Catch up on stories from the past week (and beyond) at the Slashdot story archive

 



Forgot your password?
typodupeerror
×
Cloud Bug Facebook Privacy Social Networks The Internet News Your Rights Online

Facebook Confirms New Cookie-Tracking Issue 85

An anonymous reader writes "Facebook is once again setting its datr cookie via the Like button and other social plugins on third-party websites. The datr cookie can be used for tracking users whether you are logged in or logged out of the service. Facebook has confirmed this is indeed a bug, but says that it is limited in scope and that it will be fixed today. Talk about damage control."
This discussion has been archived. No new comments can be posted.

Facebook Confirms New Cookie-Tracking Issue

Comments Filter:
  • by bwintx ( 813768 ) on Wednesday October 05, 2011 @12:19PM (#37614462) Homepage
    has already passed, since TFA (3rd link) was from yesterday.
  • This is a bug. Right!!
  • by Anonymous Coward

    The web generally works fine if you only accept 1st party cookies, not 3rd party cookies. There's pretty much zero reason to accept cookies from other than the main site you are visiting, and firefox has long had an easy preference setting to do just that. It's one of the basic "setting up a new machine" tasks that people should be used to doing by now. Don't run 3rd party javascript, don't allow 3rd party cookies - that alone increases your privacy and safety by a huge amount. I've almost never seen an

    • Priceless advice I would mod +1 if you weren't an anonymous coward :)

      Then again I've been doing that since about the time firefox came out, your right there is just no reason, I'm surprised it's still checked as on by default in new browser installs, it doesn't nearly break as much as IE8 being installed w/o compatibility view on by default.

      • Mod +1 regardless. You're modding posts, not people.

        • True. I avoid looking at names on posts when I mod. I read the post, and respond to the post. Afterwards, I sometimes realize I modded up someone with whom I almost always disagree. And, the opposite happens as well. Just don't look at names, and the moderation gets a lot more fair!

    • Or allow all of facebook's cookies only for duration of current session. Combined with a browser restart every now and then (or mere switch to and back from privacy mode in FF), it just gives them new meaningless data to choke on every time.

  • by Nursie ( 632944 ) on Wednesday October 05, 2011 @12:23PM (#37614510)

    Block facebook.com and fbcdn.com, then add exceptions for the two sites when visting facebook.com. Problem solved, no more fb tracking.

    • Re:Adblock (Score:4, Informative)

      by _0xd0ad ( 1974778 ) on Wednesday October 05, 2011 @12:38PM (#37614698) Journal

      Here's my list.

      ||facebook.com^$third-party,domain=~facebook.net|~fbcdn.com|~fbcdn.net
      ||facebook.net^$third-party,domain=~facebook.com|~fbcdn.com|~fbcdn.net
      ||fbcdn.com^$third-party,domain=~facebook.com|~facebook.net|~fbcdn.net
      ||fbcdn.net^$third-party,domain=~facebook.com|~facebook.net|~fbcdn.com

      A few more domain exceptions on my home FF installation to permit certain Facebook Apps to work correctly.

      • You actually use the apps? I don't have a single one. All that I use Facebook for, is to look at "important" people's walls. I've friended the "most important", so most of the time, I don't even need to look at their walls. But, I sure as hell don't enable any apps, so that the "developer" can browse through my information!

        • You actually use the apps?

          Not very many.

        • i though that if your friends enable apps, then your data is already accessible to the developers

          • You thought, but I don't think so. There have been a number of articles detailing how to stop app developers from accessing your data. I read, visit Facebook, check the settings, then halfways forget what I read, LOL

            You can google for articles, if you like, to compare your own settings. As far as I remember, I've disabled friend's ability to share my information.

          • i though that if your friends enable apps, then your data is already accessible to the developers

            I think, if you disable all apps (not just remove them all, but disable the platform alltogether), then your friends can't accidentally be leaking your information to other developers. This may or may not have been the case a year or so ago, so I don't know the situation now.

    • But apparently, this is still not possible in Chrome.

      WHHHYYYY??!!!

      • Re: (Score:3, Informative)

        by Anonymous Coward

        ghostery... google it.

      • Hosts file . . . google that too. When you're finished, you might want to google for instructions on your router, to block unwanted sites. It's not that hard, it only takes a bit of reading in most cases. If you really want to fine tune your blocked sites list, install something like Tomato on your router - or buy a router on which you can install Tomato, or DD-WRT, or Open-WRT. Of course, if you're not a poor working chump, you could always opt for a commercial grade router, and save the bother of fl

      • Yes, it is. There are several extensions, one of which is Facebook Disconnect. [google.com]
  • Not sure I trust em [slashdot.org]. Not that I ever did. If a company has income, but does not charge their users anything. Then their users are their products, and are being sold to someone else.
    • by surmak ( 1238244 )
      Maybe, they requested the patent on the bug to insure that nobody else can invade users' privacy. (Yeah right, I don't believe that either.)
  • by grasshoppa ( 657393 ) on Wednesday October 05, 2011 @12:25PM (#37614550) Homepage

    If only there were a competitor to facebook that addressed these issues. I'm sure they'd be able to take a large portion of facebook's sub base about as quickly as facebook did to myspace.

    And if only said competitor could somehow make such a service work with it's other internal services that paying customers are currently locked out of.

    Talk about a market ripe for take over, if only someone could get their act together.

    • Yeah cause google is all about not tracking you and your Web usage. I mean it's not like that is the basis of their revenue stream. Oh wait, it is.

      • You'll note that's addressed in my post. Which I have a feeling you only read the words you wanted, and interpreted them however you wanted to arrive at the results you wanted.

        • Except you didn't. Google's entire revenue stream is based on tracking users and using that data to sell ads. To act like they won't use Google+ to further that is laughably naive. The only way Google could "address that" is to.kill off their own revenue stream.

    • by mccrew ( 62494 )
      Increased competition benefits the customers.

      Remember that you are not Facebook's customer. You are the product. Therefore, you should not expect to see any benefit with increased competition.

      • It is more complicated than that you are actually BOTH the customer and the product.

        Think of it like a flower. Facebook is the flower- you (the bee) goes to the flower to consume their nectar. They don't get benefit from you eating their nectar (communicating mundane comments with your friends) - but their way of continuing on is that they attach a packet of pollen to you (sell your data) so that you can propagate the species (pay the employees and Suckerborg's wallet).

        If another flower offers more and sw

    • Problem is, Facebook has got their users locked in, like nobody has been locked in ever before.

      I would rephrase your question as: if only there were some regulations on social website lock-in, and data-harvesting.

      (Somehow, these regulations exist for telcos but are not applicable to social websites; or are they?)

      • You can leave Facebook any time you like. Nothing locks you in. Leave- go somewhere else and ask your friends to follow. Some will, some won't- even with half the amount of friends on a rival network such as Google+, you still will have the ability to waste more time than you should.

      • There's no lock in. Throwing your pictures and slips of paper you've written on down a well doesn't lock you into that well. You can go away anytime you like, but you're gonna have to expend some real effort to take all that crap you threw in that hole with you.
  • I run Facebook in a totally separate browser than I use for -everything else-. So why is it I still get Facebook cookies in a browser that has never logged onto Facebook? I remove those cookies about 2-3 times/week. I haven't figured out where they're coming from (i.e. what site puts them there) yet. This is not new behavior, I've seen this for months.

    • Do any of the other sites you visit have the Facebook "Like" button?

      I bet they do neighbor.
    • by Pope ( 17780 )

      Because of the Facebook Social Plug-in, which runs on third party sites that have comment boxes and/or like buttons. There'll still be FB cookies, they just won't have your FB-linked info.

  • Sharemenot [washington.edu]

    Not having an account with them and blocking everything from their domains is what I chose to do.

  • Isn't this defeated by simply disabling third party cookies in your browser?
    • by maxume ( 22995 )

      No.

      Visit facebook.com, Log out, Facebook sets cookie at log out. Visit other page, other page includes link to resource on facebook.com, browser sends that cookie with the request to facebook.com.

      It isn't news that it is happening, but apparently there are a bunch of people that had no idea at all about how browsers function. I guess that is a little bit snide, but the tone of some of the articles about it has been pretty funny, like it was some sort of big bust to catch them doing it (the last time it was

      • by allo ( 1728082 )

        its only sent, if you do not disable thirdparty cookies.

        • by maxume ( 22995 )

          I think you are mistaken.

          I have Cookie Monster installed, so I would have to mess around to test the default configuration of Firefox, but if I use developer tools to inspect the requests such and such a page is making, I can see that some of the requests to other domains have cookies associated with them, cookies that are not from such and such a page's domain.

          My understanding of the cookie features in Firefox are that the options only control what cookies can be set, they don't have any impact on what coo

  • The disconnect addon for Firefox seems to be working well for me.
  • Devote it exclusively to Facebook. I downloaded Opera.

  • by EkriirkE ( 1075937 ) on Wednesday October 05, 2011 @01:50PM (#37615724) Homepage
    Write a greasemonkey script to write the cookie over with, say, Zuckerberg's profile ID? So everywhere you go tracks to his profile (but not tied to you)
  • ... Facebook's development is out of control, that Facebook does not even know what its developers are doing. Or maybe the developers are doing exactly what Facebook wants, and Facebook thinks the public is too stupid to figure it out.
  • Facebook has confirmed this is indeed a bug, but says that it is limited in scope and that it will be fixed today.

    Once it's fixed, it won't be limited in scope anymore.

  • What I'd like to see is a protocol for handling all the social interactions that Facebook provides. Then folks could write apps and servers to implement it. Technically-minded nerds could run their own servers. Other folks could just choose whichever provider they pleased, much like selecting mail or web hosting.

    Decentralize.

  • Did I not in fact tell everyone this a few days ago? See! No one believes me! :) :) :)
  • Does this mean both distros adobted Unity? I don't like that on my desktop computer. Only good idea for use with laptops or smaller.
  • How about the latest Facebook tracking option. It's called ALLforALL: 10:50:09: Breathed in. 10:50:14: Breathed out. 10:50:24: Noticed cat sleeping on chair. 10:50:32: Wind stirring leaves outside house. Temp 71 degrees. 10:51:02: Sun came out from behind cloud. 10:51:12: Had dalliance with Greek heiress 10:51:34: Cleared throat. 10:51:49: Rear section of Upper Atmosphere Research Satellite (UARS) just crashed through house. 10:52:59: Cat now awake. 10:53:17: Thirsty. --from Thinking Out Loud, http://mar [blogspot.com]

We are Microsoft. Unix is irrelevant. Openness is futile. Prepare to be assimilated.

Working...