News:

Proud member of the Vin Diesel Friendship Brigade

Main Menu

Privacy Thread

Started by Triple Zero, September 25, 2011, 02:04:20 PM

Previous topic - Next topic

Triple Zero

As I already started a "Security Thread" somewhere, I figure I might as well make a "Privacy Thread". So here.




Logging out of Facebook is not enough:

http://nikcub.appspot.com/logging-out-of-facebook-is-not-enough

Pretty fucked up. That's NOT what a "logout" button is supposed to do.

As you (hopefully) are aware, if you have a Facebook account, every website that has a Facebook "like" button (that's most blogs and news sites, etc), this "like" button, the little thumbs-up icon, well, imagine it's a tiny little Facebook-controlled cyber tracking bug. Everywhere you see it and you're logged in to Facebook with the same browser, everywhere you go, this thumbs-up icon tracking bug will send a bleep to Facebook telling them what site you just visited and they'll know what account you have, whether your friends visited the same site, etc etc.

Well, if that's not fucked up enough, I mean, it should be, but you could say people are in control of it cause they're logged in, right? (Even though Facebook doesn't really like to publicize this little fact)

Except that now it turns out, if you "log out" on Facebook, you'd assume it just wipes your FB cookies and severs the link between you, Facebook and your account, right? Wrong!! Instead they have like 10 cookies, they delete few of them, refresh some others, give you two new ones, and leave the rest alone. The end result of this is that the cookie with your Account ID, the one that links you to your FB account is still there. So basically FB marks you as "logged out" so nobody can do anything with your FB account (that's good), but at the same time it keeps the cookie so even though you're logged out, FB can continue to keep on identifying you on pretty much every website you visit on the web, whether you are logged out or not.

The only solution is to actually delete your Facebook cookies.

The other solution is, some browsers (Firefox, Opera, Chrome, not sure about IE) have a "private browsing" feature, you open a tab, and the browser keeps all the cookies from that tab separate from the rest of your browsing and if you close the tab it dumps the cookies alltogether. I would suggest you dump all your Facebook cookies right now, and only log on to Facebook anymore via a "private browsing" feature (I believe Chrome calls it "incognito mode").

addition: if you wanna read the article, don't be put off by the blocks of cookie codes :) just read the rest, he explains what's going on and the cookie code is just provided as a sort of "screenshot" of what's going on inside the browser.
Ex-Soviet Bloc Sexual Attack Swede of Tomorrow™
e-prime disclaimer: let it seem fairly unclear I understand the apparent subjectivity of the above statements. maybe.

INFORMATION SO POWERFUL, YOU ACTUALLY NEED LESS.

Don Coyote

Well fuck.

Thanks for the tip Trip.

Triple Zero

Oh, additionally:

http://www.howtogeek.com/63721/how-to-block-all-cookies-except-for-sites-you-use/

Now I haven't tried this, because it only explains this shit for FF, IE and Chrome. And I use Opera. But it looks legit, I just don't know how much of a hassle it is.

I just did somethign similar with Opera:

in Preferences>Advanced>Cookies I set it to "Accept cookies only from the site I visit" and "Delete new cookies when exiting Opera".

The first setting makes some sites that use cookies over multiple domains (for no real good reason except to discourage people from just disabling this "feature" altogether) no longer work properly. These are often "big" sites, such as Google and Facebook and Twitter.

The second setting makes logs me out of everything as soon as I close my browser.

Both of these settings I want for 99% of the sites I visit, except maybe 10-20 of them that I visit regularly and want to stay logged in over multiple browser sessions (PD.com, reddit, hackernews, etc) and/or ones that I notice keep logging me out unexpectedly because they need third-party cookies enabled (Google Mail, I expect).

So what do I do? PRESS F12 for the brilliant site-specific quick preferences menu. F12>Edit Site Preferences>Cookies and I enable or disable the setting to how I want it and Opera will remember it for that domain only. Yay!

If everything goes as planned, I should now receive significantly less cookies (most of them come from third-party domain ad-networks and traffic tracking networks1 that you probably never even heard about) and after I close and open my browser or reboot, only the few of my favourite sites should remain.

1 names that you probably never even heard about, but track as much data about you as Facebook and the like. There's one thing that (IMO) Facebook makes it worse, and that is because they can connect your browsing behaviour to your FB profile and your friends, making the data many times more valuable.
Ex-Soviet Bloc Sexual Attack Swede of Tomorrow™
e-prime disclaimer: let it seem fairly unclear I understand the apparent subjectivity of the above statements. maybe.

INFORMATION SO POWERFUL, YOU ACTUALLY NEED LESS.

Placid Dingo

Opitions for phone/iPod users?

Also, thanks Trip!
Haven't paid rent since 2014 with ONE WEIRD TRICK.

Cain

Quote from: Placid Dingo on September 25, 2011, 02:52:18 PM
Opitions for phone/iPod users?

Also, thanks Trip!

Doesn't matter, as Apple will be storing all your data on a central server in the US, where the authorities will have legal access to it.

IOW, don't buy an iphone if you intend to use it and want some privacy (full disclaimer: I am looking to buy an iphone, simply for ease of use in checking emails, maps etc)

Triple Zero

I never owned a Mac/Apple device myself, so I don't know how to secure them, nor have I really paid much attention to anything but the biggest security/privacy scandals (such as the map/location tracking thing).

It's funny how in this day and age the "tinfoil hat" actually begins to make sense. If you wrap your phone in tinfoil, you create a sort of Faraday cage and you can't be tracked. You can check by trying to call it (from another phone), if you did it properly you shouldn't be getting any signal, and therefore it shouldn't be able to send out any, either. I would imagine dropping it inside one of those metal-reflected thermo insulated shopping or lunch bags would also work.

Incidentally, you can prevent your credit cards, public transportation passes and ID cards from having their RFID chip be remotely read (yes this is entirely possible as been demonstrated on the CCC conference over 5 years ago) in a very similar way, just wrap everything in tinfoil. Or line your wallet with tinfoil, I dunno.

No I don't do that, but that's how you'd do it if you'd want to.
Ex-Soviet Bloc Sexual Attack Swede of Tomorrow™
e-prime disclaimer: let it seem fairly unclear I understand the apparent subjectivity of the above statements. maybe.

INFORMATION SO POWERFUL, YOU ACTUALLY NEED LESS.

Telarus

I saw an article about the effects of this, the "OpenGraph" and it pissed me off enough that I'm deleting my FB account.

Thanks for giving me an idea of _how_ they're attempting this, Trip.
Telarus, KSC,
.__.  Keeper of the Contradictory Cephalopod, Zenarchist Swordsman,
(0o)  Tender to the Edible Zen Garden, Ratcheting Metallic Sex Doll of The End Times,
/||\   Episkopos of the Amorphous Dreams Cabal

Join the Doll Underground! Experience the Phantasmagorical Safari!

kingyak

Since most of you are not on my FB friends list, I thought I should pass along this vital information here:

FACEBOOK JUST RELEASED THEIR PRICE GRID FOR MEMBERSHIP. 13 HUMAN SACRIFICES FOR GOLD MEMBER SERVICES, 1 HUMAN SACRIFICE PER MONTH FOR SILVER MEMBER SERVICES, THE BEATING HEART OF ONE VIRGIN PER MONTH FOR BRONZE MEMBER SERVICES, FREE IF YOU SUMMON CTHULHU BEFORE MIDNIGHT TONIGHT. WHEN YOU SIGN ON TOMORROW MORNING YOU WILL BE PROMPTED FOR A BLOOD SACRIFICE...IT IS OFFICIAL IT WAS EVEN ON FOX NEWS. FACEBOOK WILL START CHARGING DUE TO THE NEW PROFILE CHANGES. IF YOU COPY THIS ON YOUR WALL THE SEAS WILL TURN TO BLOOD AND FACEBOOK WILL BE FREE FOR YOU. PLEASE PASS THIS MESSAGE ON IF NOT YOU WILL BE EATEN BY ELDER GODS IF YOU DO NOT PAY.
"When the going gets weird, the weird turn pro."-HST

Jenne

I have in-private browsing on my (har!) Sony Saio...I guess I need to start using it.

I don't log on to FB but three times a month, if that...and try not to do so on my damned phone, either.

GAH.

Jenne

This is what it looks like, in case none of you all has seen it before:



I'm not sure if it came with the Saio or came with this version of Windows.  But I don't ever use it...and now I think I should.  Not sure how my work software supports it, but it could probably get me around whatever nanny shit they may put on my system while I'm working.

WHY DIDN'T I THINK OF THIS BEFORE???

Triple Zero

I don't think it'll get you around nanny shit, but you can always try.

Also, Facebook will of course keep tracking you until you manually clear your cookies, even if you only visit FB via a private tab from now on, cause when you close the private tab it'll only throw away cookies created within the private tab.

Telarus, got a link to that OpenGraph thing?

And yes, I'm also thinking of deleting my Facebook account. Not that I ever used it, but it still sits there being a node in that graph connecting all my friends. Not that you can count on them really throwing it away, but it might help. Maybe I should unfriend half my friends randomly and befriend a bunch of random strangers first, to throw some noise in their DB. A drop in the ocean, probably.
Ex-Soviet Bloc Sexual Attack Swede of Tomorrow™
e-prime disclaimer: let it seem fairly unclear I understand the apparent subjectivity of the above statements. maybe.

INFORMATION SO POWERFUL, YOU ACTUALLY NEED LESS.

Telarus

http://nrek.co/technology/what-facebook-opengraph-means-for-you/


Yeah, I plan to delete my account. Clear all my cookies in all browsers, and then only use FB in an incognito Chrome window... Do I need to clear my chrome cookies manually after each session as well?
Telarus, KSC,
.__.  Keeper of the Contradictory Cephalopod, Zenarchist Swordsman,
(0o)  Tender to the Edible Zen Garden, Ratcheting Metallic Sex Doll of The End Times,
/||\   Episkopos of the Amorphous Dreams Cabal

Join the Doll Underground! Experience the Phantasmagorical Safari!

Don Coyote

Ya, this is the tipping point for me. Granted I do have 3 FB profiles :lulz: one of which is there just as noise.

Triple Zero

Quote from: Telarus on September 25, 2011, 07:59:38 PM
http://nrek.co/technology/what-facebook-opengraph-means-for-you/


Yeah, I plan to delete my account. Clear all my cookies in all browsers, and then only use FB in an incognito Chrome window... Do I need to clear my chrome cookies manually after each session as well?

Huh, how would you "use" FB in an incognito window, when you deleted your acount?

About clearing cookies manually, I dunno, doesn't Chrome allow you to view what cookies you have? Just keep an eye on it? FB can only track you with cookies from a FB domain. You can probably set Chrome to wipe all cookies on exit automatically, if you like. I used to have that setting in Opera years back, it's not as inconvenient as it seems, because you usually have the same browser open all day long anyway. So you just need to log on again fresh when you boot up in the morning.
Ex-Soviet Bloc Sexual Attack Swede of Tomorrow™
e-prime disclaimer: let it seem fairly unclear I understand the apparent subjectivity of the above statements. maybe.

INFORMATION SO POWERFUL, YOU ACTUALLY NEED LESS.

Triple Zero

Heyyyyy European folks, check this out:

http://europe-v-facebook.org/EN/Get_your_Data_/get_your_data_.html

Apparently EU law says you're entitled to request ALL data FB has been tracking about you :lulz:
Ex-Soviet Bloc Sexual Attack Swede of Tomorrow™
e-prime disclaimer: let it seem fairly unclear I understand the apparent subjectivity of the above statements. maybe.

INFORMATION SO POWERFUL, YOU ACTUALLY NEED LESS.