Facebook on Tor?

Tor is a tool for remaining anonymous online, and Facebook is a website that gathers and shares more information about people than any of us want to know. So, why would Facebook make a version of their website that works on the Tor network?

Facebook's .onion site on the Tor network
*.onion sites will not work unless connected through Tor

Tor is a network of virtual tunnels that allows people and groups to improve their privacy and security on the Internet. It also enables software developers to create new communication tools with built-in privacy features. Tor provides the foundation for a range of applications that allow organizations and individuals to share information over public networks without compromising their privacy.

Individuals use Tor to keep websites from tracking them and their family members, or to connect to news sites, instant messaging services, or the like when these are blocked by their local Internet providers. Tor's hidden services let users publish web sites and other services without needing to reveal the location of the site. Individuals also use Tor for socially sensitive communication: chat rooms and web forums for rape and abuse survivors, or people with illnesses


I can assume we all know what Facebook is, right? Not many of us really pay very close attention to privacy settings and aren't often too concerned until something makes the news or is on a blog we read. Here is a short list of some of my concerns about Facebook:
  • Those stupid games/apps
    • Permissions grant developers of apps a ton of personal information.
    • Unless you've changed from the default settings, other users can give apps permission to your personal data.
  • Tracks you across most of the web via Like buttons, etc.
  • Facebook was caught tracking logged-out users.
  • Collects offline data though partnerships with advertising agencies (including some club cards).
  • Numerous complaints about changing your privacy settings (you make your phone number private and next thing you know someone you don't know is calling because they got your number on Facebook).
  • The personal data we publish on Facebook is used by hackers for such things as guessing password recovery questions.
  • As of my last review, Facebook's terms of service  require up-to-date contact info.

Given that Facebook makes money by taking away of convincing you to give up much of your privacy, why would Facebook bother with this? I mean, any sense on anonymity is lost once you've signed in after all. Using a different IP address does you no good whatsoever once a person is attached to it.

I can see three possible reasons for Facebook doing this:

  1. An extreme response to privacy concerns. Those unfamiliar with Tor could think that simply using Tor will make them anonymous, even when they are signed into Facebook. Even if it doesn't actually enhance your privacy, it's good for Facebook's image.
  2. For networks or even countries where Facebook is blocked. Journalists in countries suffering from media blackout, and college students alike now have another means of getting past IP address/domain blacklists.
  3. Foolish people who think that they are still anonymous even after they login on Facebook. Anyone who logs in on Facebook has just given up any and all anonymity gained by using Tor. Now, someone doing whatever else on Tor can be identified.

My best guess would be that it's a little of all three. Facebook will seem to be making a move for much better privacy to those unfamiliar with Tor. This does help bypass attempts at censorship (as well as attempts by employers to keep their employees from Facebooking at work). And, it can be used to track down those ignorant enough to think that simply using Tor guaranteed that they would remain anonymous.

Of course, Facebook could always be accessed through Tor. It would just be a little frustrating because every time a user would login it would be reported as suspicious account activity.