Facebook Beacon Privacy Issues Worse Than Previously Thought?

An anonymous reader writes "Further developments in the Facebook Beacon affair ... According to PC World, a Computer Associates researcher claims that Beacon, when installed on participating sites, is sending data about users' activity back to Facebook, even when a user is logged out of Facebook - despite Facebook's claims to the contrary."

FredDC

[FredDC]

<sarcasm>
No privacy on a social networking website? I am shocked!
</sarcasm>

Re:FredDC

[Anonymous Coward]

no privacy OFF a social networking site.. you should be shocked. repeatedly.

You must be an officer of the law...

[LaTechTech]

"Don't Tase me, bro!"

Re:

[empaler]

In the face.

Re:

[cubic pd]

heh, this takes me back to my middle school days.

Re:

[TheVelvetFlamebait]

Facebook denied that.

What? Surely a company's word counts for something around here? Who's with me? ...anybody?

Re:

[RuBLed]

Well, that's why you should reload a clean image in your VM when you're going to surf at another site...

Re:

[Skrynesaver]

Or install privoxy [privoxy.org] and write an appropriate filter

Block the "Feature"

[ZlatanZ++]

This [wikihow.com] might be useful for some people. It shows you how to block Facebook's Beacon.

Re:Block the "Feature"

[empaler]

Basically, it tells you to go to addons.mozilla.org, find blocksite, install, add "http*://*facebook.com/beacon/* to blocksite, and gold. Should work in AdBlock/ABP too, PeerGuardian, or whatnot.

Re:

[Culture20]

Until facebook changes the site that beacon lives on to a mirror list that the participating company checks periodically.

Re:

[empaler]

Until facebook changes the site that beacon lives on to a mirror list that the participating company checks periodically.

Facebook would never do something as insidious as that.
Their updated, improved Beacon 2.0, codenamed "Bacon" will, completely incidentally, have a new URL that changes daily - cos of new features, see? Due to the... complex nature of these features, and, er, to protect user privacy from malicious activity, it won't be trivially facebook.com/bacon/$date, but a pseudo-random alphanumeric URL based on your user name, spending habits, number of sexual partners, and curry; e.g. facebook.com/dfh7usd3kiwiqnhu. S

Re:

[Culture20]

Awesome. Now that we know curry is in the algorithm, we can write an auto-blocker. I never would have thought of curry.

Re:

[TooMuchToDo]

Adblock Plus should add that URL to it's US feed, so it's automatic for all Adblock Plus users.

Re:Block the "Feature"

[Dogtanian]

This might be useful for some people. It shows you how to block Facebook's Beacon.

Not to demean the solution you gave, which I'm sure does its intended job well. However, it's really just a technical fix that is papering over one of the symptoms.

It doesn't- and can't- address the far more serious underlying cause. Namely that Facebook and the other companies involved are clearly totally contemptuous of their users' privacy and quite happy to screw them over in the name of a few quick bucks. And then hide this behind a weaselish and unclear "opt-in-by-default" agreement. (Yes, it's acceptable for them to make money from a free website; no, it's absolutely *not* acceptable for them to do it in this way).

Frankly, I'm glad I don't use Facebook. At one stage I may have believed that it was possibe to balance the invasion one's privacy by controlling what appeared on their page- and then some low-down **** like this comes along. It's one thing to have your Facebook information publicly available, quite another to have your activities on apparently unrelated sites made public.

I wouldn't touch Facebook with a ******* barge pole now. Your fix may work on the current problem, but what happens when the next moneygrabbing exploit comes along? What happens when these assholes figure out a totally different way to use the information they already have on you?

Seriously, fuck that, and fuck Facebook. Their behaviour was already unacceptable- regardless of how they snuck it into the legal agreement. With this latest news on top, I seriously hope that this marks a turning point in Facebook's fortunes. Joe Public isn't as concerned about his privacy as he should be, but when it comes to blabbing about his Christmas present purchases without his knowledge, it puts it in more concrete terms.

Re:

[Dogtanian]

What, you thought they set up the site out of the goodness of their hearts? They see users as moneycows to be milked until they bleat in agony.

No, I think you're setting up a false dichotomy between running something as a totally undiscriminating charity and as a business that'll screw everyone over at the first whiff of money. Hint; it might be true that their aim is to make money... but it's also true that screwing your customers over in the short term could be very counterproductive to making money in the long term.

Re:

[zenetik]

What made Facebook different from other social networking sites is that, in the beginning, it was a social network available only to college students. Within that exclusive bubble, members existed within communities limited to members of their college or university. By default, profiles were only available to be seen by academic peers -- the people you have class with or pass by on campus. Before Facebook opened its doors to everyone, most Facebook social connections were those that already existed in the r

Re:

[Skrynesaver]

I've an account, while I don't use it much it has enabled me to get back in touch with friends I haven't seen for nigh on 20 years. People move to other countries and back in the day they didn't have email addresses or the like, so for some of us older folks it has a use, as to the constant update carry on, well for those that want to I guess it's ok, personally it's just a way of finding old mates who I'd lost touch with.

Not the best friends

[aws910]

I had re-joined some social networking sites recently, and this was my pretense. However, it made me realize that if these "old friends" were such great people, I would have kept in touch with them. With each "old friend", I realized that there was some fatal flaw that made me not want to keep in touch with them anyway.
Honestly, how long do you want to dwell in the past? The future is so wide open...

Re:

[xaxa]

To communicate quickly and easily with people they know.

However, after clicking the "Photos of Me" button on my profile page and looking at the pictures of me from the past couple of years, I've just changed the settings so no one else can click that button... when I graduate in the summer I'll probably delete all the photos I've uploaded, and "de-tag" myself from any pictures of me other people have uploaded. It's a bit creepy that I can look back through years of photographs of people I know (or in some c

Microsoft and $$$

[vaderhelmet]

What were we to expect with money to be had? They need something to justify that ridiculous price tag they've given themselves. Users = dollar signs to them. It's funny how every time they add a feature that invades the users' privacy to make money, they release some statement like "Oh, once users calm down, they'll find these services to be useful." Putting in privacy controls and restrictions later means they get away with more and only have to patch what users find out and complain about. That being said, don't claim malicious intent where ignorance is just as likely the cause. (Full Disclosure: I was one of the users who has been banned from Facebook for posting negative comments ("spam") during the mini-feeds debacle. So I have some negative bias.)

Re:Microsoft and $$$

[rucs_hack]

This is all a bit silly to me. Ok, so people are annoyed at Facebook, and I see the story has been tagged BigBrother. That's utter rubbish for a start, but of exactly the kind you expect from people who don't really know what big brother represents in 1984, or never read the bookt.

Why can't it be Big Brother? It's an elective free service, which is two things that the figure Big Brother in 1984 most definatelly does not represent. You are under no obligation to use it. That's all there is folks, don't like it? Don't use it, problem solved.

People do like it though, most of the people I know who are on it don't care about this new storm+teacup, which they view as, well, not worthy of notice. Facebook does what they want, end of problem. I use it too. Ok I block the sidebar beacon adverts, but otherwise I like it.

Oh yes, and online shopping is going to be tracked by everyone who can possibly manage it soon. It's big, big money. So Facebook are doing it now, well, give it a year or so and try to find a free online service of this type that doesn't do tracking, or promises not to in the future.

I think you better look up Diogenes for advice first mind.

Re:Microsoft and $$$

[mrbluze]

Why can't it be Big Brother? It's an elective free service, which is two things that the figure Big Brother in 1984 most definatelly does not represent. You are under no obligation to use it. That's all there is folks, don't like it? Don't use it, problem solved.

Now, if I remember correctly (I haven't read 1984 for a few years now), it is Big Brotherish. I mean, sure, it's not enforced, default, systematic spying by a government, but the Big Brother scenario did not get that way overnight in the book. It took many years of phasing in. I think it's discussed in the part where the main character is reading Emmanual Goldstein's highly illegal and very sensational alternative history of the world. (Even that bit is ringing true nowadays)

Re:

[karolo]

In think you are presenting an partial conclusion on what 1984 is about, for starters Orwell was a communist, only not of the type that Stalin liked.
The point of 1984 is how power perpetuates itself through the establishment of a reign of fear (like Stalin did with the purges) through constant surveilance of the people and the presence of an external enemy, whether real or imagined, as tools to control dissent and keep power for its own sake. There is nothing in a capitalist society to stop that from happe

Re:

[QuickFox]

You're sending cold shivers down my spine. Sheesh!

Re:

[faraway]

Orwell was a socialist. Communist and socialist are not the same thing.

Re:

[neomunk]

That's the short of it, yes, but I think the GP can be forgiven for using the word in this particular instance.

From the wiki: [wikipedia.org]

He joined the Independent Labour Party contingent, a group of some twenty-five Britons who joined the militia of the Workers' Party of Marxist Unification (POUM - Partido Obrero de Unificación Marxista), a revolutionary Spanish communist political party with which the ILP was allied. The POUM, along with the radical wing of the anarcho-syndicalist CNT (the dominant force on the left in Catalonia), believed that Franco could be defeated only if the working class in the Republic overthrew capitalism -- a position fundamentally at odds with that of the Spanish Communist Party and its allies, which (backed by Soviet arms and aid) argued for a coalition with bourgeois parties to defeat the Nationalists. In the months after July 1936 there was a profound social revolution in Catalonia, Aragon and other areas where the CNT was particularly strong. Orwell sympathetically describes the egalitarian spirit of revolutionary Barcelona when he arrived in Homage to Catalonia.

According to his own account, Orwell joined the POUM rather than the Communist-run International Brigades by chance -- but his experiences, in particular his and his wife's narrow escape from the Communist purges in Barcelona in June 1937, greatly increased his sympathy for POUM and made him a life-long anti-Stalinist and a firm believer in what he termed Democratic Socialism, that is to say, in socialism combined with free debate and free elections.

Re:

[Capsaicin]

Orwell was a socialist. Communist and socialist are not the same thing.

Orwell fought for the Trotskyist POUM in the Spanish Civil War, he was a socialist of the communist variety. Being agaist a powerful state and being a communist are far more easily reconciled than being in favour of a strong state and being a communist. Remember, according to Marxist theory, communism was only achieved after the state had "melted away."

In any case OPs point stands, Orwells point was not that Stalinism alone is an e

Re:Microsoft and $$$

[wish bot]

You're going to seriously tell me that when all these people joined FB of their own volition that they wanted their web browsing habits to be tracked, stored, and probably acted on in some fashion? I think it's more likely that they joined so they could hook up with their friends...you know, kind of like what FB was actually about. The subsequent invasion of privacy, tracking and collation of personal habits certainly IS very 'big brotherish' if you want to participate in modern society in any meaningful form. Or you could sever all ties to the internet, "opt-out" and go and live under a rock, is that the choice that what you call 'capitalism' has given us?

Re:

[keithjr]

Or you could sever all ties to the internet, "opt-out" and go and live under a rock, is that the choice that what you call 'capitalism' has given us?

OR, you could stop using Facebook and move on to another social networking site. If people still continue to use it, despite the blatant invasion of privacy, then the Facebook team will see it as a job well done. I ditched FB last summer when they made it clear their databases were open to ad mining, and haven't looked back. Continued controversy simply a

Re:

[Pendersempai]

OR, you could stop using Facebook and move on to another social networking site.

That's not really a viable option. The facebook community is a network, and as such we are locked in because of network effects [wikipedia.org].

As an (exaggerated) example, imagine being pissed off that AT&T is handing all your private calling data to George W. Bush in exchange for friendly legislation. Okay, so switch carriers. But unfortunately AT&T is the only carrier that can serve your area or all the ones that can are similarl

Re:

[keithjr]

A good counterpoint, albeit indeed exaggerated. There are more alternatives to Facebook than there are telecom companies. But the next one to get big will simply follow the same business model (chicken and egg problem, but the problem exists nonetheless). My advice is useful because social networking is not nearly as essential as telephone communication. It's the latest internet craze, but that doesn't mean it is essential by any means. It's a commodity pass-time, at best. The take-home message from t

Re:

[Pendersempai]

It's the latest internet craze, but that doesn't mean it is essential by any means. It's a commodity pass-time, at best.

I disagree. It is, among other things, an online business card repository. Much of the benefit of going to a college or graduate school is the networking, and much of the networking happens via Facebook. Students do not carry around business cards; ask one for their contact info, and they'll likely direct you to Facebook. Certainly, there are degrees of necessity to be considered -- I do

Re:

[keithjr]

I used to think so, back when I was still in school. I was a freshman when Facebook started up, and times were indeed good. There was some measure of reason and privacy, as the format was still structured and regular.

I graduated just as everything started tumbling downhill. It really began when the site was opened up to the public instead of being restricted to college students and alumni. The end result was that Facebook now had a cash cow and was ready to milk it. It's somewhat depressing; I was hopi

Re:

[rmerry72]

here are more alternatives to Facebook than there are telecom companies. But the next one to get big will simply follow the same business model (chicken and egg problem, but the problem exists nonetheless).

Its not a chicken and egg problem; its an economic reality. The only way to make money - even cover costs - is to sell adverts and advertisers want a more "targeted" audience. Your personal details are the currency of the advertising world.

Well, unless Facebook moved to a subscription only model. Woul

Re:

[CaptainZapp]

Yeah but it was the government doing it and 1984 represented an extreme communist/authoritarian state.

Yeah, and now the government is in an even better position. They don't need to get their hands dirty on the privacy front (as if they ever cared), but can let corporations do the collecting and then come in with a subpoena, or with one of those "security letters" the FBI is so fond of abusing illegally.

Come to think about it, companies like AT&T (government says: "bend over". AT&T asks: "how deep do you want to shove it in and which kind of lubricant do you prefer?") make it unnecessary to even

Re:

[ericspinder]

If it's corporations doing it in a capitalist market where the consumer decides what they want as opposed to the government doing it and not letting the consumer decide anything except to obey or die, then the worst that could happen is on the other end of the spectrum from 1984.

That's like claiming that Orwell's 'Animal Farm' cannot have any meaning as it's about talking pigs and such, not people. One of '1984's leading themes was the surveillance state, were one's every action, even at home, should be mindful of those who watch. Granted Microsoft/Facebook are not yet, ^H^H^H^H^H^H always have been the government.

Re:

[smallfries]

I think you massively overestimating the difference between a communist / authoritarian state and a capitalist / authoritatian state. They are still both totalitarian entities. I realise that the gist of your point is that this type of tracking is being done by corporations rather than by the government. But how many AT&T scandals does it take to realise that the government has access to any corporate data that it wants to ask for?

Earning user trust requires honesty.

[zestyping]

The problem here isn't just that Facebook is collecting private information. Any company could say "look, if you use our service, here's what we're going to collect and what we're going to do with it," make a good-faith effort to inform everybody what's about to happen and how it works, and then proceed.

The problem is that Facebook is lying about it, and doing so repeatedly.

1. Zuckerberg led the press and advertisers to believe [nytimes.com] that Beacon would be opt-in (it would publish only with the user's consent) but launched Beacon as an opt-out feature (it published without the user's consent).
2. Both the original design [facereviews.com] and the current design [facereviews.com] of Beacon announce to the user that a story is being sent to their profile. They do not present themselves as a choice; they do not ask for consent; they present themselves as a notification that something is already occurring.
3. Even though the new design is "opt-in", the notification has only one clearly emphasized button: "Okay". A design that offered a true choice would offer two equally clear buttons (e.g. "Publish" and "Cancel"). Again, the design is crafted to give users the impression that they have no choice.
4. Facebook collects information about its users' activities on other sites through Beacon despite public statements to the opposite. According to Stefan Berteau [ca.com], Facebook does this even when you are logged out and even when no notification is displayed.
5. Facebook did not give its users reasonable advance notification that it would start publishing information about their activities on other sites. It just went ahead and did it. And Facebook is still not being upfront about the fact that it is collecting this information.
6. Facebook continues to refuse to let users just turn off Beacon. Instead users have to individually refuse Beacon for each partner site, and they cannot do this in advance; they can only do it at the moment a partner site is about to publish a story on Facebook. Again, they are clearly trying to maintain as many obstacles as possible for users who simply don't want this information shared.
7. Facebook's official response [facebook.com] is disingenuous and insulting. The problem is not that Beacon "can be kind of confusing"; it is obviously designed to mislead. Facebook's Paul Janzer wrote:

   While we know "global opt-out" seems like the easiest solution, we believe that if we provide you with full control over your information, you and your friends can get the full benefit of sharing information and connecting on Facebook.

   Of course, if they really wanted to provide users "full control over [their] information" they would let users turn Beacon off.

Can't opt-out. Can't delete.

[ukemike]

Facebook continues to refuse to let users just turn off Beacon. Instead users have to individually refuse Beacon for each partner site, and they cannot do this in advance; they can only do it at the moment a partner site is about to publish a story on Facebook. Again, they are clearly trying to maintain as many obstacles as possible for users who simply don't want this information shared.

I've just been on FB trying to cripple my account. Some time ago, I thought I'd see what the buzz was about. Didn't

Re:

[Walter Carver]

Why can't it be Big Brother? It's an elective free service, which is two things that the figure Big Brother in 1984 most definatelly does not represent.

When it starts as a trend it's optional. Later it becomes mandatory.

Re:

[wish bot]

Things like the Microsoft deal don't happen overnight either. It's quite possible the deal was contingent on a way to 'capitalise' on Facebook's user-base. This may not have been Microsoft's doing however...rather something that was offered to them.

How to avoid Beacon

[Conanymous Award]

From a comment on TFA:

Facebook users who also use Firefox to browse the we can prevent facebook's beacon from reporting by doing the following: download the BlockSite Add-on for The Firefox Browser. Under the tools menu, select "add-ons" Select the BlockSite Add-on and edit the preferences. Under the Blacklist, add a new site with the "add" button. enter the URL "http://*facebooks.com/beacon/* Hit return twice and you are good to go.

I wonder if he actually meant "*facebook.com" without an S, though.

Not sure how this works

[Anonymous Coward]

Could somebody explain how exactly they tie your other sites to Facebook if you are not logged in? Is it by email, by checking for cookies? I use throwaway emails on a lot of these partner sites so I'm not sure exactly how they're going to tie spam_address2@mail.com to myname@school.edu.

Re:Not sure how this works

[Achromatic1978]

I would presume that rather than removing cookies upon 'logout', they keep a note of the fact you're logged out, and continue to track that cookie, knowing that the last logged in user was you.

Re:

[Pofy]

>I would presume that rather than removing cookies upon 'logout',
>they keep a note of the fact you're logged out, and continue to
>track that cookie, knowing that the last logged in user was you.

Well, not nesecarilly "you", could be someone else on the same computer.

Re:

[Anonymous Coward]

Probably 'web bugs'. These are usually 1x1 pixel images, placed on the 3rd party page but served from Facebook's domain. The web bug can then access all your Facebook cookies and pass details onto the 3rd party site.

A trick borrowed from spammongers, who embed these things in emails to vaildate email addresses.

Re:

[Takato-chan]

That's how I'd imagine that "feature" or "security hole" would work. Imagine what would happen if one of these beacon sites were subjected to code injection to steal those cookies which are now publicly available. There enough information on there to do much more than conventional identity theft (stealing credit cards, SSN, etc), you could impersonate someone's entire life. Maybe someone should try that and see how popular Facebook and their violation of privacy is after that!

Re:Not sure how this works

[cbart387]

From the horse's mouth on their techniques (emphasis mine).

Third Party Advertising

Advertisements that appear on Facebook are sometimes delivered (or "served") directly to users by third party advertisers. They automatically receive your IP address when this happens. These third party advertisers may also download cookies to your computer, or use other technologies such as JavaScript and "web beacons" (also known as "1x1 gifs") to measure the effectiveness of their ads and to personalize advertising content.

See original here [facebook.com].

Re:

[arobic]

You might want to look here [ca.com] for more details on the procedure, but yes, it involves cookies. I would guess that if you clear cookies from your browser before buying online, you are pretty much protected against having your name (through your facebook ID) associated with your purchase information, if I understood TFA correctly.

Is *that* what that was?

[brogdon]

I was playing some rinky-dink flash game on kongregate.com and all of the sudden a little DHTML window panned up from the bottom of the browser and said "Tower Defense has added a story to your Facebook profile."

At that point I had three questions:

1) What is a flash game site doing talking to Facebook?
2) How do you know what my Facebook ID is?
3) Where the fuck do you get off?

I had to go several menus deep in Facebook to figure out how to opt-out of this crap. I haven't been back to kongregate since. Absolute crap.

Re:

[RuBLed]

TFA said it could be the cookies. (the usual culprit) I guess the "delete private data..." functionality of popular browsers should do the trick unless Beacon is "saving" it somewhere else.

Re:

[empaler]

Still, if you can't trust the sties that you visit to respect your privacy proactively, then you shouldn't visit them. That means not only Kongregate, but also Facebook.
I've just installed Flock for the social networking stuff; that does keep some semblance of privacy, plus it checks all the normal stuff for me (I've turned off all the annoying email fluff, even if it was only alias mail boxes I made for the sites)

Let them know

[$random_var]

It's very timely to see your comment, as I just got done emailing kongregate.com. I let them know, in a short and sweet email, that their partnership with facebook and participation in the Beacon program meant that I would no longer be patronizing their site. There are plenty of game sites on the internet, and they will only participate in a program like Beacon if it gives them a competitive advantage.

Let them know that Beacon is making them LOSE users, not gain them.

Re:Let them know

[arth1]

Um, why bitch at kongregate.com or other sites for using Beacon, instead of just ditching Facebook? Without a Facebook account, this won't a problem on any site.

Re:

[Wuhao]

Do both. Going after the advertisers is an effective way to persuade an ad-driven media company. No advertiser sticks around when they realize that their ad campaign is actively harming their company. We need more people telling sites like Kongregate that they won't be visiting since they support this shit, and then sites like Kongregate probably won't support it anymore and Facebook won't get paid for it and the entire Beacon campaign will get dropped like a ton of bricks.

Re:

[Schlemphfer]

>Um, why bitch at kongregate.com or other sites for using Beacon, instead of just ditching Facebook? Without a Facebook account, this won't a problem on any site.

Um, why not bitch at every site that buys into an abusive scheme to violate privacy -- not just Facebook, but all its minions?

Re:

[$random_var]

You make an excellent point. Unfortunately, I still want to have a facebook account, I just want facebook to be less intrusive. Facebook does have the monopoly on college social networking, like it or not, and I like being able to use it (that's a problem for another day - how to let social networks interoperate). So, given the restriction that I don't want to drop facebook, how else can I influence their behavior? By helping to cut off their revenue source. Facebook generates revenue from Beacon becau

Re: angry emails to facebook's sponsors

[giafly]

Don't do this because your angry rants can be linked with your facebook account and available for data mining. You do want a job after college I assume?

If you are non-technical:

1. send the sponsors a complaint letter in the post.
2. if sponsor runs a blog, post factual reports of this issue

If you are technical: consider the fun to be had from Beacon.

Re:Let them know

[Volfied]

Actually, you can't delete a Facebook account, only deactivate it. After reading the PC World article a couple days ago, I tried to delete mine, and was told that I could log back in any time and it would be ready and waiting for me. Something tells me they don't stop mining data from other sites just because you've deactivated the account, when they're not even willing to delete your favorite brand of toilet paper from your profile. I wiped every bit of information about me by hand, aside from my wall posts, which were simply too numerous.

Re:

[XSpud]

There are also a number of Beacon-related groups and petitions on Facebook including:

http://www.facebook.com/group.php?gid=7578845355/ [facebook.com]
http://www.facebook.com/group.php?gid=7534656429/ [facebook.com]
http://www.facebook.com/group.php?gid=6290193865/ [facebook.com]
http://www.facebook.com/group.php?gid=6188991025/ [facebook.com]

Re:

[QuickFox]

Apparently those pages become visible only if you sign up for a Facebook account and log in. How about giving us a summary or quoting the interesting texts?

Re:

[Pi Is A Rational]

Dear Facebook, Stop Invading My Privacy!! Well, facebook has done it again. First the third party applications, now their new ad program called Beacon. Why is it called Beacon? I actually don't know but if I had to guess, its because facebook is basically attaching a beacon to your web browser that would allow them to monitor your online activities on other sites, even if you're not logged into facebook. This is a big no no in my book. The data transfered between my computer and sites other than faceboo

Re:

[QuickFox]

Thanks!

But when you enter a comment, if you select "Plain old text" below the text field, your text will come out much more readable, with paragraphs.

You can also make "Plain old text" permanent by choosing it in your settings.

If you feel like posting this anew, with "Plain old text" selected, please do.

In any case, thanks.

Right, and you stayed with facebook

[SmallFurryCreature]

My opinion of people who use social networking sites is already pretty low, you just lowered it even further.

If you are upset about this, you should quit facebook. They are the ones that started this program.

To explain just how stupid you are, in the real world this would the equivelant of "politician A you elected puts in effect a law that requires libraries to record your book withdrawals. You find out about this. You stop going to libraries. You vote again for politician A".

STOP USING FACEBOOK you twi

Re:

[jrumney]

I had to go several menus deep in Facebook to figure out how to opt-out of this crap. I haven't been back to kongregate since. Absolute crap.

And yet you still go back to facebook, the source of this crap?

Re:

[presidentbeef]

I had to go several menus deep in Facebook to figure out how to opt-out of this crap. I haven't been back to kongregate since. Absolute crap.

Privacy -> External Websites ?

Privacy Settings for External Websites

Show your friends what you like and what you're up to outside of Facebook. When you take actions on the sites listed below, you can choose to have those actions sent to your profile.

Please note that these settings only affect notifications on Facebook. You will still be notified on affiliate websites when they send stories to Facebook. You will be able to decline individual stories at that time.

No sites have tried sending stories to your profile

Re:

[creativeHavoc]

I thought I would be premtive. Turn this off before it starts doing this for me. I found it in the privacy settings. It's set to level 3 by default... whatever that means. When I select "edit settings" I get this:

Privacy Settings for External Websites Back to Privacy Overview without saving changes. Show your friends what you like and what you're up to outside of Facebook. When you take actions on the sites listed below, you can choose to have those actions sent to your profile. Please note that these

Re:

[QuickFox]

Does anyone know how to turn it off before it starts?

Yes! In fact that's quite easy to do. It's only six steps:

1. Log out from Facebook.
   
2. Leave the Facebook site.
   
3. Delete all your Facebook cookies from all your browsers.
   
4. Never log in on Facebook again.

Re:

[Von Helmet]

Point the first: You apparently can't count.

Point the second: You know that's not really the solution anyone is looking for.

Re:

[QuickFox]

Point the first: You apparently can't count.

Of course I can count. You forget the obligatory two final points that somebody is bound to add any moment now:

5. ...
6. Profit!

Point the second: You know that's not really the solution anyone is looking for.

Sadly, that's true, people will indeed keep sponsoring that site with their presence no matter how badly it tramples them. But precisely because of this, my solution is the only solution that makes any sense.

This would never happen

[Hanners1979]

I'm sure Facebook would never monitor my activity on other si

It looks like you're writing a comment criticising Facebook! Would you like to:

- Delete the comment
- Tell everyone how great Facebook is?
- Add some more useless junk to your Facebook profile?
- Spam all your friends with a picture of a 'cute' travelling bear?

Re:

[StarfishOne]

- Make a custom design to guarantee excruciatingly slow page loading times? - Add CowboyNeal to your friends?

Re:

[VGPowerlord]

"Go away you paperclip! No one likes you!" -- Stewie Griffin

How do they know?

[tmk]

How do third party websites know about an Facebookm account when a user is logged out of Facebook?

Re:

[El_Muerte_TDS]

I assume that logging out on facebook doesn't mean all facebook cookies will get trashed. It probably means that only the password token cookie is deleted.

Re:

[arth1]

At a guess, by creating a P3P cookie policy that promises that they won't share the cookies with any 3rd party, and then disregard that and do just that? That will probably trick the two major browsers -- even on "high" privacy level for my browser (which isn't IE), it will allow permanent third party cookies if the site promises that it "does not collect personally identifiable information without your explicit consent". And we all know that web sites would never lie, right?

Re:

[Anonymous Coward]

The third party sites don't. They call a javascript file hosted on facebook.com every time the page is loaded. If the user has ever used the "remember me" option when logging into Facebook, then a facebook.com cookie with their login email is stored on the computer, and returned along with the request to facebook.com, which means that Facebook gets the information directly from the user along with the variables being passed by the third party web page.

Re:

[sherriw]

I would guess that if you create an account on both sites with the same email address, you can be logged out of FB, but logged in to the ecomm store and they can still link the two accounts.

Uh-oh.

[martensitic]

"Slashdot has added a story to your Facebook profile."

You think this is bad

[pat mcguire]

http://albumoftheday.com/facebook/ [albumoftheday.com] The good tin-foil hat stuff doesn't happen until the end. Whether it's true or not, the point is the same: anything you do on the internet will be known. The money and political pressure acting against your privacy will win every time.

Re:

[Silver Sloth]

anything you do on the internet will be known.

but still no one knows I'm a dog (woof).

Re:

[kalirion]

http://albumoftheday.com/facebook/ The good tin-foil hat stuff doesn't happen until the end. Whether it's true or not, the point is the same: anything you do on the internet will be known. The money and political pressure acting against your privacy will win every time.

"Does what happens in the Facebook stay in the Facebook?

You do not have JavaScript enabled. You are lame."

Good to know.

Get 'em young and innocent

[gihan_ripper]

This is just the next in a long line of privacy violations by social networking sites such as Facebook. They target a primarily young and non tech-savvy audience so they can get away with the most atrocious breaches in privacy until they overstep the boundary and do something that's blatantly egregious, even to the most innocent Internet users. With Beacon, Facebook allowed other users to see our online shopping habits. I feel that the latest revelation about Beacon "calling home" won't be as resonant with the general public. We've gotten used to a data-mining culture and don't worry about some faceless "they" having access to all this information. Perhaps if we imagined these personal details being broadcast on national TV, it would be a different story.

Re:Get 'em young and innocent

[dyfet]

Yes, but in a culture built around American Idol and reality TV, people WANT to have the personal details of their lives broadcast on national TV! ;)

I hope this will finally make people see

[Martian_Kyo]

that privacy on the internet is a myth! I am not saying that there is a database with your name and statistics of your favorite porn downloads. However it COULD be made.

Re:

[NoPantsJim]

COULD be made? Hell I made one myself just so I could find stuff faster.

Re:

[empaler]

I started backing up my hard drive to DVDs and decided that for economic reasons, I should skip the porn. And DVDs are cheap.

Re:

[Martian_Kyo]

Select pornstar, download_count from porn_stats where slashdot_nickname='NoPantsJim' order by download_count desc limit 5
Jenna Jameson 45831
Ron Jeremy 32535
Sasha Grey 29004
Peter North 28504
Martian_Kyo 21000

Oh you sure like some freaky stuff ;)

Re:

[NoPantsJim]

All I will say is that the name 'NoPantsJim' was not given, it was earned.

Now we know where the "value" is coming from!!

[phelix_da_kat]

No wonder "companies" are lining up to place investment in Facebook - they probably get access to the user activities in return for their investment! Its like a Trojan Horse - I think the original intent of the makers of Facebook was good and I do not behold any one from making a buck - but this is definitely insidious.

Facebook == new Google

[ThirdPrize]

Google stopped becoming a search engine and is now an advertising company that does a bit of searching on the side. Same will happen to Facebook. You might use it as a social networking site but it WILL become more concerned with getting ads on screen.

A Facebook Satement in Response

[Stefanwulf]

CA received a statement from Facebook [ca.com] following their blog entries, which speaks to the use of this data.

or...

[owlnation]

... Facebook users even more whiny than previously thought?
... Facebook users with even greater sense of entitlement than previously thought?
... Facebook users with even less understanding of social networking concepts than previously thought?
... Facebook users with even less sense of life's real priorities than previously thought?
... Facebook users misspending their period of youthful rebellion more than previously thought?
... Facebook users with even grander delusions of grandeur than previously thou

Re:

[ColdWetDog]

Did you confuse "Apple" with "Facebook" or was that intentional?

Facebook is dead

[CaptainZapp]

So they have a zillion of members and is that hot Web 2.0. ticket now?

So what? How long do you think "members" need to move to the next "big thing"?

This beacon thing was not only badly thought out and implemented, but Facebook as a company also seems to lie a lot.

Besides that, what about Facebook members in the EU? The sleaze they are trying to pull off is illegal in virtual any EU country (and then some).

They should have done a Google and found themselves a CEO, with respect and a network in the industry. But they seem to have a founder-CEO who doesn't seem to have managed his adolescence quite yet.

Way to go Mark!

social p2p

[wikinerd]

The problem is simple: Users post their personal info on profiles stored in a central server. Thus, it is the entity that controls the server that has control over the user's personal info, and not the user themselves.

The solution is very simple as well: Users should also be the ones storing their own personal info and profiles. People who own their own personal webpage do this. Since, however, not everyone is able to keep a computer connected 24/7, we could devise a p2p protocol for social networking.

What shugs the mit out of be...

[davidsyes]

What bugs the shit out of me is how when one adds a new app, Facebook says (paraphrasing):

"Allow application to see my profile and know about me..."

I sigh and get within a few microns of blowing a gasket. Why the HELL does Facebook not tell us WHAT it IS those programs will see?

Is facebook allowing those simple, sometimes lame, apps to know EVERYthing about us? What guarantees (none, right?) do we have that information seen by these apps won't be rerouted to entities we normally would say "no" to?

I wish Fac

Re:

[MtlDty]

I just deleted (or rather 'deactivated') my account too. Is this enough, or do I have to start deleting all the cookies too?

Re:

[morethanapapercert]

Go ahead and delete your cookies. A deactivated account is still there, just cannot be seen by normal users in searches, contact lists etc. All of your installed applications are still there, along with all of your personal data you were compelled to give the application access to in order to use the application. The only certain way to ensure the integrity of your data is to delete all personal information and settings you can, uninstall all applications and then deactivate your account. You then send an e