Facebook has created the ability for users to connect directly to the social network via anonymising "dark web" service Tor.
While it was already possible to access Facebook via Tor, the
new set-up means all data is encrypted and Tor users are not mistaken
for hacked accounts.
Users could access the site "without losing the cryptographic protections" of Tor, Facebook said.
It may appeal to people in places where the network is blocked.
China, Iran, North Korea and Cuba are among countries that have attempted to prevent access to the site.
So too have such countries attempted to block access to Tor
itself. China in particular has attempted to implement measures to
disrupt the network.
The creators of Tor have been engaged in a cat-and-mouse game with governments to keep the service accessible.
Stop tracking
Facebook is the first Silicon Valley giant to provide official
support for Tor, a network built to allow people to visit web pages
without being tracked and to publish sites whose contents would not show
up in search engines.
Facebook's move would prove popular among those who wanted to
stop their location and browsing habits from being tracked, said Dr
Steven Murdoch, from University College London, who was consulted by
Facebook for the project.
He explained users would still need to log-in, using real-name credentials, to access the site.
He told the BBC: "It's quite hard to use a social network
completely anonymously, it somewhat defeats the point, unless you're
just reading information.
"But just because you want to tell Facebook your name,
doesn't mean they should be able to find out your location and your
browsing habits."
Users will still need to log-in to use the site
The crucial change is the new Tor service - accessed through a
Tor browser at https://facebookcorewwwi.onion/ - means all communication
remains in the anonymous Tor network. Previously, some traffic would
leave the closed network and access the open internet, potentially
exposing a user's location and other information.
Dr Murdoch dismissed suggestions the move could anger
governments who regularly approached Facebook with requests to hand over
user information.
"It's not so much protecting people from governments," said
Dr Murdoch, "but protecting from people who are spying on communications
- that could be anyone from criminals to marketers."
Facebook, along with other major web companies, is currently
pushing for permission to be more transparent over government requests
it receives.
Dr Murdoch said Facebook's Tor service did not increase the risk of Facebook being used for illegal purposes.
"Preventing Facebook from recording the IP address [location]
makes tracing users harder," he said. "But it was possible to access
Facebook without disclosing your IP address before."
Security blockage
It has been possible to access Facebook through Tor for some time, albeit with some frustrations.
Tor is a network that anonymises users. One of the key ways
it does this is by routing internet traffic through several locations -
making it hard to track down where the user is browsing from.
But when accessing Facebook, this causes problems. One of the
site's security measures is that if a user tries to log-in from an
unexpected location, it will flag this as evidence the account has
possibly been compromised.
Tor can be used to access Facebook in countries such as China, where the network is blocked
Of course, it could just mean that a user has changed location -
holidaymakers often find they must go through additional security
steps, such as naming people in pictures, before being able to log-in
while abroad.
"[Tor's] design means that from the perspective of our
systems a person who appears to be connecting from Australia at one
moment may the next appear to be in Sweden or Canada," explained
Facebook engineer Alec Muffett, who has led the site's Tor efforts, in a blog post.
"In other contexts such behaviour might suggest that a hacked
account is being accessed through a 'botnet', but for Tor this is
normal."
It meant accounts were being wrongly locked out. Other
problems, such as fonts not displaying correctly, marred Facebook use on
Tor.
What is Tor?
Tor is a special part of the internet that requires software, known as the Tor Browser bundle, to access it.
The name is an acronym for The Onion Router - just as there
are many layers to the vegetable, there are many layers of encryption on
the network.
It was originally designed by the US Naval Research Laboratory, and continues to receive funding from the US State Department.
It attempts to hide a person's location and identity by
sending data across the internet via a very circuitous route involving
several "nodes" - which, in this context, means using volunteers' PCs
and computer servers as connection points.
Encryption applied at each hop along this route makes it very hard to connect a person to any particular activity.
To the website that ultimately receives the request, it
appears as if the data traffic comes from the last computer in the chain
- known as an "exit relay" - rather than the person responsible.
Tor hides a user's identity by routing their traffic through a series of other computers
As well as allowing users to visit normal website anonymously,
it can also be used to host hidden sites, which use the .onion suffix.
Tor's users include the military, law enforcement officers
and journalists - who use it as a way of communicating with
whistle-blowers - as well as members of the public who wish to keep
their browser activity secret.
But it has also been associated with illegal activity,
allowing people to visit sites offering illegal drugs for sale and
access to child abuse images, which do not show up in normal search
engine results and would not be available to those who did not know
where to look.
Source:
BBC
No comments:
Post a Comment