Facebook’s reputation for privacy is equivalent to United States’ reputation for peace. So when the world’s least anonymous website joins the Web’s most anonymous network, it’s definitely something to rejoice.
The social network just created a dedicated Tor link that ensures people who visit the site from the anonymous web browser won’t be mistaken for botnets.
Until now, Facebook had made it difficult for users to access its site over Tor, sometimes even blocking their connections. Because Tor users appear to log in from unusual IP addresses all over the world, they often trigger the site’s safeguards against botnets, collections of hijacked computers typically used by hackers to attack sites.
“Tor challenges some assumptions of Facebook’s security mechanisms—for example its design means that from the perspective of our systems a person who appears to be connecting from Australia at one moment may the next appear to be in Sweden or Canada,” writes Facebook security engineer Alec Muffett. “Considerations like these have not always been reflected in Facebook’s security infrastructure, which has sometimes led to unnecessary hurdles for people who connect to Facebook using Tor.”
The Facebook onion address (accessible only in Tor-enabled browsers) connects users to Facebook’s Core WWW Infrastructure, so as to provide end-to-end communication, directly from the browser into a Facebook datacentre, allowing for private and secure browsing sessions. An SSL certificate issued by Facebook to visitors confirms to them that they’re indeed accessing the right destination.
The onion address for Facebook is currently live, and Tor users can log on with it securely starting now.