Facebook Fixes Post Log-Out Cookie Behavior 80
An anonymous reader writes "Over the weekend, self-proclaimed hacker Nik Cubrilovic accused Facebook of tracking its users even if they log out of the social network. The company responded by denying the claims and offering an explanation as to why its cookies behave the way they do. Now, Cubrilovic says Facebook has made changes to the logout process, and detailed what each cookie is responsible for."
Re: (Score:2)
Re: (Score:2)
I bet they did. (Score:1)
If I log out, and it's a multi-user computer, it taints the cookie's value.
I doubt it has anything to do with doing the "right thing"
Re: (Score:1)
Nah, they just estimated that dealing with the backlash was going to cost them more than losing a little bit of data from the small number of people that begin logging out consistently.
I highly doubt it was because of a fundamental misunderstanding about what the logged out cookies were good for.
Re: (Score:1)
I don't know, if I were paying for browsing data of facebook users, I'd want it to be accurately attached to a real name.
Once the news broke, I imagine customers were pissed that they were being sold poor quality data.
Re: (Score:1)
I tend to believe Facebook's unequivocal denial that they sell user-tracking information more than I believe your "They do so".
(It's plenty believable to me that their initiatives to put Facebook content on other sites are simply about getting people to use Facebook more...)
Re: (Score:1)
I really assumed they allowed it to be used for the sake of targeting ads, but keep a buffer between it and their customers.
But like Google doesn't sell tracking, but they use the data to sell things at a higher rate.
If I were targeting ads at Facebook users, I would want to be sure it was the right ones, that's what I'm paying for. The increased data has less value, because it is less accurate.
Re: (Score:1)
I should add, I don't think it was done maliciously, I think it was an over-site. They want accurate data.
Re: (Score:1)
The part where that argument falls apart for me is that Facebook can track the behavior for a logged in cookie separately from a logged out cookie. So they can sell both the 'this is what logged in users look like' and the 'this is what users computers look like'. That they would not be using the data in the way that it is most valuable to them is basically preposterous (for a variety of reasons; they are interested in money, they have a large amount of technical talent, etc.).
I suppose they might have been
Re: (Score:2)
it taints the cookie's value.
There is nothing right about taint and cookie being in the same sentence, so I agree with you on principle.
Re: (Score:2)
You just haven't been watching the right pr0n then.
Leave it to Zuckerberg (Score:2, Insightful)
Re: (Score:3, Funny)
hes has no principals.
That is because he's not in school anymore.
Re: (Score:2)
Re: (Score:2)
Well duh... We've known that for awhile. The real question is...
Who's worse? markz for building such a shitty product that treats people like crap. OR. all the millions of users who signed up for such a shitty product. And continue to use it no matter what scummyness comes to light....
I predict humanity will do well in its ventures of continued existence.
Re: (Score:2)
here's the thing... NOBODY CARES ABOUT YOUR DATA, you are not important, you are not special, your browsing habits are not unique, you do not frequent sites that make people care about your data, and even that it wouldn't be FB that cared :)
Then why track? Care to explain? I see hundreds of sites tracking every click and every mouse-over I make. Hell there are business models that solely depend on tracking people.
Re: (Score:1)
Statistics, targeted marketing, marketing trends. Traffic, how many people go to amazon after google type stuff. There is a lot more money in selling your product to a targeted market than to the world wide web make sense? It doesn't have your name on it, just your IP, they can't hack you via a cookie, so your IP is essentially useless unless your run open ports on your router w no firewall, but again fb is the least of your concerns at that point.
It's pretty harmless is my point, ya it's kinda grey area
Re: (Score:3)
The issue that I'm having is the reverse of what you guys are talking about. Apparently with the new timeline update or whatever the hell they're calling it, Facebook will integrate with certain websites such that if I go to an enabled site, it's automatically posted to my timeline that I went there.
Dunno about you guys, but I don't necessarily want all of my fb friends list potentially seeing every site I go to. I signed up for Facebook to keep in contact with people that I don't get to see on a regular ba
Re: (Score:2)
Install AdBlock Plus and add these filters.
||facebook.com^$third-party,domain=~facebook.net|~fbcdn.com|~fbcdn.net
||facebook.net^$third-party,domain=~facebook.com|~fbcdn.com|~fbcdn.net
||fbcdn.com^$third-party,domain=~facebook.com|~facebook.net|~fbcdn.net
||fbcdn.net^$third-party,domain=~facebook.com|~facebook.net|~fbcdn.com
Some Facebook apps might not work correctly unless you add more domain exclusions to these rules. In that case, add the necessary domains, each preceded by a tilde and separated by a vertic
Re: (Score:2)
I don't use facebook apps, so that's not a concern. And I already have ABP installed, though I don't remember putting those filters in place.
That said, I'm just going to shutter my account at Facebook. I shouldn't have to jump through special hoops to keep Facebook from blabbing details about me that I do NOT choose to share on Facebook. That, and Facebook is quite famous for changing privacy settings, requiring you to make even more changes to opt out of privacy invasions. I have little doubt that once eno
Re: (Score:1)
Yes yes, quite creepy indeed, nobody wants their websites posted, EXCEPT ITS PARTNER SITES
http://www.facebook.com/help?page=1068 [facebook.com]
and I guess we only kind of know what they are after http://www.facebook.com/topic.php?uid=104057282970409&topic=26
So that porn site shouldn't show up on your timeline according to this.
Re: (Score:2)
Who said anything about porn sites? If people find out I read Slashdot, they'll beat me up and stuff me in a locker ;)
Re: (Score:1)
Until your old enough to have domain admin access over them, then you state "gtf in the locker or i make the systems work 1/2 the time for you preventing you from doing your job causing your delayed termination, you also beat your own ass while your at it". :P
Re: (Score:3)
Amazon sells books and rice-steamers and USB cables.
Facebook and Google sell YOU. They sell your eyes and your habits and your desires and your prejudices to anyone and everyone to do with as they please.
One is more nefarious and subject to abuse than the other.
Re: (Score:2)
Re: (Score:2)
"Stupid users," I thought. "I have to protect them from themselves." I poured back another shot of bourbon. The moonlight crept through the window of my office. I do a lot of my work at night.
It had been a quiet day. Some broad had come in begging for me to find out if her husband was cheating on her. Unfortunately, I couldn't take the case. Her husband was a buddy of mine from the force. I told her to look on Facebook. Joe never was too bright, like most of the earthly scum I surround myself with. He'd pro
Re: (Score:2)
That's Mr. Douchebagberg to you.
How do so many IT managers master this talk (Score:4, Insightful)
Re: (Score:3)
First off we never did it, secondly we've stopped doing it. If I am ever taken to court for theft that's what I'll try, "Your honor first of all I never stole anything, secondly I just gave it all back and won't do it again".
If a tree falls in the forest and nobody is there to Like it, does it matter?
Re: (Score:1)
Re: (Score:2)
You think that is something?
Maybe you should watch some of the congressional hearings on C-SPAN. It's mind bending logic and great show. Unfortunately, it's Reality TeeVee.
If you care so much about being tracked... (Score:2, Funny)
Re: (Score:2)
Or Facebook at all for that matter, the sole purpose of the site is to share information about yourself so that people can track you.
Re: (Score:2)
At this point not using the net isn't particularly feasible. And it's getting worse as more and more essential services move to it. It used to be that everything that one legitimately needed to do had an offline equivalent, but the direction things are flowing that might not be the case for much longer.
And even where one doesn't have to be online to do something, it's often times significantly faster to use the online equivalent rather than doing it offline. Not to mention things like statements where banks
Self-Proclaimed? (Score:1)
Usually when someone is identified as "self proclaimed," it means they aren't what they say they are. It's a de facto insult.
Is Nik not a real hacker?
Re: (Score:2)
It means what it says. It doesn't mean it's untrue. It's more likely that whoever wrote the article sees admitting you're a hacker as tantamount to breaking the law, or something stupid like that.
Not worried (Score:5, Funny)
I'll be moving over to Google+, where I know they won't spy on me. ;) ;)
Who cares? (Score:1)
They don't need cookies anyway. There are a lot of other ways to track you without a cookie. As long as we download all those "like" buttons from the webpages we visit they get to track us. The cookie would just make the tracking a little bit easier.
Re: (Score:2)
yep. Don't need a cookie, don't need to ever be affiliated with facebook or have ever signed up. If that like button is tracked on a website that also has other personal info associated (maybe even your first name), you just got linked to every other linked website and so on. Basically, advertisers know far more than just "simon S2 visited a website".
Re: (Score:1)
fbcd.net needs to be added there as well.
Re: (Score:1)
fbcdn.net
sorry. typo.
Re: (Score:2)
Exactly. Most people's browsers send up enough information to every site you visit that you can be uniquely identified--or at least narrowed down to a very small sample. Even when you aren't logged in, Facebook can correlate that browser data with known profiles and figure out who you are without much trouble.
Re: (Score:2)
AdBlock Plus will do the trick, as long as you block all of Facebook's domains. I posted a list above, but here's a link if you're lazy.
http://yro.slashdot.org/comments.pl?sid=2448786&cid=37531014 [slashdot.org]
Duh (Score:2, Insightful)
Re: (Score:2)
Using a service like facebook for free? news flash: You aren't the consumer, you are THE PRODUCT.
Some of us choose to "opt out" of that equation.
Re: (Score:2)
Re: (Score:2)
Using a service like facebook for free? news flash: You aren't the consumer, you are THE PRODUCT.
This isn't limited to just free services.
Remember the news a few days back about OnStar changing their TOS so they can sell data they collected from current and former customers?
Yes, you get to pay for the privilege of being a product.
Right... (Score:2)
Re:Right... (Score:5, Insightful)
This implies that it was doing something that Facebook didn't want it to do.
It was: Generating bad publicity.
Re: (Score:2)
It's an appeasement (Score:2)
It's not a fix if they can, or might, undo it in the future.
Click (Score:2)
BleachBit? (Score:2)
Did Fecebook integrate BleachBit into their log-out process?
Oh yeah...Welcome to the Internetz, Nik. Don't take candy from strangers.
Had Facebook existed in 1987... (Score:1)