Hello, I tagged sandboxed-tor-browser 0.0.12 just now. Changes in version 0.0.12 - 2017-08-01: * Bug 22969: Disable the addon blocklist. * Bug 22984: Force IDNs to be displayed as punycode to thwart homograph attacks. * Bug 22967: Force disable crashdump reporting. * Bug 23058: Apply the SelfRando workaround to 7.5a3 as well. * Default disable `dom.securecontext.whitelist_onions`. Rationale for the potentially controversial changes are as follows: * Disabling the addon blocklist is done to thwart Mozilla from attempting to disable extensions critical to Tor Browser functionality. While this would have a net negative impact on user security if non-standard addons had security problems that required emergency disabling, the sandbox was changed to exclude non-standard addons when creating the container as of 0.0.11. Enabling non-standard addons in the sandbox would require altering the source code and rebuilding. Anyone who does that is on their own. * Forcing IDNs to be displayed as punycode is the mitigation for #21961. Mozilla isn't fixing this, the Tor Browser developers are apparently busy, so the sandbox will do it. * Force disabling crashdump reporting is a pre-emptive opt out from the GSOC crash reporting project. I do not have time to examine how crash dumps are sanitized, and until I do, I will treat them as a massive anonymity hazzard. Till crashdumps are enabled (hopefully as an opt-in with lots of warning labels), this will have no effect. * Default disabling `dom.securecontext.whitelist_onions` means that unless the user manually flips the pref, the `.onion` TLD will retain the existing 7.0.x behavior. As I've said before, I'm firmly against any changes that blur the line between Onion Services and TLS with a CA signed cert. People are free to disagree, but I'm unlikely to change my mind. Till the pref is actually implemented, this will have no effect. Regards, -- Yawning Angel