Categories: Social Networks

Facebook Tor hidden service is online

The popular social network has launched the Facebook Tor hidden service to provide a method to use its site securely. Write down the onion address!

We discussed many times about the right to online anonymity and how anonymizing networks like Tor could protect it.

The Tor Project is an Internet-traffic anonymization service that is able to anonymize the Internet user’s experience.

In the past, Tor users have had numerous issues connecting anonymously to Facebook, but something is changing because Facebook creates .Onion Site in the Accessible Via Tor Network.

“Using normal Facebook over Tor was often a challenge for many reasons; users would have trouble logging in, be forced to identify friends in photos, be forced to change passwords, and so on,” said Runa Sandvik, a Tor advocate, to the ThreatPost.

Using the Facebook Tor hidden service, users can overwhelm the above limitations, the end-to-end encryption for the communications allow the protection from eavesdropping and monitoring.

Facebook had previously blocked the Tor access, fearing possible cyber attacks that exploiting Tor could harm its servers.

“we have begun an experiment which makes Facebook available directly over Tor network at the following URL: https://facebookcorewwwi.onion/ “said the company in an official announcement, Facebook makes clear that the service is in an experimental phase at the moment and that there will likely be bugs to work out.

Facebook idea is to create a direct bridge between clients and its core infrastructure via Tor rather than through an exit relay. Facebook also deployed its hidden services website with an SSL certificate to avoid attack against the platform and to mutually authenticate the social network service and the users. It is the first time that a legitimate SSL digital certificate was issued for a .onion website.

“we have provided an SSL certificate which cites our onion address; this mechanism removes the Tor Browser’s “SSL Certificate Warning” for that onion address and increases confidence that this service really is run by Facebook. Issuing an SSL certificate for a Tor implementation is – in the Tor world – a novel solution to attribute ownership of an onion address; other solutions for attribution are ripe for consideration, but we believe that this one provides an appropriate starting point for such discussion.”

To access the Facebook Tor hidden service the users need to download the Tor Browser Bundle.

Pierluigi Paganini

Security Affairs –  (Facebook Tor hidden service, social network)

Pierluigi Paganini

Pierluigi Paganini is member of the ENISA (European Union Agency for Network and Information Security) Threat Landscape Stakeholder Group and Cyber G7 Group, he is also a Security Evangelist, Security Analyst and Freelance Writer. Editor-in-Chief at "Cyber Defense Magazine", Pierluigi is a cyber security expert with over 20 years experience in the field, he is Certified Ethical Hacker at EC Council in London. The passion for writing and a strong belief that security is founded on sharing and awareness led Pierluigi to find the security blog "Security Affairs" recently named a Top National Security Resource for US. Pierluigi is a member of the "The Hacker News" team and he is a writer for some major publications in the field such as Cyber War Zone, ICTTF, Infosec Island, Infosec Institute, The Hacker News Magazine and for many other Security magazines. Author of the Books "The Deep Dark Web" and “Digital Virtual Currency and Bitcoin”.

Recent Posts

Meta stopped covert operations from Iran, China, and Romania spreading propaganda

Meta stopped three covert operations from Iran, China, and Romania using fake accounts to spread…

19 hours ago

US Treasury sanctioned the firm Funnull Technology as major cyber scam facilitator

The U.S. sanctioned Funnull Technology and Liu Lizhi for aiding romance scams that caused major…

1 day ago

ConnectWise suffered a cyberattack carried out by a sophisticated nation state actor<gwmw style="display:none;"></gwmw><gwmw style="display:none;"></gwmw>

ConnectWise detected suspicious activity linked to a nation-state actor, impacting a small number of its…

1 day ago

Victoria’s Secret ‘s website offline following a cyberattack

Victoria’s Secret took its website offline after a cyberattack, with experts warning of rising threats…

2 days ago

China-linked APT41 used Google Calendar as C2 to control its TOUGHPROGRESS malware

Google says China-linked group APT41 controlled malware via Google Calendar to target governments through a…

2 days ago

New AyySSHush botnet compromised over 9,000 ASUS routers, adding a persistent SSH backdoor.

GreyNoise researchers warn of a new AyySSHush botnet compromised over 9,000 ASUS routers, adding a…

2 days ago