sjvn01

Facebook: The Spy in Your Network

by Steven Vaughan-Nichols (sjvn01) on 26-09-2011 08:36 AM - last edited on 26-09-2011 08:36 AM

I used to like Facebook. Oh, its security and constantly changing privacy protection was a bad joke, but it was still the best way to find and keep in touch with old friends from high school (Hi Cathy!) and the like. That was then. This is now.

It was bad enough that Facebook tries to harvest your phone number, in the new Facebook Open Graph platform you can share all kinds of usage data with your advertisers... uh friends. With the new Facebook, you can automatically share what movies you're watching on Netflix, what music you're listening to on Spotify, and what's you're reading on Flipboard.

Privacy aside, I don't care for Facebook's new non-stop news-streaming ticker, either. Does anyone really want to know everything I watch, listen to, and read? Neither my wife nor daughter do. I can think of two groups, though, that would find all my information endlessly interesting: Advertisers and competitors. You may want AT&T, Exxon, and Microsoft to keep tabs on your every move; I don't.

It's your choice, though. Yes, it is, if you can figure out what your choices really are on Facebook.

You see, Facebook makes protecting your privacy a constantly changing maze. The best guide I know, The Definitive Facebook Lockdown Guide, has to be updated every few months. The latest edition, September 2011, is already out of date.

Now Facebook has made it possible, using its beta Timeline view, to see who's unfriended you. That's one idea that will cause havoc in friends and family circles around the room. Thanks Facebook, we needed that feature.

At this time, you can't hide your un-friending tracks, but there's far more worrying stuff. Let's say you log out of Facebook. You'd think Facebook wouldn't be tracking you right? Wrong.

According to hacker Nik Cubrilovic, the application programming interface (API) Facebook uses to allow applications to post status items to your Facebook timeline, aka frictionless sharing, doesn't require your explicit permission. We knew that. What we didn't know is that, Cubrilovic writes, Facebook has long been tracking your every move on the net.

Cubrilovic discovered that Facebook keeps Web cookies alive on your Web browser even after you've logged out of Facebook. As he writes, “With my browser logged out of Facebook, whenever I visit any page with a Facebook like button, or share button, or any other widget, the information, including my account ID, is still being sent to Facebook. The only solution to Facebook not knowing who you are is to delete all Facebook cookies.” I'll go farther, with frictionless sharing, the only way to keep Facebook and friends out of your business, is to stop using Facebook.

That's exactly what I'm planning on doing. Say what you will about Google and its privacy practices, Google makes controlling your information on its social network, Google+, much easier than Facebook does. Google even makes it easy for you to access and download your data with Google Takeout. Prying your own information out of Facebook, though, is like pulling your own teeth with a rusty pair of pliers.

As Facebook grows ever more invasive or your privacy, and sneakier still about how it does it, I can only recommend that personally you start weaning yourself off it. As for your business, I'd block Facebook from all your corporate PCs. While Facebook's main customers are advertisers, how much trouble would it really be for Zuckerberg to let someone start data-mining all your employees' Facebook Web-related activities for a sufficiently lucrative fee? The answer: No trouble at all. 

Comments
by Mickey Applebaum(anon) on 26-09-2011 12:59 PM
I just love it when articles are more about the FUD than they are about reality. Yes, Facebook has recently made changes to the news feed. No, they did not make any changes to the security or privacy settings pages. Yes, they are coming out with timeline and yes,. it will allow updates without explicit approval IF YOU SO ALLOW IT (even now you can set your privacy so that anyone who tries to post to your wall has to be approved first). If you have concerns about their settings there is an easy solution, use one browser for Facebook and another for everything else, but then... you'll need to consider doing the same for the sites you do business on because many of the sites that do credit card transactions do the same kind live cookies so that the next time you visit their store site you get the stuff that fits what you've been looking at recently.... In other words... You can live your life in Fear Uncertainty and Doubt and stop going on line altogether, OR you can take reasonable precaution, follow safe surfing practices and do your best not to fall for the socially engineered attacks and you'll be fine.
by charlie_Turner(anon) on 26-09-2011 03:11 PM

I set up a seperate user account on my computers and log in to each computer under that user account when I want to go to facebook, then open a browser and login to fb. When I am done on fb, I close the browser, and log off that user account. I go nowhere else on the net besides fb under that user account. As that user has its own home directory where any fb cookies would be stored, I don't think they can track me when I'm logged into my regular user account, where I do ALL of the rest of my web activity. I could be wrong, though.

by BrettGlass on 26-09-2011 06:09 PM

Steve, your trust of Google is misplaced. Facebook and Google are locked in a fierce competition to see which can more thoroughly exploit users and invade their privacy. Google, too, puts cookies in your browser, and its more stealthy spyware scripts throughout the Web spy on you even if there ISN'T a Google icon anywhere on the page. (For example, Google has a spyware script on THIS VERY PAGE; my script blocker is blocking it.)

My advice: don't give your information to either of these nasty companies.

by Scotty the menace(anon) on 29-09-2011 11:00 AM

I stayed off Facebook until last summer for these exact privacy concerns. How do Facebook and Google make so much freaking money as "free" services? They sell YOU! You and everything about you are their products. I would tell my friends of my provacy concerns and they would counter with, Well you can set privacy controls, to which I would ask, Well how do I stop Facebook from getting my information. They never have an answer because, of course, you can't.

As it is, I already use the Opera browser exclusively for Facebook, and do all my other browsing in Firefox, both at work and at home. I block all Facebook and Google cookies on my general browser. I don't trust either of them. I'm about to ditch Facebook completely, though. I just can't deal with their violations of my privacy.

The other reason I'm about to ditch Facebook and end my 14 month social networking adventure is their latest UI atrocity. It is the dumbest thing I've ever seen from them. This is the reason I hate web apps: you have no control over updates. You wake up one day and the app you just started figuring out is now radically different... and you have nothing to say about it.

Thanks for this great article. It encouraged me to be, once again, social networking free.

by gülşen(anon) on 24-01-2012 01:10 AM

sjvn01 wrote:

I used to like Facebook. Oh, its security and constantly changing privacy protection was a bad joke, but it was still the best way to find and keep in touch with old friends from high school (Hi Cathy!) and the like. That was then. This is now.

It was bad enough that Facebook tries to harvest your phone number, in the new Facebook Open Graph platform you can share all kinds of usage data with your advertisers... uh friends. With the new Facebook, you can automatically share what movies you're watching on Netflix, what music you're listening to on Spotify, and what's you're reading on Flipboard.

Privacy aside, I don't care for Facebook's new non-stop news-streaming ticker, either. Does anyone really want to know everything I watch, listen to, and read? Neither my wife nor daughter do. I can think of two groups, though, that would find all my information endlessly interesting: Advertisers and competitors. You may want AT&T, Exxon, and Microsoft to keep tabs on your every move; I don't.

It's your choice, though. Yes, it is, if you can figure out what your choices really are on Facebook.

You see, Facebook makes protecting your privacy a constantly changing maze. The best guide I know, The Definitive Facebook Lockdown Guide, has to be updated every few months. The latest edition, September 2011, is already out of date.

Now Facebook has made it possible, using its beta Timeline view, to see who's unfriended you. That's one idea that will cause havoc in friends and family circles around the room. Thanks Facebook, we needed that feature.

At this time, you can't hide your un-friending tracks, but there's far more worrying stuff. Let's say you log out of Facebook. You'd think Facebook wouldn't be tracking you right? Wrong.

According to hacker Nik Cubrilovic, the application programming interface (API) Facebook uses to allow applications to post status items to your Facebook timeline, aka frictionless sharing, doesn't require your explicit permission. We knew that. What we didn't know is that, Cubrilovic writes, Facebook has long been tracking your every move on the net.

Cubrilovic discovered that Facebook keeps Web cookies alive on your Web browser even after you've logged out of Facebook. As he writes, “With my browser logged out of Facebook, whenever I visit any page with a Facebook like button, or share button, or any other widget, the information, including my account ID, is still being sent to Facebook. The only solution to Facebook not knowing who you are is to delete all Facebook cookies.” I'll go farther, with frictionless sharing, the only way to keep Facebook and friends out of your business, is to stop using Facebook.

That's exactly what I'm planning on doing. Say what you will about Google and its privacy practices, Google makes controlling your information on its social network, Google+, much easier than Facebook does. Google even makes it easy for you to access and download your data with Google Takeout. Prying your own information out of Facebook, though, is like pulling your own teeth with a rusty pair of pliers.

As Facebook grows ever more invasive or your privacy, and sneakier still about how it does it, I can only recommend that personally you start weaning yourself off it. As for your business, I'd block Facebook from all your corporate PCs. While Facebook's main customers are advertisers, how much trouble would it really be for Zuckerberg to let someone start data-mining all your employees' Facebook Web-related activities for a sufficiently lucrative fee? The answer: No trouble at all. 




sjvn01 wrote:

I used to like Facebook. Oh, its security and constantly changing privacy protection was a bad joke, but it was still the best way to find and keep in touch with old friends from high school (Hi Cathy!) and the like. That was then. This is now.

It was bad enough that Facebook tries to harvest your phone number, in the new Facebook Open Graph platform you can share all kinds of usage data with your advertisers... uh friends. With the new Facebook, you can automatically share what movies you're watching on Netflix, what music you're listening to on Spotify, and what's you're reading on Flipboard.

Privacy aside, I don't care for Facebook's new non-stop news-streaming ticker, either. Does anyone really want to know everything I watch, listen to, and read? Neither my wife nor daughter do. I can think of two groups, though, that would find all my information endlessly interesting: Advertisers and competitors. You may want AT&T, Exxon, and Microsoft to keep tabs on your every move; I don't.

It's your choice, though. Yes, it is, if you can figure out what your choices really are on Facebook.

You see, Facebook makes protecting your privacy a constantly changing maze. The best guide I know, The Definitive Facebook Lockdown Guide, has to be updated every few months. The latest edition, September 2011, is already out of date.

Now Facebook has made it possible, using its beta Timeline view, to see who's unfriended you. That's one idea that will cause havoc in friends and family circles around the room. Thanks Facebook, we needed that feature.

At this time, you can't hide your un-friending tracks, but there's far more worrying stuff. Let's say you log out of Facebook. You'd think Facebook wouldn't be tracking you right? Wrong.

According to hacker Nik Cubrilovic, the application programming interface (API) Facebook uses to allow applications to post status items to your Facebook timeline, aka frictionless sharing, doesn't require your explicit permission. We knew that. What we didn't know is that, Cubrilovic writes, Facebook has long been tracking your every move on the net.

Cubrilovic discovered that Facebook keeps Web cookies alive on your Web browser even after you've logged out of Facebook. As he writes, “With my browser logged out of Facebook, whenever I visit any page with a Facebook like button, or share button, or any other widget, the information, including my account ID, is still being sent to Facebook. The only solution to Facebook not knowing who you are is to delete all Facebook cookies.” I'll go farther, with frictionless sharing, the only way to keep Facebook and friends out of your business, is to stop using Facebook.

That's exactly what I'm planning on doing. Say what you will about Google and its privacy practices, Google makes controlling your information on its social network, Google+, much easier than Facebook does. Google even makes it easy for you to access and download your data with Google Takeout. Prying your own information out of Facebook, though, is like pulling your own teeth with a rusty pair of pliers.

As Facebook grows ever more invasive or your privacy, and sneakier still about how it does it, I can only recommend that personally you start weaning yourself off it. As for your business, I'd block Facebook from all your corporate PCs. While Facebook's main customers are advertisers, how much trouble would it really be for Zuckerberg to let someone start data-mining all your employees' Facebook Web-related activities for a sufficiently lucrative fee? The answer: No trouble at all. 


 

by Alex(anon) on 23-02-2012 05:30 PM
In the article you say you are "planning" to get out of facebook. I don't know if you are now out or not? I'm totally shock & flabbergasted the new young generation is so insensetive in allowing so many so called "friends" know so much about them!!! I do think much sooner than later this emotionally and socially astroglide invasion of privacy will crash in matter of weeks & fight for keeping your personal life private will start a new trend to value privacy in real terms.
Post a Comment
Be sure to enter a unique name. You can't reuse a name that's already in use.
Be sure to enter a unique email address. You can't reuse an email address that's already in use.
Type the characters you see in the picture above.Type the words you hear.

The HP Input Output site is sponsored by HP and features articles and content from HP and third-party contributors. Third-party articles and content, while paid for by HP, do not necessarily represent the views and opinions of HP. HP does not endorse this content and is not responsible for its accuracy, availability and quality.

Follow Us
Spotlight
The Permissions Your Database Users Really Need (Video) The 16 Linux Shell Commands Every Desktop Linux User Should Know 7 Deadly Sins of Job Searching: Why You Still Don't Have a Job, and How to Get Back on Track 9 Tech Analogies That No Longer Mean Anything To Those Young Whippersnappers
┼ Based on energy, paper and toner savings from regular printer usage. Results may vary.