Facebook Cookie Tracks Users Even When They’re Logged Out

Facebook Cookie Tracks Users Even When They’re Logged Out

It’s no secret that Facebook and privacy have had some issues. Take today, for example. Thanks to a modified cookie, Facebook knows where you are online — even when you’re not logged into Facebook.

So says hacker Nik Cubrilovic anyway, after he discovered during a series of tests that Facebook alters its tracking cookie code the moment you log out, instead of deleting them. Then, when a user being tracked in this manner heads to a website that contains a Facebook button or widget, the browser continues to send “personally identifiable information” back to Facebook.

“With my browser logged out of Facebook, whenever I visit any page with a Facebook like button, or share button, or any other widget, the information, including my account ID, is still being sent to Facebook,” Cubrilovic wrote in a blog post describing the find today.

For the pissed off amongst you, VentureBeat provides this HackerNews tip:

To block Facebook from following you, you need to delete all Facebook-related cookies after logging out. You may also be able to use AdBlock Plus to block Facebook, with the following rules, as reported on Hacker News:

facebook.com^$domain=~facebook.com ~facebook.net|~fbcdn.com|~fbcdn.net
facebook.net^$domain=~facebook.com|~facebook.net|~fbcdn.com|~fbcdn.net
fbcdn.com^$domain=~facebook.com|~facebook.net|~fbcdn.com|~fbcdn.net
fbcdn.net^$domain=~facebook.com|~facebook.net|~fbcdn.com|~fbcdn.net

Next week: Facebook is totally creeping your bedroom window! [via VentureBeat]