Follow Slashdot blog updates by subscribing to our blog RSS feed

 



Forgot your password?
typodupeerror
×
Facebook Android Privacy

Facebook's Android App Gains Privacy-Enhancing Tor Support (facebook.com) 43

Mark Wilson writes: Back towards the end of 2014, Facebook unveiled a new .onion address that allowed Tor users to visit the social network securely. Following on from this, the company is now giving Android users the ability to browse the site using Tor and the Facebook app. Security, privacy and anonymity may be words readily associated with Tor, but few people would use them in the same sentence as Facebook. The social network says that there is increased demand for secure connections to Facebook from Tor-enabled browsers, hence spreading to the largest mobile platform. The news will make some mobile users happy, but there are currently no plans to migrate the feature from Android to iOS.
This discussion has been archived. No new comments can be posted.

Facebook's Android App Gains Privacy-Enhancing Tor Support

Comments Filter:
  • by Anonymous Coward

    Facebook. Privacy. Same Sentence?

    I'd expect it's more likely a way to subvert the TOR network by putting multiple nodes on it that will allow tracking of data.

    • It's also idiotic because(as the TOR project makes no secret of) TOR actually reduces your security in the context of accessing authenticated services and cannot regain the privacy you lose by signing in with account credentials tied to something.

      If you are going to log in to some site, you want SSL/TLS: sure, any adversary on the wire will know that you are talking to facebook; but stealing your password or getting the details of what you are doing there will be tricky. TOR is good for making hard to tr
      • by SumDog ( 466607 )

        It makes sense if you sign up to Facebook via Tor and then only access FB via Tor and don't make any connections to people you know in real life. There aren't a lot of use cases I can think of. Maybe if you live in The Netherlands or Colorado and want to make a page for your legal weed store? You'd have to create a fake person and then a real page ... you could access the page via a real account outside of Tor to like it, along with your customers. If later down the line, the federal government decides to c

      • by AHuxley ( 892839 )
        Think of what a gov backed onion routing network really needs to hide its freedom fighters, color revolutions, NGO's, spies... a much larger pool of global users to make local tracking harder.
        By adding a lot of new users the game changes for other actors trying to trace back onion routing users of interest.
        How to ensure the flood of new users stay in the system? Get a captive site to network them in.
        Nothing to really do with any users privacy but to provide bulk cover for other gov projects and their co
    • by neiras ( 723124 ) on Wednesday January 20, 2016 @07:06PM (#51340637)

      If you enable Tor within the Facebook app, Facebook gets:

        o the entry point to Tor that you are using
        o the exit node from tor that you come out of
        o your signed-in identity, as usual

      Adding Tor to the Facebook app gains you the following:

      o the operator of your local network won't know that you are visiting Facebook (unless your DNS is misconfigured)

      If enough users enable Tor, Facebook will be able to map Tor circuits in real time, and Tor will do nothing to protect you from government agencies asking Facebook "was this user using Tor? What entry point did they use?"

      • by vux984 ( 928602 )

        If enough users enable Tor, Facebook will be able to map Tor circuits in real time,

        This aspect sounds potentially bad enough that it would undermine tor for all users, not just facebook users.

        If so, it seems like the tor network needs to blacklist connecting to facebook from exit nodes.

        the operator of your local network won't know that you are visiting Facebook (unless your DNS is misconfigured)

        Yeah, I can't see why this would even be a feature needed, unless to dodge facebook blocks while using the corporate network at work... and if so WTF... if the company is blocking facebook using tor to dodge it is grounds for dismissal...

  • Great (Score:5, Funny)

    by Anonymous Coward on Wednesday January 20, 2016 @06:25PM (#51340423)

    Can't wait till I can log into Silk Road with my facebook account.

    • Sorry dude, my mouse skills are lacking and I moderated you overrated by mistake. Now I shall post to undo it, since there doesn't seem to be any other way. Someone else mod this guy up!
  • Privacy enhancing from Facebook?

    Oh, you mean they'll still spy the fuck out of you and rummage through your contacts, but they'll pretend to keep you safe from others?

    Honestly, why use the app at all? Use your web browser and don't accept their snooping on your contacts and other shit.

  • for the "honey, it's ok. Facebook says so" demographic.
  • First rule of TOR (Score:5, Informative)

    by penguinoid ( 724646 ) on Wednesday January 20, 2016 @06:38PM (#51340489) Homepage Journal

    The first rule of TOR is that you don't sign in to Facebook or any other similar thing, else you link your account to your identity. This especially matters for Facebook because they have those little scripts all over the web to track what websites you visit, all those sign in/comment with Facebook widgits will know who you are.

    • Everybody knows the first rule of tor is you DON'T TALK ABOUT TOR.
    • It depends on what your motivation for using TOR is. The encryption and obfuscation works in both directions, so the ISP and/or whoever owns the access point you're using (coffee shop, employer, etc.) and/or honeypot operators are not able to spy on or hijack your Facebook session.

      TOR may be overkill for that use case, but it's free and arguably easier to use vs. a commercial VPN.

      That said, a TOR exit node is going much more suspect then your average coffee shop access point.
    • by AmiMoJo ( 196126 )

      It depends what you are using Tor for. Probably not anonymity, since you are on Facebook... But it works well for bypassing censorship and preventing your government and ISP from directly monitoring what you are doing. Say you are in a country where Facebook is banned but want to maintain a page there so people can read about and support your struggle.

      Also, just use Tor in a VM (Tails) and you don't have to worry about the web beacon thing, which you should have blocked with PrivacyBadger anyway.

  • Dear Facebook,

    We have decided that you now justify your own network, so no more need to be sharing with the rest of us.

    Please take the next hop to the nearest smaller subnet. You will be greeted by an outbound firewall named Skip.

    Oh and one more thing. Please ensure you take your fucking Tor security experts with you.

    Regards,

    - The Internet

  • So let me get this straight. Facebook, a company designed from the ground up to know everything about you and your friends, is offering a small segment of its userbase (paranoid Android users) the ability to connect using Tor.

    Discounting the fact that the phone is likely not rooted, and thus not 100% private in the first place.... Discounting the fact that cell data communications are easily traceable from the tower..... You're still using a Tor exit node to connect to a website who knows more about you tha

  • The illusion of privacy while Facebook give away / sell my data.

    Thanks Mr Zuckerburger, I feel much better now...

Some people manage by the book, even though they don't know who wrote the book or even what book.

Working...