Don’t Let Facebook, or Any Tracker, Follow You on The Web

by hiro | June 7, 2018

In the early age of the internet, people enjoyed a high level of privacy. Webpages were just hypertext documents; almost no personalization of the user experience was offered (or forced). The web today has evolved into a system of surveillance capitalism, where advertising networks follow users while they browse the web, continuously collecting traces of personal data and surfing patterns to create profiles of users in order to target them.
Using the web today, you are a target. And because of the rampant tracking across websites, each time you use the internet, you become an easier target. 
By tracking you across different applications and sites through cookies or open web sessions, your personal preferences and social connections are collected and often sold. Even if you do not accept cookies or are not logged into a service account, such as your Google, Twitter, or Facebook accounts, the web page and third-party services can still try to profile you by using third-party HTTP requests or other techniques. 
Within the HTTP request, various selectors can be included to communicate user preferences or particular features, in the form of URL variables. Personalized language or fonts settings, browser extensions, in-page keywords, battery charge and status, and more can be used to identify you by restricting the pool of possible candidates among all the visitors in a certain time frame, location, profile of interests. You can then be distinguished, or fingerprinted, across multiple devices or sessions and then the profile the tracker has on you is expanded.
By the sites and applications themselves, the story is spun to sound as if they’re doing you a favor: they say this collection allows them to customize your experience. You see ads more relevant to you, Facebook and others say. 
Even if you think of an advertising network as a recommendation system, this same system is also influencing what you see. It’s changing your experience of the internet. 
But at what cost is this customization? When confronted with transparency around what this “customization” takes, it poisons” the ad. So of course these companies are pushing back against transparency, but we need to keep pushing them and doing what we can to prevent them from continuing to exploit us online. 
We’re starting to better understand how extensively and evasively Facebook tracks. You can be tracked while you’re logged in, while you’re not logged in, and even when you don’t have an account.
Part of the way they do this is through data they access from the Facebook apps on mobile, through your social connections on Facebook, and through the Facebook web components that can be used by websites and web applications. Every time you visit your local newspaper, if they are using Facebook comments or "like" buttons, these elements communicate some information to Facebook about who is surfing that page. 
Facebook collects information on social relationships, data representing users interactions, mobile devices, applications and games, and third-party applications accessed by you or your contacts through the online social network. Facebook was even found to have allowed companies access to the data of users’ friends without consent, even those friends who denied Facebook permission to share info with any third parties.
You can check out this patent application by Facebook to see how user profiles are built and what data is considered. 
We have seen how companies aren't merely collecting user information to suggest shiny new products to buy. These profiles were collected by Facebook and shared to third parties, and instead of being used to suggest new products, companies like Cambridge Analytica were exploiting their knowledge of your political ideas and fears to convince you or your friends to vote for the side that was paying them more. 
How will this data be used in the future? What other ways has it already been used that we’re not aware of? What can we do about it?
To protect ourselves, we can try to limit what they collect about us online. 
How Tor Browser can help
While using Tor Browser won't prevent Facebook from acquiring your contact information if one of your friends uses the Facebook app on their mobile, it can certainly help to stop building up a profile so that third party trackers won't know if you prefer the Washington Post or Teen Vogue, or if you're already planning your next vacation.
Not only does Tor route your traffic through three layers of encryption, it also defends against most of the ways you can be identified online. 
Tor Browser was created to allow users to surf the web enjoying the privacy and security features offered by the Tor network, providing what is essentially a real "Private Browsing Mode" by default that defends against both network and local forensic adversaries. Tor Browser has enumerated and isolated a set of properties to prevent tracking networks like Facebook from exploiting stored data to identify users and a set of fingerprinting defenses to prevent device and user identification. 
If you have multiple websites open in separate Tor Browser tabs, those websites, or their associated trackers, won’t have access to what you’re up to in other tabs. And any isolated cookies left by any site are cleared after each session. 
If you still use Facebook 
We understand that for some, Facebook is still a vital part of their online lives, and deleting it isn’t realistic right now. For an added degree of protection, you can visit Facebook on the “dark web” at their .onion site using Tor Browser: https://www.facebookcorewwwi.onion/
Your session on the Facebook onion will be protected through end-to-end encryption, and it will protect you from Facebook learning your location. And just like when you are using Tor Browser, anyone monitoring your connection, like your ISP, will only see you're using Tor and not what you're up to (which they're allowed to sell).
If you've never tried it before, it's not too late to start protecting your privacy from online advertisers, social networks, and anyone else who wants to profit from your personal data by surfing the web with Tor Browser


Please note that the comment area below has been archived.

June 07, 2018


NEVER use the Facebook onion link. They lock your account and demand your scanned drivers license before you can shut it down.

I don't know from which country you are in but in my case they only asked me to correctly identify a couple of friends from 5-or-so photos. I'm no longer a used of facebook now for what it's worth #deletefacebook

Did you upload a photo already? I had not yet, but made a post that I was going to. I'm from America, it's possible they were being racist over my last name (it looks Spanish to people even though it isn't). Another thing, I was having problem with certain sections of the site, and tried on a number of computers and a number of browsers, before Facebook told me that there was a problem at the time being dealt with.

June 07, 2018


Is there any risk when using the facebook onion site, and then browsing to other onion sites in another tab, that your onion browsing could be tied to your facebook login? For example if the same guard node and/or other nodes are used? Assuming an adversary runs your guard node and many of the other nodes (an assumption which has to be made really. Just hoping that they don't isn't enough.) Also assuming the adversary can subpoena facebook for login IPs, times, other information (which they can).

jayp, IMO pastly's response is inadequate and possibly dangerously misleading.

FWIW, I think your fears may be well founded, and thus it may make sense to hit "new identity", or even to reboot Tails after visiting a site likely to be surveilled, maybe implanted with NSA/FBI/CA malware. It is difficult to know, and the best answer on day n might be a bad answer on day n+1, so we all need to spend time reviewing what we think we know about who are enemies are and what their methods are.

Some key points I think we need to always bear in mind:

o technology alone cannot keep anyone safe,

o judgments about the safest course of action must always take account of the local and global political situation, including the best current information about plausible political and legal as well as technical threats,

o one of the most important lessons from the Snowden leaks is that, far from being too paranoid, most of us are probably insufficiently paranoid--- and yet, we need to somehow prevent paranoia from destroying our good judgment or causing us to fall into passive despair (which is exactly the state which governments of USA, RU, CN etc want to place their domestic dissidents, so our despair would be their victory),

o "backdoor" should be understood as referring not to "easily spotted" [sic] malicious modifications in the actual Tor code as published by TP, but in other elements involved in the interaction between Tor clients, Tor nodes, and the wider Internet environment, such as psuedorandom number generators, TLS, PKI certificates, "benign" CDNs, "benign" anti-DDOS platforms "protecting" (?) TP and other NGOs from attack, etc.,

o USIC and other well-funded implacable enemies of all peoples everywhere at all times have problems of their own, suggesting that the situation is not entirely hopeless for ordinary citizens: a combination of technological, political, and legal opposition might possibly save our societies from totalitarianism, nuclear war, environmental catastrophe, and genocide,

o our chances might not look good, but given the alternative (passively watching the long train of human history finally and in the end run itself right off the rails) we really have no alternative but to fight back against the bad governments (right now, that would be pretty much all governments) as hard as we can, in every way that we can.

A book well worth reading carefully, despite what I think is a slant against "the privacy community" which IMO sometimes causes the author to misread things and to fail to exercise good journalistic judgment:

Yasha Levine,
Surveillance Valley
Public Affairs, 2018

The most explosive charge he makes does not appear to be supported by tor-dev post cited in the footnote in the text, but Tor users should be impressed by how many of the claims he has been making for about the past two years (e.g. that Google is eager to become a permanent member of the Surveillance-Industrial Complex) have been borne out by subsequent developments.

Curiously, he entirely omits some of the most damaging allegations (supported by verifiable facts) about TP (before Shari Steele's directorship), made in submitted comments which this blog did not publish when they were submitted shortly before the JA debacle made worldwide headlines.

I think Tor users should try to read the book with an open mind. Rather than jumping to the conclusion that he must be an FSB agent (which I currently doubt) anxious to expose alleged CIA agents working in TP (such a charge would have a worrisome degree of factual truth in at least one instance of a coder who jumped from working for USIC under State Department cover to working for TP, and who was dismissed when this troubling item in his CV was revealed by none other than JA), I think readers should understand that Levine's hostility to USG's claim to be somehow "different" [sic] from other abusive quasi-colonial empire-building governments, to have some kind of "natural right" [sic] to global hegemony, is quite natural for anyone who has lived in Russia, and is not necessarily an undesirable POV for the privacy community, nor does criticism of USG policies imply uncritical support of Putin's policies.

The most damaging allegation in Levine's book may be his claims about an alleged email conversation between a Russian dissident (living in Russia) and Roger D.

Incidentally, Levine appears to have dropped out of view after the Drump admin closed the SF Consulate, a move which caused him to complain about the difficulties this creates for Russians who live part of the year on the West Coast. In his writings he says nothing about Putin's oppression, but I stress again that the simplest explanation for that is that anyone who wants to enter (or leave) RU without too much hassle is not in a good position to criticize the Putin regime.

Rather than denouncing Levine as a tool of Putin (a view for which I see no evidence whatsoever at this point), I think TP should swallow a bitter pill and consider embracing his criticisms and adopting the view that TP needs to recognize that

o most people who live outside the US are fairly hostile towards USG bullying/spying/death-droning/election-meddling etc etc etc,

o they are not wrong to oppose those things, vocally and bitterly,

o TP can and must oppose them to, vocally and bitterly,

o TP can't possibly do that effectively until it has secure funding not tied to USIC tied entities like SRI, or USG "soft power projection" entities like BBG

o the same for USIC corporate partners such as Google, Amazon, and maybe Fastly (the owner of the PKI cert which "authenticates" this very blog, a curious and troubling which TP keeps failing to explain).

As USG moves further and further towards Putin style authoritarianism, under the erratic (racist? psychopathic?) leadership of Drump, TP needs to realize that the paranoid mindset exemplified by Levine becomes more and more valid, not just for people living in RU, but also for people living in the USA.

It follows, I think, that it is time for TP and all key TP employees to leave the USA and try to find a safer home, perhaps in Germany, Norway, Finland, or Iceland. There appear to be no really good choices for a new home, but all signs suggest that USA is increasingly, like RU, an utterly inappropriate choice for a human rights group to call home. C.f. for example the latest USG attacks on "mainstream" US journalists, which appear to be following the RU example by moving towards criminal prosecution.

Anyone who isn't preparing to leave for some place which is not moving towards authoritarianism, must expect that authoritarianism will move into their neighborhood. If you work for a human rights organization, that means you will experience trouble like nothing you have ever experienced before.

June 07, 2018


First-party (cookie and other stuff) isolation to the URL domain ( has its own cookie jar, has its own cookie jar, basically) also circuits are different so IP correlation is impossible by facebook) should be explicitly mentioned, it's a great contribution of the Tor Project to Internet privacy and firefox

June 07, 2018


I use Tor Browser for everything and I try to use Tails for everything too. This helps the TOR 'swarm' by increasing the numbers using it, the more people using it the harder it is to pinpoint one individual. It has the added advantage of not isolating your TOR or Tails use to your ISP. If you're using Chrome browser all the time then switching to TOR Browser for 10 minutes then back to Chrome for everything else, this might look suspicious and can tie that 10 minutes into something possibly shady and therefore worth more surveillance. Same for Tails. If you only use Tails once every 2 weeks for 20 minutes then it might suggest you're doing something dodgy in that 20 minutes. Use both of them all day every day and it's much harder to pinpoint specific times within and it adds to the TOR pool making the crowd bigger for others to get lost in. Use TOR/Tails for your everyday email, your online shopping if you can, your blog, your Facebook posts, your online banking, reading the news et cetera. Build up a history of TOR usage in your life so it doesn't look suspicious to anyone when you're seen using it. The more we normalize TOR usage, the better for everyone. TOR should not be a dirty word!

Not that anyone would be tempted to do something shady/dodgy when their location can't be tracked.....;)

Oh, and can someone please build a Vidalia equivalent for Linux so us noobs can set up relays faster? Trying to fight through troubleshooting Linux commands gives me a migraine. Thankyou.

It fails spectacularly when it breaks a website and you have to disable your blocker and allow all those trackers. :) Just blocking a couple of urls won't help you against tracking just like not going to certain specific places will not prevent a stalker from stalking you. See as well from the Tor Browser design document :

We believe that these addons do not add any real privacy to a proper implementation of the above privacy requirements, and that development efforts should be focused on general solutions that prevent tracking by all third parties, rather than a list of specific URLs or hosts. [...] Filter-based solutions in general can also introduce strange breakage and cause usability nightmares. For instance, there is a trend to observe that websites start detecting filer extensions and block access to content on them. Coping with this fallout easily leads to just whitelisting the affected domains, hoping that this helps, defeating the purpose of the filter in the first place. Filters will also fail to do their job if an adversary simply registers a new domain or creates a new URL path. Worse still, the unique filter sets that each user creates or installs will provide a wealth of fingerprinting targets.

it is maybe off topic but why do you not promote calomel addon ?
- it shows us the level of encryption.
why are you still using rsa ?
- it is a weak element and fingerprint everyone.
i do not understand the importance of voting
- a revolution is not an evolution.
i conclude saying that deleting facebook is a safe measure.

Looking at the whitelist I see only a dozen whitelisted URLs, so Tor developers should really look into enabling the default blacklist (it doesn't block ads like Google's) for better performance since Tor is really slow and all the people that I know of complain "blah blah Tor is slow Tor is not good" and additionally add the Decentraleyes addon as well as it helps a bit.

Somebody correct me if I am wrong, but I think Decentraleyes would be a bad idea. It acts as a cache, and caches can be used to identifiy users.
CDNs can simply serve a unique selection of files to each user on their first visit, then check which files are being requested on each subsequent visit to sites, which are using the same CDN.
The pattern of files not being requested will allow to connect the individual visits to a specific browser/user.
Not that big of a problem for the casual user, potentially lethal for dissidents.

June 09, 2018


You cannot sign in to a facebook account unless you use javascript. Therefore you are compromised before doing anything else.

June 09, 2018


Stop use facebook is realistic.
End use internet is realistic.
Migrate on mesh network is realistic.
f***k internet.

> Stop use facebook is realistic.

Easy to say for those of us who never used Facebook.

> End use internet is realistic. Migrate on mesh network is realistic.

I'd love to see local decentralized citizen RF meshes all over the world, but this won't happen overnight. Do you have any suggestions for how to encourage the sprouting of decentralized citizen mesh networks in every city in the world? For how to connect these between cities, if we cannot use TCP/IP?

Nothing easy about it. I have never used facebook, but the amount of effort it takes for friends to keep you up to date with everything happening there is still very real.

IMO, anyone who believes that one can safely attempt to maintain friendships or family relationships at a distance has failed to fully grasp the techno-dystopian nature of 21st century.

The noted American philosopher T.J. Kaczynski predicted decades ago that abuses of technology by the evil actors exposed in Yasha Levine's book (Google/Amazon/Facebook and NSA/CIA/DOD/DARPA/SRI/BBG/FBI) are destroying social relationships, and it now seems to be generally accepted that he has proven entirely correct.

A perfect storm of seemingly omniscient/omnipotent forces seems to have combined against the ordinary citizen, and it is natural to be horrified, dismayed, even to become despondent.

But the answer cannot be to give up, to accept eternal technoserfdom. That simply hands our enemies the victory they seek: passive acceptance by the honest citizens of endless exploitation and degradation by oppressive plutocrats.

The answer is to combine with those physically near enough to communicate without electronics, to fight to delete NSA/CIA/FBI/Google/Amazon/Facebook etc.

"Friendship" is a troublesome, even illusory, concept for anyone living in a Surveillance State.

Perhaps a gentler kinder way of saying the same thing: true friends will not demand that you sacrifice security for keeping up with inconsequential "news" about their own lives.

June 10, 2018


When will a version of Tor Browser based on firefox 60 be released?

Also, is there any idea of when Tor Browser will be sandboxed?

June 12, 2018


Anyone else seeing "the website encountered an error" on the first two threads (12 Jun 2018)?

June 15, 2018


I say: Get rid of your Facebook. When it first started in the beginning of the century, it was a comfortable social site. But as soon as more people came online, it was more of an annoyance. The nagging reminders pressuring users to add a maximum amount of friends to keep accounts active took away from the enjoyment. Advertising soon bombarded our computer screens, and the FB experience was not something I desired to stick with any longer. The fake news, lack of accountability, and excessive number of "friends" required left me with a sour taste. And the constant tracking from advertisers was not welcome, either. The people who created FB got what they wanted: Over one billion users and counting. I decided to opt-out and deleted myself. I don't miss FB at all, I'm glad I did.

September 17, 2018


Hmm... using Facebook over tor or even facebookcorewwwi.onion - it seems to me that, particularly if one uses the third-party confirmation factor and requests a login code over one's (untorrified) cellular device, one may be compromising not only one's own metadata - but the integrity of the tor methodology. Hmm... this FB server request came from such and such tor exit node... and we also know both the identity, and the location, of the requesting party, vis a vis their third-party confirmation request. I cannot imagine that FB developers were unaware of this "loophole" they would potentially create through their .onion offering. Obvious as it is how one would defend against this - and to whatever extent compromising two layers of a more than two layer onion route may be siginificant - I believe the subject should be discussed.