Latest release

1.6.1

@mtigas mtigas released this Aug 18, 2016 · 33 commits to 1.X since this release

Available on the App Store

Current App Store Version as of August 19, 2016.

See onionbrowser.com and onionbrowser.com/security for official announcements and notes.

Changes:

See changelog for full details.

  • iObfs rebuilt with Go 1.7 (was 1.7rc3). Fixes crash-on-launch in iOS 10 Beta.
  • See 1.6.0 changelog for more changes in the Onion Browser 1.6 series.

Verification:

(App bundle hash verification is coming soon.)

Downloads

1.6.0

@mtigas mtigas released this Aug 5, 2016 · 39 commits to 1.X since this release

See onionbrowser.com and onionbrowser.com/security for official announcements and notes.

Changes:

See changelog for full details.

Downloads

1.5.13

@mtigas mtigas released this Oct 30, 2015 · 88 commits to 1.X since this release

See onionbrowser.com and onionbrowser.com/security for official announcements and notes.

Changes:

  • Minimum required iOS version is now iOS 8.0 (was iOS 6.1). Users running iOS 8.0 and 8.1 will be warned about HTTPS insecurity in these older versions (due to FREAK exploit). iOS 8.2 will be required by the end of 2015.
  • Update HTTP errors. The "HTTPS Connection Failed" error was displaying in situations where the error had nothing to do with SSL failure.
  • Allow navigating to "about:blank" and allow setting the homepage to that URL. (#62)
  • Update bridge handling to make it difficult to enter in an unsupported bridge type, such as "obfs4" or "scramblesuit" via text entry or the QR Code scanner. (Prevents a situation where a user ends up with an "unusable" Onion Browser.)
  • Tor updated to 0.2.6.5-rc.
    https://gitweb.torproject.org/tor.git/plain/ReleaseNotes?h=release-0.2.6
  • OpenSSL updated to 1.0.2d.
    https://openssl.org/news/changelog.html

Downloads

1.5.12

@mtigas mtigas released this Mar 20, 2015 · 93 commits to 1.X since this release

Changes:

Verification:

You can check that your version of Onion Browser matches a known copy of the app. This is helpful for safety reasons, if you are not confident that your copy of Onion Browser has been tampered with.

You'll need to have this version of Onion Browser (1.5.12) downloaded and available in iTunes. Go into iTunes and make sure that Onion Browser appears in the "My Apps" tab. Since this is the most recent version of Onion Browser, ensure that the app is updated. (If it has an "Update" flag, you can right-click the app and select "Update App" to download 1.5.12.)

If you don't have Onion Browser on your computer, you can retrieve this version by syncing your iPhone/iPad to your computer or by searching for Onion Browser in iTunes with the same Apple account that you used to buy it on your iPhone/iPad.

If you get a hash that's different than cc31dad8ec3aa4f72b1de09557d5840b2039c585328098973b3cb1a7ad3205d521c95a21288443dd8eef86028800db0895b1e47b20e131054947685c5161fc44, please report it in this thread immediately, or e-mail me.

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

If you have installed Onion Browser via the App Store, you can
double-check the authenticity of your copy of Onion Browser by doing
something like the following and ensuring that the resultant SHA512
hash is identical. 

Sync your phone (& sync the apps over to your computer) or download
Onion Browser via the App Store in iTunes on your computer. Then:

$ mkdir /tmp/ob1512
$ cd /tmp/ob1512
$ unzip -o "$HOME/Music/iTunes/iTunes Media/Mobile Applications/Onion Browser 1.5.12.ipa"
$ rm -fr "Payload/OnionBrowser.app/SC_Info"
$ find Payload -type f -print0 | xargs -0 shasum -a512 | shasum -a512
cc31dad8ec3aa4f72b1de09557d5840b2039c585328098973b3cb1a7ad3205d521c95a21288443dd8eef86028800db0895b1e47b20e131054947685c5161fc44  -

It'll tell you that your copy of the Onion Browser app package is
the same as everyone else's. (But of course that doesn't help if
there's fishiness in Xcode or in the App Store submission process.)

Per [1][2], although the App Store-hosted ".ipa" bundle of the app
changes from user-to-user (because the ".ipa" zip file contains
user-specific SC_Info), the remainder of the app contents should be
the same from user to user. See [3] & [4] for further work on this.

[1]: https://github.com/WhisperSystems/Signal-iOS/issues/641#issuecomment-77376731
[2]: https://github.com/WhisperSystems/Signal-iOS/issues/641#issuecomment-78202740
[3]: https://github.com/OnionBrowser/iOS-OnionBrowser/issues/58
[4]: https://github.com/WhisperSystems/Signal-iOS/issues/641
-----BEGIN PGP SIGNATURE-----

iQEcBAEBCgAGBQJWKYVjAAoJEGQdTjqn+ftyZXoIAJI0iCd0Ok3zy5w5YMtLlYOn
Ii9RQ0p9DGQPOeMrvjK4TmcKapniP43VSIxsxYvSvlezVjBwx8LLkHQ7aC5NK7JA
jJglZUukdbX/5FhFof9SSRwCCVhC7jrJGNMzpB+sNP54WVsT8/sVsxSSvGEQdtvO
yqb/B7Ipv6eOMUGDUP/JsQzHExzN82eF90+8UZ2QS29WUq0esHl8zLB0D00WdLlo
oSkGtSPeNi+m3R5/hQ/MxD9hWkGRYn1hKm6rlT6yS9/tFt1jGyXsjOKhYD2Lo8ql
1+fvhObM999nVBgf9/PcOcaS5oi4zLBMFc+nuUcvrGGaJ/gAN56qtSjFRv4hwg4=
=w6XH
-----END PGP SIGNATURE-----

Downloads