Slashdot Mirror
US Congressmen: Facebook Evading Privacy Questions
An anonymous reader writes "Two U.S. congressmen have accused Facebook of evading questions about whether it tracks users in order to deliver targeted ads. Joe Barton, a Texas Republican, and Edward Markey, a Massachusetts Democrat, said the social networking giant failed to adequately answer questions raised by a patent application that suggests Facebook could be tracking users on other websites. The duo previously asked the Federal Trade Commission to investigate accusations that Facebook tracks its users even after they log out of the social network, an issue the company says it has since fixed."
It's exactly the same privacy issue as the Facebook buttons, except that Google is much less likely to have your real name.
"When information is power, privacy is freedom" - Jah-Wren Ryel
And even after logging out a week ago, I find 2 cookies for "any type of connection" that won't expire for at least a year. They "fixed" it but good.
Honestly, guys, it isn't that hard. Pretty much any question about facebook can be answered by asking yourself "If the NSA and the National Enquirer merged, what would they do?"
I think congress should look in the mirror when it comes to evading questions... or taxes for that matter
For justice, we must go to Don Corleone
||facebook.com^$third-party,domain=~facebook.net|~fbcdn.com|~fbcdn.net
||facebook.net^$third-party,domain=~facebook.com|~fbcdn.com|~fbcdn.net
||fbcdn.com^$third-party,domain=~facebook.com|~facebook.net|~fbcdn.net
||fbcdn.net^$third-party,domain=~facebook.com|~facebook.net|~fbcdn.com
I'm way more worried about a government which now has free reign to spy on my phone calls, emails, etc. with no warrants and even gives retroactive immunity to protect the telco's from any nasty civil rights lawsuits over this than I am about Facebook sending me some targeted ads.
In short, a government that treats the 4th Amendment to the U.S. Constitution like a piece of toilet paper is a lot more important a concern than Mark Zuckerberg trying to make a quick buck.
SJW: Someone who has run out of real oppression, and has to fake it.
. . .At this point, believe anything congress has to say? I hate Facebook, but come on. Congress cares about privacy? Give me a break. These guys have continually voted against privacy in the form of Patriot Acts, indefinite detention, warrantless wiretaps, etc. What is happening is Facebook just hasn't given the correct amount of "campaign contributions." When Facebook ponies up, you'll hear the tune change.
Bzzt, wrong, both track only the pages on which the tracking code is placed (typically ALL of them). I know this because I've set up these systems as part of my job.
"When information is power, privacy is freedom" - Jah-Wren Ryel
It's the new Anti-Google astroturfer. The last one got killed because it he admitted he was a paid astroturfer for MS. This one isn't going to last very long either. Note for anyone who is wondering why I know (with >95% certainty) that DCTech is a paid astroturfer:
* brand new handle
* posts random Google is evil posts in the most unrelated topics
* does so within seconds of the article being up
* does little other than post Google is evil
Those who can, do. Those who can't, sue.
No you're still wrong. Yes you can put it in the template, and you can do the same with the Facebook button. The Analytics code doesn't use mind control waves to force the web dev to put it in the template. It isn't unusual to see a Facebook button in a site's "static areas" that appear on every page that lets you Like the company. Technically you are 100% wrong and practically you are grasping at straws.
Facebook is pretty close to GA in popularity now. Look, even Slashdot, the home of the privacy-aware geek, has fucking facebook buttons now, what does that tell you.
"When information is power, privacy is freedom" - Jah-Wren Ryel
I don't know why you guys are arguing... you both said the same thing. The components of either exist exactly where site owners put it.
Yes, site owners tend to put analytics code in sitewide templates. That's kindof the point of analytics. On the other hand, FB code goes on millions of sites that don't use google's analytics, and it almost certainly correlates and stores more actual user-specific data.
3rd-party cookies are a contributing factor to some of these privacy violations.
At what point did it become standard for browsers to accept 3rd-party cookies? The original cookie spec explicitly forbid them, and only reason that I know of to support them is to allow sites to track you across other domains. No web application, shopping cart, etc. should ever need to use them. Further, they seem like a terrible security flaw.
I was surprised to find that Firefox enables this by default, and some web forums (Engadget) are even complaining if you turn them off. I think we need to nip this in the bug, but I am curious when and why this default changed.
OF COURSE they track you to provide targeted ads, how else do you think they stay in business? Do you think they have a gigantic infrastructure just for your personal pleasure? While I fully support forcing facebook to divulge all the info they store on you (i.e. that gigantic PDF they'll send you on request), I also have no problem with them doing just about anything they want with data they collected. If you find that so incredibly repugnant, don't use facebook at all.
This story to me is about the same as the headline "Pfizer dodges questions from senator that it 'sells drugs' to what they call 'patients'"
Or perhaps "INTEL refuses to deny that it makes computer processors!"
Ze Atomic Device! It iz Ztolen!
At this point, probably not, but if they choose not to they could end up receiving a congressional subpoena. And even in the absence of that ignoring congress critters that have taken an eye to ones business practices isn't necessarily a wise idea.
Will the people who are not using a script in ABE (the Application Boundary Enforcer) in NoScript to prevent Facebook from doing things to you on other sites kindly make yourselves known by raising both feet?
The script to enter looks something like this (see NoScript website):
# This one allows Facebook scripts and objects to be included only .facebook.com .fbcdn.net .facebook.com .fbcdn.net
# from Facebook pages
Site
Accept from
Deny INCLUSION(SCRIPT, OBJ, SUBDOC)
Whatever happened to the NoScript feature for dealing with Web bugs or as AT&T / Yahoo call them, web-beacons? IRC there was a feature for that on untrusted sites. It seems like one to have all the time. Maybe something to avoid loading ANYTHING from other domains would be a good default much of the time too. If other content is that important, the host could be a proxy or users can grant permission. Ebay surely needs something like that.
I'd like to voice my disagreement with the above AC, whose rudeness casts a shadow upon the proper anon's who provide interesting and thoughtful commentary. NeutronCowboy, thanks for the analysis; it was insightful. Don't let the above 1% fellow get to you.
You're right that companies are built from individuals, and that they have their own, valid opinions. However, that's not the problem here. If an MS employee wants to post their opinion under a pseudonym, I'm fine with that. I'm fine with someone liking MS products, and posting that. But that's not what's going on here: someone is paid to take a position and defend it at all cost. There is no debate going on here, merely advertisement.
I object to being advertised to by someone pretending to not be advertising, in an environment that I specifically selected because it is not filled with advertisement. Dupes, hot grits and GNAA won't get me to leave Slashdot. Astroturfers will.
Those who can, do. Those who can't, sue.
Covers any program that is webbound, not just particular browsers that have AdBlock, per the subject-line above:
(Add either of these lines to your hosts file using a text editor & be sure to save it as "hosts", not "hosts.txt" (notepad's NOTORIOUS for that)).
---
127.0.0.1 fbcdn.net
or
0.0.0.0 fbcdn.net
---
* The latter's actually smaller & faster, thus imo, is the better, more efficient option (that's just as universally compatible as the loopback adapter address, but smaller by 2 characters, & has no loopback operation @ all (just a "blackhole")).
(Of course, this OR the AdBlock filter noted by the poster I am replying to's going to go over like a "lead balloon" with actual FaceBook users - man, in MOST folks I know that are "into facebook"? Well... I've noticed they REALLY TRULY LOVE THAT PLACE!)
APK
P.S.=> Hosts files also operate out of PnP driver ring 0/rpl 0/kernelmode operations, which are FAR faster than browser addons (which tend to slow browsers down & add memory + CPU consumption & other forms of I/O too), which operate in ring 3/rpl 3/usermode... apk