Beta

×

Welcome to the Slashdot Beta site -- learn more here. Use the link in the footer or click here to return to the Classic version of Slashdot.

Thank you!

Before you choose to head back to the Classic look of the site, we'd appreciate it if you share your thoughts on the Beta; your feedback is what drives our ongoing development.

Beta is different and we value you taking the time to try it out. Please take a look at the changes we've made in Beta and  learn more about it. Thanks for reading, and for making the site better!

Facebook Confirms New Cookie-Tracking Issue

timothy posted more than 2 years ago | from the issue-is-such-a-nice-bland-word dept.

Cloud 85

An anonymous reader writes "Facebook is once again setting its datr cookie via the Like button and other social plugins on third-party websites. The datr cookie can be used for tracking users whether you are logged in or logged out of the service. Facebook has confirmed this is indeed a bug, but says that it is limited in scope and that it will be fixed today. Talk about damage control."

cancel ×

85 comments

Sorry! There are no comments related to the filter you selected.

And of course "today" (2)

bwintx (813768) | more than 2 years ago | (#37614462)

has already passed, since TFA (3rd link) was from yesterday.

Re:And of course "today" (0)

Anonymous Coward | more than 2 years ago | (#37615022)

Fuck Facebook.

Re:And of course "today" (1)

interval1066 (668936) | more than 2 years ago | (#37615268)

Blunt, yet apropos. I've fixed all Facebook bugs for ever in my case by simply not using the service.

Re:And of course "today" (1)

RocketRabbit (830691) | more than 2 years ago | (#37621084)

They can still set cookies unless you have explicitly blocked them. Or sites you visit may affiliate with Facebook, so you could well be tracked by Facebook without ever actually using it.

Re:And of course "today" (1)

interval1066 (668936) | more than 2 years ago | (#37621530)

Well, I guess its Zuckerberg's world and we just surf in it.

Bullshit... (1)

Aeros (668253) | more than 2 years ago | (#37614492)

This is a bug. Right!!

Re:Bullshit... (3, Insightful)

Jeremiah Cornelius (137) | more than 2 years ago | (#37614612)

This IS a bug. As in "I think this phone is bugged".

Re:Bullshit... (1)

rvw (755107) | more than 2 years ago | (#37617478)

This IS a bug. As in "I think this phone is bugged".

This is a bug as in "it's bugging us that we were caught".

Re:Bullshit... (0)

Anonymous Coward | more than 2 years ago | (#37617700)

This IS a bug. As in "I think this phone is bugged".

This is a bug as in "it's bugging us that we were caught".

In fact the buggers of the bugging of those who were bugged have themselves, been bugged.

Re:Bullshit... (4, Insightful)

ArhcAngel (247594) | more than 2 years ago | (#37614770)

It is a bug to Facebook as in oops they can still tell we are doing it.

Re:Bullshit... (0)

Anonymous Coward | more than 2 years ago | (#37615178)

Seconded.

Re:Bullshit... (0)

Anonymous Coward | more than 2 years ago | (#37615066)

Must be like real-life bugs...hidden and only killed when the occupant finds them, regardless of whether or not the landlord knows.

good to disabled 3rd party cookies anyway (2, Insightful)

Anonymous Coward | more than 2 years ago | (#37614508)

The web generally works fine if you only accept 1st party cookies, not 3rd party cookies. There's pretty much zero reason to accept cookies from other than the main site you are visiting, and firefox has long had an easy preference setting to do just that. It's one of the basic "setting up a new machine" tasks that people should be used to doing by now. Don't run 3rd party javascript, don't allow 3rd party cookies - that alone increases your privacy and safety by a huge amount. I've almost never seen anything break like that, and if some rare thing does, it was badly written anyway and needs to have people putting pressure on it to stop doing that.

Re:good to disabled 3rd party cookies anyway (0)

Anonymous Coward | more than 2 years ago | (#37614680)

Did that and then realized I have to set an exception for disqus.com in order to post on any site that uses the Disqus discussion system.

Re:good to disabled 3rd party cookies anyway (1)

anomaly256 (1243020) | more than 2 years ago | (#37618036)

And I disabled it anyway because I didn't like how Disqus tries to post my comments directly to my facebook wall without asking me for confirmation first. Disqus is complicit with the facebook privacy problem, and may even facilitate it.

Re:good to disabled 3rd party cookies anyway (0)

Anonymous Coward | more than 2 years ago | (#37622854)

Are you retarded? Don't sign up for a disqus account using facebook if you don't want facebook to be connected to it. Gobbling up every bit of data for "content" to "share" with your "friends" is facebook's fucking mission statement.

There's 4 other fucking options. You can even use fake email addresses on most sites. Go create a twitter account with a fake address. Or a fake yahoo or google account, whatever. Just don't sign up with Facebook and bitch about how Disqus of all things, is invading your privacy.

Re:good to disabled 3rd party cookies anyway (1)

RocketRabbit (830691) | more than 2 years ago | (#37618222)

I blocked disqus in my hosts file because it is sometimes very slow and adds 5-10 seconds to the load time of a page.

Same with all the ad networks.

Re:good to disabled 3rd party cookies anyway (1)

Synerg1y (2169962) | more than 2 years ago | (#37615036)

Priceless advice I would mod +1 if you weren't an anonymous coward :)

Then again I've been doing that since about the time firefox came out, your right there is just no reason, I'm surprised it's still checked as on by default in new browser installs, it doesn't nearly break as much as IE8 being installed w/o compatibility view on by default.

Re:good to disabled 3rd party cookies anyway (1)

yahwotqa (817672) | more than 2 years ago | (#37615964)

Mod +1 regardless. You're modding posts, not people.

Re:good to disabled 3rd party cookies anyway (1)

Runaway1956 (1322357) | more than 2 years ago | (#37616280)

True. I avoid looking at names on posts when I mod. I read the post, and respond to the post. Afterwards, I sometimes realize I modded up someone with whom I almost always disagree. And, the opposite happens as well. Just don't look at names, and the moderation gets a lot more fair!

Re:good to disabled 3rd party cookies anyway (1)

yahwotqa (817672) | more than 2 years ago | (#37616050)

Or allow all of facebook's cookies only for duration of current session. Combined with a browser restart every now and then (or mere switch to and back from privacy mode in FF), it just gives them new meaningless data to choke on every time.

Adblock (2)

Nursie (632944) | more than 2 years ago | (#37614510)

Block facebook.com and fbcdn.com, then add exceptions for the two sites when visting facebook.com. Problem solved, no more fb tracking.

Re:Adblock (3, Informative)

_0xd0ad (1974778) | more than 2 years ago | (#37614698)

Here's my list.

||facebook.com^$third-party,domain=~facebook.net|~fbcdn.com|~fbcdn.net
||facebook.net^$third-party,domain=~facebook.com|~fbcdn.com|~fbcdn.net
||fbcdn.com^$third-party,domain=~facebook.com|~facebook.net|~fbcdn.net
||fbcdn.net^$third-party,domain=~facebook.com|~facebook.net|~fbcdn.com

A few more domain exceptions on my home FF installation to permit certain Facebook Apps to work correctly.

Re:Adblock (1)

Runaway1956 (1322357) | more than 2 years ago | (#37615942)

You actually use the apps? I don't have a single one. All that I use Facebook for, is to look at "important" people's walls. I've friended the "most important", so most of the time, I don't even need to look at their walls. But, I sure as hell don't enable any apps, so that the "developer" can browse through my information!

Re:Adblock (1)

_0xd0ad (1974778) | more than 2 years ago | (#37616346)

You actually use the apps?

Not very many.

Re:Adblock (1)

rvw (755107) | more than 2 years ago | (#37617510)

You actually use the apps?

Not very many.

One is enough for them!

Re:Adblock (1)

contrapunctus (907549) | more than 2 years ago | (#37616440)

i though that if your friends enable apps, then your data is already accessible to the developers

Re:Adblock (1)

Runaway1956 (1322357) | more than 2 years ago | (#37616610)

You thought, but I don't think so. There have been a number of articles detailing how to stop app developers from accessing your data. I read, visit Facebook, check the settings, then halfways forget what I read, LOL

You can google for articles, if you like, to compare your own settings. As far as I remember, I've disabled friend's ability to share my information.

Re:Adblock (1)

coolmadsi (823103) | more than 2 years ago | (#37624038)

i though that if your friends enable apps, then your data is already accessible to the developers

I think, if you disable all apps (not just remove them all, but disable the platform alltogether), then your friends can't accidentally be leaking your information to other developers. This may or may not have been the case a year or so ago, so I don't know the situation now.

Re:Adblock (1)

StripedCow (776465) | more than 2 years ago | (#37614742)

But apparently, this is still not possible in Chrome.

WHHHYYYY??!!!

Re:Adblock (3, Informative)

Anonymous Coward | more than 2 years ago | (#37614832)

ghostery... google it.

Re:Adblock (0)

Anonymous Coward | more than 2 years ago | (#37614878)

Because Chrome is made by Google and they track you, do you really think they want you blocking google-analytics?

Re:Adblock (1)

zugaldia (1062788) | more than 2 years ago | (#37615370)

I don't know if they want you to block Google Analytics, but they give you a browser add-on [google.com] to opt-out from it. It works in Microsoft Internet Explorer, Google Chrome, Mozilla Firefox, Apple Safari and Opera.

Re:Adblock (0)

Runaway1956 (1322357) | more than 2 years ago | (#37616002)

Hosts file . . . google that too. When you're finished, you might want to google for instructions on your router, to block unwanted sites. It's not that hard, it only takes a bit of reading in most cases. If you really want to fine tune your blocked sites list, install something like Tomato on your router - or buy a router on which you can install Tomato, or DD-WRT, or Open-WRT. Of course, if you're not a poor working chump, you could always opt for a commercial grade router, and save the bother of flashing Tomato.

That advantage of setting rules on your router is, you protect everyone in your home or business. Rules on your own machine are good, but do nothing for the other 1 to 20 machines that use your connection.

Re:Adblock (1)

vinayg18 (1641855) | more than 2 years ago | (#37617352)

Yes, it is. There are several extensions, one of which is Facebook Disconnect. [google.com]

Re:Adblock (0)

Anonymous Coward | more than 2 years ago | (#37615744)

Another ahem "trick" is to add:
127.0.0.1 facebook.com
127.0.0.1 www.facebook.com
127.0.0.1 www.connect.facebook.com
127.0.0.1 fbcdn.com
to your /etc/hosts file.

Of course this only works for people who do not use facebook at all. Also I suggest to create those hosts on your local web server with a message saying that "Facebook realized that there is no money besides capitalizing on your private info and thus has closed shop".
Then let your friends use your PC :)

Re:Adblock (0)

Anonymous Coward | more than 2 years ago | (#37618044)

I just blocked facebook. Problem solved, no more fb. No exceptions needed.

So they requested a patent on a "bug"? (1)

Kenja (541830) | more than 2 years ago | (#37614532)

Not sure I trust em [slashdot.org] . Not that I ever did. If a company has income, but does not charge their users anything. Then their users are their products, and are being sold to someone else.

Re:So they requested a patent on a "bug"? (2)

surmak (1238244) | more than 2 years ago | (#37616776)

Maybe, they requested the patent on the bug to insure that nobody else can invade users' privacy. (Yeah right, I don't believe that either.)

If only there were a competitor (2, Insightful)

grasshoppa (657393) | more than 2 years ago | (#37614550)

If only there were a competitor to facebook that addressed these issues. I'm sure they'd be able to take a large portion of facebook's sub base about as quickly as facebook did to myspace.

And if only said competitor could somehow make such a service work with it's other internal services that paying customers are currently locked out of.

Talk about a market ripe for take over, if only someone could get their act together.

Re:If only there were a competitor (0)

Lunix Nutcase (1092239) | more than 2 years ago | (#37614624)

Yeah cause google is all about not tracking you and your Web usage. I mean it's not like that is the basis of their revenue stream. Oh wait, it is.

Re:If only there were a competitor (1)

grasshoppa (657393) | more than 2 years ago | (#37614684)

You'll note that's addressed in my post. Which I have a feeling you only read the words you wanted, and interpreted them however you wanted to arrive at the results you wanted.

Re:If only there were a competitor (0)

Lunix Nutcase (1092239) | more than 2 years ago | (#37614794)

Except you didn't. Google's entire revenue stream is based on tracking users and using that data to sell ads. To act like they won't use Google+ to further that is laughably naive. The only way Google could "address that" is to.kill off their own revenue stream.

Re:If only there were a competitor (0)

Anonymous Coward | more than 2 years ago | (#37621330)

You'll also note that GP didn't mention google, but a hypothetical competitor.

Re:If only there were a competitor (0)

Anonymous Coward | more than 2 years ago | (#37614816)

You were talking about Google+, yes? Well he is just saying its never going to happen because google's model wouldn't support it. I think you missed his point.

Re:If only there were a competitor (0)

Anonymous Coward | more than 2 years ago | (#37614754)

No kidding... Google's tracking makes Facebook look like idiots.

Tracking on all Google services + AdSense (google ads on other sites) + Google Analytics.. they have almost the entire web tracked.

There's an AdSense ad at the top of this page right now for PayPal (see the blue arrow in the corner that says AdChoices... that's Google)

Re:If only there were a competitor (1)

PopeRatzo (965947) | more than 2 years ago | (#37615774)

There's an AdSense ad at the top of this page right now for PayPal (see the blue arrow in the corner that says AdChoices... that's Google)

Actually, I don't see it. That's how laughably easy it is to avoid being part of Google's "revenue stream".

Re:If only there were a competitor (1)

Runaway1956 (1322357) | more than 2 years ago | (#37616128)

What the pope already said. I don't see any AdChoices - or any other adverts. And, I have never used the opt-out here at slashdot to hide advertisements. All blocking is done on my router, or my computer, or in my browser. I don't see ads, unless and until I do a search for a product. I don't see it on Gmail, G+, iGoogle, or anywhere else. You gotta get with the times - every tool that I use to block ads has been discussed many times right here on slashdot.

Re:If only there were a competitor (0)

Anonymous Coward | more than 2 years ago | (#37616416)

Most people don't bother with ad blocking... if they did then Google, facebook, even slashdot would have shutdown a long time ago or started charging every time you refreshed the page.

And if that's your excuse for Google.. then it applies to facebook, doubleclick (now part of google), and every other site on the net.

If you're confused by my original post, then you have to be completely lost as to why this article is even on slashdot.

Re:If only there were a competitor (1)

mccrew (62494) | more than 2 years ago | (#37614826)

Increased competition benefits the customers.

Remember that you are not Facebook's customer. You are the product. Therefore, you should not expect to see any benefit with increased competition.

Re:If only there were a competitor (1)

Oswald McWeany (2428506) | more than 2 years ago | (#37615108)

It is more complicated than that you are actually BOTH the customer and the product.

Think of it like a flower. Facebook is the flower- you (the bee) goes to the flower to consume their nectar. They don't get benefit from you eating their nectar (communicating mundane comments with your friends) - but their way of continuing on is that they attach a packet of pollen to you (sell your data) so that you can propagate the species (pay the employees and Suckerborg's wallet).

If another flower offers more and sweeter tasting nectar- you may be encouraged to visit it instead.

Re:If only there were a competitor (0)

Anonymous Coward | more than 2 years ago | (#37615570)

Now, imagine the flower is a venus fly trap. You scream for help, but your legs are already being digested. Even if you escape, the damage is already done.

Re:If only there were a competitor (1)

StripedCow (776465) | more than 2 years ago | (#37614828)

Problem is, Facebook has got their users locked in, like nobody has been locked in ever before.

I would rephrase your question as: if only there were some regulations on social website lock-in, and data-harvesting.

(Somehow, these regulations exist for telcos but are not applicable to social websites; or are they?)

Re:If only there were a competitor (1)

Oswald McWeany (2428506) | more than 2 years ago | (#37615130)

You can leave Facebook any time you like. Nothing locks you in. Leave- go somewhere else and ask your friends to follow. Some will, some won't- even with half the amount of friends on a rival network such as Google+, you still will have the ability to waste more time than you should.

Re:If only there were a competitor (1)

Algae_94 (2017070) | more than 2 years ago | (#37615684)

There's no lock in. Throwing your pictures and slips of paper you've written on down a well doesn't lock you into that well. You can go away anytime you like, but you're gonna have to expend some real effort to take all that crap you threw in that hole with you.

Sandboxie (0)

Anonymous Coward | more than 2 years ago | (#37614714)

There's a reason I never visit Facebook outside of Sandboxie...

Those F-ing cookies show up no matter what! (1)

david.emery (127135) | more than 2 years ago | (#37614724)

I run Facebook in a totally separate browser than I use for -everything else-. So why is it I still get Facebook cookies in a browser that has never logged onto Facebook? I remove those cookies about 2-3 times/week. I haven't figured out where they're coming from (i.e. what site puts them there) yet. This is not new behavior, I've seen this for months.

Re:Those F-ing cookies show up no matter what! (1)

ArhcAngel (247594) | more than 2 years ago | (#37614868)

Do any of the other sites you visit have the Facebook "Like" button?

I bet they do neighbor.

Re:Those F-ing cookies show up no matter what! (1)

Pope (17780) | more than 2 years ago | (#37615338)

Because of the Facebook Social Plug-in, which runs on third party sites that have comment boxes and/or like buttons. There'll still be FB cookies, they just won't have your FB-linked info.

possible solution (1)

Mister Fright (1559681) | more than 2 years ago | (#37614774)

Sharemenot [washington.edu]

Not having an account with them and blocking everything from their domains is what I chose to do.

FB is a communist site (0)

Anonymous Coward | more than 2 years ago | (#37614808)

If FB is a country, then FB is a communist country. They don't let their users export data to Google+, and they want to track their users everywhere they can. To me, FB is a communist!

Totally illegal (0)

Anonymous Coward | more than 2 years ago | (#37615128)

If I walk into a Best Buy, does that give them the right to follow me into other stores? Why is this legal, I do not know. What will it take to get Facebook in court for this?

Re:Totally illegal (1)

Oswald McWeany (2428506) | more than 2 years ago | (#37615314)

Actually, it is more like if you visited Walmart and they told Best Buy that you went into their store at 6:30pm last Saturday.

Best Buy is not actually following you around- and there is nothing illegal about two companies sharing data about you. I don't like it- you don't like it- but it is not actually illegal.

Third Party Cookies (1)

Tepar (87925) | more than 2 years ago | (#37615188)

Isn't this defeated by simply disabling third party cookies in your browser?

Re:Third Party Cookies (1)

maxume (22995) | more than 2 years ago | (#37616148)

No.

Visit facebook.com, Log out, Facebook sets cookie at log out. Visit other page, other page includes link to resource on facebook.com, browser sends that cookie with the request to facebook.com.

It isn't news that it is happening, but apparently there are a bunch of people that had no idea at all about how browsers function. I guess that is a little bit snide, but the tone of some of the articles about it has been pretty funny, like it was some sort of big bust to catch them doing it (the last time it was a kerfuffle was when Amazon was serving personalized advertizing images).

Re:Third Party Cookies (1)

allo (1728082) | more than 2 years ago | (#37617444)

its only sent, if you do not disable thirdparty cookies.

Re:Third Party Cookies (1)

maxume (22995) | more than 2 years ago | (#37618018)

I think you are mistaken.

I have Cookie Monster installed, so I would have to mess around to test the default configuration of Firefox, but if I use developer tools to inspect the requests such and such a page is making, I can see that some of the requests to other domains have cookies associated with them, cookies that are not from such and such a page's domain.

My understanding of the cookie features in Firefox are that the options only control what cookies can be set, they don't have any impact on what cookies are sent. The name of the option, 'Accept third party cookies', at least suggests this is correct.

disconnect... (1)

IANAAC (692242) | more than 2 years ago | (#37615212)

The disconnect addon for Firefox seems to be working well for me.

It's a bug? (0)

Anonymous Coward | more than 2 years ago | (#37615536)

Given Mark Zuckerberg's numerous comments about eliminating privacy and how Facebook has so many 'bugs' that end up eliminating privacy, I thought they would call it an 'undisclosed feature' that provides vital benefits to the operation of Facebook, and that they chose to make it undisclosed to ensure it could work to maximum effectiveness... Because 'ignorant' or 'misinformed' users might object or block it.

Just download another browser. (1)

InterGuru (50986) | more than 2 years ago | (#37615638)

Devote it exclusively to Facebook. I downloaded Opera.

more browsers, more privacy (0)

Anonymous Coward | more than 2 years ago | (#37619600)

Here's a few good browsers,

Iron portable

Opera portable (called Opera USB)

Palemoon portable (a faster Firefox)

TorBrowser is also portable, but less functional.

Fake it out (2)

EkriirkE (1075937) | more than 2 years ago | (#37615724)

Write a greasemonkey script to write the cookie over with, say, Zuckerberg's profile ID? So everywhere you go tracks to his profile (but not tied to you)

It is beginning to look like... (1)

QuietLagoon (813062) | more than 2 years ago | (#37615772)

... Facebook's development is out of control, that Facebook does not even know what its developers are doing. Or maybe the developers are doing exactly what Facebook wants, and Facebook thinks the public is too stupid to figure it out.

Re:It is beginning to look like... (1)

game kid (805301) | more than 2 years ago | (#37615996)

They could just be Schrödinger's corporation: simultaneously responsible, and not.

cliche reversal (0)

Anonymous Coward | more than 2 years ago | (#37615874)

So instead of the ol' chliche "its not a bug, its a feature!" , we get to see "its not a feature, its a bug!"

It will be fixed (1)

Yvan256 (722131) | more than 2 years ago | (#37616206)

Facebook has confirmed this is indeed a bug, but says that it is limited in scope and that it will be fixed today.

Once it's fixed, it won't be limited in scope anymore.

alternatives (1)

Onymous Coward (97719) | more than 2 years ago | (#37616314)

What I'd like to see is a protocol for handling all the social interactions that Facebook provides. Then folks could write apps and servers to implement it. Technically-minded nerds could run their own servers. Other folks could just choose whichever provider they pleased, much like selecting mail or web hosting.

Decentralize.

Re:alternatives (1)

KernyKat (721157) | more than 2 years ago | (#37622254)

http://diasporafoundation.org/ [diasporafoundation.org] and http://noserub.com/ [noserub.com] ...but don't kid yourself that these things will take ever over the mainstream without widescale support from a leading corporation.

I don't understand. (0)

Anonymous Coward | more than 2 years ago | (#37616320)

How the hell does a TEXT FILE track you?!?!?

Re:I don't understand. (1)

allo (1728082) | more than 2 years ago | (#37617460)

and you do not get, how a passport can identify you.

Said it before.... (1)

Eric Freyhart (752088) | more than 2 years ago | (#37616348)

Did I not in fact tell everyone this a few days ago? See! No one believes me! :) :) :)

...but says that it is limited in scope... (0)

Anonymous Coward | more than 2 years ago | (#37616708)

...but says that it is limited in scope and that it will be fixed today... to expand the scope globally

Unity? (1)

Autie (1357021) | more than 2 years ago | (#37616756)

Does this mean both distros adobted Unity? I don't like that on my desktop computer. Only good idea for use with laptops or smaller.

Re:Unity? (1)

Autie (1357021) | more than 2 years ago | (#37618652)

Sorry, wrong threat :)

Facebook knows all (1)

marperl (2477744) | more than 2 years ago | (#37618952)

How about the latest Facebook tracking option. It's called ALLforALL: 10:50:09: Breathed in. 10:50:14: Breathed out. 10:50:24: Noticed cat sleeping on chair. 10:50:32: Wind stirring leaves outside house. Temp 71 degrees. 10:51:02: Sun came out from behind cloud. 10:51:12: Had dalliance with Greek heiress 10:51:34: Cleared throat. 10:51:49: Rear section of Upper Atmosphere Research Satellite (UARS) just crashed through house. 10:52:59: Cat now awake. 10:53:17: Thirsty. --from Thinking Out Loud, http://marperl.blogspot.com/ [blogspot.com]
Check for New Comments
Slashdot Login

Need an Account?

Forgot your password?
or Connect with...

Don't worry, we never post anything without your permission.

Submission Text Formatting Tips

We support a small subset of HTML, namely these tags:

  • b
  • i
  • p
  • br
  • a
  • ol
  • ul
  • li
  • dl
  • dt
  • dd
  • em
  • strong
  • tt
  • blockquote
  • div
  • quote
  • ecode

"ecode" can be used for code snippets, for example:

<ecode>    while(1) { do_something(); } </ecode>