Facebook Sets Up Shop On Tor

← Back to Stories (view on slashdot.org)

Posted by Soulskill on Friday October 31, 2014 @04:18AM from the mixing-privacy-with-antiprivacy dept.

itwbennett writes: Assuming that people who use the anonymity network want to also use Facebook, the social network has made its site available on Tor, Facebook software engineer Alec Muffett said in a post on Friday. Facebook also decided to encrypt the connection between clients and its server with SSL, providing an SSL certificate for Facebook's onion address. This was done both for internal technical reasons and as a way for users to verify Facebook's ownership of the onion address. Since it is still an experiment, Facebook hopes to improve the service and said it would share lessons learned about scaling and deploying services via an onion address over time.

6 of 125 comments (clear)

Min score:

Reason:

Sort:

They wanted to release this years ago... by Anonymous Coward · 2014-10-31 04:24 · Score: 5, Funny

... but it took all this time to calculate that .onion URL.
1. Re:They wanted to release this years ago... by NotInHere · 2014-10-31 04:45 · Score: 5, Informative
  
  On how they got the address: https://lists.torproject.org/p...
  This is how .onion addresses are made: https://gitweb.torproject.org/...
  Then they hash the key (using SHA-1), and base32-encode the first 80 bits (first half of the hash).
2. Re:They wanted to release this years ago... by davydagger · 2014-10-31 04:49 · Score: 5, Insightful
  
  >facebookcorewwwi.onion/
  
  the fact that its possible to calculate that far into an onion's address should make you cautious of the technology. While its unlikely that an ameture is going to crack a tor address/key, it now seems very likely that someone with enough rackspace, and the ability to make custom ASICs for the proccess could do so.(if cryptocurrencies can make asics, why can't people wanting to smash crypto do the same. similar tech, and especially if your a large company/government, buying them in bulk shouldn't be a problem)
  
  its also know that facebook buys custom chips from intel who makes them with extra database specific functions built in, and intel now sells the service to any high volume buyer willing to pay extra.
  
  Its not unreasonable to say tor is broken until they move to 4096 bit keypairs.
Anonymity? by MachineShedFred · 2014-10-31 04:26 · Score: 5, Interesting

So you go through Tor to access Facebook, where you immediately have to log in, and...
What's the point again?

--
Slashdot still doesnâ(TM)t support Unicode after it was added to the HTML standard in 1997.
1. Re:Anonymity? by rogoshen1 · 2014-10-31 04:31 · Score: 5, Funny
  
  Because people concerned enough about anonymity to use tor, are also avid products of social media -- of course. Did you forget to drink your kool-aid this morning?
2. Re:Anonymity? by Charliemopps · 2014-10-31 04:35 · Score: 5, Insightful
  
  So you go through Tor to access Facebook, where you immediately have to log in, and...
  What's the point again?
  Some countries block facebook. I think that's the point.