Facebook announces support for Tor browser

Facebook has announced that people trying to access its website using Tor will no longer be impeded by the company’s security policies.

Tor is a secure browser that lets users surf the internet anonymously by adding multiple layers of encryption to the original data and then relaying it through a series of randomly selected computers, known as relays, in its network.

Because the exit node – the Tor network computer through which a connection to the desired site is ultimately made – is different every time a user starts browsing, it can appear they are in two disparate geographical locations in quick succession.

This can cause sites like Facebook to lock down traffic directed to an account for fear it is under attack from hackers using a botnet.

Facebook admitted this had “sometimes led to unnecessary hurdles for people who connect to Facebook using Tor”.

The company has therefore created a special URL for those wishing to connect to Facebook using Tor, https://facebookcorewwwi.onion/, to overcome this problem.

“Facebook’s onion address provides a way to access Facebook through Tor without losing the cryptographic protections provided by the Tor cloud,” said Alec Muffett, software engineer for security infrastructure at Facebook London, in a blog post.

“The idea is that the Facebook onion address connects you to Facebook’s Core WWW Infrastructure … and it reflects one benefit of accessing Facebook this way: that it provides end-to-end communication, from your browser directly into a Facebook datacentre,” Muffat added.

The connection also layers SSL encryption on top of that which is already present, but this is more because Facebook’s architecture requires it in order to accept a connection, rather than a pure security concern.

While connection via mobile isn’t currently supported, Muffet said this is a medium-term goal.

“We hope that these and other features will be useful to people who wish to use Facebook’s onion address,” he concluded.