Facebook Can Track Your Browsing Even After You've Logged Out, Judge Says

A U.S. judge has dismissed nationwide litigation accusing Facebook of tracking users' internet activity even after they logged out of the social media website. From a report: The plaintiffs alleged that Facebook used the "like" buttons found on other websites to track which sites they visited, meaning that the Menlo Park, California-headquartered company could build up detailed records of their browsing history. The plaintiffs argued that this violated federal and state privacy and wiretapping laws. US district judge Edward Davila in San Jose, California, dismissed the case because he said that the plaintiffs failed to show that they had a reasonable expectation of privacy or suffered any realistic economic harm or loss. Davila said that plaintiffs could have taken steps to keep their browsing histories private, for example by using the Digital Advertising Alliance's opt-out tool or using "incognito mode", and failed to show that Facebook illegally "intercepted" or eavesdropped on their communications.

Obviously.

[BeauHD+is+a+retard!]

This is news how?

Re:Obviously.

[fustakrakich]

Evidently you can sue people for making a working link.

Re:Obviously.

[rjstanford]

It shouldn't be unreasonable to expect that logging out of Facebook caused them to stop treating that browser window as being "you" for their purposes as well as yours.

Re:Obviously.

[fustakrakich]

The only safe bet is to not click on any of their buttons. The metadata will get you every time. If you let the NSA do it, then everything is fair game.

Re:Obviously.

You don't need to actually click on them to be counted, though if you do they can also update your psych profile based on what you are Like'n.

Re:Obviously.

[Luthair]

Its not the link, its the fact that sites embed Facebook scripts that your browser requests and Facebook uses to track people browsing the web. When the user isn't logged in they still track them and attempt to associate it with an account later. Its pretty sleazy and why you should have Adblock block Facebook (and Twitter, and Google) domains on third party sites.

Re:Obviously.

[reboot246]

The only winning move is not to play. Seriously, I've never had a Facebook account and I pity those millions who do.

If one insists on being a Facebook minion, just use a different browser and dedicate it only to Facebook. Call it a "throwaway" browser. Then never use it for anything else but Facebook.

Re:Obviously.

[fustakrakich]

Sleazy yes, but it's just something to be aware of and block. We don't need the frivolous lawsuits.

Re:Obviously.

The only winning move is not to play. Seriously, I've never had a Facebook account and I pity those millions who do.

billions.

Only 2, but still, billions.

Re:Obviously.

[jenningsthecat]

The only winning move is not to play. Seriously, I've never had a Facebook account and I pity those millions who do.

You're probably playing to some extent, whether you realize it or not. I run No Script and an ad blocker, and I also don't have a Facebook account, so I'm probably better off than Joe Average when it comes to being tracked. I also do my best to make sure that friends and acquaintances don't post my name or picture. Even at that, I wouldn't be surprised to learn that FB knows a lot about me. If you think your abstinence from social media means you're not being tracked and commoditized, you're being naive.

Re: Obviously.

Except FB tracks everything they can through 3rd parties as well. Even if you've never signed up to or never been to Facebook.com other sites rely on them and will connect you to them for "reasons."

Re: Obviously.

That is not enough. It has to be a different OS, a different monitor and a different IP address

Re:Obviously.

The only winning move is not to play. Seriously, I've never had a Facebook account and I pity those millions who do.

Silly... They have made an account for you. Didn't you get the memo?

Re:Obviously.

[davester666]

You need to use a tracking-blocker, that prevents the 'like' button from appearing (as in, prevent facebook's javascript from being loaded).

Re:Obviously.

[thsths]

We do need lawsuits, because this is illegal. It is no doubt sensitive data, it is not just personalisable data, Facebook is actually working hard on making it personalised data. And there is no consent given. So Facebook does not have any right to do this.

Re:Obviously.

[Luthair]

Think about the near future - retail stores will be using facial recognition to build profiles on people who enter their stores and will attempt to associate those profiles with names & addresses.

Re:Obviously.

IP addresses are not as random as they were with old dial up accounts. You cable/DSL IP just isn't changing that much... so you can still be tracked via plane old IP address.. The data may not tied to an identifiable person, but you can still build a profile based off IP address and what sites you download the facebook 'like' image/button.

I doubt that this anonymous data is as valuable as one linked to a real account, but its almost free money for facebook.

Re:Obviously.

Add these to your etc/hosts:

127.0.0.1 api.ak.facebook.com
127.0.0.1 api.connect.facebook.com
127.0.0.1 api.facebook.com
127.0.0.1 app.facebook.com
127.0.0.1 apps.facebook.com
127.0.0.1 ar-ar.facebook.com
127.0.0.1 badge.facebook.com
127.0.0.1 blog.facebook.com
127.0.0.1 connect.facebook.com
127.0.0.1 connect.facebook.net
127.0.0.1 de-de.facebook.com
127.0.0.1 developers.facebook.com
127.0.0.1 es-la.facebook.com
127.0.0.1 external.ak.fbcdn.net
127.0.0.1 facebook.com
127.0.0.1 facebook.de
127.0.0.1 facebook.fr
127.0.0.1 fb.me
127.0.0.1 fbcdn.net
127.0.0.1 fr-fr.facebook.com
127.0.0.1 hi-in.facebook.com
127.0.0.1 it-it.facebook.com
127.0.0.1 ja-jp.facebook.com
127.0.0.1 login.facebook.com
127.0.0.1 profile.ak.fbcdn.net
127.0.0.1 pt-br.facebook.com
127.0.0.1 ssl.connect.facebook.com
127.0.0.1 static.ak.connect.facebook.com
127.0.0.1 static.ak.fbcdn.net
127.0.0.1 www.facebook.com
127.0.0.1 www.facebook.de
127.0.0.1 www.facebook.fr
127.0.0.1 zh-cn.facebook.com
# Block Facebook IPv6
fe80::1%lo0 facebook.com
fe80::1%lo0 login.facebook.com
fe80::1%lo0 www.login.facebook.com
fe80::1%lo0 fbcdn.net
fe80::1%lo0 www.fbcdn.net
fe80::1%lo0 fbcdn.com
fe80::1%lo0 www.fbcdn.com
fe80::1%lo0 static.ak.fbcdn.net
fe80::1%lo0 static.ak.connect.facebook.com
fe80::1%lo0 connect.facebook.net
fe80::1%lo0 www.connect.facebook.net
fe80::1%lo0 apps.facebook.com ::1 www.facebook.com ::1 facebook.com ::1 login.facebook.com ::1 www.login.facebook.com ::1 fbcdn.net ::1 www.fbcdn.net ::1 fbcdn.com ::1 www.fbcdn.com ::1 static.ak.fbcdn.net ::1 static.ak.connect.facebook.com ::1 connect.facebook.net ::1 www.connect.facebook.net ::1 apps.facebook.com

Problem solved.

Re:Obviously.

I'm surprised no one else mentioned the EFF's Privacy Badger browser addon. It handles this problem:

How does Privacy Badger work?
When you view a webpage, that page will often be made up of content from many different sources. (For example, a news webpage might load the actual article from the news company, ads from an ad company, and the comments section from a different company that's been contracted out to provide that service.) Privacy Badger keeps track of all of this. If as you browse the web, the same source seems to be tracking your browser across different websites, then Privacy Badger springs into action, telling your browser not to load any more content from that source. And when your browser stops loading content from a source, that source can no longer track you. Voila!

At a more technical level, Privacy Badger keeps note of the "third party" domains that embed images, scripts and advertising in the pages you visit. If a third party server appears to be tracking you without permission, by using uniquely identifying cookies (and, as of version 1.0, local storage super cookies and canvas fingerprinting as well) to collect a record of the pages you visit across multiple sites, Privacy Badger will automatically disallow content from that third party tracker. In some cases a third-party domain provides some important aspect of a page's functionality, such as embedded maps, images, or stylesheets. In those cases Privacy Badger will allow connections to the third party but will screen out its tracking cookies and referrers.

How is Privacy Badger different from Disconnect, Adblock Plus, Ghostery, and other blocking extensions?

Privacy Badger was born out of our desire to be able to recommend a single extension that would automatically analyze and block any tracker or ad that violated the principle of user consent; which could function well without any settings, knowledge, or configuration by the user; which is produced by an organization that is unambiguously working for its users rather than for advertisers; and which uses algorithmic methods to decide what is and isn't tracking. Although we like Disconnect, Adblock Plus, Ghostery and similar products (in fact Privacy Badger is based on the ABP code!), none of them are exactly what we were looking for. In our testing, all of them required some custom configuration to block non-consensual trackers. Several of these extensions have business models that we weren't entirely comfortable with. And EFF hopes that by developing rigorous algorithmic and policy methods for detecting and preventing non-consensual tracking, we'll produce a codebase that could in fact be adopted by those other extensions, or by mainstream browsers, to give users maximal control over who does and doesn't get to know what they do online.

Re:Obviously.

[strikethree]

It shouldn't be unreasonable to expect that logging out of Facebook caused them to stop treating that browser window as being "you" for their purposes as well as yours.

I agree; however, EVERY SINGLE browser enables this behavior by default. Firefox claims it has your privacy and security in mind and then writes cookie handling code that allows you to be tracked regardless of your wishes.

For myself, I do not blame Facebook for acting like an amoral and fiendish criminal, I blame the browser creators for enabling that behavior. Almost every business that is successful is only successful because they grabbed every resource they could regardless of legality. No moral business can normally survive for long in that environment so they ALL break the rules and only the lucky ones survive.

The browser creators appear to me to be like the rich uncle who gives his 3 year old niece a handgun to play with. Sure, the niece shot herself, but did you expect anything different to come of that situation? Do you blame the niece or the uncle?

Re:Obviously.

[peawormsworth]

The only person without facebook is the easiest person in the world to track.

Problem with solution

If you use "incognito mode" (Private Window) many websites stop working.

Re:Problem with solution

So? Stop using the website. You will adjust and be happier. Unfortunately the gov't now has enough storage per person and access to record all of your traffic between your IP address and any website so, you're fucked if you want privacy. The information goes in your gov't dossier. Freedom at its finest.

Re:Problem with solution

[ewhac]

Not that I disbelieve you, but could you furnish a couple of examples? I can't recall seeing a Web site that refused to work when accessed via Incognito mode.

Re:Problem with solution

Incognito mode is worthless for this. Facebook will still be able to see your IP on any site that uses their resources unless you explicitly block them or use a proxy. This Edward Davila character needs to stop pretending that he knows what he's talking about.

Re:Problem with solution

[phryxus]

...I can't recall seeing a Web site that refused to work when accessed via Incognito mode.

I can't either, and moreover, I don't understand why they wouldn't work; how could the website even know you're in incognito mode?

I was under the impression incognition* happens after the fact. I.e. the incognito window behaves as normal, but then once the window is closed / program exited, it then deletes a bunch of stuff (that it normally would not, and unbeknownst to all the websites you visited in that incog session). That's why you can even use, e.g., gmail, with all its myriad cookies flying all over the place, while incognito. I wouldn't know about fb (I don't even OWN a tv...)

And yeah, maybe browsers normally send some flags over as well, but would those be distinguishable from normal do-not-track flags (that are sent in non-incognito sessions)? Maybe some websites are set up to break when they receive a do-not-track request (in which case see comments around here to the effect of **kbai**), but if so, probably the browsers could be tweaked (w/ extensions or whatever) to send no flags while incognito?

*I demand this be a word

Re:Problem with solution

[hawguy]

Incognito mode is worthless for this. Facebook will still be able to see your IP on any site that uses their resources unless you explicitly block them or use a proxy. This Edward Davila character needs to stop pretending that he knows what he's talking about.

I doubt they use IP address to track users -- too many people share the same IP (for example, everyone in a family or office), and they don't want to reduce the accuracy of their user profiles by tracking the wrong user. They can track 99.9% of their users with tracking cookies, no need to resort to much less effective IP tracking.
 

Re:Problem with solution

Or they could just use browser fingerprinting: then "does not accept cookies" is just another feature along with things like monitor resolution, browser type, software version, addons etc that get used to identify you. About all you can do about that is install noscript (and wave goodbye to about 50% of the web). I guess you could also try a settings randomiser add-on, but from my experience those render much of the web essentially unusable.

Re:Problem with solution

[SirSlud]

They use IP addresses (and other fingerprint stuff like browser agent, etc) - even if it's not always accurate, it's better than nothing. The worst thing they do is serve you an incorrectly targeted ad. You don't notice it, and those kinds of things just somewhat lower the effectiveness of targeted ad buys. There's an accepted, if difficult to accurately measure, margin of error in targeting that advertisers and ad publishers accept in media buys.

Re:Problem with solution

[DarkOx]

netflix.

I often use the incognito mode to login to my stuff on other peoples computers. So that I know some cookie won't be left behind and it won't log them out if they use the same site and have a persistent session they likely want to retain. I realize this still isnt very safe for me or them but these are people like my father and my fiance, I would mostly trust with my accounts anyway.

Recently I wanted to show dad something on netflix I could not remember the title too, so I thought i'd just look at my recently watched list. Tried to do it in incognito mode, (so as not to log him out) and fail!

Re:Problem with solution

And I just found out that adding facebook dot com to the hosts file breaks Slashdot. Who would have thought?

Re:Problem with solution

[null+etc.]

how could the website even know you're in incognito mode?

Some browser behavior, such as visited-link highlighting and FileSystem API access, changes in incognito mode. JavaScript can be used to query whether these features work. If they're expected to work (browser version is high enough and HTML5 is supported, etc.) but they don't work, the website assumes you're using incognito mode.

Block early, block always

[nitehawk214]

Block all ads, all 3rd party scripts. All the time, with no exceptions.

If the site won't load without ads and 3rd party scripts enabled, then you don't need to see that content.

Re:Block early, block always

[adturner]

It's amazing how many anti-ad-blocking tools that websites use don't work and let you read the content unmolested if you disable JavaScript.

Re:Block early, block always

That is a lost cause. The current generation of web weenies thinks that cobbling web sites together from external script libraries is how it's done. The only sites which work without external scripts enabled are old sites which are mostly static HTML.

Re:Block early, block always

I can't completely avoid because creimer uses affiliate links to track us.

Re:Block early, block always

It's also easy to isolate your other browsing from your Facebook activity. Use a separate browser.
It's even easier on KDE (use the Facebook widget) or Android (use Tinfoil).

Re:Block early, block always

I just gave up being able to redeem a game on gog.com due to the requirement to submit through Google recaptcha. They are out of their fucking minds if they think I'm going to whitelist any Google owned domains.

Re:Block early, block always

[Luthair]

CDNs do have some performance advantages since they'll often be edge cached. The issue really is third party content.

Re:Block early, block always

"I just gave up being able to redeem a game on gog.com due to the requirement to submit through Google recaptcha."

Perhaps you should mention the anti-tying provisions of Magnusson-Moss Warranty Act and then sue them for violating that law.

Oh, wait, you're a coward. You won't stand up for your rights.

Re:Block early, block always

[AmiMoJo]

We have Google to thank for that. The Googlebot doesn't like having to run Javascript just to see content and down-ranks sites heavily because of it. In order to be found sites have to offer content to Javascript-free clients, including you.

It's kinda scary how much power Google wields, even when it does work in our favour.

Re:Block early, block always

[nitehawk214]

CDNs tend not to serve ads, so they are usually safe to let through. Any that start serving ads start getting blocked.

Actually I had been expecting ads to start getting served from the primary site's domain since that would make them hard to block. For 10 years now, and it still hasn't become a popular thing.

Re:Block early, block always

It's also amazing how many web sites don't let you read the content at all if you disable JavaScript...

/me a long-time NoScript user. (Totally worth it.)

Your best choice

[Kohath]

As a safeguard, you should just never login to Facebook.

Re: Your best choice

[dougdonovan]

whats facebook. oh yeah, thats where everyones business is everyones business. probably why i dont have an account. its for kids and grandparents that dont know any better.

Re:Your best choice

You should never log into any website.

And if you can, cycle your IP address.

Re:Your best choice

[sit1963nz]

Irrelevant, Facebook still builds a profile, still tracks you and still updates its information about you.
Hell I bet they even know what you look like, all it requires is someone you know who is on Facebook to upload photos with you in it.
From there they can start doing a process of elimination.

Because they look at the sites you visit they can tell your gender (50% reduction in the unknown just with that item)
Age, race, religion, political ideology, income, and where you live are also discernible with enough data. And its not just the data they get from Facebook , they will have scraped data from phone directories and other public facing databases, they would also have paid for other information from other sources such as store loyalty cards, frequent flyer lists, etc etc etc etc etc.

They also "sell" that information,based on their data are you currently looking at going on a holiday, those web sites can then bump up the prices slightly because they too know your income, etc.

And not once have you ever had a Facebook account.

If you think simply not having a Facebook account is all it takes then flying is just the art of aiming at the ground and missing.

Re:Your best choice

You don't even need to be a member of Facebook for them to track you. Any site that has Facebook stuff on it is tracking you even if you disable Javascript.

Re:Your best choice

And its not just the data they get from Facebook , they will have scraped data from phone directories and other public facing databases, they would also have paid for other information from other sources such as store loyalty cards, frequent flyer lists, etc etc etc etc etc.

Who's afraid of Facebook should be *terrified* of Experian. They have really hard info on you, but you don't know it because you are programmed to fear FB algorithm [which always gets me wrong;is clueless about me].

Re:Your best choice

Well, there is the Digital Advertising Alliance’s opt-out tool [http://optout.aboutads.info/], where supposedly you can ask those people nicely to erase the data they have on you. Strangely enough, this website is totally blank, unless you agree to hand over some data to - eh - Google...

Re:Your best choice

[Lennie]

Facebook share links/buttons are on many, many websites. Most people haven't figured this out yet. But they can still use it to build a profile about you.

Re:Your best choice

then flying is just the art of aiming at the ground and missing.

But it is.

Douglas Adams told me so.

Re:Your best choice

Log into Facebook?? Facebook is in my hosts file, pointing to 127.0.0.1, along with all properties of theirs that have been made public.

sooo...

[TRRosen]

once again lawyers file silly suits without knowing how technology works.

Re:sooo...

Nah, it's just affecting the wrong people.

Wait until this affects some judge personally - then it'll get fixed real fast.

Re:sooo...

No, they were right in this case.

failed to show that they had a reasonable expectation of privacy

If you sign up for Facebook, you have no expectation of privacy. FB is notorious - like BBC headline notorious - for gathering every last bit of data about you they can. You know the deal. The terms are clear when you sign up for their shit. If you agree to it, then don't turn around and complain.

The only way this stuff stops is if that business model means the market punishes you instead of rewards you. So far, the public has rewarded privacy intrusions and punished privacy respectful companies. If we keep coddling people and telling them their piss-poor choices are fine and they should never have to be responsible and are not part of the problem, they will never learn, and that ends up in a society of helpless people - e.g, pretty much the current one. Shielding people from the consequences of their choices NEVER works in the long run, because stupidity knows no limits.

Now, FB tracking people who never signed up for FB, that's a real problem, but it's a totally different topic. Either sign up, or don't, but don't bitch if you sign up and they do exactly what they tell you they are going to do.

Re:sooo...

[rjstanford]

If you sign up for Facebook, you have no expectation of privacy.

When using their site - with that caveat I'd agree with you. Affirmatively and explicitly choosing to log out of Facebook should restore that expectation of privacy, even if at some random point in the past you had indeed signed up.

Re:sooo...

When using their site - with that caveat I'd agree with you.

That's not how the web works. Domain X can refer to content from domain Y. By loading their "like" buttons, you ARE using their site.

Whether the browser loads Y's content is up to the browser and the user, but if it is loaded, then Y can see and track the request. If you do not want that, then do not load the content from Y. Otherwise, you have no reasonable expectation that Y will not see and log your request. Of course they will! It's fundamentally how the web works.

Your approach is one of "magical thinking". Magical thinking never, ever works. Avoid making requests to Y's domain if you do not want Y's domain to know you made a request.

Re:sooo...

[MobyDisk]

By loading their "like" buttons, you ARE using their site.

Why did the "like" button work if the person logged-out of the site?

It sounds like the log out button just pretends to log you out by making the login prompt appear next time, but it still leaves a cookie saying who you are. If someone else used my browser, and clicked the "like" button, then that person just did something that affected my account, even though I am logged out.

Re:sooo...

Why did the "like" button work if the person logged-out of the site?

Dunno. Maybe it did, maybe it didn't, but by requesting it you are giving FB a lot of info about the sites you visit, when you visit them, etc etc.

Best not to fetch those in the first place, if you ask me.

Captcha: "disclose"

Re:sooo...

Other than ads, browsers should ask users' permission to load content/scripts from non-website domains.

block facebook with

[FudRucker]

the /etc/hosts file

Re:block facebook with

[Ross+Finlayson]

In particular, redefine the following host names (e.g., to 0.0.0.0) in your /etc/hosts file:

connect.facebook.com

connect.facebook.net

graph.facebook.com

Re:block facebook with

127.0.0.1 api.ak.facebook.com
127.0.0.1 api.connect.facebook.com
127.0.0.1 api.facebook.com
127.0.0.1 app.facebook.com
127.0.0.1 apps.facebook.com
127.0.0.1 ar-ar.facebook.com
127.0.0.1 badge.facebook.com
127.0.0.1 blog.facebook.com
127.0.0.1 connect.facebook.com
127.0.0.1 connect.facebook.net
127.0.0.1 de-de.facebook.com
127.0.0.1 developers.facebook.com
127.0.0.1 es-la.facebook.com
127.0.0.1 external.ak.fbcdn.net
127.0.0.1 facebook.com
127.0.0.1 facebook.de
127.0.0.1 facebook.fr
127.0.0.1 fb.me
127.0.0.1 fbcdn.net
127.0.0.1 fr-fr.facebook.com
127.0.0.1 hi-in.facebook.com
127.0.0.1 it-it.facebook.com
127.0.0.1 ja-jp.facebook.com
127.0.0.1 login.facebook.com
127.0.0.1 profile.ak.fbcdn.net
127.0.0.1 pt-br.facebook.com
127.0.0.1 ssl.connect.facebook.com
127.0.0.1 static.ak.connect.facebook.com
127.0.0.1 static.ak.fbcdn.net
127.0.0.1 www.facebook.com
127.0.0.1 www.facebook.de
127.0.0.1 www.facebook.fr
127.0.0.1 zh-cn.facebook.com
# Block Facebook IPv6
fe80::1%lo0 facebook.com
fe80::1%lo0 login.facebook.com
fe80::1%lo0 www.login.facebook.com
fe80::1%lo0 fbcdn.net
fe80::1%lo0 www.fbcdn.net
fe80::1%lo0 fbcdn.com
fe80::1%lo0 www.fbcdn.com
fe80::1%lo0 static.ak.fbcdn.net
fe80::1%lo0 static.ak.connect.facebook.com
fe80::1%lo0 connect.facebook.net
fe80::1%lo0 www.connect.facebook.net
fe80::1%lo0 apps.facebook.com ::1 www.facebook.com ::1 facebook.com ::1 login.facebook.com ::1 www.login.facebook.com ::1 fbcdn.net ::1 www.fbcdn.net ::1 fbcdn.com ::1 www.fbcdn.com ::1 static.ak.fbcdn.net ::1 static.ak.connect.facebook.com ::1 connect.facebook.net ::1 www.connect.facebook.net ::1 apps.facebook.com

Re:block facebook with

[Ross+Finlayson]

The trouble is that blocking all of these additional addresses will stop you from logging into and using Facebook normally. If you still want to use Facebook, but also want to stop other web pages from contacting it, then just blocking the various "connect" domain names might be sufficient.
 

Complain to site owners

[WaffleMonster]

Tell them you won't visit their sites anymore if they continue to facilitate Facebook's or Google's or anyone else's cross-site cyber stalking.

If your going to sue anyone consider directing your legal efforts at site owners for facilitating cyber stalking. Don't waste your time with Facebook.

Contribute to public awareness campaigns that equate Facebook logos on websites with eye of Sauron in the minds of users. The thing cyber stalking firms fear most is sunlight... an informed public knowing they are being stalked everywhere you go by nameless creepers enmasse.

If there is a price to be paid even a small one site may think twice before cut and pasting bug code especially where the same or very similar goals can be achieved without enabling Facebook stalking.

Re:Complain to site owners

Yep. All those idiotic admins using social sign-on, letting Facebook and Twitter authenticate their posters? Point them to the arxiv bit on the 250,000+ member botnets on Twitter used to promote Trump-trash.

Re:Complain to site owners

I would actually like to read that arxiv but you've given insufficient information to find it.

Expectation of privacy?

[Dadoo]

Ummm... I logged out of Facebook. How is that not an expectation of privacy?

Re:Expectation of privacy?

[Cajun+Hell]

Ummm... I logged out of Facebook. How is that not an expectation of privacy?

Because you (well, your agent: your computer) kept going to the extra trouble to send additional data to Facebook, even after you logged out. If you had expected privacy there is no way you would have kept sending them data. Ergo, you didn't expect privacy.

Re: Expectation of privacy?

You logged out? That implies you logged in to Facebook at some point... therefore, you have no reasonable expectation of privacy. Also you are an idiot.

Re:Expectation of privacy?

Ummm... I logged out of Facebook. How is that not an expectation of privacy?

Because you kept making requests to their domain (for "Like" buttons, etc). If you want privacy from Facebook, then... don't do that! Any data you give them... they have.

You have to first and foremost not volunteer your data if you want to complain they have it. It's like... if you ask someone to paint your car green, you can't then turn around and complain when they paint your car green. You just asked them to!

Re:Expectation of privacy?

[MobyDisk]

Did the users type in their user name and password when they clicked the like button?

Re:Expectation of privacy?

Irrelevant. You're still giving them the data about who you are and what you are doing and when you are doing it. If you don't want them to know that, you should stop telling them.

Re:Expectation of privacy?

Did the users type in their user name and password when they clicked the like button?

There is no need to even click the button, let alone identify yourself.

As the script that shows the button is loaded from Facebook website, your browser SENDS to Facebook your IP and other information (e.g. Facecbook-domain related cookies containing your user id) while merely displaying the button.

Re:Expectation of privacy?

[strikethree]

The counter-argument to that is: You use Microsoft operating systems. You have explicitly given permission for every action you take to be logged somewhere and examined later at the pleasure of Microsoft. Using Facebook is merely a subset of using a computer (which has a Microsoft Operating system on it) therefore, you have already given up any expectations of privacy. Logging out of Facebook is not sufficient to prove that you would have an expectation of privacy since you abandoned all expectation of privacy merely by using the computer.

Re:Expectation of privacy?

[MobyDisk]

As the script that shows the button is loaded from Facebook website, your browser SENDS to Facebook your IP and other information (e.g. Facecbook-domain related cookies containing your user id) while merely displaying the button.

If you logged-out of facebook, how is it sending facebook domain-related cookies containing your user id? Logging out should eliminated those cookies. That's the entire point of logging out!

Re:Expectation of privacy?

[Cajun+Hell]

Did the users type in their user name and password when they clicked the like button?

Don't be absurd; they didn't do anything so relatively anonymous as merely typing their name and password and DoB and SSN and uploading their scanned retina image. The user sent a unique key that Facebook had offered them earlier, and that the user stored on their computer until the time came to send it back to Facebook along with their favorite URLs.

And what's this nonsense about clicking the like button? The user sent this information to Facebook in order to request that the like button be displayed!

Credit cards track you, too

[DogDude]

Credit cards track you everywhere you go, too. Online or off, merchant service providers are now starting to give full purchase history data to their customers. As a retailer, it's great to be able to track everybody.

Re:Credit cards track you, too

Indeed, this was the reason various types of cash notes were banned in India (under the guise of eliminating black money). Without availability of cash, many Indians switched to credit/debit cards and started getting tracked.

Re:Credit cards track you, too

[SnarkSide]

Has that been publicly acknowledged by the card issuers? I try and limit what they know by opting for cash on some transactions. If you are saying they are putting it in the marketing database when you make a purchase each item you buy, not just what store you shopped at, even if you don't give a rewards card or number, then that is level of personal violation I haven't seen documented.

Paranoia FTW!

[thegreatbob]

This is where domain blacklisting, referring removal/mangling and by-default JavaScript blocking start to sound real good. Very difficult to track us "paranoid" folk around unless you have access to all the random WWW logs out there.

Re:Paranoia FTW!

[thegreatbob]

referrer, even.

The usual misleading headline

[SlaveToTheGrind]

The judge didn't say Facebook "can do" anything. The judge said the plaintiffs can't pursue certain specific legal theories against Facebook, but can pursue others:

The plaintiffs cannot bring privacy and wiretapping claims again, Davila said, but can pursue a breach of contract claim again.

Or....

Just block all the facebook servers at the hosts file.

And all those stupid little F's go away.

along with their tracking.

Re:Or....

Just block all the facebook servers at the hosts file.

How do you do that?

Re:Nothing does what you ask as well as... apk

Who left the gate open at the cunt farm and let this fat useless fuck out again ffs.

There's a book for that...

[__aaclcg7560]

Facebook is already doing that with advertising, taking your interactions with Facebook and combining it with third-party personal data to track you on the Internet. Read that in "Chaos Monkeys: Obscene Fortune and Random Failure in Silicon Valley" by Antonio Garcia Martinez. The author sold his engineers and company to Twitter and got hired by Facebook in a three-way deal.

Re:There's a book for that...

Non-affiliate link:
https://www.amazon.com/Chaos-Monkeys-Obscene-Fortune-Failure-ebook/dp/B019MMUAAQ

Re: There's a book for that...

Creimer fuck off please. If you want to comment then fine, but please stop commenting with affiliate spam. We know that is the only reason you replied.

Can we please start modding Creimer affiliate links as spam? It is getting worst than APK.

Re:Best hosts file creator?

Nobody cares about your out of date crap APK, and spamming your drivel wont change that.

Email Scanning

I don't use Facebook at all. I was researching hotels in a particular city in another state and emailed some info to another person. Before they read the email, their Facebook started showing ads for that particular hotel, and other attractions in that particular city.

Firefox + RequestPolicy Continued

Blocks everything on page that is on another domain, until you allow each of them.

Re:Firefox + RequestPolicy Continued

uMatrix is better.

This is the flip side of "information wants to be

[SuperKendall]

Information does indeed want to be free, in that like water it is very hard to contain for long, and it will flow wherever it can as fast as it can through the smallest open channels.

I was thinking you could claim harm by starting up a company that explicitly sold your data so someone else having it would diminish the value, but that seems contrived and would probably not help since others collecting your data would not mean the paid source could not still collect it...

/.ers disagree - you're outnumbered... apk

I'm going to continue using the Host File Engine. Your software is well written, functional. The Host File Engine performs exactly as promised by mmell

his hosts program is actually pretty good by xenotransplant

his hosts tool is actually useful for those cases in which one does indeed want to locally block stuff outright while consuming minimum system resources by alexgieg

I've never tried to belittle (APK's) work, I've flat out said it's good by BronsCon

APK is kinda right. I've tried his hosts file generating software. It works by bmo

I like your host file system by Karmashock

I find your hosts file admirable by vel-ex-tech

APK your posts on this and the hosts file posts, and more, have never been in error and/or bad advice by BlueStrat

* My code's recommended & hosted by Malwarebytes' hpHosts!

APK

P.S.=> See subject & /.ers quoted above (want more? ask??) disagreeing w/ you + YOU care (can't blame you - you FAIL so much vs. this, lol)... apk

Re: /.ers disagree - you're outnumbered... apk

Oh zaparkie ... take some immodium please

Re:/.ers disagree - you're outnumbered... apk

Well, I'll be a monkey's uncle, the spammer gash darn went and came back, and lookee here, he even broughts he own self some testuhmonials. I betta download his suspicious APK installing softwayuh immeditly.

Safe web browser

[myid]

Use a web browser that's designed for privacy, like Brave (company founded by Brendan Eich).

Here's how to stay private

[JohnScott1514]

Stay off social sites, don't join any social sites, don't ever believe the internet owes you privacy. Or any browser, operating system or software and apps. You want privacy it's you job to be selective on how you access the internet. Facebook is not there to protect your privacy since it provides you a service for free. Which you can freely decline to use if you do not agree with their agreements. Don't waste court time for frivolous whining about privacy.

Re:Here's how to stay private

[Tony+Isaac]

It doesn't matter if you never, ever log in to facebook, they can still track you. Any time you visit any web site that has a "Like us on facebook" icon (or other completely hidden scripts), it sends information to facebook that you (some anonymous person with a unique identifier) visited their site. Now, you visit another such site, and that icon sends facebook your unique ID, along with information that you logged in to that site. Eventually, they can piece together enough information to connect your unique ID to your real identity.

The only way to stay private is to never connect to the Internet.

Unanticipated consequences?

[davidjohnburrowes]

Seems to me that while this

that plaintiffs could have taken steps to keep their browsing histories private

speaks of incognito etc mode, it seems really an encouragement (if not a directive) to use ad blockers. If the official legal opinion (in a silicon valley court, no less) is a variation of caveat emptor (browser beware), that can't be particularly good for legitimate folks.

Yeah, I know many folks here are already big advocates of ad blockers, and I'm aware every sizable nation state on the planet is already watching what I do. But, to have the court pretty much say: "you are on your own here" starts the conversation about personal privacy at a pretty low bar.

You're lucky I'm not bogus (like you), lol... apk

See subject: I'd outbogus you there too, lmao - you're always going to fail vs. me. So I let you have your title, King Bogus... lol! You're just lucky I don't want to be like "your kind" (lowest of the LOW unidentifiable anonymous trolling worms).

* REMEMBER: I merely LET you have it - if I wanted your crown, I'd just take it (& you KNOW I would).

APK

P.S.=> RoTfLmAo... apk

/etc/hosts or equivalent

this should be standard practice:

127.0.0.1 localhost
127.0.0.1 facebook.com

Re:/etc/hosts or equivalent

They have more domains than that.

127.0.0.1 www.facebook.com
127.0.0.1 facebook.com
127.0.0.1 login.facebook.com
127.0.0.1 www.login.facebook.com
127.0.0.1 fbcdn.net
127.0.0.1 www.fbcdn.net
127.0.0.1 fbcdn.com
127.0.0.1 www.fbcdn.com
127.0.0.1 static.ak.fbcdn.net
127.0.0.1 static.ak.connect.facebook.com
127.0.0.1 connect.facebook.net
127.0.0.1 www.connect.facebook.net
127.0.0.1 apps.facebook.com

This probably isn't even a fraction.

You ARE a monkey's uncle... apk

See subject: I see you're still reeling from a photon torpedo barrage of truth (that "your kind" can't manage) https://tech.slashdot.org/comments.pl?sid=10817097&cid=54738831/

* Look @ your writing for Pete's sake, lol - you sound like a punch-drunk FOOL there, Jethro - RoTfLmAo!

(I feel sorry for that monkey - why? Hell, lol - He's related to YOU, ugh, lol...)

APK

P.S.=> Nothing suspicious about sharing a creation of mine that's FREE that gives users more speed, security, reliability & anonymity, especially per https://www.virustotal.com/en/file/e01211ca36aa02e923f20adee0a3c4f5d5187dc65bdf1c997b3da3c2b0745425/analysis/1433430542/ - I simply give people what they want (you don't) & for free... apk

Looper why do u post unidentifiably?... apk

This is why: "Laid out in front of him. I saw it. So I changed it" per film Looper. U had 2 disappear vs. your registered 'luername'... made you undergo 'certain changes' lol...

* "... & the path was a circle (looper)" HOW LONG SINCE YOU 'DROPPED'? (Drop, drop) lol, per the changes I made YOU (per my 'power'of manipulating stooges like u) DROP out of SIGHT!

Truth/Fact, undeniable.

(U spin around & around in circles? I move forward, unlike you & 'your kind' (lowest of the LOW in unidentifiable "ne'er-do-well" worms))

APK

P.S=> Could I change this & further put you into non-existence? Sure - I could "close my own loop" (which was the logical solution above, I'd've done the same to be quite honest)... apk

Facebook Blocker

[Futurepower(R)]

Facebook Blocker for Firefox and Pale Moon browsers.

Re:Nothing does what you ask as well as... apk

He removed quite a lot of his "testimonies" when I personally emailed them on the subject.

Best hosts file creator?

See subject & APK Hosts File Engine 9.0++ SR-7 32/64-bit https://www.google.com/search?hl=en&source=hp&biw=&bih=&q=%22APK+Hosts+File+Engine%22+and+%22start64%22&btnG=Google+Search&gbv=1/

Ads/script & malware rob speed/security/privacy

Hosts add speed (via hardcodes/adblocks), security (vs. bad sites/malware/poisoned dns), reliability (vs. dns down), & anonymity (vs. dns requestlogs/trackers).

Less power/cpu/ram + IO use vs. DNS/routers/addons/antivirus + less security bugs/complexity & faster vs. addons/routers/remote dns!

Avoids DNSChangers in routers/IP settings & dns redirects (99.999% of ISP DNS != patched vs. it) + lightens DNS load & resolves faster from local system RAM!

* Via what u NATIVELY have in the IP stack in FASTER kernelmode!

APK

P.S. - Safe https://www.virustotal.com/en/file/e01211ca36aa02e923f20adee0a3c4f5d5187dc65bdf1c997b3da3c2b0745425/analysis/1433430542/

Nothing does what you ask for as well as... apk

See subject & APK Hosts File Engine 9.0++ SR-7 32/64-bit https://www.google.com/search?hl=en&source=hp&biw=&bih=&q=%22APK+Hosts+File+Engine%22+and+%22start64%22&btnG=Google+Search&gbv=1/

Ads/script & malware rob speed/security/privacy

Hosts add speed (via hardcodes/adblocks), security (vs. bad sites/malware/poisoned dns), reliability (vs. dns down), & anonymity (vs. dns requestlogs/trackers).

Less power/cpu/ram + IO use vs. DNS/routers/addons/antivirus + less security bugs/complexity & faster vs. addons/routers/remote dns!

Avoids DNSChangers in routers/IP settings & dns redirects (99.999% of ISP DNS != patched vs. it) + lightens DNS load & resolves faster from local system RAM!

* Via what u NATIVELY have in the IP stack in FASTER kernelmode!

APK

P.S. - Safe https://www.virustotal.com/en/file/e01211ca36aa02e923f20adee0a3c4f5d5187dc65bdf1c997b3da3c2b0745425/analysis/1433430542/

That's a total lie & Looper?

Unidentifiable anonymous troll & YOUR LOOP = CLOSED! "How long since you 'dropped'" (out of sight)? U had 2 disappear & go UNIDENTIFIABLE anonymous vs. using your registered 'lusername'!

"Then I saw it. Laid out in front of him. The bad version of his life: So I changed it"

* "... & the path was a circle" per film Looper.

(U spin around & around in circles? I move forward, unlike you & 'your kind' (lowest of the LOW in unidentifiable "ne'er-do-well" worms))

APK

P.S=> Could I change this & further put you into non-existence? Sure - I could "close my own loop" (which was the logical solution above, I'd've done the same to be quite honest BUT I'm having too much fun having YOU prove ME completely RIGHT per the above, making ME look GOOD & yourself by way of comparison? Well - "not so good", lol (seeing you have to DROP OUT, like a junkie, lol)) - nope, lol - I CLOSED YOUR LOOP INSTEAD... apk

APK Hosts File Engine 9.0++ 32/64-bit

APK Hosts File Engine 9.0++ SR-7 32/64-bit https://www.google.com/search?hl=en&source=hp&biw=&bih=&q=%22APK+Hosts+File+Engine%22+and+%22start64%22&btnG=Google+Search&gbv=1/

Ads/script & malware rob speed/security/privacy

Hosts add speed (via hardcodes/adblocks), security (vs. bad sites/malware/poisoned dns), reliability (vs. dns down), & anonymity (vs. dns requestlogs/trackers).

Less power/cpu/ram + IO use vs. DNS/routers/addons/antivirus + less security bugs/complexity & faster vs. addons/routers/remote dns!

Avoids DNSChangers in routers/IP settings & dns redirects (99.999% of ISP DNS != patched vs. it) + lightens DNS load & resolves faster from local system RAM!

* Via what u NATIVELY have in the IP stack in FASTER kernelmode!

APK

P.S. - Safe https://www.virustotal.com/en/file/e01211ca36aa02e923f20adee0a3c4f5d5187dc65bdf1c997b3da3c2b0745425/analysis/1433430542/

For the best hosts file

APK Hosts File Engine 9.0++ SR-7 32/64-bit https://www.google.com/search?hl=en&source=hp&biw=&bih=&q=%22APK+Hosts+File+Engine%22+and+%22start64%22&btnG=Google+Search&gbv=1/

Ads/script & malware rob speed/security/privacy

Hosts add speed (via hardcodes/adblocks), security (vs. bad sites/malware/poisoned dns), reliability (vs. dns down), & anonymity (vs. dns requestlogs/trackers).

Less power/cpu/ram + IO use vs. DNS/routers/addons/antivirus + less security bugs/complexity & faster vs. addons/routers/remote dns!

Avoids DNSChangers in routers/IP settings & dns redirects (99.999% of ISP DNS != patched vs. it) + lightens DNS load & resolves faster from local system RAM!

* Via what u NATIVELY have in the IP stack in FASTER kernelmode!

APK

P.S. - Safe https://www.virustotal.com/en/file/e01211ca36aa02e923f20adee0a3c4f5d5187dc65bdf1c997b3da3c2b0745425/analysis/1433430542/

/.ers disagree UNIDENTIFIABLE ac

I'm going to continue using the Host File Engine. Your software is well written, functional. The Host File Engine performs exactly as promised by mmell

his hosts program is actually pretty good by xenotransplant

his hosts tool is actually useful for those cases in which one does indeed want to locally block stuff outright while consuming minimum system resources by alexgieg

I've never tried to belittle (APK's) work, I've flat out said it's good by BronsCon

I've tried his hosts file generating software. It works by bmo

I like your host file system by Karmashock

APK your posts on this and the hosts file posts, and more, have never been in error and/or bad advice by BlueStrat

* Malwarebytes' hpHosts hosts my code!

APK

P.S.=> "A new 'holy-terror' bossman in the future's closing all the loops" (Looper's RainMaker) -"Lord of Hosts" (so-to-speak) closed YOUR running around in circles loop of a FAKE LIFE behind your FAKE registered 'lusername' you don't use vs. me... apk

Don't you live in a place where

[Maritz]

ISPs can literally sell your browsing info to whoever the fuck they like? And this is somehow a problem but that isn't? Weird.

two click fix

[weberjn]

c't fixed it in 2011

https://www.heise.de/ct/artike...