Feeds

Facebook: 'We don't track logged-out users'

Site hits back at cookie jar claims

Protecting against web application threats using SSL

Facebook has attempted to shoot down claims that it leaves cookies on users' machines even after they log out of the social network. The response came after an Australian blogger alleged the site can still snoop on your web surfing after you've signed out.

Nik Cubrilovic, concerned about Facebook's approach to privacy, said that logging out doesn’t make a blind bit of difference, adding that Facebook still has ways to potentially track your behavior.

Cubrilovic’s conclusion after examining the behavior of Facebook’s cookies is simple: “Even if you are logged out, Facebook still knows and can track every page you visit.”

This is because instead of telling browsers to remove cookies when users log out, Facebook merely "alters" the state of those little parcels of data – including the cookie that stores your account number.

As a result, if you happen to pass by a page with a Facebook “like” button, "share" button, “or any other widget”, your information – including your account number – will be sent back to Facebook. And if you log into Facebook from a public terminal, those cookies could be left behind.

However, Facebook doesn’t agree. Whether or not Cubrilovic’s claim that he notified Facebook without response during 2010 is accurate, he certainly got a hair-trigger response from Facebook this time.

In a comment on Cubrilovic's blog, a Facebook engineer – identifying himself as staffer Gregg Stefancik – said that “our cookies aren’t used for tracking”, and that “most of the cookies you highlight have benign names and values”.

"Generally, unlike other major internet companies, we have no interest in tracking people," the insider added. ®

Reducing the cost and complexity of web vulnerability management

More from The Register

next story
Spies would need SUPER POWERS to tap undersea cables
Why mess with armoured 10kV cables when land-based, and legal, snoop tools are easier?
Early result from Scots indyref vote? NAW, Jimmy - it's a SCAM
Anyone claiming to know before tomorrow is telling porkies
Apple Pay is a tidy payday for Apple with 0.15% cut, sources say
Cupertino slurps 15 cents from every $100 purchase
Israeli spies rebel over mass-snooping on innocent Palestinians
'Disciplinary treatment will be sharp and clear' vow spy-chiefs
YouTube, Amazon and Yahoo! caught in malvertising mess
Cisco says 'Kyle and Stan' attack is spreading through compromised ad networks
Hackers pop Brazil newspaper to root home routers
Step One: try default passwords. Step Two: Repeat Step One until success
Microsoft to patch ASP.NET mess even if you don't
We know what's good for you, because we made the mess says Redmond
NORKS ban Wi-Fi and satellite internet at embassies
Crackdown on tardy diplomatic sysadmins providing accidental unfiltered internet access
prev story

Whitepapers

Providing a secure and efficient Helpdesk
A single remote control platform for user support is be key to providing an efficient helpdesk. Retain full control over the way in which screen and keystroke data is transmitted.
WIN a very cool portable ZX Spectrum
Win a one-off portable Spectrum built by legendary hardware hacker Ben Heck
Storage capacity and performance optimization at Mizuno USA
Mizuno USA turn to Tegile storage technology to solve both their SAN and backup issues.
High Performance for All
While HPC is not new, it has traditionally been seen as a specialist area – is it now geared up to meet more mainstream requirements?
Security and trust: The backbone of doing business over the internet
Explores the current state of website security and the contributions Symantec is making to help organizations protect critical data and build trust with customers.