You may know that your browser sends information to Facebook whenever you visit a web page that hosts a Facebook Like or Share button or other Facebook content. That’s true even if you do not have a Facebook account. If you do have a Facebook account, Facebook gets to know which sites you visit. Some users may see this as a privacy invasion. The general advice that you get on the Internet is to log out of the Facebook account when you do not use the site. The reasoning here is that logging out should prevent the identification of the user on third party sites with Facebook content.
According to Nik Cubrilovic though this is not the case. Facebook can track logged out users as much as it can track logged in users. How do they do it? With cookies of course. One would assume that logging out would delete all cookies linked to the account.
This is apparently not the case here. Facebook is not deleting all cookies when a user logs out. Nik notes:
To make it easier to see the cookies being unset, the names are in italics. If you compare the cookies that have been set in a logged in request, and compare them to the cookies that are being unset in the logout request, you will quickly see that there are a number of cookies that are not being deleted, and there are two cookies (locale and lu) that are only being given new expiry dates, and three new cookies (W, fl, L) being set.
Cookies that identify the user based on the account number still exist, which means that Facebook has access to that data whenever a connection to the site is made (on Facebook itself or third party sites). This means that Facebook can still identify users even if they are logged out of the social networking site.
The only solution? To delete all Facebook cookies whenever possible. While you could do that manually every time you log out of Facebook, it is probably not the best solution in this case. First, you have to do it every time which can quickly become a nuisance, and second, you have to remember to do it.
Here are a few add-ons and extensions that take care of that for your:
- Facebook Blocker [Firefox] – Blocks all Facebook contents on third party sites from sending information. You can still interact with the elements if you want, but until you do, no information are submitted.
- Facebook Blocker [Opera] – Seems to be identical to the Google Chrome extension, blocks all Facebook third party traffic.
Facebook Disconnect [Google Chrome] – Blocks all Facebook traffic from third party sites.
Have another add-on or tip on how to cope with the situation? Let everyone know in the comments.
Update: Facebook responded in an email. Here is their official statement:
Facebook does not track users across the web. Instead, we use cookies on social plugins to personalize content (e.g. Show you what your friends liked), to help maintain and improve what we do (e.g. Measure click-through rate), or for safety and security (e.g. Keeping underage kids from trying to signup with a different age). No information we receive when you see a social plugins is used to target ads, we delete or anonymize this information within 90 days, and we never sell your information.
Specific to logged out cookies, they are used for safety and protection, including identifying spammers and phishers, detecting when somebody unauthorized is trying to access your account, helping you get back into your account if you get hacked, disabling registration for a under-age users who try to re-register with a different birthdate, powering account security features such as 2nd factor login approvals and notification, and identifying shared computers to discourage the use of ‘keep me logged in’.
© Martin Brinkmann for gHacks Technology News | Latest Tech News, Software And Tutorials, 2011. | Permalink |
Add to del.icio.us, digg, facebook, reddit, twitter
Post tags: facebook, facebook like, facebook log out, facebook privacy
0 comments:
Post a Comment