Facebook and Tor

by Runa | June 18, 2013

A number of users have noticed that Facebook is blocking connections from the Tor network. Facebook is not blocking Tor deliberately. However, a high volume of malicious activity across Tor exit nodes triggered Facebook's site integrity systems which are designed to protect people who use the service. Tor and Facebook are working together to find a resolution.

For further questions please contact us at execdir@torproject.org.

Update from Facebook on June 18, 2013, 2:30 PM EST: Facebook's site integrity systems detected automated malicious activity coming from a significant number of Tor exit nodes. In order to protect people while we investigated the problem, access via these nodes was temporarily suspended. This issue has now been resolved and Tor access routes to Facebook restored.

Comments

Please note that the comment area below has been archived.

June 18, 2013

Permalink

Hello,
That's awful error and Facebook send an email and suggest use other proxy program....
I use obfs bridge proxy and I think this a good and more secure to bypass filtering on Iran

Thanks,

June 18, 2013

Permalink

Works fine for me - just logged on to facebook from Tor. Probably just one exit router.

June 18, 2013

Permalink

You just contradicted yourself: "However, a high volume of malicious activity across Tor exit nodes triggered Facebook's site integrity systems which are designed to protect people who use the service."

They're designed to block Tor traffic amongst many other types of traffic they don't want. There's no surprise here. I wouldn't allow Tor logins to my site at all. Just don't pretend like this was an innocent mistake by facebook. That's why they have the system in the first place!

June 18, 2013

Permalink

Yeah, I can't imagine that Facebook is doing this intentionally - they like being able to hold up the fact that political dissenters use them for "freedom related purposes" - I would imagine that, if anything, we should be looking at what caused the malicious activity on Tor, that triggered the automatic site integrity systems.

As we well know, several military organizations control large amounts of Tor exit nodes. They, not Facebook, would have more to gain by limiting political dissenters' communications.

June 18, 2013

Permalink

I noticed this too, and was deeply concerned, especially as it comes in the backdrop of the recent NSA revelations. Very pleased to hear Facebook is not censoring the censored by doing the oppressive governments' dirty work for free! Activists in these countries desperately need all the support they can get to stifle any attempt at oppression made against them.

June 18, 2013

Permalink

Could you also work with Google to resolve the issue of not being able to search the internet anonymously?!

June 18, 2013

Permalink

It's using Tor to access facebook a bit like walking into a store with a mask on then handing over your birth certificate, drivers license, marriage certificate, bank card and pin number just to buy something?

June 18, 2013

Permalink

ok

June 18, 2013

Permalink

yay

June 18, 2013

Permalink

Why are people trying to access facebook through tor? Wouldn't that defeat the purpose?

June 19, 2013

Permalink

Yes we scan but the Germans too and even better while blocking TOR-Exit.

I just want to let you know. I very reacently get a bad experience of the free mailer gmx.ch,*.net, *.de etc. A friend has asked me for help opening a new mail account with gmx. I first has insist that this would not be a very good idea. However, during the registring it is NOT possible to use any most of many anonymizing services while they also blocking most TOR-Exist Nodes. Just to make it clear. For registering with GMX anyone have to give name, address, birthday and a mobile number to receive a registering code by SMS. After that gmx obviously don't care the way how people use gmx-services and therfore TOR and all other anonymizers seems to work normal. Well, this is because they now you very clear. Your IP together with your name, address, Mobilephone, age etc.

June 19, 2013

Permalink

Thanks for letting us know.

But I won't be using Facebook, Twitter and any other US-based or US internet companies any time soon. They have betrayed our trust by working hand in glove with the NSA.

Why should we continue to support them to the detriment of our own safety? We aren't even US citizens or living in the US!

June 19, 2013

Permalink

"Tor and Facebook are working together to find a resolution" - means Tor will support NSA Prism surveillance program?

June 20, 2013

Permalink

What about google then? Are you guys working with them to help solve the google "screen of death" issue (blocking with no captcha page)? And by way of explanation, why can't these sites just put up a captcha page when they detect any kind of major spamming event instead of the wholesale blocking of all tor nodes, which seems unnecessary?

cos they ARE at war with all of you. How many programs on YOUR computer makes regular autoupgrade? first upgrade to scan and collect, second to remove scanner. Its that simple!

Worse, they are suddenly disabling Gmail accounts which connect from Tor exit nodes and requiring reactivation via telephone after each Tor login. Perhaps this is ostensibly for a similar reason. But, either way, the timing is a bit suspect, what with their recent media fallout.

Closing the connection via Vidalia (select the connection and press del on the network map) and reloading the page works most of the time for me. I hope the new browser bundle (3.x) will contain a viable alternative to vidalia and not just a dumbed down browser extension.

Anyways: Kudos to the developers for their work.

June 21, 2013

Permalink

Because ultimately...deep down...these sites don't actually want you to access their servers through any type of anonymiser (Tor, i2p, freenet, whatever). Their entire LIVELYHOOD comes revolves around:
A) you connecting from your actual location;
B) you prviding them with untold amounts of personal data, and;
C) selling that information, in all its forms, to the highest bidder.

The fact that Facebook is willing to work with Tor at all stems not from some altruistic, moral imperative but in hopes that you (general you) will still provide PII (Personally Identifiable Information) when connected via Tor.

ANY belief that Facebook is doing it for any other reason flawed at its core.

June 21, 2013

Permalink

Seems to me that you have some serious problems. Are you really thinking this through?

You keep working with Facebook and Google? Do you actually forward traffic to the NSA as well? Are you surprised when people say that Tor is a "honeypot"?

June 21, 2013

Permalink

Not to mention, you claim to oppose censorship, but your own blog only allows comments after they've been screened? What the hell?

June 22, 2013

Permalink

Any news about getting Pidgin back to the Tor Bundle? I read there were some problems related to DNS leaks, but they were limited to few (if not just one) of the IM services supported by Pidgin. Why not simply using a custom Pidgin version without those services? Something is better than nothing.

June 22, 2013

Permalink

One amusing side effect of tor to access Astro Empires : you can't see the timers.

Is this an effect of java?

June 23, 2013

Permalink

1

cpu string in a close tunnel with hash code along whole string,
no end feeder and no exit code an endles chain of infomation only excessable by input/output
code use by user once ,
p2p in a close loop accessable by all,
and no defined strings to be track back.
2

June 23, 2013

Permalink

Tested FB use through the Tor network on June 22nd. After passing the captcha parts etc. I ended up with the page asking me to verify the account by providing a mobile phone number.

So much for anonymity in FB. :(

June 23, 2013

Permalink

cool

June 24, 2013

Permalink

Speaking of social networking, what is the best way to use Twitter via Tor? I don't want to disable noscript and potentially reveal my location but I can't seem to use it without JavaScript. Any advice would be greatly appreciated.

June 25, 2013

Permalink

I dont get how you can seriously consider cooperating with google, facebook etc. could lead anywhere: this simply is a scheme to uphold the picture of independent companies. these arent free companies but government assets: their whole concept is surveillance to be evaluated by secret services - that is the solemn purpose of these institutions. we dont live in democratic systems anymore but corporate capitalism. politics and industry have completely merged. hearing about cooperation with these institutions gives me a really bad feeling about the future safety of tor....

June 25, 2013

Permalink

Google's problem (just speaking out my bum here, not a Google employee) is probably related more to their advertisement providers- their actual customers- than to searchers.

If the problem was protecting searchers from mass rank alterations attempts via Tor, they could just disable search rank alterations based on the detected client's browsing rather than disable access period. Certainly they already use methods similar to that in other situations where mass rank alteration attempts are detected. But again, not a Google employee.

June 26, 2013

Permalink

If NSA has active MITM intercept systems, how would we know about it?
How would this look like?
Can someone design a method to detect/verify if this is the case?

June 26, 2013

Permalink

So - how do we know that you Tor "people" are not collaborating with the Google/Facebook "people" & by that definition - the U.S. Government/NSA/PRISM "people" - to "rat-out" our identities?

There must be some "back-doors"/"decryption keys" for these Tor bundles to help all of them - right? :-))

June 30, 2013

Permalink

Google isn't as important, as you can use other search engines. I believe Startpage provides Google results. I like DuckDuckGo.
They could probably use captchas, but they might assuming that each user has a different IP.

Unfortunately Google is very important, in fact, indispensable for vast amounts of hoarded information, which it holds and no one else does. Startpage only provides very limited google results in a few areas--it doesn't even offer access to googlebooks etc. They can easily improve their captcha responses. I fear they just don't want to, and prefer to keep out anonymous traffic in practice, while hypocritically claiming otherwise. It's a big issue, and short of google changing its private policies on the matter, it results in a de facto effort to steal data on the one hand (something the US is very good at) while attacking people's privacy on the other (another vital piece of US policy--no privacy, no immunity. No immunity, no resistance to US colonization/globalization). You should be far more concerned.

Absolutely correct, I have been using every service of Google with my single Google account. But base on the recent news I got totally offended and completely stopped its usage. Search Engine I now use is DuckDuckGo & StartPage, Email service provided is something I'm still trying to figure out, but the sad part is there is nothing to replace the contents in you tube. Is there any way we will be able to utilize you-tube via tor maintaining anonymity? .

July 02, 2013

Permalink

facebook is trying to gather as much data from the user as they can... for example when i use TOR, they asked me several times, as security questions(lol?) for very private stuff that i never told them before... facebook is surely next to google the biggest source for prism.

July 03, 2013

Permalink

lol

July 04, 2013

Permalink

> Google isn't as important
As important as Facebook you mean? FB isn't important at all. On the contrary - anybody concerned about his privacy should stay away from centralized services like that.

July 04, 2013

Permalink

They could just create some onion addresses, so we can use these services without even use exit nodes, using these services directly though tor network.

Imagine something like "FacebookFreakingId.onion" that corresponds exactly to a Facebook server dedicated to receive Tor network users's traffic. Same as Google and other relevant services.

July 06, 2013

Permalink

ha ha.. if you notice something.. TOR has let itself compromised by Facebook !

---------
How??
---------
If you use a fake FB account, open it on TOR browser and try send a message to your original account (with no friend link between the two profiles), then the dialog message will open and you will be able to send the message directly into your Inbox of the org acc.

In the contrary, if you send the msg to some other's original account, then msg dialog will open stating that it will go to Others msg box of the profile.

So Facebook knows your Anonymous/ Fake profile.. and hence TOR fails !!

So next time you try to take a word revenge on FB.. remember that someone out there knows who you are ..

July 19, 2013

Permalink

Nice

July 20, 2013

Permalink

some days ago I could not register with facebook using tor browser. but for me, more important question is why I can't find exit node nickname in torstatus.blutmagie.de so I can't block spying exit node.
96.44.189.98, axigy2.torservers.net
los angeles, Organization: "OC3 Networks & Web Solutions, LLC"
I tried with axigy2 to block it but no success. it is there again and again. If I am in USA I would visit them.

August 02, 2013

Permalink

So. are tor users. are realy safe to log in facebook. so they dont had to be worry about been. wacht. by big brother.?