"Frictionless Sharing": Browser History Leaked into the Cloud
I don't want this article to be alarming, and its purpose is not to make you deactivate / delete your Facebook account or make you stop all your social online-activities. I just hope after reading it you will pay a bit more attention about your privacy, your cookies, and your browser history because seems that lots of our information is leaked into the cloud without our will.
"Frictionless sharing," Mark Zuckerberg said in his presentation regarding the Facebook timeline. It sounds like, "Don't trouble yourself with decisions... we'll take care of sharing what you do. You just sit back and enjoy the shiny new object."
FREE role-guided training plans
Still think of ourselves as Facebook's customers? We're not. We're Facebook's product; we have allowed a lot of our privacy to be eroded on Facebook. The site demands people use their real names. No big deal, it's all about family and friends, right? Except all the times it's not--but that's the price we pay.
They've made it publicly clear that they consider the notion of privacy on the internet to be an outmoded concept, and that it is contrary to their business model. Facebook has made it clear that their business is to own your online identity, and nobody pays any attention. Very few people will ever read the TOS, so most choose to be ignorant of the actual scope of the information they volunteer. The vast majority probably wouldn't care even if they were informed.
So Facebook exploits this in a myriad of ways, including passing one's information to third party apps; logging them into unrelated non-Facebook sites based on their cookie; opting users into various 'features' by default.They've taken it upon themselves to further intrude into our online lives.
Entering one's mobile information into the site will someday contractually permit them to monitor phone calls and mine them for more personal data. Maybe they'll improve their facial recognition software to be highly effective at identifying individuals based on the copious database of photos that users have supplied. Maybe they form partnerships with other major sites to generate profiles on what people buy online, the vehicles they drive, the itemized charges on their checking and credit cards, the loans they accept, the emails they send and receive, etc.
Maybe they offer all of this freely to law enforcement, governments, and any interested companies willing to pay for it. Maybe they decide that even allowing users to manage the few options currently available is too much freedom and scrap the settings altogether. Maybe they tie the site into the very hardware in our phones and PCs and Macs and tablets with 'trusted' integrated chips.
Maybe they keep pushing the line, because perhaps one of these days they will finally find the point where people beyond those ordinarily concerned about these issues will actually take notice and say "hey, wait a second..." And just maybe that will lead to a demand that our government come down and set some better rules and regulations on behalf of the public.
Perhaps at that time, more people will finally understand the folly in allowing a company like this to do as they are wont. And maybe there will be a few less apologists willing to rush to their defense every time and tell the rest of us why all of this is totally okay.
Bing search is already hooked up to Facebook. You have to log out of FB to use Bing otherwise people will see what you are searching for. Google also keeps tabs on your searches. You have to log out of Google, delete cookies then search. You will get very different results if you are logged in or still have old Google cookies. Huffpo also does search and read sharing. You have to click the button if you don't want people to see what you're reading. Those are just few examples but in a quick search you can find many others like this.
The point is that what FB is doing with their cookies is no different from what every other online advertising company does... leveraging them as the valuable product they are. If you have cookies enabled, there are at least 10 companies out there, all tracking you, trying to put relevant ads in front of you. Imagine all the online services that track your browser history. They know what bank you go to, where you shop, where you browse. Maybe they won't sell this information but I'm pretty sure they'll target ads to you. So, do you wonder where the spam came from?
So let's see how we can face this problem and protect our privacy!
- Facebook Disconnect Chrome Extension
Stop Facebook from tracking the webpages you go to.
Facebook is notified whenever you visit one of the more than one million sites on the web that use Facebook Connect and has a history of leaking personally-identifiable information to third parties. Turn off the flow of your data to them!
Facebook Disconnect blocks all traffic from third-party sites to Facebook servers but still lets you access Facebook itself.
Sounds great! BUT Disconnect has the following warning before install "This extension can access: Your data on all websites - your tabs and browsing activity - your browsing history"
Personally, I didn't use it but if you did please share your Disconnect experience.
This browser extension stops Facebook social plugins—including those within iFrames—from running on sites other than Facebook itself. This includes 'Like' buttons, 'Recommended' lists, and should also stop any Facebook scripts from tracking your browsing history.
"Trackers are watching your every click. Websites are selling your information, and data brokers are buying. Stop them in their tracks with."
Fast, easy setup
Blocks600 trackers
Web pages load up to 4x faster
Banish social networks like Facebook, Twitter, and Google+ from transmitting data about you after you leave those sites, even if the page you visit has a social plugin on it.
-Ghostery - Be a web detective.
Ghostery is your window into the invisible web – tags, web bugs, pixels and beacons that are included on web pages in order to get an idea of your online behavior. Ghostery tracks over 1,200 trackers and gives you a roll-call of the ad networks, behavioral data providers, web publishers, and other companies interested in your activity.
Browse the web without saving information about the sites you visit
Use Firefox's private browsing mode for sites which you consider risky to visit, like Facebook. Once you close the browser, it forgets everything. You were never there. Beats the flash every time.
Block widely installed 3rd party social/web 2.0 widgets to make pages load faster.
3rd party widgets from sites like Facebook, Twitter, Google Plus One, Disqus, etc. can slow down page load times when browsing on other sites that include them. WidgetBlock disables a number of widely installed 3rd party widgets so that your pages load faster. It includes options to choose the Widgets you'd like to disable. For a full list of the Widgets blocked please see the options page.
WidgetBlock disables the Widgets by preventing them being requested from the server in the same way the popular AdBlock extension works. It only prevents the Widgets from loading on other sites, so the sites that own the Widgets will still continue to work as normal. WidgetBlock can save time loading pages, bandwidth, and your privacy.
Protects your privacy by converting normal Like buttons to 2-Click buttons and thus not tracking you.
Are you worried about your privacy? Or just worried about page load times? This Add-On will convert the "Like" buttons of the major Social Networks to "2-Click Like" buttons and therefore protecting your privacy - since it's know they use it to track you.
TrackMeNot runs in Firefox as a low-priority background process that periodically issues randomized search-queries to popular search engines, e.g., AOL, Yahoo!, Google, and Bing. It hides users' actual search trails in a cloud of 'ghost' queries, significantly increasing the difficulty of aggregating such data into accurate or identifying user profiles. To better simulate user behavior TrackMeNot uses a dynamic query mechanism to 'evolve' each client (uniquely) over time, parsing the results of its searches for 'logical' future query terms with which to replace those already used.
Maybe logging out isn't enough to protect our privacy, maybe the existent tools aren't good enough, so my paranoid solution regarding Facebook is to use one browser for Facebook only, or create one windows user only for Facebook (the switch between windows users takes few seconds) but to be honest I can't do that even though it sounds safe enough.
Instead, we can restrict public access to our info as much as possible. We can keep an account open with minimal info. We won't use the info that credit card companies or banks use to verify our identity. Disconnect Facebook from other sites that we use to visit. Enable "no tracking" on our browser. Clear the cookies frequently. We won't use Facebook to logon to other sites because we'll create a "daisy chain" of our sites. Basically we should proactively block them from tracking us, as much as possible.
Maybe the world needs to be more open. Maybe people should stop hiding who they are. If everyone's dirty laundry is out in the open, you can't pretend to be a pristine, shiny person. No one is perfect. The other members of society won't be able to sit behind their masks and judge you because there will be no masks.
Right now, there are major implications to sharing everything - corporations want that info so they can make money off you, governments want it so they can control you and/or keep track of you, and people with aberrant psychologies might want it to just plain hurt you.
If you want an open world where people can share most (if not all) of their information safely, we first have to change society into a much more sane one that isn't based on money and one where there are no governments as such, or at least not governments that are run by a ruling class with a vested interest in keeping the population subjugated, like now. One where the stresses of daily living aren't as extreme as they are now which encourages those aberrant psychologies I mentioned.
Until that day, privacy is still important. Always keep in mind that if you're not paying for a service, you're the product, not the customer.
In this Series
- "Frictionless Sharing": Browser History Leaked into the Cloud
- Free Valentine's Day cybersecurity cards: Keep your love secure!
- How to design effective cybersecurity policies
- What is attack surface management and how it makes the enterprise more secure
- Is a cybersecurity boot camp worth it?
- The aftermath: An analysis of recent security breaches
- Understanding cybersecurity breaches: Types, common causes and potential risks
- Breaking the Silo: Integrating Email Security with XDR
- What is Security Service Edge (SSE)?
- Cybersecurity in Biden’s era
- Password security: Using Active Directory password policy
- Inside a DDoS attack against a bank: What happened and how it was stopped
- Inside Capital One’s game-changing breach: What happened and key lessons
- A DevSecOps process for ransomware prevention
- What is Digital Risk Protection (DRP)?
- How to choose and harden your VPN: Best practices from NSA & CISA
- Will immersive technology evolve or solve cybercrime?
- Twitch and YouTube abuse: How to stop online harassment
- Can your personality indicate how you’ll react to a cyberthreat?
- The 5 biggest cryptocurrency heists of all time
- Pay GDPR? No thanks, we’d rather pay cybercriminals
- Customer data protection: A comprehensive cybersecurity guide for companies
- Online certification opportunities: 4 vendors who offer online certification exams [updated 2021]
- FLoC delayed: what does this mean for security and privacy?
- Stolen company credentials used within hours, study says
- Don’t use CAPTCHA? Here are 9 CAPTCHA alternatives
- 10 ways to build a cybersecurity team that sticks
- Verizon DBIR 2021 summary: 7 things you should know
- 2021 cybersecurity executive order: Everything you need to know
- Kali Linux: Top 5 tools for stress testing
- Android security: 7 tips and tricks to secure you and your workforce [updated 2021]
- Mobile emulator farms: What are they and how they work
- 3 tracking technologies and their impact on privacy
- In-game currency & money laundering schemes: Fortnite, World of Warcraft & more
- Quantitative risk analysis [updated 2021]
- Understanding DNS sinkholes - A weapon against malware [updated 2021]
- Python for network penetration testing: An overview
- Python for exploit development: Common vulnerabilities and exploits
- Python for exploit development: All about buffer overflows
- Python language basics: understanding exception handling
- Python for pentesting: Programming, exploits and attacks
- Increasing security by hardening the CI/CD build infrastructure
- Pros and cons of public vs internal container image repositories
- CI/CD container security considerations
- Vulnerability scanning inside and outside the container
- How Docker primitives secure container environments
- Top 4 Zapier security risks
- Common container misconfigurations and how to prevent them
- Building container images using Dockerfile best practices
- Securing containers using Docker isolation
- Introduction to container security
Get certified and advance your career
- Exam Pass Guarantee
- Live instruction
- CompTIA, ISACA, (ISC)², Cisco, Microsoft and more!
General security
Free Valentine's Day cybersecurity cards: Keep your love secure!
General security
General security