[liberationtech] Facebook available as a Tor hidden service

Jonathan Wilkes jancsika at yahoo.com
Sat Nov 1 10:18:34 PDT 2014 

That's great.  And if TBB implements the "security slider" with "Whistleblower" at one end and "Log in to Facebook" at the other, where do you think the average post-Snowden user would set it?  Where would you set it?

https://trac.torproject.org/projects/tor/ticket/9387

Not that the TBB devs would ever dream of labeling the slider that clearly...


Like it or not, TBB _is_ private browsing.  More and more non-technical users know this-- hell, Facebook finds _value_ in it!  That change in consciousness requires a re-evaluation of all the assumptions that initially led TBB devs to "refrain from forbidding the scripts that the user is advised to forbid".  (And if you think that's confusing, well... it's the message the TBB user gets as they peruse the UI.)

And please don't misunderstand: pseudonymous or location-anonymous Facebook log in == GOOD.  Or at least GOODER_THAN_NOT.  But just as poor grammar is poor, lowest-tier private-browsing is risky.  Make the user move a slider to tack on more risk, and let the at-risk users have maximal privacy by default.

I'm sorry that devs have had to waste so much of their time monotonously educating the lowly users.  And I'm sorry free software communities don't  have an ethos that supports superlative user documentation.  But they better find a way out, because it's only going to get more difficult as more and more Facebooks leverage hidden services in ways the software didn't plan for.  I wonder how many people already think that Facebook can brute-force any onion addy...


-Jonathan



On Friday, October 31, 2014 4:47 PM, The Doctor <drwho at virtadpt.net> wrote:
 


-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

On 10/31/2014 10:46 AM, Robert W. Gehl wrote:

> In the end, I don't get why FB is doing this, other than to look
> hip.

It may raise the hair on the backs of some of our necks, but
protestors have been known to find one another and organize actions
using Facebook.  Facebook setting up a Tor hidden service would not
facilitate anonymity (perhaps pseudnonymity, if one were to set up a
dedicated FB account) but it would certainly help implement
circumvention of traffic or DNS filtering.

- -- 
The Doctor [412/724/301/703] [ZS]
Developer, Project Byzantium: http://project-byzantium.org/

PGP: 0x807B17C1 / 7960 1CDC 85C9 0B63 8D9F  DD89 3BD8 FF2B 807B 17C1
WWW: https://drwho.virtadpt.net/

On the Internet, nobody knows you're a bot.

-----BEGIN PGP SIGNATURE-----

iQIcBAEBCgAGBQJUU/UfAAoJED1np1pUQ8RkxrEP/RF0ZGEaNxXbY0rTdy6/nzXs
nIhmvpGRwZlvDTzjKDhNBqJgJhhRSve1ERMZlQAlq+nCTyFoF0roqAHs38H1UcT6
qoNyNP9i9IXjs8gTav8K3BgkTP4VCDplJ1KPE0gbRxqlVwqwPdyfYIEk7y7yf08i
GnMrKjZUcN+oy0Hslfpg5EEpQZqcsh3woGTpT4rJeSx65/nyDvcyHVkmSbXSMVZj
VuQE9Cj8RLk03m78H8ez2wmNXg00c6oSLkCmvOduPPutxaONYLwMlJL8W/U1LMxO
INPfVHGPnyFAkrCA/r2tIgMM8u7aHwAzshZmx9W8DU+QM+lr6YmSzgbPpPACEpvD
qLcXIqCGdqHo7hTfLT4FXtE7JRz+ve1jd0+EeV4ebhyObO/EuKOk7E+rnuKQQA1B
96B7dlzf2eB3CKSnxNAAUKR4BZG+Obn71UBp517GuvPfhgaqV3V96gW+78A7Dque
/srCnVwSQaBkbt+3qVJkJ0urTmjD+T40QaEr8gbfHPu1W9zoPtQp29BH21Qe20CX
+J9v7gsPo5poUlCX8xugvtCcXvYtodoF6yeBiu8J/dj6e/FO5/YVpyycvzd+/5+k
ITIfGcd2aB0Fj8lc+n1LOxtwlh70+CFr1nEMM0ljk4+SxGQgLleOWjShshokw10h
ivdM6LBrLtgPTOoGliMA
=IjSy
-----END PGP SIGNATURE-----
-- 
Liberationtech is public & archives are searchable on Google. Violations of list guidelines will get you moderated: https://mailman.stanford.edu/mailman/listinfo/liberationtech. Unsubscribe, change to digest, or change password by emailing moderator at companys at stanford.edu.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mailman.stanford.edu/pipermail/liberationtech/attachments/20141101/ade46a6c/attachment-0001.html>

More information about the liberationtech mailing list