Firefox soon to include Tor natively?
Many Internet users think that Mozilla has to step up its game to compete against the Chrome browser and see eye to eye with that browser when it comes to usage share and other metrics.
Firefox is without doubt still a formidable browser, loved by its users for its customization options, the add-ons, memory usage and the philosophy of Mozilla, the organization behind it.
Mozilla is however criticized as well, for focusing on the wrong feature additions for example or concentrating on mobile development.
If you think about what Mozilla could do to improve the browser significantly, you may list out-of-process tabs as the number one feature.
Firefox is already a strong force when it comes to privacy on the web but if rumors are to be believed, it could get a feature that would set it apart from its main competitor Chrome further.
The Daily Dot reports that Tor may be heading to Firefox. Tor is a privacy software that protects users on the Internet. It is available as a standalone version right now in form of the Tow Browser which is based on Firefox ESR.
The benefit for Mozilla is that the browser's private browsing mode gets a great upgrade while the Tor projects benefit is that the technology is being distributed in one of the most popular web browsers available on today's Internet.
According to the mag, Tor executive director Andrew Lewman mentioned that the project is in discussions with a company that is holding roughly 10-20% of the global market of 2.8 billion Internet users.
While Mozilla was not mentioned by name by the director, the description fits Mozilla perfectly. It is too early to tell if Tor will indeed find its way into Firefox but if will, it could become a major asset for Mozilla.
Tor would improve Firefox's current private browsing mode significantly. The current implementation aims to remove tracks on the local device only while TOR would protect users while they are connected to the Internet.
There is still work to be done even after talks finish successfully. A surge in users without proper resource upgrades could slow down traffic to a trickle. Considering that integration in Firefox could very well multiple the Tor user base over night, it is something that the Tor project and Mozilla would have to work out before making available the option to run Tor from within Firefox.
Now You: What's your take on this? Is it a good idea or would you prefer that Tor and Firefox would remain separate products?
Update: A Mozilla spokesperson had this to add:
â€œMozilla and the Tor Project share many of the same values and goals, such as building user trust in the Web and giving users more capabilities to navigate the Web on their own terms. We have a long-standing relationship with the Tor Project and regularly discuss ways we might collaborate to strengthen the open Web and deliver a better browsing experience for Firefox users, but have no specific projects to share at this time.
Now that’s a good step towards “private tab”.
Please do an article on how to use TOR with all the top browsers. The TOR Browser Bundle crashes a lot and many of its browser functions don’t work. How do you access the .onion network?
1. Check IP by searching “What is my IP” | Remember
2. Go to Sourceforge
3. Download and unzip Advanced Tor
4. Find and click on application icon (greenish) | Tor Starts
5. Find Connections Settings location for desired browser
(e.g. FF = Options-Advanced-Network-Settings-Manual Proxy)
6. In Socks Host enter 127.0.0.1 | Port 9050
7. Remote DNS check the box
8. Check IP again; it should be different than Step 1
9. Choose a different relay if browsing seems slow
10. Go here and play with SSH | https://www.fastssh.com/home
Focusing on privacy is unfortunately relevant as well of a simple user who hides but his privacy as of a bad guy who hides bad things, really bad sometimes. This is why agencies are concerned with TOR, even if one can speculate that spying may not be for the only sake of finding the worst.
I simply wouldn’t want the use of TOR as the trigger of a focused curiosity on my Web sessions. I wouldn’t want attracting curiosity towards a user who calls upon TOR to encapsulate his privacy. This fear may be wrong, as fears are never a good guide. Until they stop you from dropping all the way down.
As for a native TOR in Firefox, I guess it would be an option, of course. The point is, if I do believe the idea is worthy, I am not at all certain I’d opt-in.
For what it’s worth:
After you’ve installed Tor Browser Bundle, you can immediately disable (or uninstall) the Tor browser extension and / or the HTTPSEverywhere extension. Then launch the browser using the “firefox.exe” and you have a non-torified ff version 24.8esr browser.
The Tor developer have applied numerous appealing tweaks to the stock 24esr codebase. I prefer using the non-torified TorBrowser v3.6.6 vs using stock mozilla ff v24.8esr
Very good logic. Much like I don’t put locks on my doors too. As the locks will tell people that I have something to hide. It’s better if they don’t know.
Safety in crowds. If Firefox can get a crowd of 10%-20% worldwide using it. It’ll be very hard to trigger anything.
Actually, while it’s true that bad guys can abuse (and so I guess they do), the main bad guys are those who spy everyone – or those for who they work… -, threatening basic liberty. If you sacrifice liberty, then do not doubt that you will be abused very well, and in an official manner.
Millons and millions of new targets for the spooks at fort meade, Maryland and the doughnut, Cheltenham, sure give them a mental workout making sense and sifting through that litlle lot of 1&0s, back door anyone? or something lurking in the NSA/GCHQ basement perhaps! (racquets mum nu top) hence we find there are (cosmo re enters) yes their anagrams sorry no prizes, and now back to the cider.
@Stegall: I’m not sure what your problem with TOR would be. I use it on top of a VPN service. So it’s vpn on vpn and I haven’t encountered any crashes.
As a note: certain browser functions are anathema to privacy. Like java scripts and Adobe. If those are must haves than privacy and anonymity is not a concern of yours.
@Dante: How fast is your internet? How’s the speed doing while using vpn on vpn?
I have 65mbps while on VPN. TOR drops it down to about 35mbps if I use the U.S. Eastern seaboard or German portals. Much slower if I go through Russia, France or UK.
If TOR were integrated into FF as an option, then it needs some strict oversight (not sure if this can be achieved). Because without that, simple OpSec will break down for 99% of users. In other words, if you flick open a new Tor window, that window cannot store cookies (a separate TOR cookie jar so as to not disturb your other cookies), cannot remember or lookup saved passwords, does not allow JS or flash or html5, no DOM, hides its font enumeration, does not allow listing of plugins, limiting history to 2 or 3 entries, uses memory cache only not disk cache, header referrals (smart referrals so sites don’t break), etc etc etc, including a standard ONE OFF spoofed user agent eg “Mozilla Tor Bundle” so all the users worldwide are the same – maybe right down to blocking windows/browser resolutions and time zones (whatever the tor project comes up with).
Otherwise, what is the point of trying to have your normal FF (with some cookies, eg a couple of sites where you log in) coexist with a secret squirrel edition that will access that cookie if it can – eg do a google search, whammo, your google/gmail cookie etc. I know this is a rather simplistic example – but seriously, 99% of users will fail basic OpSec in the first few hours. Load TOR window, go to F*ckbook, log in, post “yay! i’m anonymous!” /s
That said, if they can totally create a new instance (multiple processes!! hurry up mozilla) with secure rules, so that every FF user out there can try out TOR, then that’s awesome. File>New TOR Window (properly implemented)
“Load TOR window, go to F*ckbook, log in, post “yay! i’m anonymous!” /s”
You made me laugh.
Isn’t TOR the slowest of all the browsers?
communications routed via TOR are comparatively (noticeably) slow, regardless which browser you’re using.
Private Browsing V2.0 FTW
Sadly, the government will soon find a way to make hiding on Tor etc., illegal.
You know it’s all good when the US government is interested in Tor (http://www.theguardian.com/technology/2014/jul/29/us-government-funding-tor-18m-onion-router). And also if the FBI has it’s claws on TOR (http://www.wired.com/2013/09/freedom-hosting-fbi/)….
That’s what this whale of a browser needs — more bloat to make it run even slower. I’d rather they fixed the bug that makes the browser crash before it even starts and hang in the bg so I have to kill the process before I can start it again that’s been around for a couple of months now…
How about if I need TOR, I download TOR?
I too would hope Tor project to remain independent of mozilla, but merged development would not “add bloat” as you’ve implied, because Tor integration is achieved via a ff extension ~~ can be disabled/uninstalled from the freestanding browser if you wish.
As of v3.6.x, the TorBrowser codebase in fact represents an UN-bloated custom build of firefox v24esr. I worry that in the eventuality of a merger, the TorBrowser developers would need to “cave” and accept the presence of several “kitchen sink” features (features/components which the tor devs are currently paring when building their version).
Mozilla-firefox will do what it wants to do. Sadly, none of its users suggestions or gripes are taken into account before implementing what they want to do.
Tor will never be illegal, the problem are the nodes. Legal or illegal some exit nodes can be compromised like in the past, the directory attack and others still exists or can be updated so that it may works with older/newer versions. To integrate tor is a good step, but we need transparency which nodes are maybe compromised or a tracker that update it regular. But as long the user get the choice to enable/disable and control it it’s useful, imho.
> So it’s vpn on vpn and I haven’t encountered any crashes.
You not understand tor, it’s not a vpn, it’s more like a proxy.
> The TOR Browser Bundle crashes a lot and many of its browser functions don’t work
The Browser never crashed for me, are you use a clean install? I’m on latest 4.0.3 alpha and it works like a dream, you should not use another extension like the included one, because of security reasons and stability reasons.
> Please do an article on how to use TOR with all the top browsers
There are already several guides, did you 2 sec. google for it? Seems not. Tor already has a very good and newbie friendly documentation. Just download the browser, extract/install, run it and it works.
Since tor is a proxy back-end which only take control over browser traffic (if you not use it native openwrt with your router) windows itself also should provide or include i2p for inbound traffic, that would be total secure in my eyes.
> Sadly, the government will soon find a way to make hiding on Tor etc., illegal
As I said it will never be illegal, compromised yes but not illegal. NSA also gives a lot money into this project and without that it wouldn’t be so good as it already is. A lot of servers are sponsored by the nsa. It’s all written down in there wiki/page/blog but nobody read it.
‘but have no specific projects to share at this time’
*Sigh* that says it all.
Having security technologies such as Tor integrated directly into browsers, in an ago where government agencies go around spying on all and sundry without posing the question of whether you are a suspect, has become a necessity.
I would definitely like to see Tor integrated into the pirate browsing feature already available in the Firefox web browser.
For those of you with the mind set of “if you have nothing to hide then you should have nothing to fear” BS, yeah, keep telling yourselves even when they begin barging into your homes in the middle of the night without a justifiable cause.
Just because I exercise my human desire to express my liberty/freedom by putting myself out in public does not mean that I condone having my every move aggregated and tracked by government agencies or by any other creep out there.
If you do not mind the idea of being tracked by the government then to hell with you!
Some more sources:
Stormy tool (release next month+)