Onion Browser

Home | Help/Support | Security | by Mike Tigas

Donate

Enhance your web privacy

Onion Browser is a minimal web browser that encrypts and tunnels web traffic through the Tor onion router network and provides other tools to help browse the internet while maintaining privacy. See more features & benefits.

• August 19, 2016, update: Onion Browser 1.6.1 is a minor update to Onion Browser that fixes a crash-on-launch issue in iOS 10. Full details on this update and all prior updates can be found in the release history. Other details can be found in the Security page. Users are encouraged to update via App Store.

• August 7, 2016, 1.6 series released: Onion Browser 1.6.0 is a major update to Onion Browser.

  The most significant change is that Onion Browser now supports obfs4 and meek bridges; these "obfuscated" bridges improve the usability of Tor when using ISPs that actively block or censor Tor. This feature comes from the new iObfs library, which provides an iOS-compatible build of obfs4proxy. For more information about iObfs, please visit github.com/mtigas/iObfs. Special thanks to the Guardian Project for supporting work on iObfs. A list of all changes can be found on the 1.6.0 release page.

• Recommended by Tactical Technology Collective and ProPublica’s Guide to Safer Communication.
• Featured as App of the Week on Salon.
• Featured in The New York Times, TechCrunch, Boing Boing, Gizmodo, Lifehacker, The Guardian, Cult of Mac, and others.
• Ranked as high as the #1 Paid iPhone Utility app and the #2 Paid iPad Utility app in the U.S. App Store.
• Read the launch day introductory blog post

Simulated screenshots:
iPhone 4/4S, iPhone 5/5C/5S, iPad 3; on iOS 5.1 and iOS 7.0.
Onion Browser supports most devices using iOS 5.1 or newer.

Download

This app (the "official fork") is being sold for $0.99 in the Apple App Store. Click here to download.

Note: The app is currently unavailable in France due to import regulations on encryption software. The app is unavailable and does not work in China and Iran due to these nations blocking access to the Tor network.[‡]

‡: The obfsproxy transport tool allows Tor to bypass these methods, but cannot be integrated into Onion Browser due to the limited iOS App "single process" architecture.

Copies of Onion Browser downloaded outside the App Store — via "jailbreak" app directories like Cydia — are built and released by third parties and are not supported by the developer. These copies may have modifications added by the packager, which may interfere with your privacy or security. For the best security, you should purchase the app; in situations where App Store payment is difficult due to security precautions (i.e. using an alias in the App Store that is not listed on a credit card), you may e-mail the developer to request an App Store download code. For best security in non-App Store circumstances, you should build your own copy of the app.

Support The Project

You can support development of Onion Browser by making a one-off donation, using the box to the right. If you wish to donate Bitcoin, you can do so by using CoinBase or manually sending to this address: 1Kv3k9FFQLL8GowaMyHqYUp6p4ysdbrrvR.

Help Protect Online Privacy and Free Speech

The developer recommends that users interested in supporting the ideals of Onion Browser should donate to the upstream Tor Project and consider operating a relay server to help improve access to Tor. Other great organizations to support are Freedom of the Press Foundation (creators of SecureDrop), the Electronic Frontier Foundation.

Each organization is registered as a 501(c)(3) charity in the United States:

• Donate to Tor Project — Public records: GuideStar, Nonprofit Explorer
• Donate to Freedom of the Press — Public records: GuideStar, Charity Navigator
• Donate to EFF — Public records: GuideStar, Charity Navigator, Nonprofit Explorer

Source Code

The project is open source and you may freely access the source code on GitHub.

• mtigas/iOS-OnionBrowser on GitHub
• Download source tarball

Features & Benefits

• Internet access is tunneled through the Tor network[1][2]
  • Websites do not see your real IP address.
  • ISPs and insecure wireless networks cannot see your browsing.
  • Access websites, even behind some types of internet filters and censors.
  • View .onion websites: the "dark net" of hidden sites only accessible using Tor.
• Fight online tracking: use a new IP address and clear your cookies/history/cache by pressing one button.
• Block third party cookies or all cookies.
• Ability to change cookie storage policy (Allow All / Block Third Party / Block All)
• Disable scripts and multimedia content that can be used to track you.
• Can send the "Do Not Track" HTTP header (DNT: 1) to websites.

Technical folks should view the README file in the GitHub repository for implementation details and other technical notes.

Bugs, Caveats, Side Notes

See Security page for a log of previous security issues and results of previous security audits. See the Github project for a current list of known issues.

Using Onion Browser does not inherently guarantee security or privacy. It simply provides a set of features that may enhance privacy and anonymity while browsing the web. For more information: The Tor Project maintains a small section about staying anonymous over Tor, as do several threads on Reddit and other messageboard sites.

• Disclaimer: Onion Browser only tunnels traffic within the Onion Browser app. You are still using a smartphone, and in extremely sensitive circumstances you should be aware that iOS or your cellular provider may continue to leak non-Onion Browser traffic and other information.
• Video note: Websites using HTML5 <video> tags may leak <video>-related DNS queries and data transfer outside of Tor. This includes YouTube, Vimeo, and any website using iOS-compatible HTML5 video. This is due to behavior of the embedded QuickTime player and a comprehensive workaround has not yet been developed.
• JavaScript blocking: The "Active Content Blocking" feature is experimental. If ACB is turned off, JavaScript techniques can identify your device even if User-Agent Spoofing is enabled.
• Geolocation blocking: Websites may use the HTML5 Geolocation API unless the "Active Content Blocking" feature is set to "Block All". Users should remain vigilant for any pop-ups asking for permission to access location data.
• Common Sense: If you log into websites in Onion Browser that you normally log into outside of the Tor network, they will a) still know who you are, and b) know that you use Tor. In certain circumstances (i.e. political dissent in repressive nations), this may be incriminating information in itself.

Disclaimers, notices, etc.

"Onion Browser" is a trademark of Mike Tigas. Forks of this project must not use the "Onion Browser" name when distributing binary forms of this application.

The "Onion Browser" icon is a trademark of Mike Tigas. Icon image under the Creative Commons CC-BY-SA 3.0 license. Forks of this project should not use the "Onion Browser" icon when distributing binary forms of this application.

Mike Tigas and OnionBrowser are not affiliated with nor endorsed by the Tor Project. Onion Browser carries no guarantee from The Tor Project about quality, suitability or anything else. ("Tor" is a registered trademark of The Tor Project, Inc.)

Onion Browser is © 2012-2015 Mike Tigas, all rights reserved. Source code available freely under the MIT License.

See the LICENSE file for more information.

This software uses strong cryptography and may it fall under certain export/import and/or use restrictions in some other parts of the world. BEFORE using any encryption software, please check your country's laws, regulations and policies concerning the import, possession, or use, and re-export of encryption software, to see if this is permitted. See http://www.wassenaar.org for more information.

If you are a developer and plan on redistributing this app in source or binary form, please see read “ENCRYPTION NOTICE / APP DISTRIBUTION NOTES” in the LICENSE file for more detailed disclaimers.