Facebook's Tor support means users' traffic remains in the anonymising network
Facebook has created the ability for users to connect directly to the social network via anonymising "dark web" service Tor.
While it was already possible to access Facebook via Tor, the
new set-up means all data is encrypted and Tor users are not mistaken
for hacked accounts.
Users could access the site "without losing the cryptographic protections" of Tor, Facebook said.
It may appeal to people in places where the network is blocked.
Facebook is the first Silicon Valley giant to provide
official support for Tor, a network built to allow people to visit web
pages without being tracked and to publish sites whose contents would
not show up in search engines.
Facebook's move would prove popular among those who wanted to
stop their location and browsing habits from being tracked, said Dr
Steven Murdoch, from University College London, who was consulted by
Facebook for the project.
He explained users would still need to log-in, using real-name credentials, to access the site.
He told the BBC: "It's quite hard to use a social network
completely anonymously, it somewhat defeats the point, unless you're
just reading information.
"But just because you want to tell Facebook your name,
doesn't mean they should be able to find out your location and your
browsing habits."
Users will still need to log-in to use the site
The crucial change is the new Tor service - accessed through a Tor
browser at https://facebookcorewwwi.onion/ - means all communication
remains in the anonymous Tor network. Previously, some traffic would
leave the closed network and access the open internet, potentially
exposing a user's location and other information.
Dr Murdoch dismissed suggestions the move could anger
governments who regularly approached Facebook with requests to hand over
user information.
"It's not so much protecting people from governments," said
Dr Murdoch, "but protecting from people who are spying on communications
- that could be anyone from criminals to marketers."
Facebook, along with other major web companies, is currently
pushing for permission to be more transparent over government requests
it receives.
Security blockage
It has been possible to access Facebook through Tor for some time, albeit with some frustrations.
Tor is a network that anonymises users. One of the key ways
it does this is by routing internet traffic through several locations -
making it hard to track down where the user is browsing from.
But when accessing Facebook, this causes problems. One of the
site's security measures is that if a user tries to log-in from an
unexpected location, it will flag this as evidence the account has
possibly been compromised.
Tor can be used to access Facebook in countries such as China, where the network is blocked
Of course, it could just mean that a user has changed location -
holidaymakers often find they must go through additional security steps,
such as naming people in pictures, before being able to log-in while
abroad.
"[Tor's] design means that from the perspective of our
systems a person who appears to be connecting from Australia at one
moment may the next appear to be in Sweden or Canada," explained
Facebook engineer Alec Muffett, who has led the site's Tor efforts, in a blog post.
"In other contexts such behaviour might suggest that a hacked
account is being accessed through a 'botnet', but for Tor this is
normal."
It meant accounts were being wrongly locked out. Other
problems, such as fonts not displaying correctly, marred Facebook use on
Tor.
Source: http://www.bbc.com/news/technology
No comments:
Post a Comment