Most Frequently Asked Questions

Tor Browser prevents people from knowing the websites you visit. Some entities, such as your Internet Service Provider (ISP), may be able to see that you're using Tor, but they won't know where you're going when you do.

Generally it is impossible to have perfect anonymity, even with Tor. Though there are some things you can practice to improve your anonymity while using Tor and offline.

Use Tor Browser and software specifically configured for Tor

Tor does not protect all of your computer's Internet traffic when you run it. Tor only protects applications that are properly configured to send their Internet traffic through Tor.

Web browsing:

File sharing:

Control what information you provide through web forms

If you visit a website using Tor Browser, they don't know who you are or your true location. Unfortunately many sites ask for more personal information than they need through web forms. If you sign in to that website, they still don't know your location but they know who you are. Further, if you provide: name, email, address, phone number, or any other personal information, you are no longer anonymous to that website. The best defense is to be vigilant and extremely cautious when filling out web forms.

Don't torrent over Tor

Torrent file-sharing applications have been observed to ignore proxy settings and make direct connections even when they are told to use Tor. Even if your torrent application connects only through Tor, you will often send out your real IP address in the tracker GET request, because that's how torrents work. Not only do you deanonymize your torrent traffic and your other simultaneous Tor web traffic this way, you also slow down the entire Tor network for everyone else.

Don't enable or install browser plugins

Tor Browser will block browser plugins such as Flash, RealPlayer, Quicktime, and others: they can be manipulated into revealing your IP address. Similarly, we do not recommend installing additional addons or plugins into Tor Browser, as these may bypass Tor or otherwise harm your anonymity and privacy.

Use HTTPS versions of websites

Tor will encrypt your traffic to and within the Tor network, but the encryption of your traffic to the final destination website depends on that website. To help ensure private encryption to websites, Tor Browser includes HTTPS-Only Mode to force the use of HTTPS encryption with websites that support it. However, you should still watch the browser URL bar to ensure that websites you provide sensitive information to display a padlock or onion icon in the address bar, include https:// in the URL, and display the proper expected name for the website. Also see EFF's interactive graphic explaining how Tor and HTTPS relate.

Don't open documents downloaded through Tor while online

Tor Browser will warn you before automatically opening documents that are handled by external applications. DO NOT IGNORE THIS WARNING. You should be very careful when downloading documents via Tor (especially DOC and PDF files, unless you use the PDF viewer that's built into Tor Browser) as these documents can contain Internet resources that will be downloaded outside of Tor by the application that opens them. This will reveal your non-Tor IP address. If you must work with files downloaded via Tor, we strongly recommend either using a disconnected computer, or using dangerzone to create safe PDF files that you can open. Under no circumstances is it safe to use BitTorrent and Tor together, however.

Use bridges and/or find company

Tor tries to prevent attackers from learning what destination websites you connect to. However, by default, it does not prevent somebody watching your Internet traffic from learning that you're using Tor. If this matters to you, you can reduce this risk by configuring Tor to use a bridge rather than connecting directly to the Tor network. Ultimately the best protection is a social approach: the more Tor users there are near you and the more diverse their interests, the less dangerous it will be that you are one of them. Convince other people to use Tor, too!

Be smart and learn more. Understand what Tor does and does not offer. This list of pitfalls isn't complete, and we need your help identifying and documenting all the issues.

Tor Browser is currently available on Windows, Linux, macOS, and Android.

On Android, The Guardian Project also provides the Orbot app to route other apps on your Android device over the Tor network.

There is no official version of Tor Browser for iOS yet, as explained in this blog post. Our best available recommendation is Onion Browser.

It's strongly discouraged to install new add-ons in Tor Browser, because they can compromise your privacy and security.

Installing new add-ons may affect Tor Browser in unforeseen ways and potentially make your Tor Browser fingerprint unique. If your copy of Tor Browser has a unique fingerprint, your browsing activities can be deanonymized and tracked even though you are using Tor Browser.

Each browser's settings and features create what is called a "browser fingerprint". Most browsers inadvertently create a unique fingerprint for each user which can be tracked across the internet. Tor Browser is specifically engineered to have a nearly identical (we're not perfect!) fingerprint across its users. This means each Tor Browser user looks like many other Tor Browser users, making it difficult to track any individual user.

There's also a good chance a new add-on will increase the attack surface of Tor Browser. This may allow sensitive data to be leaked or allow an attacker to infect Tor Browser. The add-on itself could even be maliciously designed to spy on you.

Tor Browser already comes installed with one add-on — NoScript — and adding anything else could deanonymize you.

Want to learn more about browser fingerprinting? Here's an article on The Tor Blog all about it.

Generally speaking, we don't recommend using a VPN with Tor unless you're an advanced user who knows how to configure both in a way that doesn't compromise your privacy.

You can find more detailed information about Tor + VPN at our wiki.

Tor Browser can certainly help people access your website in places where it is blocked. Most of the time, simply downloading the Tor Browser and then using it to navigate to the blocked site will allow access. In places where there is heavy censorship we have a number of censorship circumvention options available, including pluggable transports.

For more information, please see the Tor Browser User Manual section on censorship circumvention.

Sure! We have a list of organizations that run Tor relays that are happy to turn your donations into better speed and anonymity for the Tor network.

These organizations are not the same as The Tor Project, Inc, but we consider that a good thing. They're run by nice people who are part of the Tor community.

Note that there can be a tradeoff here between anonymity and performance. The Tor network's anonymity comes in part from diversity, so if you are in a position to run your own relay, you will be improving Tor's anonymity more than by donating. At the same time though, economies of scale for bandwidth mean that combining many small donations into several larger relays is more efficient at improving network performance. Improving anonymity and improving performance are both worthwhile goals, so however you can help is great!

About Tor

As mentioned above, it is possible for an observer who can view both you and either the destination website or your Tor exit node to correlate timings of your traffic as it enters the Tor network and also as it exits. Tor does not defend against such a threat model.

In a more limited sense, note that if a censor or law enforcement agency has the ability to obtain specific observation of parts of the network, it is possible for them to verify a suspicion that you talk regularly to your friend by observing traffic at both ends and correlating the timing of only that traffic. Again, this is only useful to verify that parties already suspected of communicating with one another are doing so. In most countries, the suspicion required to obtain a warrant already carries more weight than timing correlation would provide.

Furthermore, since Tor reuses circuits for multiple TCP connections, it is possible to associate non anonymous and anonymous traffic at a given exit node, so be careful about what applications you run concurrently over Tor. Perhaps even run separate Tor clients for these applications.

Internet communication is based on a store-and-forward model that can be understood in analogy to postal mail: Data is transmitted in blocks called IP datagrams or packets. Every packet includes a source IP address (of the sender) and a destination IP address (of the receiver), just as ordinary letters contain postal addresses of sender and receiver. The way from sender to receiver involves multiple hops of routers, where each router inspects the destination IP address and forwards the packet closer to its destination. Thus, every router between sender and receiver learns that the sender is communicating with the receiver. In particular, your local ISP is in the position to build a complete profile of your Internet usage. In addition, every server in the Internet that can see any of the packets can profile your behavior.

The aim of Tor is to improve your privacy by sending your traffic through a series of proxies. Your communication is encrypted in multiple layers and routed via multiple hops through the Tor network to the final receiver. More details on this process can be found in this visualization. Note that all your local ISP can observe now is that you are communicating with Tor nodes. Similarly, servers in the Internet just see that they are being contacted by Tor nodes.

Generally speaking, Tor aims to solve three privacy problems:

First, Tor prevents websites and other services from learning your location, which they can use to build databases about your habits and interests. With Tor, your Internet connections don't give you away by default -- now you can have the ability to choose, for each connection, how much information to reveal.

Second, Tor prevents people watching your traffic locally (such as your ISP or someone with access to your home wifi or router) from learning what information you're fetching and where you're fetching it from. It also stops them from deciding what you're allowed to learn and publish -- if you can get to any part of the Tor network, you can reach any site on the Internet.

Third, Tor routes your connection through more than one Tor relay so no single relay can learn what you're up to. Because these relays are run by different individuals or organizations, distributing trust provides more security than the old one hop proxy approach.

Note, however, that there are situations where Tor fails to solve these privacy problems entirely: see the entry below on remaining attacks.

The name "Tor" can refer to several different components.

Tor is a program you can run on your computer that helps keep you safe on the Internet. It protects you by bouncing your communications around a distributed network of relays run by volunteers all around the world: it prevents somebody watching your Internet connection from learning what sites you visit, and it prevents the sites you visit from learning your physical location. This set of volunteer relays is called the Tor network.

The way most people use Tor is with Tor Browser, which is a version of Firefox that fixes many privacy issues. You can read more about Tor on our about page.

The Tor Project is a non-profit (charity) organization that maintains and develops the Tor software.

Tor is the onion routing network. When we were starting the new next-generation design and implementation of onion routing in 2001-2002, we would tell people we were working on onion routing, and they would say "Neat. Which one?" Even if onion routing has become a standard household term, Tor was born out of the actual onion routing project run by the Naval Research Lab.

(It's also got a fine meaning in German and Turkish.)

Note: even though it originally came from an acronym, Tor is not spelled "TOR". Only the first letter is capitalized. In fact, we can usually spot people who haven't read any of our website (and have instead learned everything they know about Tor from news articles) by the fact that they spell it wrong.

No, it doesn't. You need to use a separate program that understands your application and protocol and knows how to clean or "scrub" the data it sends. Tor Browser tries to keep application-level data, like the user-agent string, uniform for all users. Tor Browser can't do anything about the text that you type into forms, though.

A typical proxy provider sets up a server somewhere on the Internet and allows you to use it to relay your traffic. This creates a simple, easy to maintain architecture. The users all enter and leave through the same server. The provider may charge for use of the proxy, or fund their costs through advertisements on the server. In the simplest configuration, you don't have to install anything. You just have to point your browser at their proxy server. Simple proxy providers are fine solutions if you do not want protections for your privacy and anonymity online and you trust the provider to not do bad things. Some simple proxy providers use SSL to secure your connection to them, which protects you against local eavesdroppers, such as those at a cafe with free wifi Internet.

Simple proxy providers also create a single point of failure. The provider knows both who you are and what you browse on the Internet. They can see your traffic as it passes through their server. In some cases, they can even see inside your encrypted traffic as they relay it to your banking site or to ecommerce stores. You have to trust the provider isn't watching your traffic, injecting their own advertisements into your traffic stream, or recording your personal details.

Tor passes your traffic through at least 3 different servers before sending it on to the destination. Because there's a separate layer of encryption for each of the three relays, somebody watching your Internet connection can't modify, or read, what you are sending into the Tor network. Your traffic is encrypted between the Tor client (on your computer) and where it pops out somewhere else in the world.

Doesn't the first server see who I am?

Possibly. A bad first of three servers can see encrypted Tor traffic coming from your computer. It still doesn't know who you are and what you are doing over Tor. It merely sees "This IP address is using Tor". You are still protected from this node figuring out both who you are and where you are going on the Internet.

Can't the third server see my traffic?

Possibly. A bad third of three servers can see the traffic you sent into Tor. It won't know who sent this traffic. If you're using encryption (like HTTPS), it will only know the destination. See this visualization of Tor and HTTPS to understand how Tor and HTTPS interact.

Yes.

The Tor software is free software. This means we give you the rights to redistribute the Tor software, either modified or unmodified, either for a fee or gratis. You don't have to ask us for specific permission.

However, if you want to redistribute the Tor software you must follow our LICENSE. Essentially this means that you need to include our LICENSE file along with whatever part of the Tor software you're distributing.

Most people who ask us this question don't want to distribute just the Tor software, though. They want to distribute Tor Browser. This includes Firefox Extended Support Release and the NoScript extension. You will need to follow the license for those programs as well. Both of those Firefox extensions are distributed under the GNU General Public License, while Firefox ESR is released under the Mozilla Public License. The simplest way to obey their licenses is to include the source code for these programs everywhere you include the bundles themselves.

Also, you should make sure not to confuse your readers about what Tor is, who makes it, and what properties it provides (and doesn't provide). See our trademark FAQ for details.

There are plenty of other programs you can use with Tor, but we haven't researched the application-level anonymity issues on all of them well enough to be able to recommend a safe configuration. Our wiki has a community-maintained list of instructions for Torifying specific applications. Please add to this list and help us keep it accurate!

Most people use Tor Browser, which includes everything you need to browse the web safely using Tor. Using Tor with other browsers is dangerous and not recommended.

There is absolutely no backdoor in Tor.

We know some smart lawyers who say that it is unlikely that anybody will try to make us add one in our jurisdiction (United States). If they do ask us, we will fight them, and (the lawyers say) probably win.

We will never put a backdoor in Tor. We think that putting a backdoor in Tor would be tremendously irresponsible to our users, and a bad precedent for security software in general. If we ever put a deliberate backdoor in our security software, it would ruin our professional reputation. Nobody would trust our software ever again - for excellent reasons!

But that said, there are still plenty of subtle attacks people might try. Somebody might impersonate us, or break into our computers, or something like that. Tor is open source, and you should always check the source (or at least the diffs since the last release) for suspicious things. If we (or the distributors that gave you Tor) don't give you access to the source code, that's a sure sign something funny might be going on. You should also check the PGP signatures on the releases, to make sure nobody messed with the distribution sites.

Also, there might be accidental bugs in Tor that could affect your anonymity. We periodically find and fix anonymity-related bugs, so make sure you keep your Tor versions up-to-date.

Tor (like all current practical low-latency anonymity designs) fails when the attacker can see both ends of the communications channel. For example, suppose the attacker controls or watches the Tor relay you choose to enter the network, and also controls or watches the website you visit. In this case, the research community knows no practical low-latency design that can reliably stop the attacker from correlating volume and timing information on the two sides.

So, what should we do? Suppose the attacker controls, or can observe, C relays. Suppose there are N relays total. If you select new entry and exit relays each time you use the network, the attacker will be able to correlate all traffic you send with probability around (c/n)^2. But profiling is, for most users, as bad as being traced all the time: they want to do something often without an attacker noticing, and the attacker noticing once is as bad as the attacker noticing more often. Thus, choosing many random entries and exits gives the user no chance of escaping profiling by this kind of attacker.

The solution is "entry guards": each Tor client selects a few relays at random to use as entry points, and uses only those relays for their first hop. If those relays are not controlled or observed, the attacker can't win, ever, and the user is secure. If those relays are observed or controlled by the attacker, the attacker sees a larger fraction of the user's traffic - but still the user is no more profiled than before. Thus, the user has some chance (on the order of (n-c)/n) of avoiding profiling, whereas they had none before.

You can read more at An Analysis of the Degradation of Anonymous Protocols, Defending Anonymous Communication Against Passive Logging Attacks, and especially Locating Hidden Servers.

Restricting your entry nodes may also help against attackers who want to run a few Tor nodes and easily enumerate all of the Tor user IP addresses. (Even though they can't learn what destinations the users are talking to, they still might be able to do bad things with just a list of users.) However, that feature won't really become useful until we move to a "directory guard" design as well.

Tor uses a variety of different keys, with three goals in mind: 1) encryption to ensure privacy of data within the Tor network, 2) authentication so clients know they're talking to the relays they meant to talk to, and 3) signatures to make sure all clients know the same set of relays.

Encryption: first, all connections in Tor use TLS link encryption, so observers can't look inside to see which circuit a given cell is intended for. Further, the Tor client establishes an ephemeral encryption key with each relay in the circuit; these extra layers of encryption mean that only the exit relay can read the cells. Both sides discard the circuit key when the circuit ends, so logging traffic and then breaking into the relay to discover the key won't work.

Authentication: Every Tor relay has a public decryption key called the "onion key". Each relay rotates its onion key every four weeks. When the Tor client establishes circuits, at each step it demands that the Tor relay prove knowledge of its onion key. That way the first node in the path can't just spoof the rest of the path. Because the Tor client chooses the path, it can make sure to get Tor's "distributed trust" property: no single relay in the path can know about both the client and what the client is doing.

Coordination: How do clients know what the relays are, and how do they know that they have the right keys for them? Each relay has a long-term public signing key called the "identity key". Each directory authority additionally has a "directory signing key". The directory authorities provide a signed list of all the known relays, and in that list are a set of certificates from each relay (self-signed by their identity key) specifying their keys, locations, exit policies, and so on. So unless the adversary can control a majority of the directory authorities (as of 2022 there are 8 directory authorities), they can't trick the Tor client into using other Tor relays.

How do clients know what the directory authorities are?

The Tor software comes with a built-in list of location and public key for each directory authority. So the only way to trick users into using a fake Tor network is to give them a specially modified version of the software.

How do users know they've got the right software?

When we distribute the source code or a package, we digitally sign it with GNU Privacy Guard. See the instructions on how to check Tor Browser's signature.

In order to be certain that it's really signed by us, you need to have met us in person and gotten a copy of our GPG key fingerprint, or you need to know somebody who has. If you're concerned about an attack on this level, we recommend you get involved with the security community and start meeting people.

Tor will reuse the same circuit for new TCP streams for 10 minutes, as long as the circuit is working fine. (If the circuit fails, Tor will switch to a new circuit immediately.)

But note that a single TCP stream (e.g. a long IRC connection) will stay on the same circuit forever. We don't rotate individual streams from one circuit to the next. Otherwise, an adversary with a partial view of the network would be given many chances over time to link you to your destination, rather than just one chance.

Tor Browser

Digital signature is a process ensuring that a certain package was generated by its developers and has not been tampered with. Below we explain why it is important and how to verify that the Tor Browser you download is the one we have created and has not been modified by some attacker.

Each file on our download page is accompanied by a file labelled "signature" with the same name as the package and the extension ".asc". These .asc files are OpenPGP signatures. They allow you to verify the file you've downloaded is exactly the one that we intended you to get. This will vary by web browser, but generally you can download this file by right-clicking the "signature" link and selecting the "save file as" option.

For example, tor-browser-windows-x86_64-portable-13.0.1.exe is accompanied by tor-browser-windows-x86_64-portable-13.0.1.exe.asc. These are example file names and will not exactly match the file names that you download.

We now show how you can verify the downloaded file's digital signature on different operating systems. Please notice that a signature is dated the moment the package has been signed. Therefore every time a new file is uploaded a new signature is generated with a different date. As long as you have verified the signature you should not worry that the reported date may vary.

Installing GnuPG

First of all you need to have GnuPG installed before you can verify signatures.

For Windows users:

If you run Windows, download Gpg4win and run its installer.

In order to verify the signature you will need to type a few commands in windows command-line, cmd.exe.

For macOS users:

If you are using macOS, you can install GPGTools.

In order to verify the signature you will need to type a few commands in the Terminal (under "Applications").

For GNU/Linux users:

If you are using GNU/Linux, then you probably already have GnuPG in your system, as most GNU/Linux distributions come with it preinstalled.

In order to verify the signature you will need to type a few commands in a terminal window. How to do this will vary depending on your distribution.

Fetching the Tor Developers key

The Tor Browser team signs Tor Browser releases. Import the Tor Browser Developers signing key (0xEF6E286DDA85EA2A4BA7DE684E2C6E8793298290):

gpg --auto-key-locate nodefault,wkd --locate-keys [email protected]

This should show you something like:

gpg: key 4E2C6E8793298290: public key "Tor Browser Developers (signing key) <[email protected]>" imported
gpg: Total number processed: 1
gpg:               imported: 1
      EF6E286DDA85EA2A4BA7DE684E2C6E8793298290
uid           [ unknown] Tor Browser Developers (signing key) <[email protected]>

NOTE: Your output may deviate somewhat from the above (eg. expiration dates), however you should see the key correctly imported.

If you get an error message, something has gone wrong and you cannot continue until you've figured out why this didn't work. You might be able to import the key using the Workaround (using a public key) section instead.

After importing the key, you can save it to a file (identifying it by its fingerprint here):

gpg --output ./tor.keyring --export 0xEF6E286DDA85EA2A4BA7DE684E2C6E8793298290

This command results in the key being saved to a file found at the path ./tor.keyring, i.e. in the current directory. If ./tor.keyring doesn't exist after running this command, something has gone wrong and you cannot continue until you've figured out why this didn't work.

Verifying the signature

To verify the signature of the package you downloaded, you will need to download the corresponding ".asc" signature file as well as the installer file itself, and verify it with a command that asks GnuPG to verify the file that you downloaded.

The examples below assume that you downloaded these two files to your "Downloads" folder. Note that these commands use example file names and yours will be different: you will need to replace the example file names with exact names of the files you have downloaded.

For Windows users (change x86_64 to i686 if you have the 32-bit package):

gpgv --keyring .\tor.keyring Downloads\tor-browser-windows-x86_64-portable-13.0.1.exe.asc Downloads\tor-browser-windows-x86_64-portable-13.0.1.exe

For macOS users:

gpgv --keyring ./tor.keyring ~/Downloads/tor-browser-macos-13.0.1.dmg.asc ~/Downloads/tor-browser-macos-13.0.1.dmg

For GNU/Linux users (change x86_64 to i686 if you have the 32-bit package):

gpgv --keyring ./tor.keyring ~/Downloads/tor-browser-linux-x86_64-13.0.1.tar.xz.asc ~/Downloads/tor-browser-linux-x86_64-13.0.1.tar.xz

The result of the command should contain:

gpgv: Good signature from "Tor Browser Developers (signing key) <[email protected]>"

If you get error messages containing 'No such file or directory', either something went wrong with one of the previous steps, or you forgot that these commands use example file names and yours will be a little different.

Refreshing the PGP key

Run the following command to refresh the Tor Browser Developers signing key in your local keyring from the keyserver. This will also fetch the new subkeys.

gpg --refresh-keys EF6E286DDA85EA2A4BA7DE684E2C6E8793298290

Workaround (using a public key)

If you encounter errors you cannot fix, feel free to download and use this public key instead. Alternatively, you may use the following command:

curl -s https://openpgpkey.torproject.org/.well-known/openpgpkey/torproject.org/hu/kounek7zrdx745qydx6p59t9mqjpuhdf |gpg --import -

Tor Browser Developers key is also available on keys.openpgp.org and can be downloaded from https://keys.openpgp.org/vks/v1/by-fingerprint/EF6E286DDA85EA2A4BA7DE684E2C6E8793298290. If you're using MacOS or GNU/Linux, the key can also be fetched by running the following command:

gpg --keyserver keys.openpgp.org --search-keys EF6E286DDA85EA2A4BA7DE684E2C6E8793298290

You may also want to learn more about GnuPG.

Please see the Installation section in the Tor Browser Manual.

Please see the Uninstalling section in the Tor Browser Manual.

Please see the Updating section in the Tor Browser Manual.

The file you download and run prompts you for a destination. If you don't remember what this destination was, it's most likely your Downloads or Desktop folder.

The default setting in the Windows installer also creates a shortcut for you on your Desktop, though be aware that you may have accidentally deselected the option to create a shortcut.

If you can't find it in either of those folders, download it again and look for the prompt that asks you to choose a directory to download it in. Choose a directory location that you'll remember easily, and once the download finishes you should see a Tor Browser folder there.

Whenever we release a new stable version of Tor Browser, we write a blog post that details its new features and known issues. If you started having issues with your Tor Browser after an update, check out blog.torproject.org for a post on the most recent stable Tor Browser to see if your issue is listed. If your issue is not listed there, please check first Tor Browser's issue tracker and create a GitLab issue about what you're experiencing.

We want everyone to be able to enjoy Tor Browser in their own language. Tor Browser is now available in multiple languages, and we are working to add more.

Our current list of supported languages is:

Language
العربية (ar)
Català (ca)
česky (cs)
Dansk (da)
Deutsch (de)
Ελληνικά (el)
English (en)
Español (es)
ﻑﺍﺮﺴﯾ (fa)
Suomi (fi)
Français (fr)
Gaeilge (ga-IE)
עברית (he)
Magyar nyelv (hu)
Indonesia (id)
Islenska (is)
Italiano (it)
日本語 (ja)
ქართული (ka)
한국어 (ko)
lietuvių kalba (lt)
македонски (mk)
ﺐﻫﺎﺳ ﻡﻼﻳﻭ (ms)
မြမစ (my)
Norsk Bokmål (nb-NO)
Nederlands (nl)
Polszczyzna (pl)
Português Brasil(pt-BR)
Română (ro)
Русский (ru)
Shqip (sq)
Svenska (sv-SE)
ภาษาไทย (th)
Türkçe (tr)
Український (uk)
Tiếng Việt (vi)
简体中文 (zh-CN)
正體字 (zh-TW)

Want to help us translate? Become a Tor translator!

You can also help us in testing the next languages we will release, by installing and testing Tor Browser Alpha releases.

No, Tor Browser is an open source software and it is free. Any browser forcing you to pay and is claiming to be Tor Browser is fake. To make sure you are downloading the right Tor Browser visit our download page. After downloading, you can make sure that you have the official version of Tor Browser by verifying the signature. If you are not able to access our website, then visit censorship section to get information about alternate way of downloading Tor Browser.

If you have paid for a fake app claiming to be Tor Browser, you can try to request a refund from the Apple or Play Store, or you can contact your bank to report a fraudulent transaction. We cannot refund you for a purchase made to another company.

You can report fake Tor Browsers on [email protected]

Tor Browser is currently available on Windows, Linux, macOS, and Android.

On Android, The Guardian Project also provides the Orbot app to route other apps on your Android device over the Tor network.

There is no official version of Tor Browser for iOS yet, as explained in this blog post. Our best available recommendation is Onion Browser.

Unfortunately, we don't yet have a version of Tor Browser for Chrome OS. You could run Tor Browser for Android on Chrome OS. Note that by using Tor Mobile on Chrome OS, you will view the mobile (not desktop) versions of websites. However, because we have not audited the app in Chrome OS, we don't know if all the privacy features of Tor Browser for Android will work well.

Sorry, but there is currently no official support for running Tor Browser on *BSD. There is something called the TorBSD project, but their Tor Browser is not officially supported.

Using Tor Browser can sometimes be slower than other browsers. The Tor network has over a million daily users, and just over 6000 relays to route all of their traffic, and the load on each server can sometimes cause latency. And, by design, your traffic is bouncing through volunteers' servers in various parts of the world, and some bottlenecks and network latency will always be present. You can help improve the speed of the network by running your own relay, or encouraging others to do so. For the much more in-depth answer, see Roger's blog post on the topic and Tor's Open Research Topics: 2018 edition about Network Performance. You can also checkout our recent blog post Tor Network Defense Against Ongoing Attacks, which discusses the Denial of Service (DoS) attacks on the Tor Network. Furthermore, we have introduced a Proof-of-Work Defense for Onion Services to help mitigate some of these attacks. That said, Tor is much faster than it used to be and you may not actually notice any change in speed from other browsers.

While the names may imply otherwise, 'Incognito mode' and 'private tabs' do not make you anonymous on the Internet. They erase all the information on your machine relating to the browsing session after they are closed, but have no measures in place to hide your activity or digital fingerprint online. This means that an observer can collect your traffic just as easily as any regular browser.

Tor Browser offers all the amnesic features of private tabs while also hiding the source IP, browsing habits and details about a device that can be used to fingerprint activity across the web, allowing for a truly private browsing session that's fully obfuscated from end-to-end.

For more information regarding the limitations of Incognito mode and private tabs, see Mozilla's article on Common Myths about Private Browsing.

There are methods for setting Tor Browser as your default browser, but those methods may not work always or in every operating system. Tor Browser works hard to isolate itself from the rest of your system, and the steps for making it the default browser are unreliable. This means sometimes a website would load in Tor Browser, and sometimes it would load in another browser. This type of behavior can be dangerous and break anonymity.

We strongly recommend against using Tor in any browser other than Tor Browser. Using Tor in another browser can leave you vulnerable without the privacy protections of Tor Browser.

You can certainly use another browser while you are also using Tor Browser. However, you should know that the privacy properties of Tor Browser will not be present in the other browser. Be careful when switching back and forth between Tor and a less safe browser, because you may accidentally use the other browser for something you intended to do using Tor.

If you run Tor Browser and another browser at the same time, it won't affect Tor's performance or privacy properties.

However, be aware that when using Tor and another browser at the same time, your Tor activity could be linked to your non-Tor (real) IP from the other browser, simply by moving your mouse from one browser into the other.

Or you may simply forget and accidentally use that non-private browser to do something that you intended to do in Tor Browser instead.

Only Tor Browser's traffic will be routed over the Tor network. Any other application on your system (including other browsers) will not have their connections routed over the Tor network, and will not be protected. They need to be configured separately to use Tor. If you need to be sure that all traffic will go through the Tor network, take a look at the Tails live operating system which you can start on almost any computer from a USB stick or a DVD.

We do not recommend running multiple instances of Tor Browser, and doing so may not work as anticipated on many platforms.

Tor Browser is built using Firefox ESR, so errors regarding Firefox may occur. Please be sure no other instance of Tor Browser is already running, and that you have extracted Tor Browser in a location that your user has the correct permissions for. If you are running an anti-virus, please see My antivirus/malware protection is blocking me from accessing Tor Browser, it is common for anti-virus/anti-malware software to cause this type of issue.

Tor Browser is a modified version of Firefox specifically designed for use with Tor. A lot of work has been put into making Tor Browser, including the use of extra patches to enhance privacy and security. While it is technically possible to use Tor with other browsers, you may open yourself up to potential attacks or information leakage, so we strongly discourage it. Learn more about the design of Tor Browser.

Bookmarks in Tor Browser for Desktop can be exported, imported, backed up, restored as well as imported from another browser. The instructions are similar on Windows, macOS and Linux. In order to manage your bookmarks in Tor Browser, go to:

  • Hamburger menu >> Bookmarks >> Manage bookmarks (below the menu)
  • From the toolbar on the Library window, click on the option to 'Import and Backup'.

If you wish to export bookmarks

  • Choose Export Bookmarks to HTML
  • In the Export Bookmarks File window that opens, choose a location to save the file, which is named bookmarks.html by default. The desktop is usually a good spot, but any place that is easy to remember will work.
  • Click the Save button. The Export Bookmarks File window will close.
  • Close the Library window.

Your bookmarks are now successfully exported from Tor Browser. The bookmarks HTML file you saved is now ready to be imported into another web browser.

If you wish to import bookmarks

  • Choose Import Bookmarks from HTML
  • Within the Import Bookmarks File window that opens, navigate to the bookmarks HTML file you are importing and select the file.
  • Click the Open button. The Import Bookmarks File window will close.
  • Close the Library window.

The bookmarks in the selected HTML file will be added to your Tor Browser within the Bookmarks Menu directory.

If you wish to backup

  • Choose Backup
  • A new window opens and you have to choose the location to save the file. The file has a .json extension.

If you wish to restore

  • Choose Restore and then select the bookmark file you wish to restore.
  • Click okay to the pop up box that appears and hurray, you just restored your backup bookmark.

Import bookmarks from another browser

Bookmarks can be transferred from Firefox to Tor Browser. There are two ways to export and import bookmarks in Firefox: HTML file or JSON file. After exporting the data from the browser, follow the above steps to import the bookmark file into your Tor Browser.

Note: Currently, on Tor Browser for Android, there is no good way to export and import bookmarks. Bug #31617

When you have Tor Browser open, you can navigate to the hamburger menu ("≡"), then click on "Settings", and finally on "Connection" in the side bar. At the bottom of the page, next to the "View the Tor logs" text, click the button "View Logs...". You should see an option to copy the log to your clipboard, which you will be able to paste it into a text editor or an email client.

Alternatively, on GNU/Linux, to view the logs right in the terminal, navigate to the Tor Browser directory and launch Tor Browser from the command line by running:

./start-tor-browser.desktop --verbose

or to save the logs to a file (default: tor-browser.log)

./start-tor-browser.desktop --log [file]

Tor Browser in its default mode is starting with a content window rounded to a multiple of 200px x 100px to prevent fingerprinting of the screen dimensions. This is an anti-fingerprinting feature in Tor Browser called Letterboxing.

Tor Browser can certainly help people access your website in places where it is blocked. Most of the time, simply downloading the Tor Browser and then using it to navigate to the blocked site will allow access. In places where there is heavy censorship we have a number of censorship circumvention options available, including pluggable transports.

For more information, please see the Tor Browser User Manual section on censorship circumvention.

Sometimes websites will block Tor users because they can't tell the difference between the average Tor user and automated traffic. The best success we've had in getting sites to unblock Tor users is getting users to contact the site administrators directly. Something like this might do the trick:

"Hi! I tried to access your site xyz.com while using Tor Browser and discovered that you don't allow Tor users to access your site. I urge you to reconsider this decision; Tor is used by people all over the world to protect their privacy and fight censorship. By blocking Tor users, you are likely blocking people in repressive countries who want to use a free internet, journalists and researchers who want to protect themselves from discovery, whistleblowers, activists, and ordinary people who want to opt out of invasive third party tracking. Please take a strong stance in favor of digital privacy and internet freedom, and allow Tor users access to xyz.com. Thank you."

In the case of banks, and other sensitive websites, it is also common to see geography-based blocking (if a bank knows you generally access their services from one country, and suddenly you are connecting from an exit relay on the other side of the world, your account may be locked or suspended).

If you are unable to connect to an onion service, please see I cannot reach X.onion!.

Tor Browser often makes your connection appear as though it is coming from an entirely different part of the world. Some websites, such as banks or email providers, might interpret this as a sign that your account has been compromised, and lock you out.

The only way to resolve this is by following the site's recommended procedure for account recovery, or contacting the operators and explaining the situation.

You may be able to avoid this scenario if your provider offers 2-factor authentication, which is a much better security option than IP-based reputations. Contact your provider and ask them if they provide 2FA.

Sometimes JavaScript-heavy websites can have functional issues over Tor Browser. The simplest fix is to click on the Security level icon (Shield icon next to the URL bar), then click "Settings..." Set your security level to "Standard".

Most antivirus or malware protection allows the user to "allowlist" certain processes that would otherwise be blocked. Please open your antivirus or malware protection software and look in the settings for an "allowlist" or something similar. Next, include the following processes:

  • For macOS

Finally, restart Tor Browser. This should fix the issues you're experiencing. Please note that some antivirus clients, like Kaspersky, may also be blocking Tor at the firewall level.

Some antivirus software will pop up malware and/or vulnerability warnings when Tor Browser is launched. If you downloaded Tor Browser from our main website or used GetTor, and verified it, these are false positives and you have nothing to worry about. Some antiviruses consider that files that have not been seen by a lot of users as suspicious. To make sure that the Tor program you download is the one we have created and has not been modified by some attacker, you can verify Tor Browser's signature. You may also want to permit certain processes to prevent antiviruses from blocking access to Tor Browser.

If you have exhausted general troubleshooting steps, it's possible that your connection to Tor is censored. In that case, connecting with one of the built-in censorship circumvention methods in Tor Browser can help. Connection Assist can automatically choose one for you using your location.

If Connection Assist is unable to facilitate the connection to Tor, you can configure Tor Browser to use one of the built-in circumvention methods manually. To use bridges and access other censorship circumvention related settings, click "Configure Connection" when starting Tor Browser for the first time. In the "Bridges" section, locate the option "Choose from one of Tor Browser's built-in bridges" and click on the "Select a built-In bridge" option. From the menu, select a censorship circumvention method.

Or, if you have Tor Browser running, click on "Settings" in the hamburger menu (≡) and then on "Connection" in the sidebar. In the "Bridges" section, locate the option "Choose from one of Tor Browser's built-in bridges" and click on the "Select a built-In bridge" option. Select a censorship circumvention method from the menu. Your settings will automatically be saved once you close the tab.

If Tor fails to connect, you might have to try other methods of getting bridges. Please refer to the Tor Browser User Manual for further instructions and more information about bridges. If you have Tor Browser installed type about:manual#bridges in the address bar of Tor Browser to read the offline manual.

One of the most common issues that causes connection errors in Tor Browser is an incorrect system clock. Please make sure your system clock and timezone are set accurately. If this doesn't fix the problem, see the Troubleshooting page on the Tor Browser manual.

Sometimes, after you've used Gmail over Tor, Google presents a pop-up notification that your account may have been compromised. The notification window lists a series of IP addresses and locations throughout the world recently used to access your account.

In general, this is a false alarm: Google saw a bunch of logins from different places, as a result of running the service via Tor, and decided it was a good idea to confirm the account was being accessed by its rightful owner.

Even though this may be a byproduct of using the service via Tor, that doesn't mean you can entirely ignore the warning. It is probably a false positive, but it might not be since it is possible for someone to hijack your Google cookie.

Cookie hijacking is possible by either physical access to your computer or by watching your network traffic. In theory, only physical access should compromise your system because Gmail and similar services should only send the cookie over an SSL link. In practice, alas, it's way more complex than that.

And if somebody did steal your Google cookie, they might end up logging in from unusual places (though of course they also might not). So the summary is that since you're using Tor Browser, this security measure that Google uses isn't so useful for you, because it's full of false positives. You'll have to use other approaches, like seeing if anything looks weird on the account, or looking at the timestamps for recent logins and wondering if you actually logged in at those times.

More recently, Gmail users can turn on 2-Step Verification on their accounts to add an extra layer of security.

This is a known and intermittent problem; it does not mean that Google considers Tor to be spyware.

When you use Tor, you are sending queries through exit relays that are also shared by thousands of other users. Tor users typically see this message when many Tor users are querying Google in a short period of time. Google interprets the high volume of traffic from a single IP address (the exit relay you happened to pick) as somebody trying to "crawl" their website, so it slows down traffic from that IP address for a short time.

You can try 'New Circuit for this Site' to access the website from a different IP address.

An alternate explanation is that Google tries to detect certain kinds of spyware or viruses that send distinctive queries to Google Search. It notes the IP addresses from which those queries are received (not realizing that they are Tor exit relays), and tries to warn any connections coming from those IP addresses that recent queries indicate an infection.

To our knowledge, Google is not doing anything intentionally specifically to deter or block Tor use. The error message about an infected machine should clear up again after a short time.

Unfortunately, some websites deliver Captchas to Tor users, and we are not able to remove Captchas from websites. The best thing to do in these cases is to contact the website owners, and inform them that their Captchas are preventing users such as yourself from using their services.

Google uses "geolocation" to determine where in the world you are, so it can give you a personalized experience. This includes using the language it thinks you prefer, and it also includes giving you different results on your queries.

If you really want to see Google in English you can click the link that provides that. But we consider this a feature with Tor, not a bug --- the Internet is not flat, and it in fact does look different depending on where you are. This feature reminds people of this fact.

Note that Google search URLs take name/value pairs as arguments and one of those names is "hl". If you set "hl" to "en" then Google will return search results in English regardless of what Google server you have been sent to. The changed link might look like this:

https://encrypted.google.com/search?q=online%20anonymity&hl=en

Another method is to simply use your country code for accessing Google. This can be google.be, google.de, google.us and so on.

When using Tor Browser, no one can see the websites that you visit. However, your service provider or network admins may be able to see that you're connecting to the Tor network, though they won't know what you're doing when you get there.

Tor Browser prevents people from knowing the websites you visit. Some entities, such as your Internet Service Provider (ISP), may be able to see that you're using Tor, but they won't know where you're going when you do.

DuckDuckGo is the default search engine in Tor Browser. DuckDuckGo does not track its users nor does it store any data about user searches. Learn more about DuckDuckGo privacy policy.

With the release of Tor Browser 6.0.6, we switched to DuckDuckGo as the primary search engine. For a while now, Disconnect, which was formerly used in Tor Browser, has had no access to Google search results. Since Disconnect is more of a meta search engine, which allows users to choose between different search providers, it fell back to delivering Bing search results, which were basically unacceptable quality-wise. DuckDuckGo does not log, collect or share the user's personal information or their search history, and therefore is best positioned to protect your privacy. Most other search engines store your searches along with other information such as the timestamp, your IP address, and your account information if you are logged in.

Please see the DuckDuckGo support portal. If you believe this is a Tor Browser issue, please report it on our issue tracker.

Tor Browser has two ways to change your relay circuit — "New Identity" and "New Tor Circuit for this Site". Both options are located in the hamburger menu ("≡"). You can also access the New Circuit option inside the site information menu in the URL bar, and the New Identity option by clicking the small sparky broom icon at the top-right of the screen.

New Identity

This option is useful if you want to prevent your subsequent browser activity from being linkable to what you were doing before.

Selecting it will close all your tabs and windows, clear all private information such as cookies and browsing history, and use new Tor circuits for all connections.

Tor Browser will warn you that all activity and downloads will be stopped, so take this into account before clicking "New Identity".

Tor Browser Menu

New Tor Circuit for this Site

This option is useful if the exit relay you are using is unable to connect to the website you require, or is not loading it properly. Selecting it will cause the currently-active tab or window to be reloaded over a new Tor circuit.

Other open tabs and windows from the same website will use the new circuit as well once they are reloaded.

This option does not clear any private information or unlink your activity, nor does it affect your current connections to other websites.

New Circuit for this Site

Running Tor Browser does not make you act as a relay in the network. This means that your computer will not be used to route traffic for others. If you'd like to become a relay, please see our Tor Relay Guide.

That is normal Tor behavior. The first relay in your circuit is called an "entry guard" or "guard". It is a fast and stable relay that remains the first one in your circuit for 2-3 months in order to protect against a known anonymity-breaking attack. The rest of your circuit changes with every new website you visit, and all together these relays provide the full privacy protections of Tor. For more information on how guard relays work, see this blog post and paper on entry guards.

In Tor Browser, every new domain gets its own circuit. The Design and Implementation of Tor Browser document further explains the thinking behind this design.

Modifying the way that Tor creates its circuits is strongly discouraged. You get the best security that Tor can provide when you leave the route selection to Tor; overriding the entry/exit nodes can compromise your anonymity. If the outcome you want is simply to be able to access resources that are only available in one country, you may want to consider using a VPN instead of using Tor. Please note that VPNs do not have the same privacy properties as Tor, but they will help solve some geolocation restriction issues.

WARNING: Do NOT follow random advice instructing you to edit your torrc! Doing so can allow an attacker to compromise your security and anonymity through malicious configuration of your torrc.

Tor uses a text file called torrc that contains configuration instructions for how Tor should behave. The default configuration should work fine for most Tor users (hence the warning above.)

To find your Tor Browser torrc, follow the instructions for your operating system below.

On Windows or Linux:

  • The torrc is in the Tor Browser Data directory at Browser/TorBrowser/Data/Tor inside your Tor Browser directory.

On macOS:

  • The torrc is in the Tor Browser Data directory at ~/Library/Application Support/TorBrowser-Data/Tor.
  • Note the Library folder is hidden on newer versions of macOS. To navigate to this folder in Finder, select "Go to Folder..." in the "Go" menu.
  • Then type ~/Library/Application Support/ in the window and click Go.

Close Tor Browser before you edit your torrc, otherwise Tor Browser may erase your modifications. Some options will have no effect as Tor Browser overrides them with command line options when it starts Tor.

Have a look at the sample torrc file for hints on common configurations. For other configuration options you can use, see the Tor manual page. Remember, all lines beginning with # in torrc are treated as comments and have no effect on Tor's configuration.

It's strongly discouraged to install new add-ons in Tor Browser, because they can compromise your privacy and security.

Installing new add-ons may affect Tor Browser in unforeseen ways and potentially make your Tor Browser fingerprint unique. If your copy of Tor Browser has a unique fingerprint, your browsing activities can be deanonymized and tracked even though you are using Tor Browser.

Each browser's settings and features create what is called a "browser fingerprint". Most browsers inadvertently create a unique fingerprint for each user which can be tracked across the internet. Tor Browser is specifically engineered to have a nearly identical (we're not perfect!) fingerprint across its users. This means each Tor Browser user looks like many other Tor Browser users, making it difficult to track any individual user.

There's also a good chance a new add-on will increase the attack surface of Tor Browser. This may allow sensitive data to be leaked or allow an attacker to infect Tor Browser. The add-on itself could even be maliciously designed to spy on you.

Tor Browser already comes installed with one add-on — NoScript — and adding anything else could deanonymize you.

Want to learn more about browser fingerprinting? Here's an article on The Tor Blog all about it.

Flash is disabled in Tor Browser, and we recommend you to not enable it. We don't think Flash is safe to use in any browser — it's a very insecure piece of software that can easily compromise your privacy or serve you malware. Fortunately, most websites, devices, and other browsers are moving away from the use of Flash.

If you're using Tor Browser, you can set your proxy's address, port, and authentication information in the Connection Settings.

If you're using Tor another way, you can set the proxy information in your torrc file. Check out the HTTPSProxy config option in the manual page. If your proxy requires authentication, see the HTTPSProxyAuthenticator option. Example with authentication:

  HTTPSProxy 10.0.0.1:8080
  HTTPSProxyAuthenticator myusername:mypass

We only support Basic auth currently, but if you need NTLM authentication, you may find this post in the archives useful.

For using a SOCKS proxy, see the Socks4Proxy, Socks5Proxy, and related torrc options in the manual page. Using a SOCKS 5 proxy with authentication might look like this:

  Socks5Proxy 10.0.0.1:1080
  Socks5ProxyUsername myuser
  Socks5ProxyPassword mypass

If your proxies only allow you to connect to certain ports, look at the entry on Firewalled clients for how to restrict what ports your Tor will try to access.

Please see the HTTPS Everywhere FAQ. If you believe this is a Tor Browser for Android issue, please report it on our issue tracker.

Since Tor Browser 11.5, HTTPS-Only Mode is enabled by default for desktop, and HTTPS Everywhere is no longer bundled with Tor Browser.

By default, your Tor client only listens for applications that connect from localhost. Connections from other computers are refused. If you want to torify applications on different computers than the Tor client, you should edit your torrc to define SocksListenAddress 0.0.0.0 and then restart (or hup) Tor. If you want to get more advanced, you can configure your Tor client on a firewall to bind to your internal IP but not your external IP.

Yes. Tor can be configured as a client or a relay on another machine, and allow other machines to be able to connect to it for anonymity. This is most useful in an environment where many computers want a gateway of anonymity to the rest of the world. However, be forewarned that with this configuration, anyone within your private network (existing between you and the Tor client/relay) can see what traffic you are sending in clear text. The anonymity doesn't start until you get to the Tor relay. Because of this, if you are the controller of your domain and you know everything's locked down, you will be OK, but this configuration may not be suitable for large private networks where security is key all around.

Configuration is simple, editing your torrc file's SocksListenAddress according to the following examples:

SocksListenAddress 127.0.0.1

SocksListenAddress 192.168.x.x:9100

SocksListenAddress 0.0.0.0:9100

You can state multiple listen addresses, in the case that you are part of several networks or subnets.

SocksListenAddress 192.168.x.x:9100 #eth0
SocksListenAddress 10.x.x.x:9100 #eth1

After this, your clients on their respective networks/subnets would specify a socks proxy with the address and port you specified SocksListenAddress to be. Please note that the SocksPort configuration option gives the port ONLY for localhost (127.0.0.1). When setting up your SocksListenAddress(es), you need to give the port with the address, as shown above. If you are interested in forcing all outgoing data through the central Tor client/relay, instead of the server only being an optional proxy, you may find the program iptables (for *nix) useful.

We configure NoScript to allow JavaScript by default in Tor Browser because many websites will not work with JavaScript disabled. Most users would give up on Tor entirely if we disabled JavaScript by default because it would cause so many problems for them. Ultimately, we want to make Tor Browser as secure as possible while also making it usable for the majority of people, so for now, that means leaving JavaScript enabled by default.

For users who want to have JavaScript disabled on all HTTP sites by default, we recommend changing your Tor Browser's Security Levels option. This can be done by clicking on the Security level icon (the shield right next to the URL bar) and then clicking on "Settings...". The "Standard" level allows JavaScript, the "Safer" level blocks JavaScript on HTTP sites and the "Safest" level blocks JavaScript altogether.

Please see the NoScript FAQ. If you believe this is a Tor Browser issue, please report it on our bug tracker.

It is often important to know what version of Tor Browser you are using, to help you troubleshoot a problem or just to know if Tor Browser is up to date. This is important information to share when raising a support ticket.

Tor Browser Desktop

  • When you have Tor Browser running, click on "Settings" in the hamburger menu (≡).
  • Scroll down to the "Tor Browser Updates" section where the version number is listed.

Tor Browser for Android

From the app

  • When you have Tor Browser for Android running, tap on 'Settings'.
  • Scroll to the bottom of the page.
  • Tap on 'About Tor Browser'.
  • The version number should be listed on this page.

From Android menu

  • Navigate to Android's Settings.
  • Tap on 'Apps' to open the list of apps installed on your device.
  • Find 'Tor Browser' from the list of apps.
  • Tap on 'Tor Browser'.
  • Scroll down to the very bottom of the page where the version number will be listed.

Lyrebird is the name of Tor's obfs4proxy that implements several pluggable transport protocols, including obfs4, meek, Snowflake and WebTunnel. In Tor Browser, it also implements the feature to request bridges and the circumvention API for Connection Assist.

Legacy operating systems are unsupported versions of operating systems. For instance, Microsoft ended official support for Windows 7, 8 and 8.1 in January of 2023. Legacy unsupported operating systems receive no security updates and may have known security vulnerabilities. With no official support and Firefox (Tor Browser is based on Firefox ESR) dropping support for legacy operating systems, maintaining Tor Browser for obsolete operating systems becomes unfeasible and a security risk for users.

Support for Windows 8.1 or lower and macOS 10.14 or lower will be discontinued with the release of Tor Browser 14, scheduled for the end of 2024. Users on Windows 7, 8 and 8.1 and macOS 10.12 to 10.14 will continue receiving security updates for Tor Browser 13.5 for a limited time until at least September of 2025. Please follow the instructions on this Tor Forum post to download Tor Browser 13.5 legacy.

Users on legacy operating systems are strongly advised to upgrade their operating system for access to Tor Browser 14 and later and for the latest security updates and new features in Tor Browser. Windows users are recommended to upgrade to Windows 10 or 11. macOS users are recommended to upgrade to macOS 10.15 (Catalina) or later. In some cases, it may require newer hardware in order to support the newer operating system.

Tor Browser prevents people from knowing the websites you visit. Some entities, such as your Internet Service Provider (ISP), may be able to see that you're using Tor, but they won't know where you're going when you do.

Tor Mobile

With the release of Tor Browser for Android, Orfox has been retired.

There is currently no supported method for running Tor Browser on older Windows Phones but in case of the newer Microsoft-branded/promoted phones, same steps as in Tor Browser for Android can be followed.

The Guardian Project maintains Orbot (and other privacy applications) on Android. More info can be found on the Guardian Project's website.

It will be, soon. In the meantime you can use F-Droid to download Tor Browser for Android by enabling the Guardian Project's Repository.

Learn how to add a repository to F-Droid.

We recommend iOS apps Onion Browser and Orbot for a secure connection to Tor. Onion Browser and Orbot are open source, use Tor routing, and are developed by someone who works closely with the Tor Project. However, Apple requires browsers on iOS to use something called Webkit, which prevents Onion Browser from having the same privacy protections as Tor Browser.

Learn more about Onion Browser. Download Onion Browser and Orbot from the App Store.

While both Tor Browser for Android and Orbot are great, they serve different purposes. Tor Browser for Android is like the desktop Tor Browser, but on your mobile device. It is a one stop browser that uses the Tor network and tries to be as anonymous as possible. Orbot on the other hand is a proxy that will enable you to send the data from your other applications (E-Mail clients, instant messaging apps, etc.) through the Tor network; a version of Orbot is also inside of Tor Browser for Android, and is what enables it to connect to the Tor network. That version, however, does not enable you to send other apps outside of Tor Browser for Android through it. Depending on how you want to use the Tor network, either one or both of these could be a great option.

Yes, there is a version of Tor Browser available specifically for Android. Installing Tor Browser for Android is all you need to run Tor on your Android device.

The Guardian Project provides the app Orbot which can be used to route other apps on your Android device over the Tor network, however only Tor Browser for Android is needed to browse the web with Tor.

The tracking code being reported is carried over from Firefox for Android as Tor Browser is based on Firefox. Exodus and other analysis tools have conducted static analysis of this tracking code, which does not verify whether the tracking code is active or disabled. All of the tracking code is disabled in Tor Browser for Android. Additionally, a complete removal of the tracking code is planned.

Connecting To Tor

One of the most common issues that causes connection errors in Tor Browser is an incorrect system clock. Please make sure your system clock and timezone are set accurately. If this doesn't fix the problem, see the Troubleshooting page on the Tor Browser manual.

If you're having trouble connecting, an error message may appear and you can select the option to "copy Tor log to clipboard". Then paste the Tor log into a text file or other document.

If you don't see this option and you have Tor Browser open, you can navigate to the hamburger menu ("≡"), then click on "Settings", and finally on "Connection" in the side bar. At the bottom of the page, next to the "View the Tor logs" text, click the button "View Logs...".

Alternatively, on GNU/Linux, to view the logs right in the terminal, navigate to the Tor Browser directory and launch Tor Browser from the command line by running:

./start-tor-browser.desktop --verbose

or to save the logs to a file (default: tor-browser.log)

./start-tor-browser.desktop --log [file]

You should see one of these common log errors (look for the following lines in your Tor log):

Common log error #1: Proxy connection failure

2017-10-29 09:23:40.800 [NOTICE] Opening Socks listener on 127.0.0.1:9150
2017-10-29 09:23:47.900 [NOTICE] Bootstrapped 5%: Connecting to directory server
2017-10-29 09:23:47.900 [NOTICE] Bootstrapped 10%: Finishing handshake with directory server
2017-10-29 09:24:08.900 [WARN] Proxy Client: unable to connect to xx..xxx..xxx.xx:xxxxx ("general SOCKS server failure")

If you see lines like these in your Tor log, it means you are failing to connect to a SOCKS proxy. If a SOCKS proxy is required for your network setup, then please make sure you've entered your proxy details correctly. If a SOCKS proxy is not required, or you're not sure, please try connecting to the Tor network without a SOCKS proxy.

Common log error #2: Can't reach guard relays

11/1/2017 21:11:43 PM.500 [NOTICE] Opening Socks listener on 127.0.0.1:9150
11/1/2017 21:11:44 PM.300 [NOTICE] Bootstrapped 80%: Connecting to the Tor network
11/1/2017 21:11:44 PM.300 [WARN] Failed to find node for hop 0 of our path. Discarding this circuit.
11/1/2017 21:11:44 PM.500 [NOTICE] Bootstrapped 85%: Finishing handshake with first hop
11/1/2017 21:11:45 PM.300 [WARN] Failed to find node for hop 0 of our path. Discarding this circuit.

If you see lines like these in your Tor log, it means your Tor failed to connect to the first node in the Tor circuit. This could mean that you're on a network that's censored.

Please try connecting with bridges, and that should fix the problem.

Common log error #3: Failed to complete TLS handshake

13-11-17 19:52:24.300 [NOTICE] Bootstrapped 10%: Finishing handshake with directory server 
13-11-17 19:53:49.300 [WARN] Problem bootstrapping. Stuck at 10%: Finishing handshake with directory server. (DONE; DONE; count 10; recommendation warn; host [host] at xxx.xxx.xxx.xx:xxx) 
13-11-17 19:53:49.300 [WARN] 10 connections have failed: 
13-11-17 19:53:49.300 [WARN]  9 connections died in state handshaking (TLS) with SSL state SSLv2/v3 read server hello A in HANDSHAKE 
13-11-17 19:53:49.300 [WARN]  1 connections died in state connect()ing with SSL state (No SSL object)

If you see lines like this in your Tor log, it means that Tor failed to complete a TLS handshake with the directory authorities. Using bridges will likely fix this.

Common log error #4: Clock skew

19.11.2017 00:04:47.400 [NOTICE] Opening Socks listener on 127.0.0.1:9150 
19.11.2017 00:04:48.000 [NOTICE] Bootstrapped 5%: Connecting to directory server 
19.11.2017 00:04:48.200 [NOTICE] Bootstrapped 10%: Finishing handshake with directory server 
19.11.2017 00:04:48.800 [WARN] Received NETINFO cell with skewed time (OR:xxx.xx.x.xx:xxxx): It seems that our clock is behind by 1 days, 0 hours, 1 minutes, or that theirs is ahead. Tor requires an accurate clock to work: please check your time, timezone, and date settings.

If you see lines like this in your Tor log, it means your system clock is incorrect. Please make sure your clock is set accurately, including the correct timezone. Then restart Tor.

Proxy server errors can occur for a variety of reasons. You may try one or more of the following activities in case you encounter this error:

  • If you have an antivirus, it may be interfering with the Tor service. Disable the antivirus and restart the browser.
  • You should not move the Tor Browser folder from its original location to a different location. If you did this, revert the change.
  • You should also check the port that you are connecting with. Try a different port from the one currently in use, such as 9050 or 9150.
  • When all else fails, reinstall the browser. This time, make sure to install Tor Browser in a new directory, not over a previously installed browser.

If the error persists, please get in touch with us.

If you cannot reach the onion service you desire, make sure that you have entered the 56-character onion address correctly; even a small mistake will stop Tor Browser from being able to reach the site. If you are still unable to connect to the onion service, please try again later. There may be a temporary connection issue, or the site operators may have allowed it to go offline without warning.

You can also ensure that you're able to access other onion services by connecting to DuckDuckGo's onion service.

Censorship

If you can't download Tor Browser through our website, you can get a copy of Tor Browser delivered to you via GetTor. GetTor is a service that automatically responds to messages with links to the latest version of Tor Browser, hosted at a variety of locations that are less likely to be censored, such as Dropbox, Google Drive, and GitHub. You can request via email or Telegram bot https://t.me/gettor_bot. You can also download Tor Browser from https://tor.eff.org or from https://lacebolla.net.

Send an email to [email protected] In the body of the mail, write the name of your operating system (such as Windows, macOS, or Linux). GetTor will respond with an email containing links from which you can download Tor Browser, the cryptographic signature (needed for verifying the download), the fingerprint of the key used to make the signature, and the package's checksum. You may be offered a choice of "32-bit" or "64-bit" software: this depends on the model of the computer you are using; consult documentation about your computer to find out more.

If you suspect that your government or Internet Service Provider (ISP) has implemented some form of Internet censorship or filtering, you can test whether the Tor network is being blocked by using OONI Probe. OONI Probe is a free and open source application developed by the Open Observatory of Network Interference (OONI). It is designed to test and measure which websites, messaging apps, and circumvention tools may be blocked.

Before you run these measurement tests, please carefully read OONI's security recommendations and risk assessment. As any other testing tool, please be aware of false positive tests with OONI.

To check if Tor is blocked, you can install OONI Probe on your mobile device or on your desktop, and run the "Circumvention Test". An OONI Tor Test can serve as an indication of a potential block of the Tor network, but a thorough analysis by our developers is crucial for a conclusive evaluation.

Tor Browser can certainly help people access your website in places where it is blocked. Most of the time, simply downloading the Tor Browser and then using it to navigate to the blocked site will allow access. In places where there is heavy censorship we have a number of censorship circumvention options available, including pluggable transports.

For more information, please see the Tor Browser User Manual section on censorship circumvention.

If you're having trouble connecting, an error message may appear and you can select the option to "copy Tor log to clipboard". Then paste the Tor log into a text file or other document.

If you don't see this option and you have Tor Browser open, you can navigate to the hamburger menu ("≡"), then click on "Settings", and finally on "Connection" in the side bar. At the bottom of the page, next to the "View the Tor logs" text, click the button "View Logs...".

Alternatively, on GNU/Linux, to view the logs right in the terminal, navigate to the Tor Browser directory and launch Tor Browser from the command line by running:

./start-tor-browser.desktop --verbose

or to save the logs to a file (default: tor-browser.log)

./start-tor-browser.desktop --log [file]

You should see one of these common log errors (look for the following lines in your Tor log):

Common log error #1: Proxy connection failure

2017-10-29 09:23:40.800 [NOTICE] Opening Socks listener on 127.0.0.1:9150
2017-10-29 09:23:47.900 [NOTICE] Bootstrapped 5%: Connecting to directory server
2017-10-29 09:23:47.900 [NOTICE] Bootstrapped 10%: Finishing handshake with directory server
2017-10-29 09:24:08.900 [WARN] Proxy Client: unable to connect to xx..xxx..xxx.xx:xxxxx ("general SOCKS server failure")

If you see lines like these in your Tor log, it means you are failing to connect to a SOCKS proxy. If a SOCKS proxy is required for your network setup, then please make sure you've entered your proxy details correctly. If a SOCKS proxy is not required, or you're not sure, please try connecting to the Tor network without a SOCKS proxy.

Common log error #2: Can't reach guard relays

11/1/2017 21:11:43 PM.500 [NOTICE] Opening Socks listener on 127.0.0.1:9150
11/1/2017 21:11:44 PM.300 [NOTICE] Bootstrapped 80%: Connecting to the Tor network
11/1/2017 21:11:44 PM.300 [WARN] Failed to find node for hop 0 of our path. Discarding this circuit.
11/1/2017 21:11:44 PM.500 [NOTICE] Bootstrapped 85%: Finishing handshake with first hop
11/1/2017 21:11:45 PM.300 [WARN] Failed to find node for hop 0 of our path. Discarding this circuit.

If you see lines like these in your Tor log, it means your Tor failed to connect to the first node in the Tor circuit. This could mean that you're on a network that's censored.

Please try connecting with bridges, and that should fix the problem.

Common log error #3: Failed to complete TLS handshake

13-11-17 19:52:24.300 [NOTICE] Bootstrapped 10%: Finishing handshake with directory server 
13-11-17 19:53:49.300 [WARN] Problem bootstrapping. Stuck at 10%: Finishing handshake with directory server. (DONE; DONE; count 10; recommendation warn; host [host] at xxx.xxx.xxx.xx:xxx) 
13-11-17 19:53:49.300 [WARN] 10 connections have failed: 
13-11-17 19:53:49.300 [WARN]  9 connections died in state handshaking (TLS) with SSL state SSLv2/v3 read server hello A in HANDSHAKE 
13-11-17 19:53:49.300 [WARN]  1 connections died in state connect()ing with SSL state (No SSL object)

If you see lines like this in your Tor log, it means that Tor failed to complete a TLS handshake with the directory authorities. Using bridges will likely fix this.

Common log error #4: Clock skew

19.11.2017 00:04:47.400 [NOTICE] Opening Socks listener on 127.0.0.1:9150 
19.11.2017 00:04:48.000 [NOTICE] Bootstrapped 5%: Connecting to directory server 
19.11.2017 00:04:48.200 [NOTICE] Bootstrapped 10%: Finishing handshake with directory server 
19.11.2017 00:04:48.800 [WARN] Received NETINFO cell with skewed time (OR:xxx.xx.x.xx:xxxx): It seems that our clock is behind by 1 days, 0 hours, 1 minutes, or that theirs is ahead. Tor requires an accurate clock to work: please check your time, timezone, and date settings.

If you see lines like this in your Tor log, it means your system clock is incorrect. Please make sure your clock is set accurately, including the correct timezone. Then restart Tor.

Bridge relays are Tor relays that are not listed in the public Tor directory.

That means that ISPs or governments trying to block access to the Tor network can't simply block all bridges. Bridges are useful for Tor users under oppressive regimes, and for people who want an extra layer of security because they're worried somebody will recognize that they are contacting a public Tor relay IP address.

A bridge is just a normal relay with a slightly different configuration. See How do I run a bridge for instructions.

Several countries, including China and Iran, have found ways to detect and block connections to Tor bridges. Obfsproxy bridges address this by adding another layer of obfuscation. Setting up an obfsproxy bridge requires an additional software package and additional configurations. See our page on pluggable transports for more info.

Snowflake is a pluggable transport available in Tor Browser to defeat internet censorship. Like a Tor bridge, a user can access the open internet when even regular Tor connections are censored. To use Snowflake is as easy as to switch to a new bridge configuration in Tor Browser.

This system is composed of three components: volunteers running Snowflake proxies, Tor users that want to connect to the internet, and a broker, that delivers snowflake proxies to users.

Volunteers willing to help users on censored networks can help by spinning short-lived proxies on their regular browsers. Check, how can I use Snowflake?

Snowflake uses the highly effective domain fronting technique to make a connection to one of the thousands of snowflake proxies run by volunteers. These proxies are lightweight, ephemeral, and easy to run, allowing us to scale Snowflake more easily than previous techniques.

For censored users, if your Snowflake proxy gets blocked, the broker will find a new proxy for you, automatically.

If you're interested in the technical details and specification, see the Snowflake Technical Overview and the project page. For other discussions about Snowflake, please visit the Tor Forum and follow up the Snowflake tag.

Snowflake is available in Tor Browser stable for all platforms: Windows, macOS, GNU/Linux, and Android. You can also use Snowflake with Onion Browser on iOS.

If you're running Tor Browser for desktop for the first time, you can click on 'Configure Connection' on the start-up screen. Under the "Bridges" section, locate the option "Choose from one of Tor Browser's built-in bridges" and click on "Select a Built-In Bridge" option. From the menu, select 'Snowflake'. Once you've selected Snowflake, scroll up and click 'Connect' to save your settings.

From within the browser, you can click on the hamburger menu ("≡"), then go to 'Settings' and go to 'Connection'. Alternatively, you can also type about:preferences#connection in the URL bar. Under the "Bridges" section, locate the option "Choose from one of Tor Browser's built-in bridges" and click on "Select a Built-In Bridge" option. From the menu, select 'Snowflake'.

If your internet access is not censored, you should consider installing the Snowflake extension to help users in censored networks. When you run Snowflake on your regular browser, you will proxy traffic between censored users and an entry node in the Tor network, and that's all.

Due to censorship of VPN servers in some countries, we kindly ask you to not run a snowflake proxy while connected to a VPN.

Add-on

Firstly make sure you have WebRTC enabled. Then you can install this extension for Firefox or the extension for Chrome which will let you become a Snowflake proxy. It can also inform you about how many people you have helped in the last 24 hours.

Web page

In a browser where WebRTC is enabled: If you don't want to add Snowflake to your browser, you can go to embed-snowflake.torproject.org and toggle the button to opt in to being a proxy. You shouldn't close that page if you want to remain a Snowflake proxy.

If you have exhausted general troubleshooting steps, it's possible that your connection to Tor is censored. In that case, connecting with one of the built-in censorship circumvention methods in Tor Browser can help. Connection Assist can automatically choose one for you using your location.

If Connection Assist is unable to facilitate the connection to Tor, you can configure Tor Browser to use one of the built-in circumvention methods manually. To use bridges and access other censorship circumvention related settings, click "Configure Connection" when starting Tor Browser for the first time. In the "Bridges" section, locate the option "Choose from one of Tor Browser's built-in bridges" and click on the "Select a built-In bridge" option. From the menu, select a censorship circumvention method.

Or, if you have Tor Browser running, click on "Settings" in the hamburger menu (≡) and then on "Connection" in the sidebar. In the "Bridges" section, locate the option "Choose from one of Tor Browser's built-in bridges" and click on the "Select a built-In bridge" option. Select a censorship circumvention method from the menu. Your settings will automatically be saved once you close the tab.

If Tor fails to connect, you might have to try other methods of getting bridges. Please refer to the Tor Browser User Manual for further instructions and more information about bridges. If you have Tor Browser installed type about:manual#bridges in the address bar of Tor Browser to read the offline manual.

Users in China need to take a few steps to circumvent the Great Firewall and connect to the Tor network.

To get an updated version of Tor Browser, try the Telegram bot first: @gettor_bot. If that doesn't work, you can send an email to [email protected] with the subject "windows", "macos", or "linux" for the respective operating system.

After the installation, Tor Browser will try to connect to the Tor network. If Tor is blocked in your location, Connection Assist will try to automatically connect using a bridge or Snowflake. But if that doesn't work, the second step will be to obtain a bridge that works in China.

There are following options to unblock Tor in China:

  1. WebTunnel: makes the traffic look like a regular HTTPS connection to a webpage server giving the impression that the user is simply browsing the web. To obtain WebTunnel bridges, visit our bridges website. From the "Advanced options" select "WebTunnel", from the dropdown, as the pluggable transport. Then click on "Get Bridges". Support for WebTunnel bridges is only available on Tor Browser for Desktop and Android.
  2. Snowflake: uses ephemeral proxies to connect to the Tor network. It's available in Tor Browser and other Tor powered apps like Orbot. You can select Snowflake from Tor Browser's built-in bridge menu.
  3. Private and unlisted obfs4 bridges: contact our Telegram Bot @GetBridgesBot and type /bridges. Or send an email to [email protected] with the phrase "private bridge cn" in the subject of the email. If you are tech-savvy, you can run your own obfs4 bridge from outside China. Remember that obfs4 bridges distributed from the Tor bridges website, and built-in obfs4 bridges bundled in Tor Browser most likely won't work.
  4. meek-azure: makes it look like you are browsing a website instead of using Tor. However, because it has a bandwidth limitation, this option will be quite slow. You can select meek-azure from Tor Browser's built-in bridges dropdown.

For obfs4 or WebTunnel bridges obtained via email or from the Bridges website, follow instructions on the Tor Browser User Manual to enter the bridge addresses in Tor Browser.

If one of these options above is not working, check your Tor logs and try another option. If you need help, you can contact our support team on Telegram Tor Project Support and Signal.

Find up-to-date instructions on how to circumvent censorship and connect to Tor from Russia on our forum guide: Tor blocked in Russia - how to circumvent censorship.

If you need help, contact us via Telegram, WhatsApp, Signal, or by email [email protected]. For censorship circumvention instructions, use "private bridge ru" as the subject line of your email.

Sometimes websites will block Tor users because they can't tell the difference between the average Tor user and automated traffic. The best success we've had in getting sites to unblock Tor users is getting users to contact the site administrators directly. Something like this might do the trick:

"Hi! I tried to access your site xyz.com while using Tor Browser and discovered that you don't allow Tor users to access your site. I urge you to reconsider this decision; Tor is used by people all over the world to protect their privacy and fight censorship. By blocking Tor users, you are likely blocking people in repressive countries who want to use a free internet, journalists and researchers who want to protect themselves from discovery, whistleblowers, activists, and ordinary people who want to opt out of invasive third party tracking. Please take a strong stance in favor of digital privacy and internet freedom, and allow Tor users access to xyz.com. Thank you."

In the case of banks, and other sensitive websites, it is also common to see geography-based blocking (if a bank knows you generally access their services from one country, and suddenly you are connecting from an exit relay on the other side of the world, your account may be locked or suspended).

If you are unable to connect to an onion service, please see I cannot reach X.onion!.