Not really. Facebook's doing it old school. It's a long story you can read here, but a peculiar effect caused by my menagerie of security plugins brought my attention to a new form of tracking that Facebook's been using over (at least) roughly the last week. In a Wired.com page, I found that Facebook is using a small iframe that fetches a page with a URL such as:
In this case the basic URL of the page this was found on being http://www.wired.com/autopia/2011/08/no-public-transit-no-job/
This iframe actually renders the Like button.
This form of tracking will work with the most basic of browsers with all client-side scripting/application systems and web-facing APIs disabled. Upon doing more research I found that Lynx is actually safe as it doesn't display frame contents, but rather converts them into hyperlinks.
From this tracking iframe Facebook can get, at a bare minimum, the following info:
- The page you've just viewed
- Your IP address
- Your browser agent info (which, by default, contains far more detail than you might think - right down to your machine's CPU architecture).
The only surefire way to block it would be to blacklist all connections to any Facebook domains - and the domains of any other tracking services that deploy similar systems in the future.
I was considering posting this to Slashdot's firehose but some more research has shown that Facebook has been offering at least some sort of iframe method for inserting Like buttons since at least April 2010, so I'll just post to my journal for now rather than potentially making a fool of myself.