Home | Help/Support | by Mike Tigas
Enhance your web privacy
Onion Browser is a minimal web browser that encrypts and tunnels web traffic through the Tor onion router network and provides other tools to help browse the internet while maintaining privacy. See more features & benefits.
- April 14, 2014: A note on Heartbleed. The Heartbleed bug (info site, Wikipedia) is a weakness in recent versions of OpenSSL, which may leak information that should have been encrypted by SSL transport encryption. All versions of Onion Browser (since 2012) use affected versions of OpenSSL.
However, browser traffic to websites within Onion Browser are not vulnerable, because the WebKit browser component uses the native iOS SSL stack instead of OpenSSL. (Note that visiting a non-HTTPS site or visiting a Heartbleed-vulnerable website is insecure regardless of which browser you are using — and any leaks in this case may not be detected.)
Onion Browser's Tor client may leak internal Tor data, including information on Tor nodes you have connected to and a list websites you have tried to access. But this vulnerability is limited because in this situation, the attacker must be a Tor entry guard or bridge that you are connected to. More information on this can be found at the Tor Project's post about the vulnerability. (Onion Browser is a "Client" in their component list.)
An update is being submitted ASAP, for release during the week of April 20.
- February 5, 2014, Current Version. Onion Browser 1.4 adds a "progress bar" to the app… The app now contains performance optimizations for 64-bit processors (iPhone 5S and new iPads)… App now requires iOS 6.0 or greater… Access to the help file now works offline… More details can be found in the CHANGES file and the README file in GitHub. Updating via the App Store is recommended.
iPhone 4/4S, iPhone 5/5C/5S, iPad 3; on iOS 5.1 and iOS 7.0.
Onion Browser supports most devices using iOS 5.1 or newer.
This app (the "official fork") is being sold for $0.99 in the Apple App Store. Click here to download.
Note: The app is currently unavailable in France due to import
regulations on encryption software. The app is unavailable and does not work
in China and Iran due to these nations blocking access to the Tor network.[‡]
Copies of Onion Browser downloaded outside the App Store — via "jailbreak" app directories like Cydia — are built and released by third parties and are not supported by the developer. These copies may have modifications added by the packager, which may interfere with your privacy or security. For the best security in non-App Store circumstances, you should build your own copy of the app.
Support The Project
support development of Onion Browser via
Bitcoin donation, by sending to the address 1JhxtgMbDajtiakRbNNkwy2RsubsWgmSSp.
You should also consider donating to the upstream Tor Project
or the Electronic Frontier Foundation. The developer privately donates to these organizations and encourages users
of privacy apps such as Onion Browser to donate as well, to support development of Tor and to further
the cause of online privacy rights. Both organizations are registered
501(c)(3) charities in the United States, with publicly-available financial reports:
The project is open source and you may freely access the source code on GitHub.
Features & Benefits
- Internet access is tunneled through the Tor network: traffic is sent through an encrypted tunnel and over several "onion router" machines before reaching the destination
- Websites do not see your actual IP address.
- Web browsing activities are protected from eavesdropping by ISPs or other users of your wireless or wired network
- Freely access the entire internet from behind restrictive firewalls.
- Access to the "dark net"
hidden services (".onion" web sites) not accessible via the
- Ability to spoof HTTP User-Agent header.
- Ability to block active content (scripts, web fonts, XHR/WebSockets, embedded audio/video).
- Ability to change cookie storage policy (Allow All / Block Third
Party / Block All)
- “New Identity” button clears cookies, history, and cache
and requests a new IP address in one quick step.
- Can optionally use the "Do Not Track" HTTP header (DNT: 1).
Technical folks should
view the README file
in the GitHub repository for implementation details and other
Bugs, Caveats, Side Notes
See the Github project for
list of known issues.
Using Onion Browser does not inherently guarantee security or privacy. It simply provides a set
of features that may enhance privacy and anonymity while browsing the web.
For more information: The Tor Project
maintains a small section about staying anonymous over Tor, as do
on Reddit and other messageboard sites.
- Disclaimer: Onion Browser only tunnels traffic
within the Onion Browser app. You are still using a smartphone,
and in extremely sensitive circumstances you should be aware that
iOS or your cellular provider may continue to leak non-Onion Browser
traffic and other information.
- Video note:
HTML5 <video> tags may leak
<video>-related DNS queries and data transfer outside
of Tor. This includes YouTube, Vimeo, and any website using
iOS-compatible HTML5 video. This is due to behavior of the embedded
QuickTime player and there is currently no known workaround.
(Version 1.3.14 and newer contain an experimental "Block Active Content" setting which
attempts to block embedded HTML5 Audio and Video. However, the ability for this feature to
block direct navigation to audio/video files has not yet been determined.)
device even if User-Agent Spoofing is enabled.
may prevent Geolocation code from executing, however. Users should remain
vigilant for any pop-ups asking for permission to access location data.
- Common Sense: If you log into websites in Onion Browser that you normally log into
outside of the Tor network, they will a) still know who you are,
and b) know that you use Tor. In certain circumstances (i.e. political
dissent in repressive nations), this may be incriminating information
Disclaimers, notices, etc.
"Onion Browser" is a trademark of Mike Tigas. Forks of this project must not
use the "Onion Browser" name when distributing binary forms of
The "Onion Browser" icon is a trademark of Mike Tigas.
Commons CC-BY-SA 3.0 license. Forks of this project should
not use the "Onion Browser" icon when distributing binary forms of
Mike Tigas and OnionBrowser are not affiliated with nor endorsed by the Tor
Project. Onion Browser carries no guarantee from The Tor Project about
quality, suitability or anything else. ("Tor" is a registered
trademark of The Tor Project, Inc.)
Onion Browser is © 2012 Mike Tigas, all rights reserved. Source code
available freely under the MIT License.
See the LICENSE file for more information.
This software uses strong cryptography and may it fall under certain
export/import and/or use restrictions in some other parts of the world.
BEFORE using any encryption software, please check your country's laws,
regulations and policies concerning the import, possession, or use,
and re-export of encryption software, to see if this is permitted.
for more information.
If you are a developer and plan on redistributing this
app in source or binary form, please see read “ENCRYPTION NOTICE / APP DISTRIBUTION NOTES”
in the LICENSE file
for more detailed disclaimers.