

Why staying logged in to your FB/Twitter is dangerous - finebanana
http://finance.yahoo.com/family-home/article/112769/like-button-follows-users-wsj
The seemingly harmless "Like" &#38; "Tweet This" button on the websites you visited can be used to track your browsing habit even if you never click on them
======
edoloughlin
This doesn't seem to be the full story. If I log out of FB I still have
multiple cookies for the .facebook.com domain (e.g., c_user, which seems to
contain my user id).

The like/comment/etc. 'widgets' are served from facebook.com, so presumably
they are still tracking me.

Don't know why this article didn't mention Ghostery or <http://disconnect.me>

~~~
wladimir
You could also use multiple profiles (at least in Firefox), one for browsing
around and one for social network sites.

In that case there will be guaranteed no cookie cross-pollution as the sites
are completely isolated from each other.

Just logging out is indeed simply ineffective.

~~~
code_duck
If only... Facebook uses a Flash LSO, which is of course shared between
browsers.

~~~
wladimir
"of course shared between browsers"

Is it? Are saying that the flash crap doesn't distinguish between
browsers/profiles?

That's another very bad security problem with flash. For me, it's the final
straw. I'm going to wipe flash from all my machines now.

------
jbk
It's not really "dangerous", it is just that you give a bit more information
to FB/Twitter/$SocialCompany than you thought you would.

While, I usually logout of FB or Twitter, I have a few adblock rules to block
them on other webpages. It works fairly well... If I want to like and share, I
believe I can do it manually...

~~~
lukejduncan
From what I gathered in the article, logging out doesn't solve the problem.
The cookie works if you've logged in anytime in the last month

~~~
code_duck
Also, Facebook uses a Flash LSO. You have to clear that to really be logged
out.

~~~
jbk
I don't have Flash :D

------
pstack
They couldn't have published a more obvious story. Anyone with any sense
doesn't log into either service and you don't need to be logged into either
service for them to track you. It's amazing what freely available information
(your IP, the sites you visit, etc) can do to help turn you from an aggregate
anonymous identity into a fairly well "guessed" identity. And since webmasters
carelessly litter their sites with this third party crap, they can build up a
significant database of the places you've visisted and your habits, without
knowing much else about you.

The first thing I did when Facebook rolled out all of that garbage was
redirect everything facebook related to localhost and then created
adblock/element rules to filter out all twitter and facebook buttons, tags,
etc. I even filter out the whole "facebook discussions" crap that are attached
to seemingly 80% of pages, these days.

Then again, I guess the public lags behind such things. I'm sure there are
people out there just today learning what a cookie is, so . . . _~shrug~_

~~~
finebanana
Yeah, most people would think that those buttons on the sites they've visited
won't do anything unless they click on it. So yes, this is an obvious story to
some, but also a "why didn't I think of that!" moment for the rest. just
sayin. ;)

~~~
RexRollman
I have to agree. A vast majority of people don't know about this, and the one
who I have mentioned this to don't seem to even care.

------
compay
Ironically, the article's header has Facebook "Recommend" and Twitter "Tweet"
buttons. The Facebook one has 4,000 "likes" and the Twitter one has 235
Tweets.

------
lordlarm
Link to original story:

[http://online.wsj.com/article/SB1000142405274870428150457632...](http://online.wsj.com/article/SB10001424052748704281504576329441432995616.html)

