Ghostery is your window into the invisible web – tags, web bugs, pixels and beacons that are included on web pages in order to get an idea of your online behavior.
Ghostery tracks the trackers and gives you a roll-call of the ad networks, behavioral data providers, web publishers, and other companies interested in your activity.
Choose to block - or not. You get control at a company level - are there some marketers you trust, but others you'd rather turn away? Ghostery lets you open the valve of your web behavior as wide or as narrow as you'd prefer.
But more fundamental: don't log in unless you have to, log in only in private browsing windows or separate browsers from your other surfing, and also clear your cookies often to keep your not-logged-in browsing cleaner from a privacy perspective.
also, responding to the (grand) parent, someone else mentioned that flash cookies are cross-browser. so if fb uses those you need to also make sure that the fb browser doesn't have flash installed.
The experimental webRequest API will solve that by providing a synchronous way for scripts to deny/allow connections before any requests are made, but webRequest won't be made available to non-experimental addons for a few months at the minimum.
More info: https://code.google.com/chrome/extensions/trunk/experimental...
The only downside is that it is sometimes a hassle on pages that integrate third-party payment solutions which often have a lot of redirects and off-site scripts and iframe content. But then, like in noScript, you can always allow all or some request types from a page permanently.
It's hard enough with noscript to randomly guess at what should be allowed for a given site. You take a guess, then slowly expand the number of temp permissions til the site eventually loads properly.
Ghostery blocks a list of trackers such as google analytics, KISSmetrics, and facebook social plugins. Ghostery generally won't affect the page at all except in invisible ways, but it will remove Like, Tweet, +1, etc buttons to prevent requests from being made to Facebook/etc.
You can also fine-grain set Ghostery to allow certain trackers, like Google+ buttons, while still blocking all the others.
 The tracker that this article is about.
P.S.: Watch out as Ghostery doesn't actually work on Chrome. See https://news.ycombinator.com/item?id=3034093
For starters, it's true that a visit to a news story or watching a video will trigger a feed story. The point that most people seem to be missing is that this requires you to knowingly allow a social application. For example, in my case, I installed the social plugin for rdio (rdio.com). When I listen to a song on rdio, it publishes it to my friends ticker feeds. (Ticker is the bar on the side where likes, listens, reads, etc go). There are a couple websites that are doing read social browsing, for example the Washington Post's social reader (https://apps.facebook.com/wpsocialreader/). Again, just by visiting this page you will not trigger anything unless you have already allowed the application access.
In the past I've setup my music player on the laptop to publish the songs I'd been listening to, to my IM client (as away messages) - Adium let's me do this out of the box. It's kind of the same idea, instead this is just built in to the website you visit or music you listen to.
You can also disable any application you previously installed by going to Privacy Settings and clicking on Apps and Websites. It should all be there. You don't have to log out of facebook or close your account. Just delete all your social apps. (https://www.facebook.com/settings/?tab=privacy)
You will know since the dialog will be centered around "Add to Timeline" instead of "Authorize this app".
And that means it will be made public some day, by accident or by design.
If that is the case this whole thing is overblown. We were all thinking that BuddyApp would be able to publish your generalized browsing. Which is terrifying for a whole host of reasons.
The app requires explicit permission from the user in order to post activities automatically. The idea, if you watched Mark's presentation, is called "frictionless sharing." A lot of people don't share because it's another step, but if they could install an app like the Washington Post Reader (a great app--even Mark has it installed), they are happy with sharing articles they've read with their friends.
I understand you might be concerned, for example if you added that app without realizing that it will post content. If you are concerned about the privacy implications, you can always change individual permissions for an app by going to your account settings, then selecting the 'app' tab on the left, or by going to https://www.facebook.com/settings?tab=applications. If you are concerned about spamming your friends' news feeds, that's why we built ticker, for the light-weight activities like "watched a movie" or "listened to a song" or "read an article".
If I remember correctly, the exact wording of the app permission request was alarming enough to get my full attention ("I, the application, can post as you" or something like that), so I'm worried less about a user missing that part. In my known experiences, the app was installed with the knowledge that it will share your experiences--because the idea is you want to share your activities with your friends. As soon as I read an article, my first action is to either send the link to specific people who are interested, or post it on my wall if I think everyone is interested.
We operate under the assumption that users will not do what they don't want to do, as long as we make it explicit what might happen. And if they make a mistake, they can always go change their settings. So I'm not so worried about users who sign up for the Washington Post Reader app, which is marketed as a social reading experiment, and subsequently complain that it shares your read articles.
You might still be concerned, in which case, please let me know why (users being misinformed?), and I'll try to pass it onto the platform folks, who were really heads-down the past few months.
No, any sharing I do HAS to REQUIRE an EXPLICIT action on my part. I have to be in full control. Visiting a web site does not mean that I believe it will be interesting to my friends NOR do I want that information shared with people on Facebook.
A like button that shares, much like the Google+ 1+ button is perfectly fine, I have to hover over it, and choose my circles to share with, and then share. It is not automatic once I visit the site.
I don't want articles automatically being linked just because I visited a page, or clicked play in Spotify, or put the toilet seat up.
It is not just privacy concerns, it is the image I try to convey while using social media sites where it is common place to be friends with your boss and or co-workers. I don't need them knowing I like the Bloodhound Gang or that I read articles about atheism in the NYT but have never read a single article about religion.
Eventually all this collected data will be used against me. What if I do a simple Google search for cancer and I end up reading an article about it, that is now shared publicly, my insurance company a few years later gets a claim for cancer they claim it was a pre-existing condition and deny me coverage.
These are all scenarios going through my head. I am all for the interconnected web, and making it easier for me to introduce my friends to new content across it, however it has to be done on my terms, it has to require explicit authorisation and must never do something automatically without my consent. If I like the content enough I am extremely likely to copy and paste the URL into my social networking sites, I don't mind that extra step. Create a bookmarklet that fills in some of the forms ahead of time for me (I have a reddit bookmarklet that fills out title, URL and the sub-reddit to post in (personal one for me to share links with friends)). I am more than happy to continue using the platform, but this frictionless sharing scares the crap out of me, and will see me closing my account sooner rather than later if it continues down the path that it looks to be going down.
As much as I'm not a fan of FB re all the privacy stuff (not to mention a history of horribly under/wrongly-documented and semi-broken APIs), it's done wonders for a large generation of web users in terms of allowing them to easily (and consistently) share their lives with a lot of their friends and family. I see that aspect as a good thing.
I'm not for or against FB; it's not my cup of tea, but I might not be like the typical user. What I don't understand is the 'forced to use facebook' meme that comes up every time someone is unhappy with some changes there.
If I wanted to share a picture with 12 people, I had to send 12 emails, or CC 12 people, or BCC them because they didn't want their emails shared with people they didn't know.
Not everyone understood IM, and not everyone was on at the same time.
The bigger question would be why more people didn't latch on to friendster or myspace before facebook. It's as much a social trend as much as a technical one. As computers got cheaper and more people got net connections (or faster ones), there was more of a need/demand for sharing info. Facebook hit at the right time to capitalize on network effects amongst 'regular' folk.
Unless your friends are conveying intellectual stimulation that stands on its own, you're just reminiscing and should probably just some make new friends and call your mom now and then.
I have no idea on how you live, how old you are and who you keep as company, but I think you're going to be in the minority or already are) soon enough. It's a social organizer that everyone has opted into which means breaking from it makes it infinitely harder to remain social.
There's some merit in your argument. I've argued elsewhere that 500,000 daily Android activations means that the kids growing up now form their first impression of a "computer" to mean "smartphone" and not a desktop. This world-view is totally different, and as people who create products, we have to stop and think, are the things we are doing now relavent in an age where "computer = smartphone"?
Applying this with Facebook, we have kids growing up and learning how to socialize through Facebook. It suggests that that, unless I dive deep into Facebook, I will remain on the other side of this generation gap. As a product creator, I would make products suited for the older generation -- already obsolete. It extends outside of making products. We've already seen policy makers make bone-headed moves, attempting to restrict internet access for its citizens. That's like grounding a teenager from using Facebook. Grounding a teenager and making sure they can't use Facebook? Really?
However, on deeper reflection, this points to a huge flaw. It comes back to, "let's do this because everyone else is doing it."
I've written about this as an answer on Quora. We used to have rites of passage conducted by elders and parents. Now these rites of passage form from peer interaction. That's not such a good thing.
So yes. Stepping away from Facebook means missing out on being social. Something that's broken right now. Hmmm.
It might be sad or disappointing in your mind that people behave like this, but that's not a flaw in the logic of the behavior, just an opinion on how people tend to behave.
I'm talking about a generation of kids growing up with technology. This isn't about the value of the network increasing as people use it. It's about a fundamental shift in one's worldview by encountering the technology during formative years. I'm basing much of this on Clotaire Rapaille's work, as described in his book, The Culture Code (http://www.amazon.com/Culture-Code-Ingenious-Understand-Peop...).
Rapaille conducted a study for Nestle. Nestle wanted to open up the Japanese market for hot chocolate. Using his research methods, Rapaille found that adult Japanese never formed early childhood impressions of chocolate, and so introducing chocolate products to Japan would fail miserably. As a result of the study, Nestle shifted its marketing strategy towards introducing chocolate to Japanese children, with the idea that twenty years down the road, they can sell chocolate products when they become adults.
Half a million daily Android activations means that a generation of children grows up encountering a personal computer in the form factor of a smartphone. Having come from the older generation, I still picture a desktop computer in my mind when I see the word "computer", despite working primarily with web technologies and cloud servers. To make sure my products do not become obsolete, I have to step into the shoes of someone who grew up picturing "smartphone" when someone says "computer". It means that any web/cloud application I make must be delivered on a smartphone first, with the desktop experience being an after-thought. I can live with that. That will mean twenty years from now, software development will mean keyboard-less IDEs, but I can still live with that.
I apply the same frame to these Facebook announcement. What is it like growing up where your first impressions of social dynamics is Facebook? I can separate my online identity because I entered my teenage years in the era of text-based MUDs and email. I had access to the internet when most of my friends do not know what it is. I could and did interact with adults. But a pre-teen or a teenager growing up now, knows that you can't separate the social identity like that. What, are you crazy?
What would a society with the unexamined assumption of "Facebook = Social" look like? One that accelerates the general trend for the past several generation: further isolation from the deep wisdom of previous generations; rites of passages conducted by clueless peers that end up in tragedy; a new life stage to describe young adults in their 20s to describe an extended childhood, much the way "teenage" was invented to describe the emergence of an extended childhood.
I do not like what I see in this thought-experiment. So while I might embrace the future when it comes with mobile devices, to this ... travesty ... called Facebook = Social, I say, "bah humbug."
(And next thing you know, I'll be walking out my front door with a cane, shaking a fist, "Dang kids! Get off my lawn!")
I will skip the computer/phone stuff, I don't really think we have an disagreement about changing consumer behaviors.
Facebook=Social, your conclusions are a bit different than what I perceive. Further isolation from the deep wisdom of previous generations is not the conclusion I would necessarily make. To me it seems they could actually be the most connected to older generations simply because they are sharing a social space (facebook) with them. Sure, not everyone is going to be friends with older generations, but the opportunity is greater, the barrier for communication is lower and older generations are watching them closer than before.
Each generation has to go through its own unique rite of passage given cultural, technological and social standards of the time. I think they'll figure it out and make it work, somehow that always seems to happen.
You make an excellant point here. I have not seen examples in the wild of the kind of "deep wisdom" being shared across the Internet by private family groups, but that doesn't mean it does not exist. However, I know certain wisdom cannot pass on through the internet, can only pass on by face-to-face. They are typically transmitted through body language, physical motion, and sheer charismatic presence.
"Each generation has to go through its own unique rite of passage given cultural, technological and social standards of the time. I think they'll figure it out and make it work, somehow that always seems to happen."
This has been true only within the past several generation, and only due to Moore's Law. In other words, this uniqueness for each generation is an aberration.
Tribal wisdom used to be told through folklore, myths and initiations. These days, in the mainstream and in geek subculture, we use the word "myth" to mean "superstitious", and "something to dismiss" in contrast to "facts." The surviving stories appear in the better science fiction and fantasy novels and pop-culture TV shows. Comics. Anime. Some movies. A tiny handful of video games. Often tainted by consumer lifestyle values.
An example of what I mean, that's meta enough to discuss this within the story: Neal Stephenson's Diamond Age
It comes back to what I wrote in that Quora answer. Today, peers, not elders, conduct modern rites of passages. Elders today cannot keep up with Moore's Law, so peers conduct them. You end up losing things that still remain true, generation to generation regardless of technological changes (hence, "deep" wisdom), and you learn them from your clueless peers.
I actually thought about this point when I wrote my response, that perhaps it may be limited to the past hundred or two hundred years. However, I am not sure if that's the case or not, I don't know enough history/sociology to make any sort of qualified statement on the subject. The pace at which technological change is happening has certainly increased since the industrial revolution, and I presume that has been a major driver of cultural change as well.
I am still not really sure what you mean by learning form clueless peers. It isn't as if all the elders in a society disappeared - most children still go to school, have parents, get jobs, are exposed to role model figures. In fact what do you think of most western countries where population is actually getting older and there is a lack of young people?
I assume you mean, "cannot be passed along Facebook, or other Internet-like communications network".
Mindfulness is one example. It's difficult to convey over the internet, and still challenging in person. It's the kind of skill that requires someone present to point out when you're being mindful and when you become distracted. You can't force someone else to be mindful. Hell, you can't force yourself to be mindful. Many stories disguise lessons of mindfulness.
Fear and dealing with fear is the biggest example. All fear roots back to existential fear. Some (not all) older people have a peculiar attitude because they see their own demise coming, accept it, and live on. The TV show, Breaking Bad is a great example, a man who saw the end of his existence, stripped away all the BS and decided to leave behind a legacy.
However, it's one thing to watch characters on the screen deal with fear, and quite another to deal with your own. The mind plays many tricks to comfortably avoid fear. Another person in the same room witnessing your discomfort has significant impact; if they are able to mindfully witness and convey a sense of safety, such interaction helps you gain insight about your fear, and possibly change habits and actions resulting from that.
"The pace at which technological change is happening has certainly increased since the industrial revolution, and I presume that has been a major driver of cultural change as well."
Though off-topic, you might find this interesting: http://www.ribbonfarm.com/2011/06/08/a-brief-history-of-the-...
Venkat's blog post led me to a book, Lever of Riches ... which I think has a lot of useful insights yet seriously flawed. But, it is interesting as a survey of technological history and look at changes within culture as well. I did not know, for example, that clockwork mechanisms reached high art before the invention of moveable type. These clockwork mechanisms directly paved the way for industrialization, and accounts for the obsession some cultures have for gadgets and gadget making.
I've also asked this series of questions on Quora. Perhaps you might have some insights:
"How has the invention of moveable type accelerated the tempo of invention and innovation?" ( http://www.quora.com/How-has-the-invention-of-moveable-type-... )
"How has Open Source accelerated the tempo of software innovation?" ( http://www.quora.com/How-has-Open-Source-accelerated-the-tem... )
"How has Github accelerated the tempo of software innovation?" ( http://www.quora.com/How-has-Github-accelerated-the-tempo-of... )
"How does the tempo of innovation within Github differ from that of a geographic technology hub such as Silicon Valley?" ( http://www.quora.com/How-does-the-tempo-of-innovation-within... )
"In fact what do you think of most western countries where population is actually getting older and there is a lack of young people?"
I have not studied up on Western cultures as much as I did American and East Asian cultures. I'll think about this.
As a distraction, I offer this story. Japan has a cultural value in which the elders (now mostly from the WWII generation) believe that they can and should sacrifice themselves for the future generation, the children. It's a sort of a, strange mix of bushi and Confucian values. Another interesting thing: the Japanese Shinto values of spirit ex machina leads to a great obsession with robots and androids ... and exoskeletons to help the rice farmers continue growing rice. Because many of the younger generation do not want to farm. There's big problems with social recluses.
Yet, I have also read reports of the attitudes of the generation just now entering ... post-high school. Unlike their older siblings (about half a generation older), they ... don't quite outright reject their boomer parents workoholic attitude, yet don't seem to run and hide away in a closet. I look forward to the stories coming out of this generation. Maybe I'm wrong about "rites of passage conducted by clueless peers" after all.
The blog post was very long and I think he missed some of the major historical points (especially about finance). You should checkout The Ascent of Money for a good history of corporations and the financial innovations that made them possible. It would argue spain/portugal didn't become irrelevant because they weren't as good, it was almost because they were too successful. The flood of physical wealth prevented financial innovation which allowed the dutch and brits to get ahead.
Japan is especially fascinating to me (I am half Japanese) and the culture is very bizarre in a lot of ways. It's probably one of the most (if not the most) homogeneous society on earth. I do wonder what the effects of that are on determining people's beliefs and behaviors. For instance, would the willingness to sacrifice and contribute to the greater good be diminished in a less homogeneous society? The recluses, while a problem, I am not sure what percent they ever actually made up. There is a lot of social problems in Japan for so many different economics, political, cultural reasons. However, I do wonder how much they were blown out of proportion in the media as a scare versus a real threat to the very fabric of society. I have a number of japanese friends who would be in your recluse age group, even the worst off one (I don't want to tell their personal story here, but it's not good and probably sounds like many great struggles to find identity for young people), ultimately became a salaryman. I think they are finding their way eventually, most of them at least. It's always been strange for me to try and understand Japanese culture. I am Japanese but I don't think I would ever be considered Japanese, so it still feels almost like an outsider looking in, with maybe a slightly less foggy window.
That's a very good question. Something to mull over.
> You should checkout The Ascent of Money for a good history of corporations and the financial innovations that made them possible.
Sure. I'll check it out.
During the C64's lifetime, sales were around 15 million units in total. The C64 was "relevant" between 1981 and 1991. So, roughly 125,000 units sold a month. "Making it the best-selling single personal computer model of all time." -Wikipedia, with sources.
Computers have never sold as much as phones. Phones of any variety. So what?
I don't equate "Skateboard = Automobile" because they both have wheels. I don't change my thinking from skateboard to car because cars sell more.
I like skateboards. I like computers. Neither are going away any time soon.
I think you are confusing "relevant" with "popular" or "big piles of money i'd like to take a bath in." I applaud developers who broaden what they are doing. I applaud investors who want to make money investing in whatever makes money. But, businesses come and go. Commodore, in fact, is a perfect example of botching the business, while others continued to make the product, improve the product, and the product is still relevant.
Furthermore, Facebook didn't invent the "generation gap". It's the same thing over and over and over dating back thousands of years. "Being social" is "being human" and not necessarily "being Facebook." There's a bigger picture here.
Which is interesting, considering that many of us are here because we want to take some risk as entrepreneurs, to step out and do what people are not doing. Does that mean entrepreneurs are not social?
Facebook is definitely the most of evil of them all, but Google is also doing it.
This is an institutional desire, probably by the advertising industry, that will not stop.
I think, since this is so new, there is no clear understanding of what the "correct" privacy controls are. That is why I love the fact that G+ exists. Competition will help solve this problem.
Add app activity to your timeline
Washington Post Social Reader may publish your app activity to your timeline.
If you don't want the app to automatically publish something, then just x out that permission.
For example, Spotify, it is practically neutered unless you connect it to Facebook, but as soon as it is connected to Facebook it can send data to Facebook as me.
There was an app not too long ago that required Facebook to login, it too asked for those permissions. Now it can without my permission start sharing content based upon actions in the webapp. I am not okay with that.
The second part of the application is the social part. Again, if you don't trust an application you can always go to your app settings page on facebook (https://www.facebook.com/settings/?tab=applications), select the application you are worried about and deny specific items that you don't want the app to have access to.
If you "x" out too many things, you might cripple the application, but that's the way it works.
How much damage would it be possible to do in the 3 - 4 minutes it will take me to go back to Facebook, go to my account settings, look at my app settings, find the app in the huge list, and then start removing permissions I don't want to grant it?
After that I have to go through the effort to find the post content in my timeline, one by one delete the items and hope that my friends have not yet seen the content (and it being posted to the ticker makes that unlikely...)
So, if you don't do the second part, you should be fine?
Also, I personally would be careful in installing apps. This goes for any application (not just facebook). If you trust an app, go ahead, if not, just avoid it. This is going to be different for different people.
Edit: Ok, I think I see your point. You don't want an app to ask for too many permissions right off the bat and then you having to go back and remove them.
Again, I think this is going to be developer and users driven. The more people ask for apps to start off with minimal permissions the developers will have to comply. Does that make sense?
If they can retroactively remove them, they should be able to do so before I even grant any permissions.
Give me two columns, one "Allow" and one "Disallow" and I can drag the permissions to the columns as I see fit. Can an app give me a template or ask for certain permissions by default, yes, absolutely, but let me change them.
If you have your privacy setting in Facebook on "only me," then what you read within the app will not go to Timeline or be seen by friends outside of the app. However, _inside the app_ friends who have also downloaded Social Reader _will_ be able to see what you’ve read
If that isn't a violation of the spirit of Facebook's privacy settings, I don't know what is.
Of course it's been possible to build newsreaders that spy on people's browsing habits and share them with Facebook friends (or anyone else) since the early days of the Facebook API, but this particular app is promoted by Facebook themselves as a flagship for the way new passive sharing apps should be.
I checked the list of "authorized" apps from the post upstream (https://www.facebook.com/settings?tab=applications) and there were 4 things in the list (Bing, Pandora, Yelp and one other that I'm forgetting) none of which I'd ever explicitly authorized for facebook access. If I ever use OAuth for anything, I use my twitter account, never facebook.
Any idea how those got in there, and what setting I can use to never let them back in?
Similarly, for Spotify to do this Activity stuff, you need to give them an extended permission called 'publish_actions'.
If anything, actions are less dangerous, since the size and visibility of the content is significantly more limited than are wall posts.
Anyone saying otherwise either is linkbaiting or truly does not understand the Facebook platform.
If enough people did that (or started to from now on) the demands for extended app privileges might drop.
Why complain about features you don't have to use, when many of us like to use them?
Facebook originally just allowed you to share what you wanted to. Now it is simply ridiculous.
I run facebook on the iphone, or in a separate browser, to keep in touch with some relatives in far away countries. It is great for that, and I am very happy to be able to do that.
I sympathize with people's concern about apps requesting more permissions than they need to do their job, but here, "sharing articles I've read" is a core part of what the product is.
So if you don't install the app, and I do, what's the problem?
There are already webapps that require logins using Facebook connect and provide no alternate means for me to login (I've started creating many a fake Facebook account) and require a whole laundry list of permissions. It won't be too hard to in the future see that people are going to gloss over what permissions they are giving away so that they can get to their free article from the NYT or the Post.
This slow erosion is exactly what I am worried about. That is how the United States is slowly losing all forms of civil liberties and are slowly becoming a police state.
Naked scanners at airports didn't just suddenly happen, it was a long process with some fear thrown in from some stupid jackass with an underwear bomb. DHS used fear to allow them to patrol 150 miles inland from the United States border. The patriot act keeps getting renewed and the only reason it passed was because of 9/11.
No, saying "but it's okay right now, it won't do anything automatically unless you give it permission" doesn't help. Soon it will be "What do you have to hide? Permissions? The web is open..."
"The Eternal Value of Privacy" by Bruce Schneier, http://www.wired.com/politics/security/commentary/securityma... (article for Wired)
"Why Privacy Matters Even if You Have 'Nothing to Hide'", http://chronicle.com/article/Why-Privacy-Matters-Even-if/127... (for the Chronicle)
Not to cast aspersions, and I really don't mean this personally (which would be impossible since I don't know you), but is it possible that these friends are simply boring people? There's always an unspoken corner-case (perhaps a "center-case"?) where there are people with nothing to hide. I'm not talking about extroverts and exhibitionists who don't care how their personalities translate to the commenting-online world, but those who watch the news, have a couple of kids, go see a Luke Wilson movie, etc. and that's the extent of their external lives. There are lots of perfectly contributing members of society who have no interest in politics or celebrity, play Bridge on Wednesdays with that awesome Chex Mix that Annie makes, and so on.
Beware of selection bias.
The bottom line is that what is actually going to happen here in the real world is that people are going to connect their Facebook account to these web sites, not realize or forget (yes, people forget these things) that this web site has been given the keys to the castle to post whatever it wants on their behalf, and a ton of shit is going to get posted to the internet that was beyond the intent of the user originally clicking buttons just to get past an annoying confirmation dialog.
That said, the people fighting against this are fighting a losing battle. Facebook is basically going to control the world unless someone comes in and tries to beat them at their own game and impose their own vision of how and when information like this should be shared.
It's not as though could be browsing one day in search of "abortions Chicago" or "genital warts" and have that auto-published to your FB page. You'd have to give an app explicit permission to share activities on your behalf.
A month later, you're Googling for a local STI clinic and have no reason to believe that clicking on the top result (LocalTimes' eclassified section) is going to share your interest in local STI clinics with all your social network. But it is, because LocalTimes' single signon site which you're already logged into makes no distinction about what is and isn't to be shared, but they have made efforts to adopt this revolutionary new form of passive sharing which is going to push up their pageviews.
On another note, I'm seriously considering closing my FB account once and for good and leaving for G+. I have a good crowd of friends willing to do this (and invite their friends), but G+ offers no way to import FB data, which would be a nice feature.
G+ makes as little sense for a private person as Facebook, if not even less.
This breaks down with the deluge of snippets of information, voluminous and arcane privacy settings, and the increasingly complex and cluttered UI. It's simply impossible for a normal user to keep up with.
Frankly, it's this assumption that makes Facebook untrustworthy. Perhaps you should assume that your users value their privacy. Asking for forgiveness rather than permission works for startups, but facebook is not a startup any more. Facebook has the users. They should start acting like they want to keep them.
I totally fail to see how it can ever be a good business model to encourage users to share embarrassing stuff. Pretty sure, as a private entity who looks out for their own interest, they work to reduce this happening otherwise people would be leaving in doves.
I think most people here can probably make sense of the privacy settings, but facebook has 750 million members. I am certain most of them do not even know where to find privacy settings, let alone know how to use them. Yes, they may be idiots for posting personal data to a site they don't fully understand, but it is reality. Simply trusting facebook not to exploit these people seems naive to me.
Why would any person _ever_ want to automatically broadcast on Facebook the URL of every web page they read on a particular site? What is the benefit, to them? "How do I publicize a big chunk of my browser history" is not a problem any real person has.
The problem with this feature has nothing to do with disclosure or opting out. It's that it seems designed SOLELY for the benefit of publishers, who get more clicks and promotion, and of Facebook, which gets more social content.
Or maybe GP hasn't forgotten this and would just like GGP to admit to it.
That is a really bizarre response. If a user makes a "mistake" and unwittingly publishes something embarrassing or damaging to their feed because Facebook made that transaction possible, the damage is done.
There's no way Facebook (or anybody else) can completely prevent people from making mistakes.
So, the best they can do in that situation is give people an easy way to clean up the mess, and make sure they don't do it again.
The Guardian pretty much demanded that I installed their app. In the end, clicking 'cancel' turned out to be the non-intuitive way to actually read the article.
Yes 'cancel' let me continue with the action that I had been attempting.
What would really suck is googling something private and clicking on a result that just happens to be on one of the sites that has permission to share. Oops.
Apparently Mark would, as he has already installed the "great app" Washington Post Reader, as the OP pointed out.
PS: I understand a huge part of FB's appeal and page views is the stalker aspect, but just think of all the people that would love to be able to flag all farmvill traffic as spam or simply ignore all posts by apps.
A hide from all apps would be nice, but I think that would catch updates from cell phones and the like too.
While I have nothing against making it easier for people to share their lives or interesting things they come across, I want these things to be opt-in, not opt-out. Facebook has a history not really giving a crap about user privacy. And honestly, Facebook isn't a company I want to trust very personal information to. That's why my FB profile is pretty much only bare bones stuff and a few pictures.
I prefer Google's approach with G+ - your information is only shared with those who you explicitly allow sharing to. And they never automatically share something. You're in full control. If you're making an online identity, that's the way it should be. There shouldn't be opportunity for things to get out of your control. And I fear that the general public won't realize this is an issue until it's too late.
I'd like to point to another article that was posted here earlier: http://public.numair.com/2011_fbfool.html
Now, you can just dismiss the guy as bitter or whatever, but he does have a point. Facebook isn't the company you'd want managing your online identity. I have no problem with competition, but I have issue when one of those competitors acts sketchy and doesn't have the users' best interests at heart. It's even worse when the people either don't care or don't realize it.
Users don't read such messages, they press confirm buttons. Even if they read them most users will not understand the implications. It would be interesting to hear if you have done any user surveys related to this.
I can't see the logic in this. I don't know if I want to share something until I've read at least some of it. I don't want it shared as soon as I open it in my browser. There should be another step...
The second quarrel concerns the design of the page that you linked to. I just checked the link that you sent, and I had about 50 entries, about half of which I don't remember adding and absolutely all of them were "more than 6 months ago" (in reality, some of them were more than 4 years ago).
Using your link, it was multiple clicks with a ~5s delay in the middle to remove a single entry. If you click a second X without waiting for the first response to pop up and click ok, it doesn't visually remove the original thing you X'd meaning you can't just go through and click all the X's.
No way to remove multiple entries at once. To remove all of the entries that I don't want took me something like 5 minutes, which is completely absurd. I have always been in general opposed to facebook apps so the average recent college grad could easily have something on the order of several hundred of these entries.
For anyone who knows anything about UX, it is fairly obvious that the page was explicitly designed to prevent people from removing apps. It is depending on a "laziness" factor to get people to do things that they actively don't want to do, which is horrible. It appears to be deliberately only removing the entry when you click ok on a delayed dialog even when the client side is 100% is sure that the entry is removed (click X, click another X without waiting for the dialog, the first item X'd will stay in the list since you didn't wait for the confirmation). Either a huge UI bug or a deliberate and unethical UX decision.
My issue with facebook is not at all what features they have or what privacy settings they have. The issue is that they deliberately use underhanded tactics to get their users to do what they want them to do. In the past they would change your privacy settings without telling you, and in this case they are using a privacy setting that meant one thing in 2007 to mean something very much different in 2011.
People who aren't as technical as you and I won't even think to look for the page that you linked to to begin with. In fact, people who aren't as technical as you likely won't even realize that the reason that these stream posts are showing up is because they clicked some facebook button on a website 4 years ago.
I'll let the guys who maintain that page know about your comments about the UI. I suspect the one-app-at-a-time design is a combination of:
a) simplicity of implementation due to less code and reuse of components,
b) simplicity of use in the common case (just removing a single app),
c) not expecting people to selectively want to delete a whole bunch of apps (although there is a single "disable all" link),
d) that the platform team wants to collect ratings on the applications when you remove them to reduce distribution of apps that people don't like (and to take corrective action on apps that get bad reviews).
People who see posts on their profile page and find them irritating can easily hide them, and an immediate option is to remove that application. Each post is attributed to the application that made them. I'd say a level of web savviness is required, but not "technical" ability.
Except that pretty much every single app requested permission to post as you, even though almost none of them actually did. I don't know if this was because they wanted to leave themselves open to add extra features, or if there were obscure features that posted as you, but everything from bumper sticker apps to WSJ apps had the permission to post as you. In very close to none of these apps did they actually post without you taking a specific action and answering a prompt saying that yes, you really do want a post. I absolutely do not want any app to be able to post as me under any circumstance, and I have apparently had dozens of apps with this permission so far without me even realizing.
Because there is (apparently) no permission "allow them to post after prompting me", "allow this app to post as me" is the defacto choice for the former. If I authorized netflix to post as me in 2007, and it 4 years pass without it posting as me, then it suddenly starts posting as me in 2011 without me taking any additional action that is a serious problem, and that is the situation as I understand it right now.
See also ptarjan's comment at http://news.ycombinator.com/item?id=3034233
Really? You've never read an article that you didn't feel compelled to share with somebody? Ever?
"As soon as I read an article, my first action is to either send the link to specific people who are interested, or post it on my wall if I think everyone is interested."
In such cases, you are deliberately being selective in your sharing. I think this is as it should be.
Everyone is overloaded with information now, and one of the best ways to deal with that is to be good filters for our connections. This implies being selective in what you send, rather than broadcasting a high volume, low signal-to-noise ratio because doing so is "frictionless".
The more people act as good filters/routers of information, the better signal-to-noise ratio we'll all get.
First when I created a new list called "Hotties I still want to X." I thought only I would know what friends were going to be added to this list. Unfortunately, that isn't the case, as Facebook sent a notification to each person on that list. That was very embarrassing, thanks a lot Facebook!
Second is when I downloaded Spotify. The ease of use of installing and starting to enjoy music was great. So much so that when I chose to play my first track I forgot Facebook was notifying my friends what song I was listening to(one i want to keep private due to ex-girlfriends)!
Thanks again Facebook! You have embarrassed me twice in one week! ERRGGGghhhhh!!!!
screenshot for reference - http://i.minus.com/itBcjOfzcchw4.png
That's a BAD assumption. Average users aren't nearly as smart as folks posting here, in that they don't understand things the same way we do. If you've worked on apps with real users, or observed what even average Facebook users do, I would be very shocked if you disagree.
"And if they make a mistake, they can always go change their settings."
Try this out with your 10 non-techie family/friends sometime - ask them to show you a list of apps they've granted perms to. That experience might change how you look at users.
"So I'm not so worried about users who sign up for the Washington Post Reader app, which is marketed as a social reading experiment, and subsequently complain that it shares your read articles."
What about family computers/tablets? Dad wants to share with friends - kid uses iPad and now stuff goes to dad's timeline. Who do you blame? How do you fix this?
This assumption is either totally disingenuous or shows an extraordinary lack of self-awareness on Facebook's part.
Possibly it is true, in sensu stricto, that "users will not do what they don't want to do". But for far longer than the internet has existed, the foundation of the advertising industry (of which Facebook is unquestionably a part) has rested largely in convincing people to "want to do" things that are actually contrary to their greater interests.
In other words, Facebook has the critical mass to spawn an "opt-in" culture when they damn well please. And a network as large as Facebook has the potential to be quite corrosive to civil liberties and the social milieu, merely in how it it structured.
So I was scared shitless when after RSVP'ing I see faces of all my facebook friends and an offer to invite them. I always thought you had to do the whole facebook connect crap before websites could just splash your fb friends list at you? Then I thought about all the billion different ways facebook has to integrate them into your site and figured this must be one of the ways.
That's just all there is to it.
Just as a matter of interest, has anyone ever taken a close look at what's actually in the static content that you can download when you quit fb?
Just for reference the picture should be this:
Oh ... the way I uploaded that to imgur? Using that URL above, so clearly that is wide open to the world.
Also, there is no restriction on who can see pictures when you a direct link to an image. This is mostly due to the fact that CDNs used to store static files usually don't send cookies and thus have no concept of a session.
I am familiar with what is in the URL, and I am also familiar with CDN's. I was merely posting my rebuttal to the OP who said it was obfuscated.
It's a sad day for HN when thoughtful discussions have been replaced by such obvious sensationalism nonsense. We can compile kernels but Facebook's super-complex privacy settings reduce us to wimps.
"So I was scared shitless when after RSVP'ing I see faces of all my facebook friends and an offer to invite them. I always thought you had to do the whole facebook connect crap before websites could just splash your fb friends list at you?"
Someone was petrified that fb knows and may have already revealed something that person really wants to keep private. Sounds fairly abusive to me.
How long is until you'll be able to 'connect' to the DMV via fb? What if you're a serial scofflaw, and have a trail of unpaid speeding tickets. We already have instances of debt collectors attacking fb profiles. What if state agencies try to get in on this act?
No, you're wrong.
> Someone was petrified that fb knows and may have already revealed
Based on that someone's own mistaken idea.
> How long is until you'll be able to 'connect' to the DMV via fb?
Then just quit when that happens? Or don't let people post to your wall? Or don't friend strangers? Sorry, but these aren't rocket science and they in no way resemble an "abuse".
In the article, the writer is at issues with social apps that he allowed to post on his behalf. It's entirely different.
My take on this: the (only) problem is that Facebook has changed the way info is displayed (with the ticker feed) and in that new context, the rights we gave to social apps on our Facebook accounts have been extended. Not technically but that's what it amounts to in pratice, since it's much more likely for stuff getting posted to be seen.
Facebook is using peer pressure against privacy.
Also as a nice side effect, no more dumb share buttons on every web site.
I've always thought the complaints people make after each redesign were simply resistance to change, but this time it doesn't seem worth it to continue.
I excluded a list of people from seeing posts I made and posts other people put on my wall.
When I used the "View my profile as," I wouldn't see the excluded elements.
Once the new design launch, I realized that all these settings were lost - I can do "View my profile as" one of the people on my excluded list, and see the stuff I didn't want shown.
Accessing facebook.com/jonathanwatmough (likely not an account) shows standard 'page not found error'.
Deleting a fb account may not mean what you would expect it does. I think they are keeping my data warm for me.
And keeping your data warm too.
They are not one and the same thing, because in the latter, the priority is put on optimizing the experience for Facebook, not for the user.
Zuckerberg actually believes that there should be no privacy - at all. This is where he's leading Facebook. I believe that's a flawed vision, but he's probably sticking to it, because the less privacy you have, the more it helps the company.
My impression is that Zuckerberg honestly believes that the world would be better without privacy. Which is even worse than companies that are only focused on the bottom line, because at least they won't invade your privacy without a good business reason.
Mark Zuckerberg is dead set on making Beacon work. This is his latest attempt by making the apps do their dirty work by asking for a permission and auto-sharing.
Of course they can argue well on what are, for average users, technical details. On that level, it is possible to get entangled in endless discussions.
The real problem is that these posters seem to totally lack (or ignore) an understanding of the bigger picture of what they are contributing to.
Much better is to just nullroute their netblocks at your router. That's what I do.
You have a lot of determination! Kudos.
It's pretty simple, really: Edit Preferences -> Privacy -> "Firefox will: Use custom settings for history" -> <uncheck> Accept third-party cookies. To add an exception, click "Exceptions..." on that same page, type the domain name, and click Allow.
You can still receive normal cookies, but now third-party sites can't track you unless the sites you're visiting are sharing data server-side.
I'm sure facebook has myriad nefarious ways for tracking everyone you interact with regardless whether they have an account.
And do we need to point out Double click got caught tracking individual users and lying about it over 10 years ago.
Some sources would obviously be helpful, but I don't think anyone is kidding themselves about what's going on.
I am working up to doing the same for Google. I might transparently proxy google.com/search to Scroogle just so browser search bars continue to work.
I actually have a separate browser that I use just for Facebook. Granted I only do this because FB doesn't work for me in Chrome, but it's still a pretty easy way of getting the same result.
# NJC 08/07/10 Remove Flash cookies and everything to do with Flash, including left-over Flash files in /tmp
01 13 * * Wed /usr/bin/rm -rf /home/nick/.macromedia/Flash_Player/*
02 13 * * Wed /usr/bin/rm -rf /tmp/Flash*
Hell, here's a screenshot if you don't believe me: http://www.askdavetaylor.com/6-blog-pics/iphone-facebook-syn...
However, yesterday Facebook locked my account because I was browsing "from an unknown device" (the netbook I've been using for years, on the IP address of PyCon Argentina). I unlocked it by identifying five of my Friends from 15 photos. So it's not without its drawbacks.
This is one of a few different systems we have to protect our users - in this case from having their credentials used if they are exposed through others sites, through phishing, or through some other mechanisms. You can a little about it at https://blog.facebook.com/blog.php?post=389991097130
The social authentication is one way we help people verify their identity in these cases - you can read about it at https://blog.facebook.com/blog.php?post=486790652130 . There are others - the easiest for most people is through sending a text message to your phone when you log in from a new device, which you can read about at https://www.facebook.com/note.php?note_id=10150172618258920
If you are concerned about privacy, but not happy about having to log in from scratch each time and occasionally have to go through these steps (or not comfortable giving or not able to give a phone number for text message authentication), you might want to use a separate dedicated browser for Facebook that does have cookies enabled.
Note that these are simply filters for AdBlock Plus. If you're already using it, it's pretty easy to add a couple more filters.
You need to delete all of the Facebook cookies. Here is what cookies are retained, but you can test it for yourself to see.
While logged in:
datr, lu, openid_p, c_user, sct, xs and act
datr, openid_p, act, L, locale, lu, lsd, reg_fb_gate, reg_fb_ref
There is a "Like" widget, which shows who has "Liked" the site.
While many people reasonably aren't comfortable with Facebook knowing where you're going all the time, it is a very different thing than Facebook sharing that knowledge with all of your Facebook friends.
That feature, the one the original article is talking about, requires you to specifically opt-in before the "Bob read an article about sexual dysfunction" starts showing up in everyone else's news feeds.
I'm a little concerned that, as a website operator, I really ought to work with Facebook because it will lead to more PVs because it is advertising my site for me.
But I've been uncomfortable for some time as I watch my friends and my children slowly confuse the web and Facebook. It's easy to see a day when, for most non-techy folks, the web is Facebook.
So, I can close my FB account. But I think, in the spirit of doing the right thing for the world, the web and the future, I also have to take Facebook off my site and face whatever consequences that may bring.
Or am I being a fuddy-duddy old reactionary?
The different in FB case, that they are not "required" to track URLs so they could of chosen an alternate implementation where sites in-directly served FB scripts through their own servers. And FB would only received a request when someone interacted with their elements.
Google isn't using it to post to a users wall/feed so that advertisers have more keywords to advertise to.
Neither is Facebook. Facebook is not using their like buttons for this feature, it is a separate opt-in feature.
I don't get the freakout people have over fb potentially tracking you through something you can see (the like button) vs google doing it everywhere with something you can't (the analytics js)
That URL is being used for customization of Like button, so that on some sites you can see 'Friend A, Friend B and 345 others recommended it'.
Publishing actions requires the publish_actions permission, so if the app previously didn't ask for it, I believe you will be asked to re-authenticate the app with the new permissions.
I, for one, am going to be reviewing the apps I've previously added to ensure that none of them are doing anything I wouldn't want to. Not sure where to file FB API feature requests, but it would be nice to not have an "all or nothing" approach to authentication (this is a problem with the Twitter API as well, FWIW). For example, if an app requires X, Y and Z permissions, I might want to only allow X and Y and just not use the features that require Z.
This is how things have been for years, and if you are a more private person (like me), just reading news and listening to music "offline" and go to facebook when you feel like sharing.
On the point of 'noise', both these examples provide ways of making sense of the streams. Last.fm charts, Delicious popular streams, and tags.
Facebook is the next great advertising platform, after Google.
I'm genuinely surprised that the EU haven't stepped on Facebook yet. It's the creepiest, most invasive thing ever developed.
Unless you like to be in S/M relationship. You're the S.
Now you can say that then they shouldn't use said site, but soon this is going to become more and more common, what then?