Facebook’s untimely block on Tor mistakenly freaks out activists

Tor users welcomed back after Facebook and Tor clean up nasty traffic

Tor logoTor login to Facebook has been restored, ending a brief spate of panic over the prospect of political activists being blocked from logging in via the encrypted and anonymizing network and application.

On Tuesday, a number of users noticed that Facebook was blocking connections from Tor.

Facebook quickly chimed in to say that it wasn’t deliberate; rather, Facebook’s site integrity systems were triggered by what Facebook called a high volume of malicious activity across Tor exit nodes.

Facebook and Tor worked together to clear it up, managing to do so within hours of the initial blockage on Tuesday.

The Arab world of internet users was particularly alarmed at the idea that Facebook had intentionally blocked Tor access, given the fear that if Tor were permanently blocked, political activists would have to log in via their own IP address.

Here’s how ArabCrunch expressed the implications:

This means that their identities might be revealed to tyrant regimes in countries such as Syria, Jordan, Iraq, Saudi Arabia and elsewhere, since Facebook’s SSL connection can be broken easily by technology obtained by these regimes from American and British companies. This means Facebook is now risking the lives and freedom of thousands of people...

Panic over the loss of Tor access to Facebook was particularly acute given the untimeliness and close post-PRISM proximity.

But while some are flocking to Tor as a haven from surveillance, Tor itself has pointed out that the network, on its own, doesn’t necessarily guarantee that content won’t be intercepted:

The core Tor software's job is to conceal your identity from your recipient, and to conceal your recipient and your content from observers on your end. By itself, Tor does not protect the actual communications content once it leaves the Tor network. This can make it useful against some forms of metadata analysis, but this also means Tor is best used in combination with other tools.

HTTPS. Image courtesy of ShutterstockThose tools include the use of HTTPS-Everywhere in Tor Browser, which Tor says can often protect communications content where parts of the Tor network and/or recipients’ infrastructure are compromised or under surveillance.

Tor says it can also protect communications content in cases where Google or Facebook has been compromised, when the Tor network is used in conjunction with these tools:

  • The Thunderbird add-on TorBirdy and the OpenPGP email security interface Enigmail;
  • Google’s Off-the-Record (OTR) chat service (which makes chat records unretrievable by end users but – nota bene – not necessarily kept off Google’s servers); and
  • The community-run, distributed social network Diaspora.

In fact, Tor says, using Tor with these other tools is the right way to do it if you’re interested in systems that prevent snoopers from accessing either the metadata that Prism was theoretically all about, or the content of communications themselves, which NSA whistleblower Ed Snowden says the feds most certainly have access to.

From Tor’s blog:

The real interesting use cases for Tor in the face of dragnet surveillance like this is not that Tor can protect your gmail/facebook accounts from analysis (in fact, Tor could never really protect account usage metadata), but that Tor and hidden services are actually a key building block to build systems where it is no longer possible to go to a single party and obtain the full metadata, communications frequency, *or* contents.

For those worried about surveillance, Tuesday must have been a worrisome day indeed. It’s a relief to learn that Facebook wasn’t intentionally blocking Tor.

Image of HTTPS courtesy of Shutterstock.