

Add-ons, extensions, and plugins are components that can be added to web browsers to give them new features. Tor Browser comes with two add-ons installed: NoScript and HTTPS Everywhere. You should not install any additional add-ons to Tor Browser because that can compromise some of its privacy features.

antivirus software

An antivirus software is used to prevent, detect and remove malicious software. Antivirus software can interfere with Tor running on your computer. You may need to consult the documentation for your antivirus software if you do not know how to allow Tor.

App

A web application (web app), is an application which the client runs in a web browser. App can also refer to software that you install on mobile operating systems.

Atlas

Atlas is a web application to learn about currently running Tor relays.

B

bandwidth authority

To determine a relay's throughput, special relays called bandwidth authorities take periodic measurements of the relays in the consensus.

bridge

Like ordinary Tor relays, bridges are run by volunteers; unlike ordinary relays, however, they are not listed publicly, so an adversary cannot identify them easily. Pluggable transports are a type of bridge that help disguise the fact that you are using Tor.

bridge authority

A special-purpose relay that maintains the list of bridges.

browser fingerprinting

Fingerprinting is the process of collecting information about a device or service to make educated guesses about its identity or characteristics. Unique behavior or responses can be used to identify the device or service analyzed. Tor Browser prevents fingerprinting.

browsing history

A browser history is a record of requests made while using a web browser, and includes information like websites visited and when. Tor Browser deletes your browsing history after you close your session.

C

CAPTCHA

Captchas are a challenge-response test used in computing to determine whether the user is human or not. Tor users are often served captchas because Tor relays make so many requests that sometimes websites have a hard time determining whether or not those requests are coming from humans or from bots.

checksum

Checksums are hashvalues of files. If you have downloaded the software without errors, the given checksum and the checksum of your downloaded file will be identical.

circuit

A path through the Tor network built by clients consisting of randomly selected nodes. The circuit begins with either a bridge or a guard. Most circuits consist of three nodes - a guard or bridge, a middle relay, and an exit. Most onion services use six hops in a circuit (with the exception of single onion services), and never an exit node. You can view your current Tor circuit by clicking on the onion button in Tor Browser.

client

In Tor, a client is a node in the Tor network, typically running on behalf of one user, that routes application connections over a series of relays.

Compass

Compass is a web application to learn about currently running Tor relays in bulk.

consensus

In Tor terms, a single document compiled and voted on by the directory authorities once per hour, ensuring that all clients have the same information about the relays that make up the Tor network.

cookie

An HTTP cookie (also called web cookie, Internet cookie, browser cookie or simply cookie) is a small piece of data sent from a website and stored on the user's computer by the user's web browser while the user is browsing. Tor Browser does not store cookies.

cross-site scripting (XSS)

Cross-Site Scripting (XSS) allows an attacker to add malicious functionality or behavior to a website when they shouldn't have the ability to do so.

cryptographic signature

A cryptographic signature proves the authenticity of a message or file. It is created by the holder of the private portion of a public key cryptography key pair and can be verified by the corresponding public key. If you download software from torproject.org, you will find it as signature files (.asc). These are PGP signatures, so you can verify that the file you have downloaded is exactly the one that we intended you to get. For more information about how you can verify signatures, please see here.

D

Daemon

A daemon is a computer program that runs as a background process, rather than being under the direct control of a user.

directory authority

A special-purpose relay that maintains a list of currently-running relays and periodically publishes a consensus together with the other directory authorities.

E

encryption

The process of taking a piece of data and scrambling it into a secret code that can only be read by the intended recipient. Tor uses three layers of encryption in the Tor circuit; each relay decrypts one layer before passing the request on to the next relay.

end-to-end encrypted

Transmitted data which is encrypted from origin to destination is called end-to-end encrypted.

exit

The last relay in the Tor circuit which sends traffic out onto the public Internet. The service you are connecting to (website, chat service, email provider, etc..) will see the IP address of the exit.

ExoneraTor

The ExoneraTor service maintains a database of relay IP addresses that have been part of the Tor network. It answers the question whether there was a Tor relay running on a given IP address on a given date. This service is often useful when dealing with law enforcement.

F

Firefox

Mozilla Firefox is a free and open-source web browser developed by the Mozilla Foundation and its subsidiary, the Mozilla Corporation. Tor Browser is built from a modified version of Firefox ESR (Extended Support Release). Firefox is available for Windows, macOS and Linux operating systems, with its mobile version (fennec) available for Android.

firewall

A firewall is a network security system which monitors and controls the incoming and outgoing network traffic. This traffic filter is based on predetermined rules. A firewall typically establishes a barrier between a trusted, secure internal network and another outside network but it can also be used as a content filter in the sense of censorship. Sometimes people have trouble connecting to Tor because their firewall blocks Tor connections. You can reconfigure or disable your firewall and restart Tor to test this.

Flash Player

Flash Player is a browser pluginfor Internet applications to watch audio and video content. You should never enable Flash to run in Tor Browser as it is unsafe. Many services that use Flash also offer an HTML5 alternative, which should work in the Tor Browser.

fte

FTE (format-transforming encryption) is a pluggable transport that disguises Tor traffic as ordinary web (HTTP) traffic.

G

GetTor

It is a service that automatically responds to messages (Email, XMPP, Twitter) with links to the latest version of Tor Browser, hosted at a variety of locations, such as Dropbox, Google Drive and GitHub.

GSoC

The Tor Project participates in the Google Summer of Code, which is a summer program for university students.

guard

The first relay in the Tor circuit, unless using a bridge. When using a bridge, the bridge takes the place of the guard.

H

hash

A cryptographic hash value is the result of a mathematical algorithm that maps data to a bit string of a fixed size. It's designed as one-way-function which means the value is easy to calculate in one direction but infeasible to invert. Hash values serve to verify the integrity of data.

hidden services

Former name for "onion services", sometimes still in use in Tor documentation or communication.

hop

In Tor terms, a "hop" refers to traffic moving between relays in a circuit.

HTTP

The Hypertext Transfer Protocol (HTTP) is a channel used to send files and data between devices on a network. Originally used to transfer only web pages, it is now relied upon to deliver many forms of data and communication.

HTTPS

Hypertext Transfer Protocol Secure is the encrypted version of the HTTP channel used to transfer files and data between devices on a network.

HTTPS Everywhere

HTTPS Everywhere is a Firefox, Chrome, and Opera extension that makes HTTPS the default on websites that have set up HTTPS but have not made it the default. HTTPS Everywhere is installed in Tor Browser.

I

Internet Service Provider (ISP)

An Internet service provider (ISP) is an organization that provides services for accessing and using the Internet. When using Tor Browser, your ISP cannot see what websites you're visiting.

IP address

An Internet Protocol address (IP address) is a numerical (or alpha-numeric in the case of IPv6) label assigned to each device (e.g., computer, printer) participating in a computer network that uses the Internet Protocol for communication. The IP address is the location address of the device, similar to the addresses of physical locations. Tor Browser obscures your location by making it look like your traffic is coming from an IP address that is not your own.

J

JavaScript

JavaScript is a programming language that websites use to offer interactive elements such as video, animation, audio, and status timelines. Unfortunately, JavaScript can also enable attacks on the security of the web browser, which might lead to deanonymization. The NoScript extension in Tor Browser can be used to manage JavaScript on different websites.

K

L

little-t tor

"little-t tor" is one way of referring to tor the network daemon, as opposed to Tor Browser or Tor Project.

M

meek

These pluggable transports all make it look like you are browsing a major web site instead of using Tor. Meek-amazon makes it look like you are using Amazon Web Services; meek-azure makes it look like you are using a Microsoft web site; and meek-google makes it look like you are using Google search.

middle relay

The middle position in the Tor circuit. Non-exit relays can function as either a "middle" or a "guard" for different users.

N

New Identity

New Identity is a Tor Browser feature if you want to prevent your subsequent browser activity from being linkable to what you were doing before. Selecting it will close all your open tabs and windows, clear all private information such as cookies and browsing history, and use New Tor circuits for all connections. Tor Browser will warn you that all activity and downloads will be stopped, so take this into account before clicking “New Identity”. New Identity can also help if Tor Browser is having trouble connecting to a particular site, similarly to "New Tor Circuit for this Site".

New Tor Circuit for this Site

This option is useful if the exit you are using is unable to connect to the website you require, or is not loading it properly. Selecting it will cause the currently active tab or window to be reloaded over a new Tor circuit. Other open tabs and windows from the same website will use the new circuit as well once they are reloaded. This option does not clear any private information or unlink your activity, nor does it affect your current connections to other websites.

network censorship

Sometimes the direct access to the Tor network is blocked by your Internet Service Provider (ISP) or by a government. Tor Browser includes some circumvention tools for getting around these blocks, including bridges, pluggable transports, and GetTor.

NoScript

Tor Browser includes an add-on called NoScript, accessed through the “S” icon at the top-left of the window, which allows you to control the JavaScriptthat runs on individual web pages, or to block it entirely.

nyx

The anonymizing relay monitor (formerly arm, now nyx) is a terminal status monitor for Tor, intended for command-line usage. This is a tool for monitoring the core Tor process on a system, often useful for relay operators.

O

obfs3

Obfs3 is a pluggable transport that makes Tor traffic look random, so that it does not look like Tor or any other protocol. Obfs3 bridges will work in most places.

obfs4

Obfs4 is a pluggable transport that makes Tor traffic look random like obfs3, and also prevents censors from finding bridges by Internet scanning. Obfs4 bridges are less likely to be blocked than obfs3 bridges.

onion address

A standardized internet domain name used by onion services that ends in .onion and is designed to be self-authenticating.

OONI

OONI stands for "Open Observatory of Network Interference", it is a global observation network for detecting censorship, surveillance and traffic manipulation on the internet.

Onion Browser

An iOS app which is open source, uses Tor routing, and is developed by someone who works closely with the Tor Project. Learn more about Onion Browser

onion services

Onion services (formerly known as “hidden services”) are services (like websites) that are only accessible through the Tor network. Onion services offer advantages over ordinary services on the non-private web, including:

Onionoo

Onionoo is a web-based protocol to learn about currently running Tor relays and bridges. Onionoo provides the data for other applications and websites(compass, atlas, etc..) which in turn present Tor network status information to humans.

onionsite

An onionsite is another name for an onion service, but refers exclusively to websites. These websites use the .onion Top Level Domain (TLD).

onionspace

The set of available onion services. For example, you can say "my site is in onionspace" instead of "my site is in the Dark Web."

Operating System (OS)

The main system software that manages computer hardware and software resources and provides common services for computer programs. The most used desktop operating systems are Windows, macOS and Linux. Android and iOS are the dominant mobile operating systems.

Orbot

Orbot is a free app from The Guardian Project that empowers other apps on your device to use the internet more securely. Orbot uses Tor to encrypt your Internet traffic and hide it by bouncing through a series of computers around the world.

Orfox

Orfox is free app from The Guardian Project built from the same source code as Tor Browser which is built upon Firefox, but with a few minor modifications to the privacy enhancing features to make them compatible with Firefox for Android and the Android operating system.

P

pluggable transports

Tools that Tor can use to disguise the traffic it sends out. This can be useful in situations where an Internet Service Provider (ISP) or other authority is actively blocking connections to the Tor network.

private key

The private portion of a public/private key pair. This is the key that must be kept private, and not disseminated to others.

proxy

A proxy is a middle man between a client (like a web browser) and a service (like a web server). Instead of connecting directly to the service, a client sends the message to the proxy. The proxy makes the request on behalf of the client, and passes the response back to the client. The service only communicates with and sees the proxy.

public key

The public portion of a public/private key pair. This is the key that can be disseminated to others.

public key cryptography

A public-key cryptography system uses pairs of mathematical keys. The public key can be disseminated widely while its belonging private key is known only by the owner of the key pair. Any person can encrypt a message using the public key of the receiver but only the receiver in possession of the private key is able to decrypt the message. Additionally, the private key can be used to create a signature to proof the identity of the creator of a message or other files. This signature can be verified by the public key.

Q

R

relay

A publicly-listed node in the Tor network that forwards traffic on behalf of clients, and that registers itself with the directory authorities.

S

Satori

It is an add-on for the Chrome or Chromium browsers that allows you to download several security and privacy programs, including Tor Browser, from different sources. You can Install Satori from the Chrome Web Store.

scramblesuit

Scramblesuit is similar to obfs4 but has a different set of bridges.

script

Elements used for offering dynamic/interactive content via websites.

self-authenticating address

The specialized address format of onion addresses is self-authenticating. The format automatically guarantees that the onion address is bound to the key used to protect connections to the onionsite. Ordinary internet domain names require site owners to trust and be approved by a Certificate Authority (CA) for this binding, and they are subject to hijack by the CA and typically by many other parties as well.

server

A device on a network which offers a service, such as file and web page storage, email or chat.

session

A session refers to a conversation between two devices communicating on a network. Using Tor Browser means that your session data will be wiped when you close the web browser.

single onion service

A single onion service is an onion service that can be configured for services that do not require anonymity, but want to offer it for clients connecting to their service. Single onion services use only three hops in the circuit rather than the typical six hops for onion services.

Stem

Stem is a Python (programming language) controller library for core Tor. If you want to control core Tor with python, this is for you.

Sybil attack

The Sybil attack in computer security is an attack wherein a reputation system is subverted by creating a large number of identities, and using them to gain a disproportionately large influence in the network.

T

Tails

Tails is a "live" operating system, that you can start on almost any computer from a DVD, USB stick, or SD card. It aims to preserve your privacy and anonymity. Learn more about Tails.

The Tor Project

The Tor Project can refer to either The Tor Project Inc, a 501(c)3 US nonprofit responsible for maintaining the Tor software, or the Tor Project community made up of thousands of volunteers from all over the world who help create Tor.

third-party tracking

Most websites use numerous third-party services, including advertising and analytics trackers, which collect data about your IP address, web browser, system and your browsing behavior itself, all of which can link your activity across different sites. Tor Browser prevents a lot of this activity from happening.

Tor / Tor network/ Core Tor

Tor is a program you can run on your computer that helps keep you safe on the Internet. It protects you by bouncing your communications around a distributed network of relays run by volunteers all around the world: it prevents somebody watching your Internet connection from learning what sites you visit, and it prevents the sites you visit from learning your physical location. This set of volunteer relays is called the Tor network. Sometimes the software associated with this network is called Core Tor, and sometimes "little-t tor". The way most people use Tor is with Tor Browser which is a version of Firefox that fixes many privacy issues.

Tor Browser

Tor Browser uses the Tor network to protect your privacy and anonymity. Your internet activity, including the names and addresses of the websites you visit, will be hidden from your Internet Service Provider (ISP) and from anyone watching your connection locally. The operators of the websites and services that you use, and anyone watching them, will see a connection coming from the Tor network instead of your real Internet (IP) address, and will not know who you are unless you explicitly identify yourself. In addition, Tor Browser is designed to prevent websites from “fingerprinting” or identifying you based on your browser configuration. By default, Tor Browser does not keep any browsing history. Cookies are only valid for a single session (until Tor Browser is exited or a New Identity is requested).

Tor Launcher

When you run Tor Browser for the first time, you see the Tor Launcher window. It offers you the option to connect directly to the Tor network, or to configure Tor Browser for your connection. In the second case Tor Launcher will take you through a series of configuration options.

Tor log

"Tor log" is an automatically-generated list of Tor’s activity that can help diagnose problems. When something goes wrong with Tor, you may see an option with the error message to "copy Tor log to clipboard". If you don't see this option and you have Tor Browser open, you can navigate to the Torbutton (on the top left of the browser, to the left of the URL bar). Click the Tor button, then open Tor Network Settings. You should see an option at the bottom to copy the log to your clipboard, which you can then paste to a document to show whoever is helping you troubleshoot.

Tor Messenger

Tor Messenger was a cross-platform chat program that aimed to be secure by default and send all of its traffic over Tor. Tor Messenger is not in development anymore. It supported Jabber (XMPP), IRC, Google Talk, Facebook Chat, Twitter, Yahoo, and others; enabled Off-the-Record (OTR) Messaging automatically; and had an easy-to-use graphical user interface localized into multiple languages.

TorBirdy

This extension configures Thunderbird to make connections over Tor.

Torbutton

A button marked by a little green onion to the left of the URL bar. Its menu offers you "New Identity", "Security Settings..." and "Check for Tor Browser Update..." options.

torrc

The core Tor configuration file.

Torsocks

Torsocks allows you to use many applications in a safer way with Tor. It ensures that DNS requests are handled safely and explicitly rejects any traffic other than TCP from the application you're using.

Tor2Web

Tor2web is a project to let users access onion services without using the Tor Browser. NOTE: This is not as safe as connecting to the onion services via Tor Browser, and will remove all Tor-related protections the client would otherwise have.

TPI

TPI is an acronym for The Tor Project, Inc.

tpo

People on IRC often use tpo to abbreviate torproject.org when writing hostnames. For example, trac.tpo is an abbreviation for trac.torproject.org.

traffic

Traffic is the data sent and received by clients and servers.

U

V

W

Web Browser

A web browser (commonly referred to as a browser) is a software application for retrieving, presenting, and traversing information resources on the World Wide Web. Major web browsers include Firefox, Chrome, Internet Explorer, and Safari.

website mirror

A website mirror is an one-to-one copy of a website which you can find under other web addresses. A current list of torproject.org mirrors is available at https://www.torproject.org/getinvolved/mirrors.html.en.

X

Y

Z

There is nothing the Tor developers can do to trace Tor users. The same protections that keep bad people from breaking Tor's anonymity also prevent us from tracking users.

No, the Tor Project does not offer hosting services.

Right now the path length is hard-coded at 3 plus the number of nodes in your path that are sensitive. That is, in normal cases it's 3, but for example if you're accessing an onion service or a ".exit" address it could be more.

We don't want to encourage people to use paths longer than this as it increases load on the network without (as far as we can tell) providing any more security. Also, using paths longer than 3 could harm anonymity, first because it makesdenial of security attacks easier, and second because it could act as an identifier if only a small number of users have the same path length as you.

Many exit nodes are configured to block certain types of file sharing traffic, such as BitTorrent. BitTorrent in specific is not anonymous over Tor.

For sharing files over Tor, OnionShare is a good option.

Generally speaking, we don't recommend using a VPN with Tor unless you're an advanced user who knows how to configure both in a way that doesn't compromise your privacy.

You can find more detailed information about Tor + VPN at our wiki.

Please see our volunteer page for how to get involved!

Thank you for your support! You can find more information about donating on our donor FAQ.

Tor is designed to defend human rights and privacy by preventing anyone from censoring things, even us. We hate that there are some people who use Tor to do terrible things, but we can't do anything to get rid of them without also undermining the human rights activists, journalists, abuse survivors, and other people who use Tor for good things. If we wanted to block certain people from using Tor, we'd basically be adding a backdoor to the software, which would open up our vulnerable users to attacks from bad regimes and other adversaries.

Tor is funded by a number of different sponsors including US federal agencies, private foundations, and individual donors. Check out a list of all our sponsors and a series of blog posts on our financial reports.

We feel that talking openly about our sponsors and funding model is the best way to maintain trust with our community. We are always seeking more diversity in our funding sources, especially from foundations and individuals.

We do not recommend using Tor with BitTorrent. For further details, please see our blog post on the subject.

We are so sorry, but you have been infected with malware. The Tor Project did not create this malware. The malware authors are asking you to download Tor Browser presumably to contact them anonymously with the ransom they're demanding from you.

If this is your first introduction to Tor Browser, we understand that you might think we're bad people who enable even worse people.

But please consider that our software is used every day for a wide variety of purposes by human rights activists, journalists, domestic violence survivors, whistleblowers, law enforcement officers, and many others. Unfortunately, the protection that our software can provide to these groups of people can also be abused by criminals and malware authors. The Tor Project does not support or condone the use of our software for malicious purposes.

Tor doesn't keep any logs that could identify a particular user. We do take some safe measurements of how the network functions, which you can check out at Tor Metrics.

No, we don't provide any online services. A list of all of our software projects can be found on our projects page.

Vidalia is no longer maintained or supported. A large portion of the features Vidalia offered have now been integrated into Tor Browser itself.