So using links instead of the widget codes is better for your site (performance wise), privacy wise, and it degrades gracefully when people like me use Widget Blockers.
"And I am seriously thinking into serve my own copy of Twitter Bootstrap scripts instead of serving them from the Google Network."
The point of using a CDN for common js/css is to serve it as close to your users as possible as well as increase the change that they already have it in their browser cache. Hosting it yourself just means your users have to make more round-trips to wherever in the world your server lives.
BTW, Google Hosted Libraries doesn't currently include Twitter Bootstrap. You're using NetDNA's BootstrapCDN.
It appears to have an unclear lifespan. While it has been fully replaced by the Feed Dialog, it's still working now and is used all over the internet. I can see the case where it won't see any further development or features, but it's a tough call whether or not to incorporate the deprecated method or accept possible risks of the current methods - Like button or Feed Dialog.
The only thing they aren't seeing is additional analytic data they're missing out by not having there JS installed on your site, but its still enough data that they can use on there end for targeting advertisements which is what they are using this data for.
Isn't that kind of the point though - if I don't click the URL then FB/Twitter/G+ etc etc don't get notified of my visit to a third party site that includes their buttons. If I do, fine, I'm going there and they get the info, but usually I don't.
After trialling the standard js we decided to forgo the dynamic buttons for speed, security and the privacy of our users and use locally hosted images of the buttons or logos with a simple link to the social site. For the readers it's very similar experience, but a much faster solution.
"ReuestPolicy is a Firefox extension that improves the privacy and security of your browsing by giving you control over when cross-site requests are allowed by webpages you visit."
It is even better if you pair it with NoScript. Whenever I toy with the idea of switching to Chrome I am always end up sticking with iceweasel because of the lack of equivalent RP+NS functionality in Chrome. If you are currently using ghostery I highly suggest you switch to RP+NS.
Ghostery, while not as strict seems like a nice compromise. My mom uses it and she doesn't even notice it.
Default block doesn't work.
I put the AddThis button block on some of my article pages at the beginning of May. I was getting less click-throughs to my product page, so I started looking into possible causes. The Site Speed reports in Google Analytics showed that my page load times had increased 2-3x. I profiled some of the slower pages and found that the AddThis external call stack can be pretty deep. After removing them, everything's nice and speedy again, and click-throughs are back up to normal levels.
Even before the whole tracking was exposed, I always hated paypal's 1px blank gif that is integrated in their button code.
I run that on my own website and it works well.
It's not super advanced JS but it gets the job done.
My feeling is that if social interaction is core enough that it needs to appear on every single page of your site (or at least on core, highly trafficked pages) then the common way of doing this sucks on two levels;
1) Depending on other websites to load content? Madness.
I have solidified my thoughts better here: http://tosbourn.com/2013/01/development/replacing-social-med...
I have also written up how you can get the functionality without the JS in this github repo https://github.com/tosbourn/nojs-socialshare
At https://starthq.com we've opted for a half way solution by confining the share buttons to individual iframes. This way we don't prevent the tracking, but do contain their ability to break our page or grab users' data.
I always find this ironic about these articles don't track your users, or prism is watching, let's use mailvelope, some of these pages that is promoting privacy, integrates google analytics, have a share button, or some type of off server request.
Edit: Your WordPress permalink code looks fine by the way.
This is an understatement. There's no reason for them not to do it - it's fodder for them.
It was then edited (by a moderator I assume) to reflect the actual title of the post.
Which is fine if you're OK with that cost. But a lot of users aren't going to notice those links, let alone select them, copy them and paste them.
If I already have to copy and paste a link, why not the actual page URL?
You use this to make regular links that users can click, instead of buttons loaded inside iframes, etc.