Hacker News new | comments | show | ask | jobs | submit login
Facebook is Blocking Connections from Tor Network (arabcrunch.com)
275 points by ArabGeek on June 18, 2013 | hide | past | web | favorite | 124 comments

The privatized 'public' space makes an inevitable move.

Facebook can no longer stake any preposterous claim to "help people connect better". It is a business entity - always has been - and does not give half a damn about "making the world a better place", or whatever corporate marketing catchphrase they use right now.

Related to recent events or not, the privatized internet is continuing to backlash with severe consequences for anyone dependent on Tor to ensure that their tyrant government doesn't come knocking on their door just for speaking their mind.

It's a lot more than just a business entity, unfortunately.

The government tends to look out for and protect its biggest corporate partners, particularly those that play a strategic role (think: Boeing). The major Internet services companies are now protected government sponsored entities, just like Verizon and AT&T.

The Feds can never risk the potential that the massive orgy of data that Facebook makes possible - both domestically and globally - might unravel or be challenged by competitors that might threaten the 'total information awareness' system they've built. I would argue Facebook's well being is now considered a national security interest for the US Government, as there are few other sources that provide easy access to the lives of a billion people around the world.

I wish Facebook were merely a business.

I think that intelligence speaking, one of the biggest value of Facebook for NSA type agencies is to crawl into someones life and identifies someones friends and relationships going back to elementary school. Thanks to Facebook it's now possible with a simple click to find friends and possible connections in your past for which there was no easy paper trail before.

> just like Verizon and AT&T.

As an European I never understood what is the "strategic" interest of Washington to protect the telecom companies. This might have made sense 20 years ago, but now that these companies tend to become like any other utility companies I don't see why the Government would care if they break up or if new (possibly foreign) competitors appear.

Because I think yashkadakia's Google link was too oblique a response, here's my answer: the concerns are that A) a foreign owned U.S. telecom might refuse to provide the data NSA or other government agencies want (or reveal that they had been asked) and B) a foreign owned U.S. telecom might do the same sort of spying on behalf of their "home" country.

To add to this, the value of the duopoly of AT&T and Verizon, is also the ease of having two targets that make up the extreme majority of all telephone calls / wireless data / and a lot of broadband access. If you're the government and you want to spy on domestic calls and data, it sure beats having to deal with a market in which dozens of companies split the marketshare. This last point is also one of the reasons why the former telecom monopoly of the old AT&T was allowed to be recombined after having been split into pieces.

> Facebook can no longer stake any preposterous claim to "help people connect better".

Why not? Facebook does help billions of people connect better. Yes, it is a business entity and what's wrong with that? Does this make it inherently evil? Do non business entity do a better job at "making the world a better place"? Look at the latest NSA scandal to get an idea. At least we're not forced to pay Facebook with our tax money like we do with the NSA. But sure, business are the devil. Oh, and to stay on topic, if you want to be mad at something, be mad at those dictators forcing people to use TOR, not Facebook. TOR is also a great tools for spammers and Facebook has to fight spam too if it wants to survive as a business.

Throwing millions of legitimate users, who require Tor for their safety, under the bus is evil, yes.

Facebook has plenty of ways to fight spam besides blacklisting Tor exit node IPs, exactly as it has done up until now.

"Millions" of people use Tor? You can make an argument for anonymity without resorting to hyperbole.

"Using free software, Tor has enabled roughly 36 million people around the world to experience freedom of access and expression on the Internet while keeping them in control of their privacy and anonymity."


The fsf is against the use of Facebook, so quoting them on using Tor to access Facebook is kind of funny. Plus, I doubt those 36 million people are all activists. Actually, the article itself says thousands, not millions.

Yes, however will Facebook fight spam without blocking Tor...


Fighting spam based on the content is a great idea. I don't think it's sufficient for the web. Specifically, email spam and spam on the web have different characteristics: with email, you try to send more, so there's a tendency for keeping it short. On the web, you can go on; you want to skip spam filters, because more people can run across it, and you can get more google juice. You can pull in a big corpus of well-formed sentences, and randomly draw dozens from that. There may be specific topics that get more spam on Facebook, but I have no idea how much overlap there is with Facebook at large.

Can you elaborate on a few of your claims here?

First, you seem to imply that a privately-owned public space is a bad thing. What alternatives do you envision? Wouldn't a space regulated and controlled by governmental entities or NGOs be just as liable to abuse?

Second, when you speak about "Facebook," what do you mean? Do you mean that the people who work there don't care about helping people connecting there? That Mark Zuckerberg personally doesn't care? Or that the corporate entity of Facebook has some sort of conscious will of its own separate from the will of its employees?

Third, you seem to imply there's an obvious reason why Facebook blocked TOR that furthers their business interests. Can you elaborate on what that is?

The alternative is a federated model where you can one of many platform providers (or set up your own) and they can all "talk" to each other to create a "space" which is owned by no single entity. An open standard, defined by many participants, creates the "space." This is the way email works. It's the way XMPP works for messaging (and which has been stabbed in the back by Google by dropping their support of it in crucial ways). The Diaspora Project has the same concept for social networking in a Facebook-ish way.

I didn't RTFA but use of Tor can impair Facebook's tracking of people, thus making the data about people less valuable commodities to sell to their advertisers. Using Tor may also increase Facebook's network usage a bit by making less use of cached data, locally and remotely.

>The privatized 'public' space makes an inevitable move.

An anarchist collective wrote something you may find interesting on this subject, "The Internet as New Enclosure Digitized Capitalism, the Attention Economy, and the Surveillance State"[1] although I doubt the author(s) would agree that any enclosure of public space is "inevitable" as you put it.

[1] http://www.crimethinc.com/texts/atoz/enclosure.php

You either get a free and open Internet where a company like Facebook is free to open and close its doors as it pleases, or you get a regulated and governed Internet where you're granted access with an ID that ties all of your activity back to you.

I for one am immensely proud to be part of the civilization that created the free and open Internet, and will fight tooth and nail to keep such an option available to people.

Google and Facebook are part of the military surveillance complex, it's as simple as that. They are privatized surveillance companies who serve the US government.

It should be considered enemy soil for anyone who believes in privacy and freedom.

This is ridiculous. They're not part of a conspiracy. They're businesses that sometimes have a strategic advantage for the government, for which the government requires a legal precedent to access. That is all. Stop with the dramatic hyperbole.

It is not deliberate from Facebook. See: https://blog.torproject.org/blog/facebook-and-tor

I'll quote it here.

"A number of users have noticed that Facebook is blocking connections from the Tor network. Facebook is not blocking Tor deliberately. However, a high volume of malicious activity across Tor exit nodes triggered Facebook's site integrity systems which are designed to protect people who use the service. Tor and Facebook are working together to find a resolution."

This needs to be the top comment. Way too many wacko conspiracy theorists in this thread.

Your definition of "conspiracy theory" is way too low. Many sites block Tor, it is not even remotely out of the possibility that they could have blocked Tor exit nodes, or will in the future. I run a Tor exit node on a static IP address, I have firsthand experience with this.

That is a perfectly reasonable explanation, and not what I'm calling conspiracy theory. I'll quote one from a reply to the current top comment.

>Google and Facebook are part of the military surveillance complex, it's as simple as that. They are privatized surveillance companies who serve the US government.

source: https://news.ycombinator.com/item?id=5899813

Ok, thanks for the clarification, I missed the context. As a side note I think functionally they serve that purpose, but were never created to be so; they simply cannot resist the compelling power of the state under which they have been licensed as a taxable entity and are subject to its laws and leaders...

I did not see this, posted a reply to the top comment myself, upvoting you and deleting my comment, I agree this should be the top comment to stop us from going on* debating and speculating with little to no information.

edit: typo

Has anybody tried asking Facebook why they've done this?

Possible reasons:

1. One or more governments (which ones?) have told Facebook to block Tor or else. (Or else what?)

2. A manual security review revealed more hacking attempts via Tor than legitimate use, so Facebook decided to block Tor.

3. After a sustained hacking attack via Tor, an automated Facebook security system automatically blocked Facebook access from Tor.

Further questions: When did Facebook start blocking Tor? Any idea when they might stop?

It's a pitifully poor article.

The article simply states the issue. Its not up to the writer to come up with excuses for facebook, which if you are really hot on bad journalists you would rightly write off a mere speculation. Its up to facebook to explain their position. If their excuse turns out to be a reasonable reason, then lets hear it.

"Its up to facebook to explain their position."

Uh, yeah. That's why the parent comment suggests asking Facebook what's going on NOT guessing about it!

It's up to the journalist to investigate and find out why Facebook is doing this so he can write a more complete story.

Not necessarily - if their goal is to get Facebook to reverse the change (which I imagine it is based on the fact that the website is based in an area with a lot of civil unrest), then providing reasonable rationalization in the article isn't what you want to do.

In that case this isn't journalism but propaganda (even if its the good kind). Lobbyists do the same thing yet we all hate them for it, these guys shouldn't get a free pass and get to call it journalism if they aren't portraying both sides.

Edit: fixed mobile typos

I've now been able to reach the page to read is myself. How is this propaganda? What's the other side to exposing activists to observation by oppressive regimes?

That term "more complete" is your own standard, and not one of journalism. "More complete" can go on for ever.

I don't think Facebook is really obligated to explain especially if its for some security reason or automatic. What's bad about the article is that it leads you down a certain way of thinking without really saying so.

Not in detail, no. But it can give a general, reasonable sounding statement to counter the article.

Option 2 or 3 seem pretty likely. I'm pretty sure wikipedia blocks edits from Tor IPs because a huge number of them are malicious.

A lot of IRC networks block Tor exit nodes too. Since exit nodes are in short supply, it seems reasonable that there's a high likelihood each one has been used to launch attacks/spam Facebook and was consequently blacklisted.

Google takes a similar approach - if you use Tor there's a high chance it'll accuse you of being a bot and require a CAPTCHA.

A CAPTCHA makes sense, it wouldn't be difficult for Facebook to implement that, force a log in if people are from visiting through TOR (people really probably shouldn't check "remember me" anyway in this case).

Yes, and we block tor as well for this reason. It's mainly used by spammers and trolls on our site. Unfortunately tor doesn't/can't do anything about its spam problem (unlike hidemyass who will kick off trolls). This means it's pretty much useless for anyone wanting to use it legitimately because eventually some asshole will get you blocked.

Yes. And because regular blocks are useless if people can use Tor to circumvent them. Legitimate users can get a block exemption to edit from a Tor IP, though.

It doesn't matter why.

In an immediate sense, no, it doesn't matter why.

But in a broader sense, it does. If it's a temporary automatic block, that has different implications for who you protest against than if it is a manual block put in at the behest of the House of Saud, say, or at the request of America's NSA.

Of course it does. It might be a short-term block to prevent a spam attack, for example.

Writing on FB using Tor kind of defeats the purpose, no?

Maybe you are trying to hide your physical location.

This. And perhaps even your whole identity.

The world is so different place in unsafe countries, people might be playing with their lives(and lives of their close ones) for doing this stuff. It's not unlikely for a totalitarian government to assassinate opposition, to physically kill activists. You say that's wrong, but I ask whatcha gonna do about it?

Lets let them use TOR.

If you're on facebook under a false identity you can and will be kicked off more-or-less at random whenever you happen to trip the right flags.

Sure, and this is most probably an expected possibility, but also the only way to operate safely. Exposing your name and your political stance along with activism can get you killed.

Of course the reliance on US based(of all Western countries) company through which all the stuff gets organized and through which the communications happen might have to be questioned -- but the status quo is that there are no viable alternatives and it's very unlikely to change due to the nature of the market.

news.ycombinator does this too.

edit: at least for me, it's impossible to log in to HN and when I occasionally succesfully log im, everything I post while being on Tor is instantly dead.

This point might be more important than anyone gives it credit for. Six days ago PG said that someone was running an "abusive distributed crawler" through Tor. Quite possible that Facebook would ban for the exact same reasons.

pg described here [1] why HN sometimes can block Tor users.

[1] - https://news.ycombinator.com/item?id=5864439

I've noticed this too in the past week, for me HN won't even load so i need to either use a regular browser or read another news site. Personally I think its shameful if this is being done intentionally EDIT: Right now it seems to be fine

Not for me, I can login fine.

typing news.ycombinator.com seems to work in the latest tor browser. maybe news.ycombinator.com/news works if the former doesn't.

When I worked for Netscape.com (the social news site) and later Propeller.com, we made a conscious decision NOT to ban known TOR IP addresses, even though a metric shit-ton of spammers used it.

"Activist" + brains != relying on middleman's platform

Wrong. If the majority of potential supporters are on Facebook, an activist needs to be on Facebook.

Then VPN access paid for by bitcoins will do. Tor is not the only game in town.

Yes, because a public record of all transactions could not possibly be used to track anyone down.

Slightly off topic, but I discovered yesterday Tor provides AMIs for running bridge nodes on EC2: https://cloud.torproject.org

It's really easy to set up, and only costs ~$3 a month if you have your free tier available.

Just tried loggin in to Facebook with TOR and it works (from the UK). Is this a region only thing?

kind of pointless using Tor to access a site that has all your personal information on it.

What personal information exists in facebook?

Associates. Thoughts. Articles you liked. Articles you didn't like. Private messages. Contact information. Photos. Location check-ins. Causes you support.

The whole point of Facebook is to share some private information with a selected group of friends.

That might be the "whole point" but that is not how everyone uses it. I have a facebook account myself which contains nothing but a username, a generic artsy avatar and a list of popular facebook pages I like to keep tabs on. I dont share any personal information and I dont have "friends" on facebook.

This is all purely out of convenience. If I wanted to go full on stealth mode I could have used Tor at which point my account would not give facebook any information apart from a couple of "like" clicks from a super generic gray faced account.

Activists can create these accounts and have a place where they can tell the world about their experiences without risk of being found out. They dont need to give out their IP addresses, they dont need to give out addresses. All they need is a cause and a way to speak and, given luck, people will start listening.

Now at least one small avenue of communication has been closed.

(and the NSA)

I find this a bit ironic because the future of the web is a free self-organizing darknet. Someday data that users wish to share will be stored cryptographically in a true "cloud" sort of like bitcoin, and I'm not really sure what the value of facebook will be in an environment like that. Maybe the ability to store things temporarily or delete them somehow?

Facebook seems to connect you to anything except the future..

On what do you base this speculation? To me, the trend seems to be just the opposite. Internet use for the average person is increasingly non-anonymous. Only techies use Tor, PGP, etc.

Yep, your parent presupposes people get better at computers. Moore's law does not apply to people.

I disagree. Only 20 years ago the GP would be saying "Only techies use email, web, etc."

People get better at this stuff, but slowly. The current privacy issue is growing in the public consciousness, spurring action from "techies". Maybe 20 years from now easy to use encryption will be the norm, even among regular people.

That's a fair point. However, I still see the contraction of skills being greater as the web caters to those without them, and people's skill atrophying.

For instance, Facebook messaging vs instant messaging. For most standard users I know, they have literally lost any reason to use an alternate client, and many of them will probably never become familiar with one as a result.

Anyway, its a wait and see situation, hopefully we are both around to see!

I hope you're right. Time will tell, I guess.

Isn't HTTPS connection enough to protect from snooping regimes? If the foreign government won't block FB access completely, user can go to https://www.facebook.com and will know that their data can only be seen by Facebook? Of course if government is blocking FB access, then I understand the need of TOR.

You're missing the point TOR isn't about encryption, it's about anonymity.

If you're in a situation which can threaten your life, the latter is clearly more important.

But in that context, using Tor to sign into Facebook kind of removes that 'anonymity' angle.

Yes, unless the Facebook account has only ever been accessed via Tor, and the personal information (name, age etc) faked.

I'm unsure if Facebook blocked signups from Tor however.

Not really. You wouldn't use TOR and have a sign saying "hey I live here", that obviously defeats the purpose.

Imagine you're in Egypt and you lead a political party that is targeted by other parties or even the government. People will still follow your stream and information (facebook also has pages) it doesn't matter if you filled out a "profile".

Or maybe you just want to follow that political page without anyone finding out. Create an account with fake information, it's simple and useful.

If this isn't political, the timing of this is terrible for Facebook.

It's probably a government request. But let's give them benefit of doubt. My guess is that there's a business reason behind it. Probably they want to track you.

I really doubt they care about tracking you that much. Tor is so infrequently used that it's not worth the trouble to force you to log in without it just to track you. Maybe if teenage girls were using Tor I might be inclined to agree but right now it's just not worth the effort for a few nerds.

How about using TOR to connect to a VPN and then to Facebook, so Facebook only sees the VPN but you still "protected" by TOR.

Is this possible/practical?

well facebook won't be able to see you(your IP loc), but VPN is not completely safe as they are required to keep logs + there's also Money trail(credit card) leading directly to you, negating the effect of Tor whatsoever.

Yes, but will be very slow.

Why the hell would someone using TOR use Facebook?

Before the downvote brigade comes out in full force, stop and think a second. The US government is building its own map of all our social connections for everyone worldwide, not just suspects but everyone. It will know the names of everyone you know, how well you know them, even down to the date that you met them and dates that you were in the same location together.

Why WOULD anyone who cares about their anonymity use Facebook? I am wondering why I use Facebook even.

> I am wondering why I use Facebook even.

Because, as much as you shout and holler about your privacy being violated, and as much as you act like you value said privacy, you're more than willing to give it up for a modicum of convenience.

You, me, and everyone else. Anyone who still uses a 3rd party to handle unencrypted data they expect to remain private is simply uninformed. Period.

There needs to be a way to have a foot in each world. Total online privacy and anonymity when you want it, and ability to use facebook, twitter, hacker news, and other sites where you know and expect to be tracked.

Like Chrome's "incognito mode" that extends beyond cookies to an anonymous network identity. Like using Tor through a VPN tunnel, I guess.

I think we should separate the things which aren't so important to protect (FB conversations, Reddit comments, Netflix traffic, etc.) from the things which MUST be private and secure (bank data, classified data, misc. data which you want guarantees about security on). Different sandboxes for different things. There's no reason my Pinterest account needs to be as secure as my government's troop deployments.

Well you can start your education here: https://en.wikipedia.org/wiki/Arab_Spring#Social_media_and_t...

Social activism?

Did you not even finish reading the headline?

Are there better ways to retain network integrity that don't use ip address logging/monitoring ?

Has everyone made certain they're running the most current version of Tor?

Sometimes I have issues with ycombinator from tor. Am I only one?

Someone is aggressively crawling HN with TOR ips so they've banned TOR ips.

is it possible that fb got some heat from above, and forced to do that?

this means that facebook do not care about the fat of its users, as now thousands of activists in tyrant regimes might risk their identities be found and that means they will go to jail.

Facebook is supposed to be a site where you use your real identity and therefore seems like a bad choice for activists trying to keep their identity hidden. Twitter seems like a better solution which is still mainstream and the public nature of it makes it easier to communicate with the outside world.

activists are using facebook pages to lobby behind causes they do not use their real names so they are not arrested by oppressive regimes. there are many pages with millions of fans run this way. all at risk now.

Why not work through a trusted intermediary using a more secure channel? I would think that Facebook isn't the most secure way to communicate, regardless of direct TOR access.

what exactly forces them to use Facebook instead of something remotely private and secure?


If activists want a potential mass audience, facebook is an essential part of of that. Something private will not get to most people. Its the exact same reason it is hard to compete with facebook. Its is a virtual monopoly.

"Force"? No. But by using that word you are in the same disingenuous camp the "what have you got to hide" people. I mean, why bother about privacy at all, no one is "forced" to use the internet. Why bother about anything facebook does, no one is forced to use it.

I could go on, but I'm not forced to....

If activists want a potential mass audience, facebook is an essential part of of that.

Well, why not clear it through an individual that will put it up there so that the private dealings of everyone else won't leak?

This is a good idea. Perhaps an individual in a state that values freedom of expression more highly.

Ah, the "if you don't like it - move to Russia" doctrine. Rather than racing to the bottom, why shouldn't the glaring problems simply be addressed?

Being grateful for health and freedom is one thing - being so grateful as to not put them to use, or let them slip away, is another. If Facebook has made a change for the worse, it's worth talking about.

Because if you are trying to reach a mass audience, you have to go where the audience is. If no one sees your message, you are wasting the time and effort used to communicate that message.

Traffic/Audience is everything.

I imagine the very reason some people are using TBB is to browse sites like facebook which are blocked otherwise.

The hive mind, unfortunately.

Google, IIRC, does not let you search from TOR either. If they can't track you, you're no good to them.

That's not true. It redirects to https://encrypted.google.com/ and works just fine.

True, sorta.

In my past experiences, if you're on tor (or proxy'd through a known portal), and have Javascript disabled entirely, Google will sometimes (not always) give you an error stating that your IP is a known abuser. If you DO have JS enabled, I have encountered the "Your IP is known to be abusive, so type in this captcha in order to continue" and then it forwards to encrypted.google.com.

I get similiar behaviour with VPNs & Google.

To be fair it's quite likely your IP has been abusive. There aren't that many exit nodes and it doesn't seem unlikely that a lot of Tor users have suspicious or malicious behavior.

Though to the point, the IPs of all exit nodes are publicly available and presented by the Tor project itself.

I never realized that turning on/off noscript had something to do with google blocking me, thanks.

Makes sense -- most bots don't run JS.

Definitely, I guess this means all I need is phantom.js to steal all of google's search results now.

If your guess is that phantom.js is all you need to sidestep a captcha then I believe you might be misinformed.

TOR/SSH Tunnel + startpage.com + Stylish extension + Startpage Google Look = hehe ;)

I've certainly used Google with Tor.

Because a lot of spammers/SEO Scrapers (such as Scrapebox or xrumer, or even sites with private databases such as SEOmoz or SEMrush-like databases could) use TOR to bulk-scrape Google.

So you are told that the IP you are using is rate limited.

Last time I checked it asked for a captcha

i have the same problem here.

Applications are open for YC Winter 2019

Guidelines | FAQ | Support | API | Security | Lists | Bookmarklet | Legal | Apply to YC | Contact