Again, some time has passed since the initial release of TorBox v.0.5.1. Even if we already started to work on TorBox v.0.5.2, we decided to release an updated image of TorBox v.0.5.1 due to some critical fixes and a new tor version.

This version is based on Raspberry Pi OS “Bullseye” lite (64 bit) with Linux Kernel 5.15.61 and Tor version 0.4.7.10. It contains several major fixes to reduce memory pressure on relays and possible side-channel. It also includes a major bugfix related to congestion control to reduce memory pressure on relays. Finally, another major bugfix is related to Vanguard L2 layer node selection.

One bug in the initial release was that TorBox would not automatically add a bridge when that option was chosen in the Countermeasure sub-menu. This problem is in connection with mechanize 0.4.8. For that reason, we went back to version 0.4.7. Also, bridges_get.py failed because the HTML generated by https://bridges.torproject.org/bridges?transport=obfs4 has changed. To fix it, we added the patch from lockcda (see issue #173 on GitHub). Also, the way GitHub reports the available tor versions changed and broke the installation and update scripts. We fixed the affected scripts. Also, we removed the tor-specific entries in torbox.run because of the complexity, it doesn’t give an added value.

Here are the links to the new updated TorBox v.0.5.1:
TorBox Image (about 1 GB): v.0.5.1 (20.10.2022) – SHA-256 values
TorBox Menu only: v.0.5.1 (20.10.2022) – SHA-256 values

How to update an old TorBox v.0.5.1 (19.07.2022) installation?
You can perform the following tasks to update an older TorBox v.0.5.1 (19.07.2022) installation. This shouldn’t alter your custom-made configurations – however, I don’t promise anything (if needed, make a backup!).

1. Please, make sure that TorBox has Internet connectivity.
2. First, update the TorBox menu in the Update and Maintenance sub-menu (entry 5) to immediately benefit from the bugfixes.
3. Press ESC until you have left the Torbox menu and find yourself back at the command line. Here use the following commands for
   .
   • removing mechanize 0.4.8: sudo pip3 uninstall mechanize
   • installing mechanize 0.4.7: sudo pip3 install mechanize==0.4.7

• • •

Known problems and bugs

• PROBLEM: The meek bridge has gone offline, and there is a new one to take its place (see here). The torrc is fixed – get it by updating the TorBox menu with the Update and Maintenance sub-menu and replacing your old torrc: sudo cp /home/torbox/torbox/etc/tor/torrc /etc/tor/ However, this will remove all your custom made configurations. Alternatively, you can execute the following command: sudo sed -i "s/Bridge meek_lite 192.0.2.2:2.*/Bridge meek_lite 192.0.2.18:80 BE776A53492E1E044A26F17306E1BC46A55A1625 url=https://meek.azureedge.net/ front=ajax.aspnetcdn.com/". The image file is not fixed yet — PENDING! ⏳

• PROBLEM: With TorBox v.0.5.1, local DNS resolution is solely resolved through tor. This restriction led to problems with the Snowflake and Meek bridge functionality because both protocols need local DNS resolution. The problem is more complex than it looks, and we will deal with it in version 0.5.2. However, as a quick fix, we changed the snowflake and meek-azure scripts to enable local DNS resolution. You can fix the bug by updating the TorBox menu with the Update and Maintenance sub-menu. We also changed the Snowflake configuration in the torrc and added a second Snowflake bridge. With version 0.5.2, we will support multiple Snowflake bridges as we do with OBFS4 bridges. The image file is not fixed yet — PENDING! ⏳

• BUG: Due to permission problems, in some cases, temporarily stored files are blocking bridges_get.py from fetching a new OBFS4 address line. You can quickly solve the problem with the following command: rm -r /tmp/captcha.*. However, this is not a permanent solution. You can fix the bug by updating the TorBox menu with the Update and Maintenance sub-menu. The image file is not fixed yet — PENDING! ⏳