U.S. CISA adds a Microsoft SharePoint Server flaw to its Known Exploited Vulnerabilities catalog|430,000 FortiGate Devices Exposed in FortiBleed Ransomware Link|Adobe fixed multiple maximum-severity flaws in ColdFusion and Campaign Classic|Alleged Scattered Spider Hacker Extradited to U.S. to Face Cybercrime Charges|Oracle E-Business Suite Flaw Under Active Attack, 950 Systems Exposed|Azure CLI Targeted in LSHIY Password Spray Campaign Across 64 Orgs|CISA Warns BlueHammer Flaw Is Now Exploited in Ransomware Attacks|RustDuck: The Botnet That’s Still Small but Engineering Like It Plans to Grow|GuardFall Flaw Hits 10 of 11 Popular Open-Source AI Agents|XSS.is, The Forum That Ran the Ransomware Supply Chain Is Down. The Market Isn’t|U.S. CISA adds SimpleHelp flaw to its Known Exploited Vulnerabilities catalog|Hackers Steal Data of 4.38 Million Aflac Japan Customers|U.S. CISA adds a Microsoft SharePoint Server flaw to its Known Exploited Vulnerabilities catalog|430,000 FortiGate Devices Exposed in FortiBleed Ransomware Link|Adobe fixed multiple maximum-severity flaws in ColdFusion and Campaign Classic|Alleged Scattered Spider Hacker Extradited to U.S. to Face Cybercrime Charges|Oracle E-Business Suite Flaw Under Active Attack, 950 Systems Exposed|Azure CLI Targeted in LSHIY Password Spray Campaign Across 64 Orgs|CISA Warns BlueHammer Flaw Is Now Exploited in Ransomware Attacks|RustDuck: The Botnet That’s Still Small but Engineering Like It Plans to Grow|GuardFall Flaw Hits 10 of 11 Popular Open-Source AI Agents|XSS.is, The Forum That Ran the Ransomware Supply Chain Is Down. The Market Isn’t|U.S. CISA adds SimpleHelp flaw to its Known Exploited Vulnerabilities catalog|Hackers Steal Data of 4.38 Million Aflac Japan Customers|
Advertisement

Ad Placeholder

Full Width × 90

Social Networks

Facebook Tor hidden service is online

The popular social network has launched the Facebook Tor hidden service to provide a method to use its site securely. Write down the onion address! We discussed many times about the right to online anonymity and how anonymizing networks like Tor could protect it. The Tor Project is an Internet-traffic anonymization service that is able to anonymize the Internet […]

Facebook phishing

The popular social network has launched the Facebook Tor hidden service to provide a method to use its site securely. Write down the onion address!

We discussed many times about the right to online anonymity and how anonymizing networks like Tor could protect it.

The Tor Project is an Internet-traffic anonymization service that is able to anonymize the Internet user’s experience.

In the past, Tor users have had numerous issues connecting anonymously to Facebook, but something is changing because Facebook creates .Onion Site in the Accessible Via Tor Network.

“Using normal Facebook over Tor was often a challenge for many reasons; users would have trouble logging in, be forced to identify friends in photos, be forced to change passwords, and so on,” said Runa Sandvik, a Tor advocate, to the ThreatPost.

Using the Facebook Tor hidden service, users can overwhelm the above limitations, the end-to-end encryption for the communications allow the protection from eavesdropping and monitoring.

Facebook had previously blocked the Tor access, fearing possible cyber attacks that exploiting Tor could harm its servers.

“we have begun an experiment which makes Facebook available directly over Tor network at the following URL: https://facebookcorewwwi.onion/ “said the company in an official announcement, Facebook makes clear that the service is in an experimental phase at the moment and that there will likely be bugs to work out.

Facebook idea is to create a direct bridge between clients and its core infrastructure via Tor rather than through an exit relay. Facebook also deployed its hidden services website with an SSL certificate to avoid attack against the platform and to mutually authenticate the social network service and the users. It is the first time that a legitimate SSL digital certificate was issued for a .onion website.

“we have provided an SSL certificate which cites our onion address; this mechanism removes the Tor Browser’s “SSL Certificate Warning” for that onion address and increases confidence that this service really is run by Facebook. Issuing an SSL certificate for a Tor implementation is – in the Tor world – a novel solution to attribute ownership of an onion address; other solutions for attribution are ripe for consideration, but we believe that this one provides an appropriate starting point for such discussion.”

Facebook Tor hidden service

To access the Facebook Tor hidden service the users need to download the Tor Browser Bundle.

Pierluigi Paganini

Security Affairs –  (Facebook Tor hidden service, social network)