Facebook Welcomes Anonymous Tor Users

Thursday, November 13th, 2014
Facebook has finally made it easier for users of the Tor anonymizing service to access the social media: the company recently launched a new .onion address. Apparently, Facebook sees it as a way to access Facebook via Tor without losing its protections. In other words, the company is trying to assure Tor users that their anonymity will be maintained.

As you know, the Tor (or so-called “onion”) network provides privacy by having connections jump via different servers (relays) all over the globe. This makes it hard for the rest of the web users to tell where the Tor user is based. Tor also ensures privacy by encrypting all of users’ traffic.

In addition, the largest social network in the world also provides encryption using SSL, as you can see in the address bar, which contains the ‘HTTPS’ portion of the URL. However, previously it was not easy for Tor users to access Facebook due to the way the tech giant blocks hacked accounts ¬– this happens when Facebook sees a user is accessing from an unknown IP address and automatically suspects something is wrong. Of course, Tor confused Facebook’s security mechanisms – for instance, a person who appears to be connecting via Tor from New Zealand at one moment may the next appear to be in Russia or US. From the perspective of security systems, such behavior might suggest that a hacked account was accessed through a “botnet”. However, for Tor this is normal.

Now Facebook launched the new .onion address (https://facebookcorewwwi.onion/), which is described by the developers as an “experiment”, which Facebook hopes to learn from over time. Moreover, it was said that the company is planning to improve the system by also providing an .onion address for mobile website.

According to security researchers who consulted Facebook on the project and previously worked for Tor, the recent development marked a very positive step for the increasing number of people who want to access Facebook in a secure way. Indeed, Tor can provide its users with end-to-end encryption every time they visit Facebook, from the Tor Browser and directly into a Facebook data center.

The social networking company has been trying to push its privacy friendly message from the moment when Facebook was implicated in assisting the surveillance programs of the National Security Agency, which the tech giant denied knowledge of. Facebook also faced a number of privacy complaints.