Brabhsálaí Tor

WARNING: Do NOT follow random advice instructing you to edit your torrc! Doing so can allow an attacker to compromise your security and anonymity through malicious configuration of your torrc.

Tor uses a text file called torrc that contains configuration instructions for how Tor should behave. The default configuration should work fine for most Tor users (hence the warning above.)

To find your Tor Browser torrc, follow the instructions for your operating system below.

On Windows or Linux:

  • The torrc is in the Tor Browser Data directory at Browser/TorBrowser/Data/Tor inside your Tor Browser directory.

On macOS:

  • The torrc is in the Tor Browser Data directory at ~/Library/Application Support/TorBrowser-Data/Tor.
  • Note the Library folder is hidden on newer versions of macOS. To navigate to this folder in Finder, select "Go to Folder..." in the "Go" menu.
  • Then type "~/Library/Application Support/" in the window and click Go.

Close Tor Browser before you edit your torrc, otherwise Tor Browser may erase your modifications. Some options will have no effect as Tor Browser overrides them with command line options when it starts Tor.

Have a look at the sample torrc file for hints on common configurations. For other configuration options you can use, see the Tor manual page. Remember, all lines beginning with # in torrc are treated as comments and have no effect on Tor's configuration.

While the names may imply otherwise, 'Incognito mode' and 'private tabs' do not make you anonymous on the Internet. They erase all the information on your machine relating to the browsing session after they are closed, but have no measures in place to hide your activity or digital fingerprint online. This means that an observer can collect your traffic just as easily as any regular browser.

Tor Browser offers all the amnesic features of private tabs while also hiding the source IP, browsing habits and details about a device that can be used to fingerprint activity across the web, allowing for a truly private browsing session that's fully obfuscated from end-to-end.

For more information regarding the limitations of Incognito mode and private tabs, see Mozilla's article on Common Myths about Private Browsing.

Molaimid go láidir gan Tor a úsáid in aon bhrabhsálaí seachas Brabhsálaí Tor. Má úsáideann tú Tor i mbrabhsálaí eile, beidh tú i mbaol ionsaithe gan na gnéithe príobháideachais i mBrabhsálaí Tor do do chosaint.

Is féidir. Chabhródh Brabhsálaí Tor le daoine do shuíomh Gréasáin a bhaint amach aon áit ina bhfuil cosc air. Most of the time, simply downloading the Tor Browser and then using it to navigate to the blocked site will allow access. In places where there is heavy censorship we have a number of censorship circumvention options available, including pluggable transports.

For more information, please see the Tor Browser User Manual section on censorship.

Sometimes websites will block Tor users because they can't tell the difference between the average Tor user and automated traffic. The best success we've had in getting sites to unblock Tor users is getting users to contact the site administrators directly. Something like this might do the trick:

"Hi! I tried to access your site while using Tor Browser and discovered that you don't allow Tor users to access your site. I urge you to reconsider this decision; Tor is used by people all over the world to protect their privacy and fight censorship. By blocking Tor users, you are likely blocking people in repressive countries who want to use a free internet, journalists and researchers who want to protect themselves from discovery, whistleblowers, activists, and ordinary people who want to opt out of invasive third party tracking. Please take a strong stance in favor of digital privacy and internet freedom, and allow Tor users access to Thank you."

In the case of banks, and other sensitive websites, it is also common to see geography-based blocking (if a bank knows you generally access their services from one country, and suddenly you are connecting from an exit relay on the other side of the world, your account may be locked or suspended).

If you are unable to connect to an onion service, please see I cannot reach X.onion!

Is féidir cinnte. Ach ba chóir duit a bheith ar an eolas nach mbeidh na gnéithe príobháideachais i mBrabhsálaí Tor ar fáil sa mbrabhsálaí eile. Mar sin, caithfidh tú a bheith cúramach nuair a athraíonn tú anonn is anall idir Tor agus brabhsálaí eile nach bhfuil chomh slán, sa chaoi nach ndéanann tú rud éigin sa mbrabhsálaí eile a raibh tú ag iarraidh é a dhéanamh in Tor.

You can set Proxy IP address, port, and authentication information in Tor Browser's Network Settings. If you're using Tor another way, check out the HTTPProxy and HTTPSProxy config options in the manual page, and modify your torrc file accordingly. You will need an HTTP proxy for doing GET requests to fetch the Tor directory, and you will need an HTTPS proxy for doing CONNECT requests to get to Tor relays. (It's fine if they're the same proxy.) Tor also recognizes the torrc options Socks4Proxy and Socks5Proxy.

Also, read up on the HTTPProxyAuthenticator and HTTPSProxyAuthenticator options if your proxy requires auth. We only support basic auth currently, but if you need NTLM authentication, you may find this post in the archives useful.

If your proxies only allow you to connect to certain ports, look at the entry on Firewalled clients for how to restrict what ports your Tor will try to access.

Please see the Installation section in the Tor Browser Manual.

Sometimes, after you've used Gmail over Tor, Google presents a pop-up notification that your account may have been compromised. The notification window lists a series of IP addresses and locations throughout the world recently used to access your account.

In general, this is a false alarm: Google saw a bunch of logins from different places, as a result of running the service via Tor, and decided it was a good idea to confirm the account was being accessed by its rightful owner.

Even though this may be a byproduct of using the service via Tor, that doesn't mean you can entirely ignore the warning. It is probably a false positive, but it might not be since it is possible for someone to hijack your Google cookie.

Cookie hijacking is possible by either physical access to your computer or by watching your network traffic. In theory, only physical access should compromise your system because Gmail and similar services should only send the cookie over an SSL link. In practice, alas, it's way more complex than that.

And if somebody did steal your google cookie, they might end up logging in from unusual places (though of course they also might not). So the summary is that since you're using Tor Browser, this security measure that Google uses isn't so useful for you, because it's full of false positives. You'll have to use other approaches, like seeing if anything looks weird on the account, or looking at the timestamps for recent logins and wondering if you actually logged in at those times.

More recently, Gmail users can turn on 2-Step Verification on their accounts to add an extra layer of security.

This is a known and intermittent problem; it does not mean that Google considers Tor to be spyware.

When you use Tor, you are sending queries through exit relays that are also shared by thousands of other users. Tor users typically see this message when many Tor users are querying Google in a short period of time. Google interprets the high volume of traffic from a single IP address (the exit relay you happened to pick) as somebody trying to "crawl" their website, so it slows down traffic from that IP address for a short time.

An alternate explanation is that Google tries to detect certain kinds of spyware or viruses that send distinctive queries to Google Search. It notes the IP addresses from which those queries are received (not realizing that they are Tor exit relays), and tries to warn any connections coming from those IP addresses that recent queries indicate an infection.

To our knowledge, Google is not doing anything intentionally specifically to deter or block Tor use. The error message about an infected machine should clear up again after a short time.

Google uses "geolocation" to determine where in the world you are, so it can give you a personalized experience. This includes using the language it thinks you prefer, and it also includes giving you different results on your queries.

If you really want to see Google in English you can click the link that provides that. But we consider this a feature with Tor, not a bug --- the Internet is not flat, and it in fact does look different depending on where you are. This feature reminds people of this fact.

Note that Google search URLs take name/value pairs as arguments and one of those names is "hl". If you set "hl" to "en" then Google will return search results in English regardless of what Google server you have been sent to. On a query this looks like:

Another method is to simply use your country code for accessing Google. This can be,, and so on.

Tor Browser is built using Firefox ESR, so errors regarding Firefox may occur. Ba chóir duit deimhniú nach bhfuil aon chóip eile de Bhrabhsálaí Tor ar siúl, agus gur dhíphacáil tú Brabhsálaí Tor áit éigin ina bhfuil na ceadanna cearta agat. If you are running an anti-virus, please see My antivirus/malware protection is blocking me from accessing Tor Browser, it is common for anti-virus / anti-malware software to cause this type of issue.

D'athraíomar an príomhinneall cuardaigh go DuckDuckGo i leagan 6.0.6 de Bhrabhsálaí Tor. Le tamaillín anois, ní raibh Disconnect in ann teacht ar na torthaí cuardaigh ó Google a d'úsáidimis i mBrabhsálaí Tor. Is inneall meiteachuardaigh é Disconnect a ligeann dá chuid úsáideoirí torthaí ó sholáthraithe cuardaigh éagsúla a roghnú. Mar sin, b'éigean dó dul i muinín ar thorthaí ó Bing nach raibh thar mholadh beirte.

Cruthaíonn Brabhsálaí Tor ciorcad nua i gcomhair gach fearann nua. The Design and Implementation of Tor Browser document further explains the thinking behind this design.

Leagan de Firefox saindeartha do líonra Tor is ea Brabhsálaí Tor. Chaitheamar mórán dua le Brabhsálaí Tor, cód breise a fheabhsaíonn príobháideachas agus slándáil san áireamh. Cé gur féidir leat Tor a úsáid le brabhsálaithe eile go teicniúil, chuirfeá thú féin i mbaol ionsaithe agus do chuid sonraí pearsanta i mbaol nochta. Molaimid go láidir duit gan é seo a dhéanamh. Learn more about the design of Tor Browser.

Uaireanta bíonn fadhbanna le Brabhsálaí Tor ar shuímh Ghréasáin a bhaineann úsáid as mórán JavaScript. The simplest fix is to click on the Security icon (the small gray shield at the top-right of the screen), then click "Advanced Security Settings..." Roghnaigh an gnáthleibhéal slándála.

Nuair a úsáideann tú Brabhsálaí Tor, ní féidir le héinne na suímh a dtugann tú cuairt orthu a fheiceáil. É sin ráite, beidh do sholáthraí seirbhíse Idirlín nó riarthóirí do líonra in ann feiceáil go bhfuil tú ag baint úsáide as Tor, ach ní bheidh siad in ann na suímh a dtugann tú cuairt orthu a fheiceáil.

We want everyone to be able to enjoy Tor Browser in their own language. Tor Browser is now available in 30 different languages, and we are working to add more. Want to help us translate? Become a Tor translator!

You can also help us in testing the next languages we will release, by installing and testing Tor Browser Alpha releases.

Ní mholaimid níos mó ná cóip amháin de Bhrabhsálaí Tor a rith san am céanna. Seans nach bhfeidhmíonn sé sa chaoi a raibh tú ag súil leis ar mhórán ardán.

Faraor, taispeánann suímh áirithe CAPTCHAnna dá gcuid úsáideoirí, agus ní féidir linn iad a bhaint de na suímh seo. An rud is fearr sa chás seo ná dul i dteagmháil le húinéirí an tsuímh, ag rá go bhfuil na CAPTCHAnna ag cur cosc ar úsáideoirí atá ag iarraidh leas a bhaint as a gcuid seirbhísí.

Rinneamar cumraíocht ar NoScript sa chaoi go gceadaíonn sé JavaScript i mBrabhsálaí Tor de réir réamhshocraithe toisc nach bhfeidhmíonn go leor suíomh Gréasáin gan JavaScript sa lá atá inniu ann. Thréigfeadh go leor úsáideoirí Tor dá mbeadh JavaScript díchumasaithe de réir réamhshocraithe mar gheall ar an líon fadhbanna a tharlódh. I ndeireadh na dála, ba mhaith linn brabhsálaí atá chomh slán agus is féidir a chruthú, agus san am céanna ceann atá inúsáidte ag formhór na ndaoine. Sin an fáth bunúsach a bhfuil JavaScript cumasaithe de réir réamhshocraithe.

For users who want to have JavaScript disabled on all HTTP sites by default, we recommend changing your Tor Browser's "Security Level" option. This can be done by navigating the Security icon (the small gray shield at the top-right of the screen), then clicking "Advanced Security Settings...". The "Standard" level allows JavaScript, but the "Safer" and "Safest" levels both block JavaScript on HTTP sites.

Ní dhéantar. Ciallaíonn sé seo nach n-úsáidfear do ríomhaire chun trácht a stiúradh ar son daoine eile. If you'd like to become a relay, please see our Tor Relay Guide.

Níl aon bhealach oifigiúil ann faoi láthair le Brabhsálaí Tor a úsáid mar bhrabhsálaí réamhshocraithe. Déanann Brabhsálaí Tor a dhícheall a bheith neamhspleách ar an gcuid eile de do chóras, agus ní féidir leat muinín a chur sna céimeanna a dhéanfadh brabhsálaí réamhshocraithe de. This means sometimes a website would load in the Tor Browser, and sometimes it would load in another browser. This type of behavior can be dangerous and break anonymity.

Tor Browser is currently available on Windows, Linux and macOS.

There is a version of Tor Browser for Android and The Guardian Project also provides the app Orbot to route other apps on your Android device over the Tor network.

There is no official version of Tor for iOS yet, though we recommend Onion Browser.

Nuair a úsáideann tú Brabhsálaí Tor, is minic go ndealraíonn sé go bhfuil do cheangal ag teacht ó áit éigin go hiomlán difriúil ar domhan. Dá bharr seo, tá seans ann go gceapfadh suímh áirithe, mar shampla bainc nó soláthraithe ríomhphoist, gur bhris bradaí isteach i do chuntas agus chuirfidís do chuntas faoi ghlas.

An t-aon slí atá ann leis seo a réiteach ná treoracha an tsuímh a leanúint d'athshlánú do chuntais, nó trí dul i dteagmháil le riarthóirí an tsuímh agus an fhadhb a mhíniú.

D'fhéadfá an cás seo a sheachaint go hiomlán trí úsáid a bhaint as fíordheimhniú 2-fhachtóir, rogha slándála i bhfad níos fearr ná clú bunaithe ar sheoltaí IP. Téigh i dteagmháil le do sholáthraí seirbhíse le fáil amach an bhfuil fíordheimhniú 2-fhachtóir ar fáil.

Ní bheidh. Beidh eagraíochtaí áirithe, mar shampla do Sholáthraí Seirbhíse Idirlín (ISP), in ann a fheiceáil go bhfuil tú ag baint úsáide as Tor, ach ní bheidh siad in ann na suímh a dtugann tú cuairt orthu a fheiceáil.

Tá dhá bhealach i mBrabhsálaí Tor chun an ciorcad a athrú — "Aitheantas Nua" agus "Ciorcad Nua don Suíomh seo". Both options are located in the hamburger menu. You can also access the New Circuit option inside the site information menu in the URL bar, and the New Identity option by clicking the small sparky broom icon at the top-right of the screen

Aitheantas Nua

Tá an rogha seo úsáideach má tá tú ag iarraidh aon cheangal idir do ghníomhaíocht sa todhchaí agus na rudaí a bhí tú ag déanamh níos luaithe a bhriseadh.

Nuair a roghnaítear é seo, dúnann sé do chuid cluaisíní agus fuinneoga, glanann sé aon fhaisnéis phríobháideach, mar shampla fianáin agus an stair bhrabhsála, agus úsáideann sé ciorcaid nua Tor do gach ceangal.

Tabharfaidh Brabhsálaí Tor rabhadh duit go stopfaidh sé gach uile rud atá ar siúl, íoslódálacha san áireamh. Ba chóir duit é seo a chur san áireamh sula gcliceálfaidh tú "Aitheantas Nua".

Tor Browser Menu

Ciorcad Nua Tor don Suíomh seo

Tá an rogha seo úsáideach mura bhfuil an t-athsheachadán amach a úsáideann tú in ann ceangal a bhunú leis an suíomh atá uait, nó mura bhfuil sé ag lódáil i gceart. Nuair a roghnaítear é seo, athlódáiltear an cluaisín nó an fhuinneog reatha thar ciorcad nua Tor.

Úsáidfidh cluaisíní agus fuinneoga oscailte eile ón suíomh céanna an ciorcad nua freisin, chomh luath is a athlódálfar iad.

Ní ghlanann an rogha seo aon fhaisnéis phríobháideach ná do chuid gníomhaíochta, agus níl aon éifeacht aige ar cheangail le suímh eile.

New Circuit for this Site

Please see the HTTPS Everywhere FAQ. If you believe this is a Tor Browser issue, please report it on our bug tracker.

Please see the NoScript FAQ. If you believe this is a Tor Browser issue, please report it on our bug tracker.

Please see the DuckDuckGo support portal. If you believe this is a Tor Browser issue, please report it on our bug tracker.

DuckDuckGo is the default search engine in Tor Browser. DuckDuckGo does not track its users nor does it store any data about user searches. Learn more about DuckDuckGo privacy policy.

Uaireanta bíonn Brabhsálaí Tor níos moille ná brabhsálaithe eile. The Tor network has over a million daily users, and just over 6000 relays to route all of their traffic, and the load on each server can sometimes cause latency. And, by design, your traffic is bouncing through volunteers' servers in various parts of the world, and some bottlenecks and network latency will always be present. You can help improve the speed of the network by running your own relay, or encouraging others to do so. For the much more in-depth answer, see Roger's blog post on the topic and Tor's Open Research Topics: 2018 edition about Network Performance. É sin ráite, tá Tor i bhfad níos sciobtha ná a bhíodh sé, agus seans nach dtabharfaidh tú aon mhoill faoi deara.

When you have Tor Browser open, you can navigate to the hamburger menu (on the top-right of the browser, next to the URL bar), then click on "Preferences", and finally on "Tor" in the side bar. At the bottom of the page, next to the "View the Tor logs" text, click the button "View Logs...". You should see an option to copy the log to your clipboard, which you will be able to paste it into a text editor or an email client.

Is minic go mbíonn fadhb le clog an chórais ina cúis le hearráidí i mBrabhsálaí Tor. Ba chóir duit deimhniú go bhfuil clog an chórais agus an crios ama socraithe mar is ceart. If this doesn't fix the problem, see the Troubleshooting page on the Tor Browser manual.

Sin gnáthiompar Tor. Tugtar "garda" nó "garda iontrála" ar an chéad athsheachadán i do chiorcad. Is éard atá sa ngarda ná athsheachadán sciobtha agus cobhsaí a fhanann mar an chéad cheann i do chiorcad ar feadh 2-3 mhí, mar chosaint ar ionsaí aitheanta a dhéanann iarracht do chuid faisnéise pearsanta a nochtadh. Athraíonn an chuid eile den chiorcad aon uair a dtugann tú cuairt ar shuíomh nua. Oibríonn na hathsheachadáin seo as lámh a chéile chun do phríobháideachas a chosaint. For more information on how guard relays work, see this blog post and paper on entry guards.

B'fhéidir é. Má tá, ba chóir duit triail a bhaint as droichead. Tá roinnt droichead ionsuite i mBrabhsálaí Tor, agus is féidir leat iad siúd a úsáid trí "Cumraigh" a roghnú (agus na treoracha a leanúint) sa bhfuinneog Tor Launcher a osclaíonn an chéad uair a úsáideann tú Brabhsálaí Tor. If you need other bridges, you can get them at our Bridges website. For more information about bridges, see the Tor Browser manual.

Ní thacaíonn, go hoifigiúil. There is something called the TorBSD project, but their Tor Browser is not officially supported.

Má úsáideann tú Brabhsálaí Tor agus brabhsálaí eile san am gcéanna, níl aon éifeacht ar fheidhmíocht Tor nó ar a ghnéithe príobháideachais. Mar sin féin, ba chóir duit a bheith ar an eolas nach mbeidh na gnéithe príobháideachais céanna ar fáil sa mbrabhsálaí eile. Mar sin, caithfidh tú a bheith cúramach gan an brabhsálaí eile a úsáid chun rud éigin a dhéanamh a bhí tú ag iarraidh a dhéanamh i mBrabhsálaí Tor.

Molaimid go láidir duit gan athrú a dhéanamh ar an gcaoi a gcruthaíonn Tor a chuid ciorcad. You get the best security that Tor can provide when you leave the route selection to Tor; overriding the entry/exit nodes can compromise your anonymity. Mura bhfuil tú ach ag iarraidh teacht ar acmhainní nach bhfuil ar fáil ach i dtír amháin, b'fhéidir go mbeadh sé níos fearr VPN a úsáid in áit Tor. Réitíonn VPNanna roinnt fadhbanna a bhaineann le geoshuíomh, ach ní bhfaighidh tú na gnéithe céanna príobháideachais a fhaigheann tú ó Tor.

Ní féidir, faraor. Níl aon leagan de Bhrabhsálaí Tor ar Chrome OS faoi láthair. You could run Tor Browser for Android on Chrome OS. Note that by using Tor Mobile on Chrome OS, you will view the mobile (not desktop) versions of websites. However, because we have not audited the app in Chrome OS, we don't know if all the privacy features of Tor Browser for Android will work well.

Molaimid go láidir duit gan breiseáin nua a shuiteáil i mBrabhsálaí Tor, ar eagla go gcuirfidís do phríobháideachas agus do shlándáil i gcontúirt.

Installing new add-ons may affect Tor Browser in unforeseen ways and potentially make your Tor Browser fingerprint unique. If your copy of Tor Browser has a unique fingerprint, your browsing activities can be deanonymized and tracked even though you are using Tor Browser.

Basically, each browser's settings and features create what is called a "browser fingerprint". Most browsers inadvertently create a unique fingerprint for each user which can be tracked across the internet. Tor Browser is specifically engineered to have a nearly identical (we're not perfect!) fingerprint across it's users. This means each Tor Browser user looks like every other Tor Browser user, making it difficult to track any individual user.

There's also a good chance a new add-on will increase the attack surface of Tor Browser. This may allow sensitive data to be leaked or allow an attacker to infect Tor Browser. The add-on itself could even be maliciously designed to spy on you.

Tor Browser already comes installed with two add-ons — HTTPS Everywhere and NoScript — and adding anything else could deanonymize you.

Want to learn more about browser fingerprinting? Here's an article on The Tor Blog all about it!

Trácht de chuid bhrabhsálaí Tor amháin a sheoltar thar líonra Tor. Ní bheidh feidhmchláir eile ar do chóras (brabhsálaithe eile san áireamh) ceangailte le líonra Tor, agus ní bheidh siad cosanta dá bharr sin. Caithfidh tú cumrú speisialta a dhéanamh chun Tor a úsáid leo. If you need to be sure that all traffic will go through the Tor network, take a look at the Tails live operating system which you can start on almost any computer from a USB stick or a DVD.

Flash is disabled in Tor Browser, and we recommend you to not enable it. Creidimid go bhfuil sé contúirteach Flash a úsáid i mbrabhsálaí ar bith — is bogearra an-neamhshlán é a chuireann do phríobháideachas agus do ríomhaire i gcontúirt. Ar an dea-uair, tá suímh Ghréasáin, gléasanna, agus brabhsálaithe eile ag tabhairt droim láimhe do Flash.

Iarradh an spriocfhillteán ort nuair a d'íoslódáil agus a rith tú an comhad. Má rinne tú dearmad den fhillteán a roghnaigh tú, is é is dóichí gurb é an fillteán Downloads nó Desktop.

The default setting in the Windows installer also creates a shortcut for you on your Desktop, though be aware that you may have accidentally deselected the option to create a shortcut.

Mura bhfeiceann tú i gceachtar de na fillteáin sin é, íoslódáil arís agus coinnigh súil amach don cheist a iarrann ort an fillteán íoslódála a roghnú. Roghnaigh fillteán nach ndéanfaidh tú dearmad air, agus chomh luath agus a bheidh an íoslódáil críochnaithe, feicfidh tú Brabhsálaí Tor ann.

Go minic is féidir próisis áirithe a chur ar "liosta bán" sa chaoi nach gcuirfidh an bogearra frithvíris cosc orthu. Ba chóir duit an bogearra frithvíris a oscailt agus "liosta bán" nó a leithéid a lorg sna socruithe. Ansin, cuir na próisis seo a leanas ar an liosta bán:

  • Ar Windows
    • firefox.exe
    • tor.exe
    • obfs4proxy.exe (má úsáideann tú droichid)
  • For macOS
    • TorBrowser
    • tor.real
    • obfs4proxy (má úsáideann tú droichid)

Ansin, atosaigh Brabhsálaí Tor. Is dócha go réiteoidh seo an fhadhb. Tabhair faoi deara go gcuireann bogearraí frithvíris áirithe, mar shampla Kaspersky, cosc ar Tor ag leibhéal an bhalla dóiteáin.

Aon uair a fhoilsímid leagan nua cobhsaí de Bhrabhsálaí Tor, scríobhaimid postáil ar ár mblag a dhéanann cur síos ar na gnéithe nua atá ann, agus ar aon fhadhbanna ar ár n-eolas. If you started having issues with your Tor Browser after an update, check out for a post on the most recent stable Tor Browser to see if your issue is listed. If your issue is not listed, please file a bug report about what you're experiencing.

Tor Browser in its default mode is starting with a content window rounded to a multiple of 200px x 100px to prevent fingerprinting the screen dimensions. The strategy here is to put all users in a couple of buckets to make it harder to single them out. That works so far until users start to resize their windows (e.g. by maximizing them or going into fullscreen mode). Tor Browser 9 ships with a fingerprinting defense for those scenarios as well, which is called Letterboxing), a technique developed by Mozilla and presented earlier this year. It works by adding white margins to a browser window so that the window is as close as possible to the desired size while users are still in a couple of screen size buckets that prevent singling them out with the help of screen dimensions.

In simple words, this technique makes groups of users of certain screen sizes and this makes it harder to single out users on basis of screen size, as many users will have same screen size.

Digital signature is a process ensuring that a certain package was generated by its developers and has not been tampered with. Below we explain why it is important and how to verify that the Tor program you download is the one we have created and has not been modified by some attacker.

Each file on our download page is accompanied by a file with the same name as the package and the extension ".asc". These .asc files are OpenPGP signatures. They allow you to verify the file you've downloaded is exactly the one that we intended you to get.

For example, torbrowser-install-win64-9.0_en-US.exe is accompanied by torbrowser-install-win64-9.0_en-US.exe.asc.

We now show how you can verify the downloaded file's digital signature on different operating systems. Please notice that a signature is dated the moment the package has been signed. Therefore every time a new file is uploaded a new signature is generated with a different date. As long as you have verified the signature you should not worry that the reported date may vary.

Installing GnuPG

First of all you need to have GnuPG installed before you can verify signatures.

For Windows users:

If you run Windows, download Gpg4win and run its installer.

In order to verify the signature you will need to type a few commands in windows command-line, cmd.exe.

For macOS users:

If you are using macOS, you can install GPGTools.

In order to verify the signature you will need to type a few commands in the Terminal (under "Applications").

For GNU/Linux users:

If you are using GNU/Linux, then you probably already have GnuPG in your system, as most GNU/Linux distributions come with it preinstalled.

In order to verify the signature you will need to type a few commands in a terminal window. How to do this will vary depending on your distribution.

Fetching the Tor Developers key

The Tor Browser team signs Tor Browser releases. Import the Tor Browser Developers signing key (0xEF6E286DDA85EA2A4BA7DE684E2C6E8793298290):

gpg --auto-key-locate nodefault,wkd --locate-keys

This should show you something like:

gpg: key 4E2C6E8793298290: public key "Tor Browser Developers (signing key) <>" imported
gpg: Total number processed: 1
gpg:               imported: 1
pub   rsa4096 2014-12-15 [C] [expires: 2020-08-24]
uid           [ unknown] Tor Browser Developers (signing key) <>
sub   rsa4096 2018-05-26 [S] [expires: 2020-09-12]

After importing the key, you can save it to a file (identifying it by fingerprint here):

gpg --output ./tor.keyring --export 0xEF6E286DDA85EA2A4BA7DE684E2C6E8793298290

Verifying the signature

To verify the signature of the package you downloaded, you will need to download the corresponding ".asc" signature file as well as the installer file itself, and verify it with a command that asks GnuPG to verify the file that you downloaded.

The examples below assume that you downloaded these two files to your "Downloads" folder.

For Windows users:

gpgv --keyring .\tor.keyring Downloads\torbrowser-install-win64-9.0_en-US.exe.asc Downloads\torbrowser-install-win64-9.0_en-US.exe

For macOS users:

gpgv --keyring ./tor.keyring ~/Downloads/TorBrowser-9.0-osx64_en-US.dmg{.asc,}

For GNU/Linux users (change 64 to 32 if you have the 32-bit package):

gpgv --keyring ./tor.keyring ~/Downloads/tor-browser-linux64-9.0_en-US.tar.xz{.asc,}

The result of the command should produce something like this:

gpgv: Signature made 07/08/19 04:03:49 Pacific Daylight Time
gpgv:                using RSA key EB774491D9FF06E2
gpgv: Good signature from "Tor Browser Developers (signing key) <>"

Workaround (using a public key)

If you encounter errors you cannot fix, feel free to download and use this public key instead. Alternatively, you may use the following command:

curl -s |gpg --import -

You may also want to learn more about GnuPG.