It looks like you're using an Ad Blocker.
Please white-list or disable AboveTopSecret.com in your ad-blocking tool.
Thank you.
Some features of ATS will be disabled while you continue to use an ad-blocker.
Originally posted by kdog1982
Every site you visit tracks where you have been.No surprise there.
Originally posted by kdog1982
Not to worry,ATS does it also.
Originally posted by SkepticOverlord
Cookies may only be read by the domain that wrote it in the first place. So, for example, it's not possible for code hosted by ATS to "see" the cookies on your computer written by other sites.
Originally posted by kaleshchand
If the image is on the site you are on (as it is here) then they cannot track you. (unless you click that link to go to them that is).
Originally posted by SkepticOverlord
Originally posted by kaleshchand
If the image is on the site you are on (as it is here) then they cannot track you. (unless you click that link to go to them that is).
The tracking can't happen on our link. We use a "pass-through" page that strips referral information so that inbound traffic to FB from ATS never appears to be from ATS.
Originally posted by jazzguy
i already knew this . i have a facebook account but its only for supporting the revolution movement, ron paul, 911 truth, end the fed and so on.
i know im on the 'List'. i stopped caring about it long time ago.
I’m an engineer who works on login systems at Facebook. Thanks, again for raising these important issues. We haven’t done as good a job as we could have to explain our cookie practices. Your post presents a great opportunity for us to fix that. At the same time, your post reaches some incorrect conclusions that I hope to clarify.
Generally, unlike other major Internet companies, we have no interest in tracking people. We don’t have an ad network and we don’t sell people’s information. As we state in our help center (»www.facebook.com/help/?..., “We do not share or sell the information we see when you visit a website with a Facebook social plugin to third parties and we do not use it to deliver ads to you.”
Said more plainly, our cookies aren’t used for tracking. They just aren’t. Instead, we use our cookies to either provide custom content (e.g. your friend’s likes within a social plugin), help improve or maintain our service (e.g. measuring click-through rates to help optimize performance), or protect our users and our service (e.g. defending denial of service attacks or requiring a second authentication factor for a login from a suspicious location).
The logged out cookies, specifically, are used primarily for safety and security protections, including:
- Identifying and disabling spammers and phishers
- Disabling registration if an underage user tries to re-register with a different birth date
- Helping people recover hacked accounts
- Powering account security features, such as login approvals and notifications
- Identifying shared computers to discourage the use of “Keep me logged in.”
Most of the cookies that you highlight have benign names and values. For example, the “locale” cookie is simply user’s language and country. I do understand some of the confusion around the ‘act’ and ‘lu’ cookies. The poorly named ‘act’ cookie is a UNIX timestamp with milliseconds and a sequence number that we use to measure and optimize the speed of the site (‘act’ is an abbreviation for “action”). We use the ‘lu’ cookie to identify public computers and discourage the checking of the keep me logged in box. On single user computers, we use the ‘lu’ cookie to prefill your facebook e-mail address on the login screen if you have *not* explicitly logged out.
We also maintain a cookie association between accounts and browsers. This is a key element of our phishing protections. However, contrary to your article, we do delete account-specific cookies when a user logs out of Facebook. As a result, we do not receive personally identifiable cookie information via HTTP Headers when these users browse the web.
Finally, we’ve confirmed that we don’t, and never have, used cookies to suggest friends. If you send us the user IDs of the test accounts you created, I’m happy to investigate further.
Again, my apologies that your previous concerns were not addressed. Since your reports, we’ve introduced a bug bounty program to streamline and reward whitehat security reports (»www.facebook.com/note.p.... I hope this more secure and reliable channel will be useful for you. We really hope you’ll continue to let us know about issues you see.
I hope these clarifications were helpful. Please let me know if you’d like to discuss further.
Originally posted by SkepticOverlord
Originally posted by kdog1982
Every site you visit tracks where you have been.No surprise there.
That's incorrect, and not entirely possible.
Cookies may only be read by the domain that wrote it in the first place. So, for example, it's not possible for code hosted by ATS to "see" the cookies on your computer written by other sites.
Originally posted by Flyer
No, its entirely correct. They use _javascript to connect to 3rd party sites.
This site uses, google, quantcast, comscore, gorilla nation and scorecard research.