Facebook isn’t something you’d normally associate with anonymous browsing. But last week they launched a .onion address for Tor users to access the site.
Users wishing to access Facebook over Tor can do so by visiting https://facebookcorewwwi.onion/ while connected to the Tor network.
The Tor protocol both anonymizes network traffic and circumvents ISP and local level censorship. It does this by bouncing communications around a geographically distributed network of nodes, with a diverse range of endpoints where the traffic exits the Tor network and enters the standard Internet.
Facebook has made assurances to users that visits over Tor will be safe, with connections secured with strong end-to-end encryption.
According to a tweet by Runa Sandvik, developer with the Tor project, this is the first .onion address with an SSL certificate that has been signed by a major issuing authority.
The launch of the Facebook Tor hidden service also marks the first time a CA has issued a legitimate SSL cert for a .onion address.
— Runa A. Sandvik (@runasand) October 31, 2014
This ensures that users will always be directly connecting to the Facebook data center. It also virtually eliminates the risk of someone intercepting and monitoring traffic in a man-in-the-middle (MITM) attack.
A Break From Tradition
Facebook are known for their insistence on users registering with their real identities and this is widely considered to be a driving factor in the success of Ello; an ad-free, privacy-friendly social network that allows anonymous-usage.
They’ve also been known to deactivate the the accounts of users they suspect to be accessing the site under a fraudulent name; including an Oxford-based IT technician called Dan Q and an Indianapolis bankruptcy lawyer with the unfortunate luck to share a name with Facebook founder Mark Zuckerberg.
Last month, Facebook had to backtrack on the banning of hundreds of drag performers, all of whom had registered under pseudonyms.
So, why is Facebook seemingly reversing on this particular long-standing policy?
Well, Tor isn’t just used by people looking to buy drugs on The Silk Road. It’s certainly unfair to typify the protocol as a tool solely used to access The Dark Web. For many living in repressive regimes, Tor is used to access an uncensored Internet.
Similarly, social networking sites like Facebook and Twitter were used extensively in the Arab Spring as platforms for organizing and co-ordinating dissent. One of the most iconic photos taken during the ousting of Egyptian President Hosni Mubarak was one of a protester holding a sign saying ‘Thank You Facebook’, in Arabic.
#egypt. Egyptian protester holding sign 'thank you facebook' http://yfrog.com/h3g76hj
— Richard Engel (@RichardEngel) February 4, 2011
Facebook is seemingly aware of their social responsibility to those who live in authoritarian regimes. Enabling Tor access formalizes a secure, private way to access Facebook for such people.
How Do I Access Facebook Over Tor?
Not many people know how to use Tor. And yet, it is something that has became increasingly simplified in recent years. This is possibly in response to increased government surveillance of the Internet, in addition to the passage of various Internet-unfriendly policies and laws.
Setting your computer to access Facebook over Tor can be done in a matter of minutes.
Download The Tor Browser
The Tor-Browser is a variant of Mozilla’s Firefox browser that is pre-configured to access Tor. It is available for OS X, Windows and Linux, and is available in a variety of languages. It comes in a binary form that can run off a USB flash drive without any tweaking, like any portable app.
If you haven’t already, download the Tor-Browser to get browsing with less surveillance and access to Facebook.
Once downloaded, install it and open it. Tor Browser will ask you whether you wish you connect directly to the Tor network, or if you wish to configure bridge or proxy settings. The former will work in most cases, but if you’re not sure, there’s an email address to contact for support.
Connect To The Tor Network
Once you click Connect, it will start to establish a connection to the Tor network. This can take a while.
Once connected, TorBrowser will look like this. Please note, your Tor connection is localized to that browser. Anything else (like a separate web browser or Bittorrent) will be connecting over the standard Internet.
If you want to make double-sure you are connected, click Test Tor Network Settings.
Head To Facebook
In the address bar, type https://facebookcorewwwi.onion/ and hit return.
Tor isn’t necessarily the speediest protocol. Be patient while it loads. When it does so, it should look like the standard Facebook login screen.
Verify You’re At The Official Facebook Tor Page
You can verify you’re securely connected to the Facebook server by clicking the padlock icon to the left of the address bar. If the certificate is verified by DigiCert Inc, you know you’re in the right place.
A Note On Security
Why This Matters
Facebook is currently banned in China, North Korea, and Iran.
These are countries with checkered human rights records, and endemic censorship of the free press. Whilst it’s easy to dismiss Facebook (and social networking in general) as a frivolity, it remains a relatively unencumbered and free platform for communication. One that Wired magazine (and many others) attribute to the Arab spring uprisings.
This unexpected move by Facebook will ensure the social network continues to be a free, open platform for all, regardless of where they’re living.
If you’ve got any thoughts on this article, I’d love to hear them. Drop me a comment below, and we’ll talk.