Tor Browser is a web browser based on Mozilla Firefox but configured to protect your privacy.

Tor alone is not enough to protect your anonymity and privacy while browsing the web. All modern web browsers, such as Firefox, support JavaScript, Adobe Flash, cookies, and other services which have been shown to be able to defeat the anonymity provided by the Tor network.

Tor Browser integrates all sorts of security measures to prevent such attacks. But since Tor Browser disables some dangerous functionalities, some sites might not work as usual.

Some frequently asked questions about Tor Browser can be found in the FAQ.

If you want to browse web pages on your local network, refer to our documentation on accessing resources on the local network.

محافظت AppArmor

Tor Browser in Tails is confined with AppArmor to protect the system and your data from some types of attacks against Tor Browser. As a consequence, Tor Browser in Tails can only read and write to a limited number of folders.

This is why, for example, you might face Permission denied errors if you try to download files to the Home folder.

می‌توانید فایل‌هایتان را از مروگر تور در پوشهٔ مرورگر تور ذخیره کنید که در پوشهٔ خانه قرار دارد. محتویات این پوشه پس از خاموش کردن تیلز ناپدید می‌شوند.

  • اگر می‌خواهید با مرورگر تور فایل آپلود کنید، ابتدا آن‌ها را در آن پوشه کپی کنید.

  • اگر ویژگی مانای اطلاعات شخصی را فعال کرده باشید، می‌توانید از پوشهٔ مرورگر تور موجود در پوشهٔ مانا نیز استفاده کنید. در این صورت محتویات این پوشه ذخیره شده و در نشست‌های کاری مختلف قابل دسترسی خواهد بود.

برای این که بتوانید فایل‌های بزرگ‌تر از حافظهٔ تصادفی موجود را دانلود کنید، باید ویژگی مانای اطلاعات شخصی را فعال کنید.

HTTPS encryption with HTTPS Everywhere

Using HTTPS instead of HTTP encrypts your communications while browsing the web.

All the data exchanged between your browser and the server you are visiting is encrypted. HTTPS prevents the Tor exit node from eavesdropping on your communications.

HTTPS also includes mechanisms to authenticate the server you are communicating with. But, those mechanisms can be flawed, as explained on our warning page.

For example, here is how the browser looks when we try to log in to an email account at riseup.net, using their webmail interface:

Notice the padlock icon on the left of the address bar saying "mail.riseup.net". Notice also the address beginning with "https://" (instead of "http://"). These are the indicators that an encrypted connection using HTTPS is being used.

When you are sending or retrieving sensitive information (like passwords), you should try to only use services providing HTTPS. Otherwise, it is very easy for an eavesdropper to steal whatever information you are sending, or to modify the content of a page on its way to your browser.

HTTPS Everywhere is a Firefox extension included in Tor Browser. It is produced as a collaboration between The Tor Project and the Electronic Frontier Foundation. It encrypts your communications with a number of major websites. Many sites on the web offer some limited support for encryption over HTTPS, but make it difficult to use. For example, they might default to unencrypted HTTP, or fill encrypted pages with links that go back to the unencrypted site. The HTTPS Everywhere extension fixes these problems by rewriting all requests to these sites to HTTPS.

To learn more about HTTPS Everywhere, you can see:

محافظت در برابر جاوااسکریپت‌های خطرناک

Having all JavaScript disabled by default would disable a lot of harmless and possibly useful JavaScript, and might render many websites unusable.

That is why JavaScript is enabled by default in Tor Browser.

But, we rely on Torbutton to disable all potentially dangerous JavaScript.

We consider this as a necessary compromise between security and usability. As of today we are not aware of any JavaScript that would compromise the anonymity provided by Tails.

To understand better the behavior of Tor Browser, for example, regarding JavaScript and cookies, you can refer to the Tor Browser design document.

زبانهٔ امنیتی

You can use the security slider of Tor Browser to disable browser features as a trade-off between security and usability. For example, you can use the security slider to disable JavaScript completely.

The security slider is set to Standard by default which gives the most usable experience.

To change the value of the security slider, click on the button on the left of the address bar and choose Security Settings…

زبانهٔ امنیتی در حالت پیش‌فرض (پایین)

Tor circuit

Click on the Show site information button in the address bar to show the Tor circuit that is used to connect to the website in the current tab, its 3 relays, their IP addresses, and countries.

The last relay in the circuit, the one immediately above the destination website, is the exit relay. Its country might influence how the website behaves.

Click on the New Circuit for this Site button to use a different circuit.

You can use Onion Circuits to get more detailed information about the circuits being used.

ویژگی هویت جدید

The New Identity feature of Tor Browser:

  • تمام زبانه‌های باز را می‌بندد.
  • تمام مسائل مربوط به نشست کاری از جمله حافظهٔ پنهان، تاریخچه و کوکی‌ها را (به جز کوکی‌های محافظت‌شده توسط ویژگی محافظت از کوکی‌ها) پاک می‌کند.
  • تمام ارتباطات وب موجود را می‌بندد و مدارهای جدید تور ایجاد می‌کند.
  • تمام محتوای بریده‌دان را پاک می‌کند.

To switch to a new identity, click on the button on the left of the address bar and choose New Identity.

This feature is not enough to strongly separate contextual identities in the context of Tails, as the connections outside of Tor Browser are not restarted.

Restart Tails instead.

برای جزییات بیشتر رجوع کنید به سند طراحی و اجرای مرورگر تور.

«نواسکریپت» برای کنترل بیشتر روی جاوااسکریپت‌ها

Tor Browser includes the NoScript extension to allow more control over JavaScript, for example, to disable JavaScript completely on some websites.

By default, NoScript is disabled and some JavaScript is allowed by Tor Browser, as explained above.

For more information, you can refer to the NoScript website and features.