Slashdot Mirror

← Back to Stories (view on slashdot.org)

Logged In or Out, Facebook Is Watching You

Posted by timothy on from the damn-addictive-scrabulous-and-cute-iris-chang dept.

kaos07 links to this ZDNet story, according to which "Researchers at software vendor CA have discovered that social networking site Facebook is able to track the buying habits of its users on affiliated third-party sites even when they are logged out of their account or have opted out of its controversial 'Beacon' tracking service. Responding to privacy concerns, Facebook has since moved to reassure users that it only tracks and publishes data about their purchases if they are both logged in to Facebook and have opted-in to having this information listed on their profile. But in 'extremely disconcerting' findings that directly contradict these assurances, researchers at CA's Security Advisory service have found that data about these transactions are sent to Facebook regardless of a user's actions."

41 of 336 comments (clear)

  1. Well by Anonymous Coward · · Score: 5, Insightful

    Only if you have a Facebook account.

    1. Re:Well by SMacD · · Score: 4, Informative

      facebook does use your email address as the login

    2. Re:Well by wattrlz · · Score: 4, Insightful

      Facebook uses an email address as your login, but I'm guessing they probably have some sort of cookie thing set up as well.

    3. Re:Well by bartok · · Score: 4, Informative

      If you use Firefox you can also block it:
      http://www.ideashower.com/blog/block-facebook-beacon/

  2. Shocked by Romancer · · Score: 5, Insightful

    I'm shocked that you're shocked. Or even expect me to be mildly surprised that this is happening.

    The only difference is that this is supposed to be a larger company and therefore better than the millions of smaller opt out pipe dreams out there?

    --


    ) Human Kind Vs Human Creation
    ) It'd be interesting to see how many humans would survive to serve us.
    1. Re:Shocked by Yold · · Score: 5, Interesting

      I disabled my facebook account a few months ago because it occurred to me that someone is probably harvesting all the data that they can find off that site. Being someone who parties (too much ;-) ), I was constantly deleting tagged pictures of myself drinking off that website. I was damn glad that I did, because my BOSS at my uni went on looked at my facebook account before he hired me.

      It would not suprise me if someone started offering money to purchase facebook accounts, just to harvest information, for say the price of $0.10 a friend w/ an account. I have a wild imagination, but with data mining being a really hot field, who knows what could be done with this information, it might even cost me a job in the future.

      The future of privacy (or lack thereof), has me vigilant, even paranoid.

    2. Re:Shocked by ivan256 · · Score: 5, Insightful

      I'm constantly amazed about how people will post private information in a public place (thus making it public information), and then complain about how they are being robbed of their privacy.

      Of course it also amazes me how popular these social networking sites are with adults. It's understandable that kids and teenagers want to climb a social ladder of sorts, since it is human nature to attempt to achieve more than your peers, and there is little available in the environments we provide to kids other than social hierarchy to climb... But when you grow up, generally people move on to trying to get ahead in other types of accomplishments. It seems things like MySpace and Facebook have extended High School into adulthood. When you place that much value on your social network, perhaps it shouldn't be too surprising that people are willing to give up their privacy to maintain it.

    3. Re:Shocked by Firehed · · Score: 4, Interesting

      I was damn glad that I did, because my BOSS at my uni went on looked at my facebook account before he hired me

      This, good sir, is why you set privacy controls.

      You're right about their data-mining though; Facebook's ads are really starting to concern me. "Single geek age 20? Visit eHarmony today!" Obviously my relationship status and age are right there in my profile, but them dynamically generating personality keywords based off of my interests and then proving them to advertisers... yeah, I should probably leave Facebook too.

      --
      How are sites slashdotted when nobody reads TFAs?
    4. Re:Shocked by brunes69 · · Score: 5, Interesting

      What amazes me is that peple think that your prospective employer actually gives a crap if you party on the weekends.

      Has it ever occurred to you that maybe you don't want to work somewhere who cares about that anyway? If an employer cares what an employee is doing in their off time then they have already crossed the line IMO.

    5. Re:Shocked by SatanicPuppy · · Score: 4, Insightful

      All you whippersnappers, I swear...Look me up by my real name, and you get nothing, nada, nihil, zip, because I made a very conscious decision to separate my online identity from my regular identity. Keeps me from having to be too careful.

      Make the decision, and separate yourself from your online identity. You can always claim it later if you want to, but you can disclaim it as well

      --
      ad logicam Claiming a proposition is false because it was presented as the conclusion of a fallacious argument.
    6. Re:Shocked by unformed · · Score: 4, Insightful

      A number of reasons:

      1) I don't get spammed by email. I don't have to send everybody my new email when it gets changed.
      2) It's far, far, far easier to get in touch with people you've long fallen out of touch with.
      3) Adults are just as much social whores as kids are. We (as a race, excepting geeks) ARE a social creature, and we like talking and socializing with others, in whatever way possible.

    7. Re:Shocked by xaxa · · Score: 4, Insightful

      All you whippersnappers, I swear...Look me up by my real name, and you get nothing, nada, nihil, zip, because I made a very conscious decision to separate my online identity from my regular identity.

      That won't help when someone else tags a photo (or whatever) with your real name.

    8. Re:Shocked by Yold · · Score: 4, Interesting

      In a perfect world, yes. But the ideal picture of a programmer/math-dude isn't being at the end of a beer bong.

      I think that once you are employed, it doesn't matter what you do on the weekends. But at a job interview, I'd rather not have someone know how I spend my Friday nights.

    9. Re:Shocked by SleepyHappyDoc · · Score: 5, Funny

      There's a way around that. Kill your entire family, move to a different country, and insist all your new friends call you by your internet name.

      --
      Stasis is death. Embrace change.
    10. Re:Shocked by deraj123 · · Score: 5, Insightful

      There's a difference between "party on the weekends" and a photo history of you making a lot of poor decisions. Think, pictures of inappropriate jokes, pictures of you not just drunk, but completely obliterated, pictures of you breaking the law, etc.

      If I'm hiring somebody, I don't care if they go out drinking on the weekends (in fact, I might be concerned if they didn't occasionally), but I would probably think twice if presented with evidence of them making repeated, poor, destructive decisions.

      Decision making is a trait that translates over to work.

    11. Re:Shocked by Slashdot+Suxxors · · Score: 4, Insightful

      I have my cell phone on my Facebook. But it's not like anyone can pull up my profile and check. If they're not my "friend" then they can't see it. If I get random friend requests from people, they don't get accepted. It's simple.

    12. Re:Shocked by Anonymous Coward · · Score: 4, Interesting

      I once had an applicate who said "My life's goal is to be the laziest person on earth" in her myspace profile. We didn't hire her, things like that matter.

    13. Re:Shocked by ivan256 · · Score: 4, Insightful

      I don't really agree that the video games extending into adulthood thing is part of the same trend. After all, adults have always had their games. The technology has simply advanced from dice and cards and balls and sticks to also include electronics. The existence of gaming as a source of entertainment throughout the duration of adult life, though, is nothing new.

      It seems to me that video gaming is replacing pinochle and golf, more than it is turning adults into over-aged kids.

      It is valuable throughout your life to learn how to relax and have a good time (as long as it's balanced with your responsibilities). That's completely different from basing your self worth on popularity instead of achievements.

    14. Re:Shocked by philspear · · Score: 5, Insightful

      Right, because that couldn't have possibly been humor.

      Hell, the fact that she was applying for a job should have clued you off that it was a lie.

      Not for nothing, but applying to jobs is annoying, and while we all must do it, that doesn't make it any easier. It's tedious paperwork, waiting, not getting paid, and half the time those of you who are hiring don't have the courtesy to let us know we're not getting the job. If you decided not to hire her based on something as trivial as that and that alone, you're an asshole.

    15. Re:Shocked by ivan256 · · Score: 4, Insightful

      Your first paragraph describes the dream, and the second describes the reality.

      My comment simply offered a possible explanation as to why people see the dream instead of the reality.

      What is so fulfilling to you about performing your correspondence out in public over one of the many, more private and less exploited methods? I have yet to hear anybody answer that question with something that doesn't boil down to "everybody else is doing it". Hence the high school comment.

    16. Re:Shocked by Grimbleton · · Score: 5, Funny

      Better solution: Be boring as hell. Works for me!

  3. Built-in by von_rick · · Score: 5, Funny

    The title has a built-in "In Soviet Russia joke.

    --

    Face your daemons!

    1. Re:Built-in by von_rick · · Score: 5, Funny

      In_Soviet_Russia jokes are never so long.

      --

      Face your daemons!

  4. I should have guessed. by Chris+Burke · · Score: 4, Funny

    "Facebook is able to track the buying habits of its users on affiliated third-party sites even when they are logged out of their account or have opted out of its controversial 'Beacon' tracking service."

    I should have known there was a problem when I was signing up and saw this:

    [ ] Opt out of Beacon(tm) on-line tracking when logged into Facebook; opt in to Lighthouse(tm) on-line tracking when logged out of Facebook.

    --

    The enemies of Democracy are
  5. How Dare They by jareth780 · · Score: 5, Funny

    This is an outrage! How DARE they try and sell me things! This is almost as infuriating as Vons/Safeway and their "club card", tracking my purchases to try and "Better serve me". Horsefeathers! The fact that the products I want are in stock at any given point is PROOF that they've been using my spending habits to PREDICT MY NEEDS, which goes against everything I believe in.

    When I say I want a free social networking site, it's not good enough that I not be billed directly for using it. The company hosting it must be desperately trying to sustain the bandwidth and CPU time for my constant page refreshes. At no point should they be even breaking even, let alone PROFITING from their service. Information wants to be free! Down with Big Brother! Doublethink! Free as in beer! ...What else... Oh! And my cell phone bill is too high!

    1. Re:How Dare They by plasmacutter · · Score: 5, Insightful

      Way to one-sidedly misrepresent wholesale privacy violation as innocent altruism.

      Apparently the telecom domestic spying scandal has not reached your part of the world?

      In these times, companies have as much or more assets and power available to them than many of the world's nations, and allowing the wholesale gathering of information on individuals by private firms under the red herring of "private property" will lead to the exact same kind of oppression as allowing the government to do it under the red herring of "national security".

      There are other ways to better serve me without having to identify me personally. Inventory tracking has been done successfully at the branch level for a century in its current form, and if they don't carry something, speaking to a manager will often get results.

      There is a difference between profiting from advertising, and profiteering from spying on me and selling that data to telemarketers, government agencies, and other shady organizations.

      --
      VLC FOR MAC IS DYING! IF YOU DEVELOP, PLEASE SAVE IT!!
    2. Re:How Dare They by Chris+Burke · · Score: 5, Funny

      This is almost as infuriating as Vons/Safeway and their "club card", tracking my purchases to try and "Better serve me". Horsefeathers! The fact that the products I want are in stock at any given point is PROOF that they've been using my spending habits to PREDICT MY NEEDS, which goes against everything I believe in.

      That's clearly not true, because I've been to Safeway plenty of times and not ONCE have they offered me a blowjob.

      --

      The enemies of Democracy are
    3. Re:How Dare They by novakyu · · Score: 4, Insightful

      This is almost as infuriating as Vons/Safeway and their "club card", tracking my purchases to try and "Better serve me".

      Well, turning the sarcasm detector off, change that to "Vons/Safeway and their 'club card' tracking my purchases and all other purchases with the credit card that has ever been used with the club card through special deals with the credit card company ...." and you will be closer.

      Facebook is welcome to track you on their own website (practically every website owner does this with log analysis) and even track your outgoing clicks with redirects, hidden or bare (even Google does this, and they are really tricky about it too, if you've noticed it on their search results). What they are not welcome to do is track you when you are not on their website through "special deals" with other websites. Such aggregation of data on you is a disaster waiting to happen.

  6. Here's the list: by GameboyRMH · · Score: 4, Informative

    Facebook is currently affiliated with the following sites:

            * Art.com
            * Blockbuster
            * Bluefly
            * CBS Interactive
            * eBay
            * ExpoTV
            * Fandango
            * Gamefly.com
            * Kiva, Kongregate
            * LiveNation
            * Mercantila
            * NY Times
            * Overstock.com
            * Redlight Mgmt
            * Seamless Web
            * Six Apart
            * STA Travel
            * TheKnot
            * Travelocity
            * Viagogo

    http://www.facebook.com/help.php?page=57

    The first bloody Google result |: |

    http://www.google.com/search?hl=en&sa=X&oi=spell&resnum=0&ct=result&cd=1&q=facebook-affiliated+sites&spell=1

    --
    "When information is power, privacy is freedom" - Jah-Wren Ryel
  7. Unsubscribe by kellyb9 · · Score: 5, Informative

    I just wish I could delete my facebook account. It's actually close to impossible, first you have to delete all your information (wall posts, friends, etc.), and then they'll delete your account. Very, very time consuming. But I doubt any of that info is REALLY gone.

    1. Re:Unsubscribe by gclef · · Score: 4, Funny

      Change your profile picture to goatse...they should take card of the rest.

    2. Re:Unsubscribe by Anonymous Coward · · Score: 4, Informative

      How to permanently delete your facebook account.
      http://www.facebook.com/group.php?gid=16929680703

      Go to this page:
      http://www.facebook.com/help/contact.php?show_form=delete_account

      Select the checkbox and click "Submit".

  8. Eratum by wattrlz · · Score: 4, Informative

    TFA's source [corrected] indicates FB gives their affiliates javascript to include in the page that connects to a FB server for cookie exchange. Pretty sneaky. I wonder if google does something like that with google analytics.

    Corrected Link! This is why one should not slashdot before one's midday coffee. Please mod parent down, or something. That's a very small server and it will die.

  9. Re:Clear your cookies by Debased+Manc · · Score: 4, Interesting

    Not quite, your email address also gets used as a foreign key between Facebook and it's affiliates.

    Fry all your cookies, but if you share an email address between your Facebook account and someone else, say Amazon, they can connect the dots that way.

    Thankfully I didn't register my Facebook account with my Hotmail only-for-the-porn account. That could've made for some interesting advertising though...

  10. Dupe! by Thelasko · · Score: 4, Informative
    The CA article is the same one from 2007. Read the date at the bottom.

    Published Nov 29 2007, 11:39 PM by Stefan Berteau

    It was already posted on Slashdot. http://yro.slashdot.org/article.pl?sid=07/12/03/0656205 That's two dupes in a row guys! Care to go for three?

    --
    One of our competitors trademarked the term "hypothesis". From now on, we will call them "boneheaded ideas".
  11. What shall we call this by sjames · · Score: 4, Informative

    Let's see, what do we call it when someone follows someone around to see where they go, their tastes, who they know, etc, etc.

    Yeah, that's right, it's STALKING!

    When you restrict those activities to the internet, it's cyber-stalking.

    Why is stalking suddenly OK if you're trying to sell stuff? It certainly doesn't feel any less creepy to the person being stalked.

    The fact that these things are done in secret and too often in spite of public denials tells me that they know at some level what they're doing is unwelcome and wrong.

    If they want to cyber-stalk in exchange for a free service, then it's not REALLY free, it just happens to have a non-monetary price. Let them be honest about the price and then the users can decide for themselves how acceptable the deal is.

  12. Re:What if it's an un-used email? by wattrlz · · Score: 4, Informative

    They actually use your facebook cookie, which would contain your school email, to track you. So just delete your cookies and you should be OK.

  13. Mark Zuckerberg by NoPantsJim · · Score: 5, Interesting

    I've often thought about the various people who have made a fortune or are about to make a fortune from online properties.

    Jason Calacanis, Kevin Rose, the Flickr people, etc.

    Usually I think to myself, that's awesome that these people were able to work hard and see their vision to the end and make a living from it.

    When I think of Zuckerberg, I think the exact opposite. Fuck that guy. I've always felt like he sleezed his way to where he is, and stories like this only reinforce that opinion.

    (prepared to be modded troll...)

    --
    Name...That...Autocomplete!
  14. Re:What if it's an un-used email? by AndGodSed · · Score: 5, Interesting

    With Facebook's protection of minors... I wonder if them tracking the habits of minors could get them in trouble...

    --

    Seven Days with Ubuntu Unity

  15. This is insightful too by philspear · · Score: 5, Funny

    They also can only track you if you use a computer!

  16. Re:Well What ROYALLY pissed me off earlier by davidsyes · · Score: 5, Insightful

    What might have royally pissed off others was that when facebook asked for the new member's valid email address, it implied or outright expected them to provide to the f/b interface the VALID PASSWORD OF THE VALID EMAIL ACCOUNT.

    This royally inFURIATED me. All they needed to say was Give us your valid email of choice, and reply within 5 minutes of receiving it and supply the code we give you, or you'll have to redo this and still try within 5 minutes to validate yourself.

    They had NO f*cking business structuring it in such a way that MILLIONS of users would blindly or hopelessly supply their gmail, yahoo, msn, and/or other passwords through a facebook conduit.

    Can you IMAGINE how much snooping could be done if facebook were compelled by law or court order to submit subscribtion/memberhship application logs to various agencies that don't want to actually leave traces of intel-snooping? All they have to do is notice whether or not the user is online or not, then log in as them, quickly look at non-viewable things, then log out. Only if friends and bots are somehow tracking friends login/logout activity can anyone be tipped off that something might be amiss.

    Even without the conspiracy theory stuff, facebook should NEVER have culled or duped people into giving facebook their other account's passwords, nevermind the fact that there are other means by which other parties could steal or surreptitiously obtain a targeted user's password.

    I cannot remember what I did to foil that frackin' attempt, but I think I did foil it.

    --
    Previously: "Linux... Toward the Sunrise..." Now: "Linux... Toward the-- No, now, part of Every Sunrise"