Archive for September 26, 2011

Monday, September 26, 2011 [Tweets] [Favorites]

Logging Out of Facebook Is Not Enough

Nik Cubrilovic:

But logging out of Facebook only de-authorizes your browser from the Web application, a number of cookies (including your account number) are still sent along to all requests to facebook.com. Even if you are logged out, Facebook still knows and can track every page you visit. The only solution is to delete every Facebook cookie in your browser, or to use a separate browser for Facebook interactions.

[…]

There are serious implications if you are using Facebook from a public terminal. If you login on a public terminal and then hit ‘logout’, you are still leaving behind fingerprints of having been logged in. As far as I can tell, these fingerprints remain (in the form of cookies) until somebody explicitly deletes all the Facebook cookies for that browser. Associating an account ID with a real name is easy—as the same ID is used to identify your profile.

There’s a response from a Facebook engineer in the comments. I mainly use Safari, but I have OmniWeb configured as as “secure” browser that doesn’t store any cookies between launches.

Update (2011-09-27): Nik Cubrilovic:

Facebook has changed as much as they can change with the logout issue. They want to retain the ability to track browsers after logout for safety and spam purposes, and they want to be able to log page requests for performance reasons etc. I would still recommend that users clear cookies or use a separate browser, though.

OverDrive Adds Kindle

Glenn Fleishman:

The Kindle announcement is essentially a format extension, not a new deal between libraries and Amazon that would add hundreds of thousands of books to OverDrive’s collection. In most cases, libraries can now offer their existing OverDrive ebook collections in Kindle format as well as PDF and EPUB.

This is pretty cool. When it was announced a few days ago, only Adobe files were showing up for my local library. Now it’s showing the Kindle versions, too. However, the “Add to Wish List” feature didn’t work for me in either Safari or Firefox.

Disabling Third-Party Cookies Doesn’t (Meaningfully) Improve Privacy

Kevin Montrose:

The other is Apple’s Safari browser, which denies setting third-party cookies unless a user has “interacted” with the framed content. The definition of “interacted” is a bit fuzzy, but clicking seems to do it. No other browser does this, or anything like it. There are some laughably simple hacks around this, like floating an iframe under the user’s cursor (and, for some reason, submitting a form with a POST method). Even if those hacks didn’t exist, the idea is still pointless.

TextMate 2 Announcement

Michael Sheets:

There will be a public alpha release this year, before Christmas, for registered users.

TextMate is my preferred editor for reStructuredText.