[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]

Re: [tor-talk] Does Facebook Onion Work?

On 2016-02-17 23:17, Alec Muffett wrote:
Hi All!

I just wanted to confirm that facebookcorewwwi is working and is under
active development; we are currently working on scaling bandwidth so
that we can support more people who want to use Facebook over Tor.

The facebookcorewwwi URLs use (and need) subdomains which are
respected by web browsers, albeit that they are invisible to the Tor

The URLs are as follows:



...the latter URL ("M-site") is a web-version of Facebook designed for
mobile devices, which uses Javascript and yet can *also* be used
without Javascript being available at all.

When an issue (potential bug?) is raised with us, we generally attempt
to reproduce it. Our rule-of-thumb is to try reproducing the issue on
a recent (ideally latest) version of TorBrowser, without extra
extensions, and with the TBB "Security Level" set between
Low/Medium-High (for www) or between Low/High (for m-site).

So far I have only managed to reproduce the "looping" issue once, and
then only by exceeding the bounds of our "rule of thumb"; I currently
suspect that this behaviour is related to manual configuration of
Javascript controls in such a way that JS is only partially-enabled
for the site, leading to anomalous script behaviour.

Where Javascript is considered a risk it seems wisest to disable it
entirely (Security Level: High) and then use M-site; restarting Tor
Browser should clear any active state that would trigger the issue.

I have tried this for the mobile onion link both on Low and High security settings. Both work fine but Facebook does ask for SMS validation (as expected).

I think Alec Muffett is referenced in Kevin Mitnick's autobiography if I recall correctly!

tor-talk mailing list - tor-talk@xxxxxxxxxxxxxxxxxxxx
To unsubscribe or change other settings go to