https://news.ycombinator.com/item?id=8538281
On Fri, Oct 31, 2014 at 5:47 PM, Murdoch, Steven <s.murd...@ucl.ac.uk> wrote: > Facebook have now provided a Tor hidden service, see: > > https://www.facebook.com/notes/protect-the-graph/making-connections-to-facebook-more-secure/1526085754298237 > > — > Facebook Onion Address > > Facebook's onion address provides a way to access Facebook through Tor > without losing the cryptographic protections provided by the Tor cloud. > > The idea is that the Facebook onion address connects you to Facebook's > Core WWW Infrastructure - check the URL again, you'll see what we did there > - and it reflects one benefit of accessing Facebook this way: that it > provides end-to-end communication, from your browser directly into a > Facebook datacentre. > > We decided to use SSL atop this service due in part to architectural > considerations - for example, we use the Tor daemon as a reverse proxy into > a load balancer and Facebook traffic requires the protection of SSL over > that link. As a result, we have provided an SSL certificate which cites our > onion address; this mechanism removes the Tor Browser's “SSL Certificate > Warning” for that onion address and increases confidence that this service > really is run by Facebook. Issuing an SSL certificate for a Tor > implementation is - in the Tor world - a novel solution to attribute > ownership of an onion address; other solutions for attribution are ripe for > consideration, but we believe that this one provides an appropriate > starting point for such discussion. > > Over time we hope to share some of the lessons that we have learned - and > will learn - about scaling and deploying services via the Facebook onion > address; we have many ideas and are looking forward to improving this > service. A medium-term goal will be to support Facebook's mobile-friendly > website via an onion address, although in the meantime we expect the > service to be of an evolutionary and slightly flaky nature. > > We hope that these and other features will be useful to people who wish to > use Facebook's onion address. > > Finally, we would like to extend our thanks to Ms. Runa Sandvik and to Dr. > Steven Murdoch of UCL for their kind assistance and generous advice in the > development of this project. > > Alec Muffett is a Software Engineer for Security Infrastructure at > Facebook London. > — > > Best wishes, > Steven > > -- > tor-talk mailing list - tor-talk@lists.torproject.org > To unsubscribe or change other settings go to > https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk > -- Key fingerprint = 1BEC 0BDE 59EE A136 D9D9 7528 3E62 2257 BADD 8A9D -- tor-talk mailing list - tor-talk@lists.torproject.org To unsubscribe or change other settings go to https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk
