I'm trying to prevent Tor from forced updating.

In Firefox, if you turn off networking, you can change the Update option to "Never" on older versions.

Alas, you need a connection to start the Tor Browser, and if you start with a connection, it will automatically begin to update.

How does yout thread title "Is it possible to run Tor Browser without Tor?" relate to what you wrote after that?
Updating TBB is not done over the TOR network.
Running TB without tor is not desirable and not possible.
Without tor, TB would be just a slightly modified Firefox.

Please understand, the goal is to thwart forced updates.

You have to have access to Tor Browser configuration to turn off updates, and the Tor package won't let you do that without starting Tor. It doesn't matter if updates don't use Tor. You have to get to the browser to make changes, and once you're there updates are forced before you have any choice.

Why?
This is beginning to sound like an XY-problem to me.

Be that as it may - what distro is this happening on?
And which package are you using?
The package that I use (torbrowser-launcher) is specifically designed to install updates before starting the browser.
But there might be other packages that don't do that.
Or you can go into the install directory and start the browser directly ($HOME/.local/share/torbrowser/tbb/x86_64/tor-browser_en-US/start-tor-browser.desktop in my case).

Inside the browser preferences, there's an opttion to not install updates (but still check for them), just like on FF.

I have to say it again, your thread title makes no sense at all.

1 members found this post helpful.

However, using Tor for normal browsing is not a good idea. While the architecture does a good job of providing anonymity, browsing Tor is much slower than normal browsing. In my opinion, using TOR completely is a little extreme, which is beyond my patience.

This doesn't address the OP's question. Saying "it's slower" doesn't address their issue in any way. And not sure why you say it's not a 'good idea' to use a secure, anonymized browser if someone wants to. What's the rationale behind that statement?

1 members found this post helpful.

If there's a way to manually change that configuration setting (i.e., edit the file outside of Tor), that's exactly the kind of fix that's in order.

It makes perfect sense for updates being involuntary, and updates being undesirable for any reason. Newer isn't always necessary or better.

Except in the case of encryption, which is what TOR uses to remain secure and anonymous. Updating things ensures this...if you're not going to keep the TOR pieces up to date, there's not much point in using it. Use a regular version of Firefox instead.

3 members found this post helpful.

Agree: cryptography is a never ending race and without updates, vulnerabilities will creep in. This is absolutely critical in something like a browser.

Your opinions are tangential, and worthy contributions would be stating your values and answering the question, or stating your values and that you cannot answer the question without judgement. It's smarter.

Most browser versions and especially those with VPN yet vulnerable to security threats are potentially useful, period.

You have been handed plenty of potential answers to your "actual problem" and never reported back with any real progress.
Until you do I'm sure it's ok to have a "tangential" chat.

2 members found this post helpful.

Wrong; it is not an OPINION that keeping cryptographic systems up to date keeps them secure, it's a fact. My 'values' have zero to do with that, and your question was answered very clearly. Either keep TOR browser up to date or don't bother using it. Complaining about how 'slow' it is, is the nature of the crypto and the anonymizing nature of the routing, period.

Want fast with no updates? Use Firefox and don't update it when asked. Simple.
So back to "use a regular version of Firefox". Easily used over whatever VPN you want. Your 'problem' makes very little sense and has been clearly addressed. Either use it or don't, choose one...it's smarter.

3 members found this post helpful.

What is smarter, as others have stated, is to keep the tor browser updated. I didn't answer the question because the question asks about doing something that is not "smart", which is leave a security/anonymity tool vulnerable by not updating it.

Not judging, I am providing the intelligent course of action.

2 members found this post helpful.

Firefox stores that setting somewhere. Presumably either a config file (ini/json/xml/whatever) or a database (sqlite).

Since Tor Browser is a configured Firefox, there's a fair chance that the same setting is used, meaning you can modify the equivalent file to prevent it from upgrading before you start the browser.

If you don't know what the setting is called, use about:config to identify it then search the filesystem for files containing that value and/or manually check each SQLite database for it.


If it's a Tor Launcher doing the upgrading (i.e. not the browser), you'll have to examine the source code for that to determine how it decides to upgrade and if you can disable it with config or whether something more involved is necessary. Since updates are liable to come from a similar place as new Tor downloads, you can probably search for the relevant URL/domain to identify where that logic is.