Published in News

Is Facebook's new TOR Policy a way to track Anonymity?

by on03 November 2014 4495 times

When you hear people talking about anonymity on the internet it most people will think privacy. When companies hear anonymity on the internet they think piracy, crime, hacking and lost revenue. This is probably the biggest disconnect in the internet age, companies want to monetize your personal information. This is big money and (as we have said more than once) is a commodity that they have been trying to legalize for more than a decade.

The problem these companies are face is that the more data they collect on people, the more they become a target for attack. If you were to analyze the attacks made over the last 6 months you might notice a startling trend. Most of the attacks have been aimed at gathering people’s information. Even in some of the recent attacks on banks the bad guys were not going after accounts, but gathering personal information like Social Security Numbers, and other information that identifies people on the internet and elsewhere.

Despite this trend companies like AT&T and Verizon still want to collect and sell your personal data. There is no question in their mind that they have the right to do this or that anyone trying to stop it is somehow a bad guy. This is why the conversation about privacy breaks down at the government level. Far too many corporations want to prevent local encryption, anonymous conversation and any measure that protects end users’ data on the internet (or stored). They have demonized the term privacy to mean someone trying to hide information from law enforcement. The thought of having private, encrypted data on your phone or computer is almost proof positive that you are doing something wrong.

That does not mean all companies are bad, despite their history of grabbing and using member data Facebook has finally started to get that people like to connect to their site without having everything about them tracked. They have finally opened their site to users of the TOR anonymity network, but it is to a special site and has a couple or caveats to it and these appear to be specifically done to make sure that Facebook can still track you.

The first of these special circumstances is that you cannot just head over to Facebook’s main page and connect. You will have to use a special URL that you know Facebook is tracking (https://facebookcorewwwi.onion). By having a different URL for TOR they can very easily link people to their regular IPs via phone or home computer. You can simply connect the dots between logon sessions (TOR and regular) and now you can develop a list that can compare entry and exit points and (if you are clever) track someone through the TOR network. It is not impossible to do and Facebook could even drop items page fingerprints) that would potentially allow someone to track that specific user as they move through the TOR network.

It is a clever move that allows Facebook to add TOR tracking to their list disguised as respect for people’s privacy. What will be interesting to see is what back-lash Facebook might see and who follows suit and opens up a specific page for TOR and blocks TOR on their standard page in the coming months.

Fun times out there.

Tell us what you think

Last modified on 03 November 2014
Rate this item
(0 votes)

Leave a comment

Make sure you enter all the required information, indicated by an asterisk (*). HTML code is not allowed.