Tor Facebook and Anonymity, is it possible?

I ask this cause i want to use Whonix completly torrified and still use instagram and facebook but each time i try it says "Unusual traffic was noticed and i’m not able to get in.

I have many questions but i figured i would take them one at a time :blush:

Dunno if it will help but it explains the issue:

2 Likes

It’s not possible. Facebook will force you to de-anonymize yourself or they will lock your account.

4 Likes

Facebook offers an onion domain name where Tor users are probably not blocked but what madaidan applies nonetheless. Facebook might tolerate a bit pseudonymous use but after they got you accustomed to the service you they block account and ask for ID card upload to unblock - own experience.

4 Likes

Facebook is a tool of surveillance first and foremost. Same applies to Instagram.
Theses platforms have been designed to gather as much information as possible from the target. Long term Tor use and remaining anonymous while still using the service is not possible.

3 Likes

Facebook offers an onion domain name where Tor users are probably not blocked

I believe this only works for registered accounts, the official PR statement being that they do it to let in people from countries with mass surveillance. This is bollocks of course, they surely didn’t open up the hidden service for the sake of letting people actually anonymously sign up through it, since their policy has been to force users reveal their REAL names and other data since the beginning.

1 Like

the point of the onion for facebook has nothing to do with users maintaining their privacy on facebook or keeping data from facebook. it is simply to make it more difficult for nation states or isps to block access, thus maintaining their abilities to profit during a storm.

this isn’t a bad thing for users who do not care about facebook’s data collection. for those who do care, i’m sure there is a means to fool facebook’s systematic checks if tor is a vector for requiring additional information. for example, one could spin up a vps that was acquired (somewhat) anonymously and use it as a proxy at the end of a tor circuit in various ways. but, doesn’t facebook require a phone number from all users now? in short, i’m inclined to believe it’s still possible. but, it will be a complicated undertaking that will be prone to user error at multiple points. just one error has the potential to end the anonymity. and given the numerous ways facebook has spread its tentacles across the net and devices to harvest data, such an error could have exceptionally bad consequences for various users.

1 Like

I have over the last year or 2 faced the same issues with fb. Can’t register using a tor email address because no confirmation email ever comes through tor account. That forces me to use either hotmail or gmail where JavaScript has to be enabled for the signup process to complete. Gmail seems to block every tor and VPN service from signing up by asking for a phone number. I suppose this could by bypassed with a virtual number. Hotmail is ok without registering without phone number though. If I go down the VPN route then, again, gmail seem to know you’re using one and it brings you straight to phone number account sign up. So if we use hotmail to bypass it and register an fb that way then fb also recognize use of VPN and account flags up as disabled before even being able to use it. It seems fb is incredibly difficult now to use with any kind of anonymity.

Seems like TOR->VPN setup is the only solution here, no?

anonymity is not possible on that platform.
the platform detects network changes - location (satellite location) Desktops / in android GPS
subsequently collects unique user data _

what I could see is that it allows random changes
randomization of devices without affecting anonymity / Chameleon Firefox
Instead, when blocked (firewall terminations) Facebook terminates, it tends to load repeatedly.

iptables -A INPUT -m string --algo bm --string “.xpi” -j DROP
iptables -A OUTPUT -m string --algo bm --string “.xpi” -j DROP
iptables -A FORWARD -m string --algo bm --string “.xpi” -j DROP
This prevents downloading. xpi data input and output

Facebook will try to collect the data from installed xpi and the machine
will deny the request

Source?

Sure that works? That string could be encapsulated in TLS between browser and destination and there would be nothing for iptables to filter? Also could have side effects of filtering legitimate contents with that file extension such as browser add-ons.