Cookies for Everyone

By Shamus Posted Thursday Mar 24, 2011

Filed under: Notices 293 comments

splash_cookies.jpg

Blurr had this to say in the comments the other day:

I am very much against Facebook integration on other websites. I know I can't be the only one. I tried a while ago to figure out how to block Facebook when I'm not on the main Facebook website, but couldn't find anything.

My concern is that because this “like” link appears on blogs all over the place, Facebook can get a pretty good idea of my browsing habits. I am against this on principle.

It also seems to me that very few people use the like button.

I have been a reader since near the beginning of DMotR. Your website is one of the few that I have white-listed in ad-block (though sometimes ads don't load anyway :S ). Please remove this terrible thing from your blog.

My first reaction was that this was a bit paranoid. I was sure the button wouldn’t do anything unless you pushed it. It turns out that no, that is not the case. In fact, Facebook keeps track of where it sees you. If a page has a Facebook button on it, then Facebook knows you were on that page. We don’t know what they do with that info, but we know they have it. Here’s the thing:

The problem is with web cookies. A cookie is a small text file created by your web browser. It stores “name / value pairs”, which is fancy programmer talk for stuff like this:

username=PresidentSkroob
password=12345
last_visit=March 24, 2011
mobile_user=no

It lets websites store information on your computer. These files are keyed to the domain name. So, Facebook can only read cookies created by your visit to Facebook.com and The Escapist can only see inside of cookies created by your visit to escapistmagazine.com. The information contained in a cookie is sent when you visit a site. So, if I previously visited Facebook on this computer, it will send my Facebook cookie, which will let Facebook have my name and (if I so choose) password. That way I don’t have to log in every time I visit the site, and it can know ahead of time if I want the lightweight mobile version of the page or the all-singing, all-dancing, graphic-heavy full version. If I go to another computer, it won’t have a Facebook cookie on it, and so I’ll have to type in my name & password to log in.

Even if I tell FB not to save my password, it still saves my username. That username gets sent when I load the page, even if I’m not logged in. See, that little button at the bottom of this page is actually a little sub-webpage. It’s a little window with a Facebook page inside of it. (Same goes for the ads on the right. That’s a sub-window with a Google page inside of it.) When you visited this page, your Facebook.com cookie (assuming you have one) was sent to Facebook. Facebook sees your username, and because of how HTTP headers work, it also sees that you visited from shamusyoung.com. Ergo, Facebook knows you were here. Of course, this only applies to webpages with Facebook features. Facebook has no way of seeing where else you might go.

It’s important to point out that this is not some nefarious new thing Facebook is doing. Everyone uses cookies. This site remembers the name you use in the comments because that stuff is stored in a shamusyoung.com cookie on your computer. Google uses them. Battle.net uses them. Blogger.com. My Space. Youtube. The Escapist. Google. Yahoo. Blogspot. Wikipedia. Twitter. Anywhere that you log in knows at least your username and the last time you visited.

The reason people get worked up about Facebook is because it’s so ubiquitous. (And because the founder of Facebook is reportedly a complete douche.) Nobody cares about Yahoo cookies because Yahoo isn’t lurking in the corner of every page on the web. The problem isn’t that Facebook is more hostile to privacy than other sites, it’s that Facebook naturally has access to data that other sites don’t, because they’re less popular.

You can decide for yourself how much this bothers you. Some people won’t stand for it because they’re concerned about privacy. Some people won’t stand for it because they’re paranoid cranks. Some people don’t care because they’re not concerned about the data involved. Some people don’t care because they’re oblivious. There are reasonable people and morons on both sides of this.

If you’re really concerned about this, there are things you can do. You can set your cookies to be deleted every time you close your web browser. It will make it impossible for Facebook to see where you are, even when visiting sites like this one.

firefox_privacy.jpg

Of course, if you clear all cookies every time, then you’ll have to always enter your your full name and password every time. So this is a classic trade-off between convenience and security. Those two never get along.

For a blog like mine, word of mouth is life. You need a stream of new users just to replace the ones that wander off. Some people get mad and leave. Or lose interest when I change focus to something outside of their sphere of interest. Sometimes they just get tired of me. It happens.

An example: I love James Lileks. If Old Man Murray was my inspiration to start writing comedy about games, Lileks was the inspiration for my more personal stuff. The blog is especially great for a nostalgia fetishist like myself. I love stopping in for a dose of, “Time is passing like a vapor. You’ll be dead before you know it. But in the meantime, check out this kitschy slice of 60’s pop-culture!” But last year I stopped visiting his site regularly. He’s as fun as ever, but after a decade of reading I no longer felt the need to check the blog every morning. It happens. I’m sure it happens to my readers all the time.

So replenishing the herd is a must. (You don’t mind if I call you a herd, do you? No? Cool.) There is nothing I can do to directly draw in new readers, short of forum spam and link-begging on more popular sites – which is one of the most labor-intensive ways of wasting one’s time. No, I need word of mouth, and the Facebook Like button is the perfect tool for the job. It’s governed entirely by readers. People press it when I do something they like. That action will appear on their Facebook page and attract their friends, who probably share a lot of common tastes and interests. It takes my best material and promotes it to people who are most likely to enjoy it. Even if I was willing to pay money for an advertising campaign, I wouldn’t be able to find something as effective as that little button.

 


From The Archives:
 

293 thoughts on “Cookies for Everyone

  1. Max says:

    No comments? I guess the facebook thing scared everyone away.

    1. David Armstrong says:

      User: Hey, this Facebook thing is creepy. Can you please remove this creepy feature from your blog?

      Shamus: No, because I like the creepy part about it. It gives me audience, which means popularity and internet dollars.

      Way to sell out!

      1. Shamus says:

        Are you seriously accusing a broke-ass unemployed guy of “selling out” because he doesn’t bow to one complaint? Look, if I wanted to “sell out” I could quit writing this blog and take a desk job. I do this because I have a passion for it. I do the Facebook thing because it helps me reach my audience. I don’t sweat the like button because it’s pretty easy for YOU to deal with YOUR privacy worries without insisting that I remove features from MY blog.

        If you can’t be arsed to dump your cookies, it doesn’t mean I’m a sellout.

        Follow Blurr’s example. He managed to register his complaint without making this personal.

        “Internet dollars”?

        Jerk.

        1. (LK) says:

          I’m probably a bad person for finding that reply so entertaining.

          1. Bryan says:

            If that’s the case, I’m sure you have lots of company…

        2. Daemian Lucifer says:

          Internet dollars just makes me laugh buddy.

          http://www.southparkstudios.com/full-episodes/s12e04-canada-on-strike

          1. Alexander The 1st says:

            http://xkcd.com/512/

            It’s what I thought of immediately with “internet dollars”. That is all.

          2. Jeremiah says:

            I’m not your buddy, pal!

            1. Von Krieger says:

              I’m not your pal, guy!

              1. Irridium says:

                I’m not your guy, buddy!

        3. Slothful says:

          Dumping your cookies just sounds nasty.

      2. Neil Polenske says:

        “Shamus: No, because I like the creepy part about it. It gives me audience, which means popularity and internet dollars.”

        Here’s what I love about this: He’s absolutely right. You say as much in the last half of your post that you put that button there to gain popularity. You ARE selling out…

        Which you are COMPLETELY justified in doing!

        What tickles me the most about this is that I just finished watching 2012 (yes it’s dumb as balls, but doesn’t stop it from being fun as hell) who similarly attempted to vilify perfectly justifiable actions through a strawman politician and I sided with him on EVERYTHING he said because – like here – trying to present perfectly reasonable actions in a poor light doesn’t hide the fact that they are perfectly reasonable actions!

        1. Shamus says:

          I’ve always taken “selling out” to mean “abandoning the quality of your art in favor of money”. Like, abandoning the edgy experimental music you love to make top-40 fluff that you don’t.

          If it means “doing what you love, and trying to be successful at it”, then THE HIPSTERS HAVE ALREADY WON!

          1. Nihil says:

            I know people who call Minecraft players “hipsters”. Seriously.

            1. Irridium says:

              At this point, it seems “hipster” just means “person who does/wears/listens to/eats” stuff. Basically, any other person.

              Which would mean hipsters are mainstream. Which, if true, is absolutely hilarious.

              1. Lame Brain says:

                LameBrain likes this

              2. Ivan says:

                Holy shit! what happens when it becomes mainstream to be a hipster!?!

                1. Syal says:

                  …it becomes hip to be square?
                  Again?

                2. Daemian Lucifer says:

                  It becomes hiphip?Hooray!

          2. Nihil says:

            [double comment]

          3. Ingvar says:

            I don’t think I’ve ever had a notion of “quality” attached to the phrase ‘selling out’, only (perceived) motivation. I don’t know what these “hipsters” you are referring to are, though. Some sort of new-fangled waist-high wading trousers?

            Where was I? Oh, yes, of course there is the fear that changed motivations will bring changes in quality. However, I doubt the presence or absence of “the Facebook Like button” will make a huge difference to the Shamusian mindset (yes, I am talking about you, in the third person, sorry for that). Doesn’t make much of a difference to me, personally, not having an actual Facebook account to feed them my browsing habits to.

            I certainly hope that having the Like button where it is will bring more (new or old) visitors than it pushes away (and you have log access, so you should be able to tell).

            1. ccesarano says:

              The way I see it, we’ll know when Shamus sells out because he’ll start praising some company’s new DRM scheme as innovative, awesome and perfectly in the rights of that company.

              1. Ingvar says:

                I am pretty sure that if Shamus sells out (I am, at the moment, of the opinion that he hasn’t), we will all notice. It may even be that we can go back and say “Ah, yes, the first post that shows signs of sell-out was his article about the wingdingaring DRM system, the one he post ed 2099-02-29”.

                1. Moridin says:

                  I wish I were as certain as you are. But Shamus is so good and entertaining that I’m sure he could keep people from realizing it for at least a few weeks.

            2. Andrew B says:

              I’ve always assumed a quality loss to “selling out” personally. To me, it implies sacrificing either moral or artistic integrity to earn more money, with an equivalent drop in standards. So, as others have said, if Shamus started easing off on games with DRM or on terrible console ports just because it meant he got better access to more games or got lucrative games company advertising contracts as a reward. That would be a “moral” sell out and likely lead to a percieved (by current readership) drop in quality. If there is no drop in quality, it’s just being successful. (Which is totally orthogonal to selling out. One can be successful, a sell out, both or neither.)

              1. silver says:

                You know, I’ve always associated a quality loss to selling out, too. Except, um. I haven’t done so consistently. Because I often think “sell outs” when I hear some band’s song in a commercial “too soon” after the song was released.

                But whether it’s soon after the song was released, or a long time after the song was released, presumably they wrote the song without thinking of future commercials, so really I shouldn’t consider it “selling out”. (It IS selling out when they write the song specifically to attract advertisers to buy it for commercials, though :)).

            3. Zukhramm says:

              But where is this change in motivation? Wanting readers? I thought that was the point of a blog and something that has been around from the start.

              1. Ingvar M says:

                I don’t know where it is, I have yet to see it demonstrated. I am hardly the world’s most skilled Shamusologist and I believe it’s more a case of “yah, I shall keep the Likes button there until I see it being less useful than it seems now.”

          4. Irridium says:

            Reminds me of the comment Yahtzee made at the end of one of his videos.

            “We should always support the small, garage-based independent developers. At least until they sell a game, the cold, sellout fucks.”

            Or something like that.

            Which I could remember what video thats from.

            1. Lame Brain says:

              Probably Braid

            2. Neil Polenske says:

              Twas Amnesia: The Dark Descent actually. Also, in regards to the ‘hipster’ side-topic, I find this relevant:

              http://thepunchlineismachismo.com/archives/540

          5. Slothful says:

            I was selling out BEFORE it was mainstream!

  2. Geoff says:

    I guess this article hasn’t been up long (based on the number of comments) but I was dissappointed to read “It also seems to me that very few people use the like button” and not see something like “400 people like this!” at the bottom of the page in a hilarious bit of irony. ^_~

    1. krellen says:

      I couldn’t “Like” something if I wanted to, since I don’t have a Facebook account.

      1. Johan says:

        Same. I just never really saw the need… and now I’m too lazy to get one. Everyone I want to talk to has my phone number, and everyone I need to talk to has my e-mail.

        1. dyrnwyn says:

          I never saw the need either. Then I actually got an account. It changed nothing.

        2. Daemian Lucifer says:

          Ditto.People around me all have facebook accounts,but I just dont need it.And I dont care about the others having them,because its their choice.

          Interesting thing though,about a year back or a bit more,I was frustrated by people going “You have to go to facebook,its awesome!”,even when I expressed my disinterest.Yeah,you like it,but I dont,so stop pestering me!Now,however,I find facebook haters to be the more annoying bunch.Just because I dont like it,it doesnt mean others cant like it as well.Yet there are so many people now that think exactly that.And though they arent preaching to me directly like the previous annoying group,they still are getting on my nerve.

          1. Ross Angus says:

            Check out number 2 on this list:

            http://www.cracked.com/article_19029_6-things-social-networking-sites-need-to-stop-doing_p2.html

            I don’t have a Facebook account either. But they know all kinds of stuff about me.

          2. Nick-B says:

            I don’t have one either. Yet both of my grandmothers and all my cousins are on it. I am so ashamed of my family.

            By the way, whenever I think facebook, I think of this comic. specifically points 1 and 2: http://theoatmeal.com/comics/websites_stop

            And I can never link to the oatmeal too many times. Another facebook-related comic, which is the main reason I point to as to why I don’t want to use facebook (because the other reason “I just don’t wanna” doesn’t hold up in arguments): http://theoatmeal.com/comics/facebook_suck

        3. Slothful says:

          Theoretically, you can use it as a communication tool, but that’s not been going so well for me.

      2. Pete the good says:

        I’ve been on Facebook since about when it started, I was a high school kid with a school email address. Honestly, I use it as an addition to my phone’s contact list and a blog. I like it because it is ubiquitous, and thus far exceptionally harmless in the way my world works. It’s a tool… Not everybody wants to use a hammer because of the risk of hurting myse… Errr, themselves.

      3. Audacity says:

        This was the first thing that occurred to me. Why would someone so worried about about Facebook knowing their browsing habits, but too lazy to automatically delete cookies, have a Facebook account to begin with? If your privacy/anonymity is so important to you why would you want to paste your personal information on a site where most anyone can access it?

    2. ClearWater says:

      I tried to “like” it but it asked me to log into Facebook and I don’t have an account there.

  3. Mycroft says:

    I wonder how many likes this will have by tomorrow. I never click the like button on pages, but here it just seemed right.

      1. Henebry says:

        I was #62 to like this page.

        Even the really popular pages often have few likes. But now I know what you’re hoping to gain from FB integration, Shamus, I’ll try to make a point of using it.

        1. dyrnwyn says:

          I just realized that the “Like” button is a way for me too tell even more people about your blog even more often. You see I have no life so all I really do is read this and Cracked. So that’s all I have to talk about and I have to awkwardly insert them into every conversation. Thanks Facebook for helping me annoy people!

  4. Chris says:

    Don’t know if this addresses the cookie tracking issue, but check out the Facebook Disconnect chrome extension: https://chrome.google.com/webstore/detail/ejpepffjfmamnambagiibghpglaidiec

    1. mike says:

      Thank you, sir.

    2. DanMan says:

      That is awesome. Thank you.

    3. A Different Dan says:

      I was scrolling through the comments to see if someone had already mentioned this addon… And since someone has, I’ll add that this works fabulously, with one caveat: If someone hotlinks photos from their facebook photo album, this plugin will suppress the photos from displaying. (I only know this because someone I follow on livejournal routinely posts photos in this way, and all I see are the text tags)

  5. David F says:

    The button definitely uses your personal data. For example, I have my language on Facebook set to Pirate, and the “Like” button on this page says “Arr!”

    The setting to delete cookies when I close my browser would be pretty useless for me, as I have my browser open pretty much 24/7. Mostly for Gmail, but also for other stuff I don’t want to get to right now but don’t want to bother with a bookmark for. I know there are better ways to do that, but this is what works for me.

    1. Klay F. says:

      You could also manually delete your cookies every so often. On my Opera browser it takes all of two seconds.

    2. Kyte says:

      It doesn’t really “track” it. The like button’s actually an iframe showing a facebook.com page, so you’re basically embedding a bit of facebook.com on your page, which will naturally be able to grab data from its own cookie. From there, it’s basically the same as any other setting.

  6. RichVR says:

    I’m not on Facebook. I think it sucks donkey balls. If you’re on Facebook it’s your choice. Complaining about it is silly.

    1. Strangeite says:

      Unless you aren’t the only one that uses your computer.

      I refuse to have a Facebook account for a multitude of reasons that I won’t go into here (I have something of a reputation among my friends for ranting endlessly about the evils of Facebook) despite the fact that I love the concept of social networking.

      However, during the peak of the Beacon fiasco, wherein Facebook was not only following where you go online, but posting what you were doing at third-party websites to your “friends”, my wife informed me that she was going to create a Facebook account. I explained in a logical and thought manner how this is wrong and she really should reconsider. But she wanted to be able to play Scrabble with family.

      Oh well, such is married life. So, I set about scouring the web to find information on how to prevent our computer from reporting to the mothership. It was hard. The short story was that it was basically impossible to prevent Facebook from installing Beacon but by using a multitude of plugins and a merry-go-round of updating a blacklist, my wife was able to play Scrabble and my computer would not tell Facebook what I was checking out from Blockbuster.

      I don’t trust them.

      1. Nathon says:

        Hear, hear for not having a facebook account. My solution to the married problem: get the wife her own computer. That way she can play StarCraft (the first one) with me!

        1. RichVR says:

          Yes. My wife, an intelligent and clear headed individual (usually), plays Farmville. She has her own computer to pollute.

          1. Strangeite says:

            We have 5 computers in the house but with the exception of the Linux box in the workshop, she (or the kids now) might hop on any of them.

            And I really can’t say no, because I am a big believer in the whole “what is yours is mine and mine is yours” thing.

        2. McLokast says:

          Wow, you still play StarCraft? Come on man… everyone knows Brood War is where it’s at.

      2. lazlo says:

        Cookies *should* be user account specific, meaning that a different user on the same computer should have a different set of cookies.

        I do find it amusing that this is a problem that applies to people whose dislike or distrust of facebook is so great that they don’t want to let FB know where they’re browsing, but not great enough that they don’t want to have a FB account. It’s the same sort of love/hate relationship that I suspect alcoholics have with beer. Or like Schneier’s description of the TSA’s no-fly list of people so dangerous we can’t allow them on planes but so benign we can’t arrest them.

        Of course it’s not entirely right to say that not using facebook solves the problem. The request to FB also contains your IP, and short of something like TOR you can’t really get around that. And these days your IP is likely to be nearly static. So given access to the data, it would be fairly trivial to correlate the IP data from the “like button” request with IP data from google or the escapist or yahoo or wikipedia or wherever it is that you actually *do* log in.

        So I guess what I’m saying is that people are either way too paranoid or not nearly paranoid enough, or possibly both.

        1. Tizzy says:

          I’m also a non-FB’er, but I think you have to recognize that not all of the FB users are simply addicts. It is a sad statement of the exaggerated importance taken by FB that some people feel the NEED to have a FB account simply to keep up with what’s going on with their friends and family.

          I know that I’m totally out of the loop of what’s going on socially with my friends at work, and I see these people EVERY DAY. Yet, to know what’s on their mind and what they’re getting up to in their spare time, I would have to join FB.

          Sad…

          1. Raygereio says:

            Wait, did you just say: “Yeah, I could do something as fancy as talk to my coworkers during lunch, etc. But they only want to talk with me over facebook :(”

            That is honestly the most depressing thing I’ve heard today. I’m now picturing a lunchroom filled with silence and people hunched over their stupid apple-phones and I am sad.

            1. Andrew B says:

              Considering some co-workers, that sounds like bliss to me!

            2. tengokujin says:

              A TED talk that I’m reminded of:
              http://www.youtube.com/watch?v=5XD2kNopsUs
              And it’s kinda true. Work is full of distractions. :/

            3. Tizzy says:

              Not really. But I’m much more likely to hear about work stuff from them at work.

    2. Factoid says:

      I think the point here is that even if you’re NOT on facebook, they can still track you by a cookie. That cookie is not associated with a username, but it’s still there.

      In my opinion it’s no worse than the standard doubleclick cookies, unless they’re tying it to your actual identity (which they probably are if you’re logged in to facebook or save your password in a cookie)

  7. Ramsus says:

    Personally I’m of the view that companies are so big and politicians are so corrupt that pretending I actually have any privacy to protect is a waste of effort. When compared to the more scary and invasive ways companies like to invade privacy facebook knowing which sites I like doesn’t even register on my rampant paranoia threat alert meter.

    1. Slothful says:

      So are you giving the okay to publish the pictures?

      You know–those pictures.

    2. Jarenth says:

      I’ll have you know Facebook specifically told me you ‘Liked’ this page, Ramsus. Out of all the (currently 90) people who clicked that link, I was told that ‘[Ramsus’ totally real name, ohmygod] and 89 others like this.‘.

      So I guess what I’m saying is, your attitude is very much grounded in reality.

  8. Andrew says:

    I came on here to suggest the same Chrome extension that Chris did, above. Disconnect is fantastic. It strips all of the Facebook, Digg, Google, Twitter, and Yahoo! social buttons off of pages. In some cases where such embedding borders on the absurd, I’ve actually noticed some performance and speed gains.

    A good case in point is Notch’s tumblr blog:
    http://notch.tumblr.com/

    Give that page a try without, and then with, the Disconnect extension. Page load time goes from roughly 3 seconds down to 1 second here on my desktop.

    Another nice extension that works well in conjunction with Disconnect is Ghostery:
    http://www.ghostery.com/
    “Ghostery sees the invisible web – tags, web bugs, pixels and beacons. Ghostery tracks the trackers and gives you a roll-call of the ad networks, behavioral data providers, web publishers, and other companies interested in your activity.”

    1. Volatar says:

      Thanks for linking me this. I am now really liking it.

      1. ClearWater says:

        With the Like button?

    2. RichVR says:

      I’ve been using Ghostery, NoScript and RequestPolicy on Firefox for quite a while now. Sometimes it means a few extra clicks to fully allow a page I want. But I consider that a minor inconvenience for the peace of mind that they give me.

    3. perry says:

      ie9 has this thing called tracking protection. it blocks many things, including facebook like buttons. the best thing is, you don’t have to do anything, just click ‘turn protection on’.

    4. A Different Dan says:

      Let’s make this into a full-blown recommend-a-thon!

      CookieSafe lets your Firefox install deny or allow cookies for specific pages or sites.

      NoScript does much the same with JavaScript, Java, and Flash (and alerts you to cross-site scripting attempts while it’s at it).

  9. Felblood says:

    Facebook has just gotten access to my most potentially damaging secret through means that I knew were possible, but never even stopped to consider.

    Would it have hurt for someone to point this out a week ago?

    Oh well, here’s hoping they never manage to collate the data in such a way as to reveal the damning truth.

    1. Klay F. says:

      ‘ve said it before and I’ll say it again, Google knew your secret before even you knew it. Google honestly makes Facebook look like a supervillian’s retarded little brother.

      1. Aulayan says:

        And the datamining credit agencies?

        They make Lucifer look like a pansy.

        That’s why I don’t sweat facebook. There’s worse out there we can’t do anything about (Short of going all Hermit in the Woods)

  10. Mark says:

    I liked it better when facebook stayed on facebook.com, separate from other sites. I usually read this blog via RSS though, so it doesn’t really affect me.

    Still, I put the following custom rule in AdBlock (Chrome):
    ##IFRAME[src^="http://www.facebook.com"]

    I’m not sure if this just hides the button or actually blocks its request (the details are a little sketchy), but all iframes whose src attribute begins with “http://www.facebook.com” are removed from the page.

    1. Mark says:

      Better yet, you can just go to “Options” > “Customize” > “Block an ad by its URL” and enter “http://www.facebook.com/plugins/like.php” as the url and “*” as the domain. This does prevent the request from being made.

      1. Mewse says:

        Likewise, you can also block

        http://platform.twitter.com/widgets.js
        http://widgets.digg.com/buttons.js

        to block the “tweet” and “digg this!” buttons from those two sites, which have identical privacy concerns.

        I’m sure there are many other sites with these sorts of buttons as well. But blocking just these three has improved things dramatically for me. Almost as much of a speed boost to my web browsing as the first time I turned on ad blocking. :)

        1. Alexander The 1st says:

          Er, Twitter’s not as likely to dispose all your data as public.

          At least, as far as I know. I can stay more anonymous on Twitter, at least. And I’m sure my bio is larger than 140 characters.

  11. RTBones says:

    There is an old saying that somewhat applies: security is not user friendly.

    I think I may fall into the “reasonable moron” category. I understand why stats are taken, but I would like a way to opt out of it EASILY (ever try opting out of doubleclick?.) I don’t want amazon or itunes recommending things for me based on my purchase history, thanks. If I’m shopping, I’ll find what I need or ask. I don’t keep a browser history, and delete the cache every time the browser closes. I don’t store my credit card numbers on airline websites, amazon, steam, itunes, etc. Yes, it means more typing for me. It also gives me at least a little peace of mind – because while I know a nefarious hacker can find out where I’ve been and all that – I’m at least going to wipe my feet on the doormat.

  12. Fists says:

    also if you have admin access to your router or local firewalls you can block the facebook domain which should keep it out of your junk

  13. Will says:

    Its good to see someone finally explain all of this. Its kind of hard to explain to some friends how Facebook isn’t an evil 1984 social network.

    About Mark Zuckerberg being a douche, there is some truth to that but its a common trend that the kings in Silicon Valley are dicks. Zuckerberg is one of the least dick-ish, at least when compared to crazy Steve Jobs or ol’ movie villain Bill Gates. Thats not to say I dislike Bill or Steve but all the kings of Silicon Valley carry some heavy baggage (see: Pirates of Silicon Valley (1999) and Mark Zuckerberg’s 60 Minutes Interview*) but I wouldn’t ever wish anything bad on them. There all dicks in their own way but I wouldn’t have them any other way.
    *I would say The Social Network but as great as the film is, its about 80%-90% fiction.

    1. SKD says:

      Maybe you have difficulty because Facebook is an evil 1984 social network.

      Ever wonder why the defaults for Facebook’s privacy settings are to share everything with everyone? Or why they get in trouble everytime they make any changes to the privacy settings. Mark Zuckerberg’s own opinion of privacy is that there is no need of it. In other words you have no need to keep anything about your life to yourself.

      For example the default for any service offered should be that you have to opt-in to it and loosen up privacy settings. Facebook sees the fact that you have an account as a default opt-in to any services they add. When they added Facebook Places you were automatically added to the service and the defaults were to allow friends to check you in anywhere. Or Facebook Groups where, by default, any member of a group can add you to that group without even asking you if you want to be a member of that group.

      1. ccesarano says:

        I’ve been using Facebook since it required you to be a College student, and I’ve never known it to just allow people to add you in a group without it asking you first.

        1. perry says:

          you can add any of your friends to a group that you yourself are a member of. without any action on the part of your friend.

        2. The new groups allow it– in fact that is how people get added, you can’t add yourself, but you are informed immediately and can immediately opt out. I don’t like the way they did this though it does mean that people can choose who they want in their group, unlike before where you had to invite if you made it private.

    2. Strangeite says:

      Shamus did an excellent job of explaining how the “like” button isn’t a 1984 evil Big Brother tool, but he didn’t say that Facebook was’t same. Although, I suspect that he doesn’t think Facebook is evil (hence the inclusion of the like button).

      Personally, they have way too many strikes against them when it comes to total disregard to users for me to even consider allowing them into my life. The Beacon situation was as bad as the Sony rootkit scandal, and in many ways far more dangerous.

      Is Facebook evil? No. Do I think they are dangerous? Yes.

      Unfortunately, almost everyone I know has a Facebook account, including my 82 and 81 year old grandparents. I am very aware that I am considered a Luddite on this topic, but I like to think of myself as a Cassandra.

      1. somebodys_kid says:

        Three cheers for Facebook Luddites!!

      2. Shamus took even longer to give into Facebook than I (and I took forever and then deliberately ignored it once I had it.) Now I see it as a necessary evil. I regularly hate on it–really, passionately but stay involved because when my mother had a sudden brain aneurysm passed away 2 years ago I was able to quickly and easily contact all the people who needed to know and pass on to other family members without making constant phone calls. This meant that I ended up the contact for a lot of family members. It also means that, being a bit of a security geek, I can keep on top of the stupid things Facebook does and make sure that friends and family KNOW about the security issues before they watch the latest video spam and I have to go over and clean off their stupid Windows boxes.

        In other words, yes I hate Facebook and think they are evil, but I use them for my own purposes: keeping friends and family out of worse computer issues than they already get into by passing on known security issues and debunking the latest internet myth, passing on the awesome geeky stuff I find so that they can have a clue, promote my own (and Shamus’) businesses (and yes, when you are unemployed and writing/art are your only sources of income then you ARE your business/brand and Facebook is an excellent way to promote your brand because people do love to “Like” stuff), and in general promote better internet security by constantly simplifying the issues so that the non-tech people I know actually “get it”. And yes, that is the biggest run-on sentence ever (or should be) but after spending all yesterday editing I can’t be bothered to fix it.

        1. Strangeite says:

          I don’t harbor ill will toward you or Shamus for using Facebook (but I must admit a small amount of satisfaction knowing that you feel Facebook is evil) and all of the qualities you associated with Facebook are valid.

          However, those same qualities of Facebook could be incorporated and used within a social networking company that hasn’t demonstrated such a causal disregard for their users.

          Again, I LOVE the idea of Facebook. I simply hate the company. It is my dream that the open source model Diaspora will take off and I can join the social networking bandwagon.

          Until that time, I will be the friend that after a few beers all of my friends will roll their eyes when some newbie makes the mistake of mentioning Facebook around me.

        2. Zak McKracken says:

          hmm… what can facebook actually do in the way of informing your relatives that e-mail can’t?
          Not a rethoric question. I’m not on facebook, and I seriously don’t understand what makes it so special for communicating with people. I’ve got e-mail and a phone, a mobile one too, a post box, and outside of personal communication I don’t really see how that would not be enough.
          If anything, facebook seems to me to be an obstacle when communicating with people, since most facebook-users seem to ignore regular e-mail and everything else, and just tell everyone to “get on facebook”. Which I won’t.

  14. Abnaxis says:

    My problem with the facebook thingy is that, at work, Facebook is not only filtered, but if the management sees that you even tried to go to facebook, you can potentially get written up. Luckily, I don’t rank high enough on their list of people to give a drubbing to, but since you put the like button up, I have been visiting the site from work less, to avoid any red flags (or at least I will be, now that I know that’s a Facebook thingy–it just showed up as an “ERROR: blocked” frame so I didn’t know what it was before). I almost exclusively read your blog during breaks at work.

    Since you (purportedly) get a lot of your traffic from e-slackers, I could see this as being a significant problem, if there are others like me. Or not. Maybe the extra traffic outweighs the lost traffic, I dunno.

    1. Aldowyn says:

      If I understand how the sub-windows work correctly, visiting a site with integration won’t register as actually visiting facebook, or whatever.

      Probably a good idea not to click on any of it, though.

      1. Rallion says:

        AFAIK, most monitoring systems are just going to track what domains you request content from. If that’s the case, they will register a visit to facebook from a site that embeds it.

      2. silver says:

        No, it will count. It’s an iframe, so your browser makes a separate request to facebook to fetch the like button code. Your work’s monitoring won’t know or care that the facebook request was made in an iframe or the regular window. It just knows “hey, there’s a GET request to facebook.com. Slacker Alert!” (side note: get a new job. People who don’t believe in breaks are evil. If they don’t trust you to do your job, don’t trust your manager to know if you’re not doing your job, and don’t accept progress as evidence of doing your job, but are more concerned with time-at-desk-with-no-breaks, then the odds are really bad that they’ll ever respect you, no matter how hard you work).

        In an ideal world, the like button would be a static link rather than an iframe, and thus nothing would happen until you click it. But, hey, guess what? Facebook, Yahoo, Digg, and all those other people don’t want that. They want to track your behavior. Because they can sell it.

        The most important thing to remember about Facebook is that you are not the customer, you are the product. They get their money from advertising and from selling your data. If you’re cool with that, thinking you have nothing to hide, then fine.

        The other thing to remember is that it’s not just Facebook, it’s all those companies with their free web stuff. So basically, to avoid it isn’t a Facebook issue, it’s an internet issue. Facebook hate just isn’t useful because it’s picking one name from hundreds and blaming them for things they didn’t even invent.

        Fortunately, customizable browsers (i.e. not the one MS wants you to use, because MS is “in on it”) provide technical solutions which get rid of things like off-site iframes.

        1. Abnaxis says:

          Yeah, just because it doesn’t show in my browsing history doesn’t mean it doesn’t ding the firewall and raise red flags. Fortunately, I think the IT department is probably to busy preparing for summer interns to notice repeated requests to Facebook right now, so I’ll probably get away with what has happened so far.

          Saying the company doesn’t allow breaks isn’t really fair. They allow breaks, the policy just says people aren’t allowed to use company resources for personal stuff during those breaks. So no Facebook, no Pandora, no personal e-mail, nothing the company has black-listed on an office computer–personal devices can get away with it though.

          My main point is that Facebook is, without a doubt, the most targeted website by IT departments blocking cyber-slacking. For a page that owes much of its traffic to said cyber-slackers, this seems to be an important consideration.

        2. Simon Buchan says:

          I’m assuming the one MS want’s you to use is Netscape then?
          http://trackingprotectionlist.com/en/trackingprotectionlists/default.aspx

  15. ccesarano says:

    Honestly, as long as no one is going to take that information and come kill me with it, or leave a flaming bag of dog poo on my front porch, I could care less. It’s not like companies are advertising on my desktop or in my dreams.

    Of course, it doesn’t matter much anyway. Anyone interested in internet security should read Jeff Atwood’s Internet Driver’s License and Dirty Truth About Web Passwords posts (for those not familiar, Jeff Atwood is one of the founders of Stack Overflow, a huge programming and technology community. His Coding Horror blog updates rarely, but is always a joy).

    Basically: as long as you have data on the Internet, you’re screwed. The only safe way to play is not to play at all.

    1. Factoid says:

      Well since there’s pretty much no way to have zero electronic presence these days the internet has basically become the laws of thermodynamics. You can’t win, you can’t break even and you can’t quit the game.

    2. Mari says:

      The Gawker debacle proved my approach to internet accounts perfectly. I do, in fact, use a single user name and password (no, not a bad one but ultimately it doesn’t matter) for the majority of websites. My forum registrations, etc. are what I consider my “level 1 access” accounts. These are places where I put exactly the same type of information I put on Facebook which is information I don’t care about the world seeing. If somebody gains access to one of my level 1 accounts they gain access to all of them but they still gain nothing because it’s just personal thoughts that I freely share with anyone who will listen, etc.

      E-mail and other accounts with some level of personal information (for instance an address or something) are “level 2” and each has a unique login with a unique moderately strong password. Because the information in question still wouldn’t be enough to, for instance, perpetrate identity fraud the moderate passwords use letter, number, character combinations but someone with sufficient personal knowledge of me could probably still socially engineer their way into the account.

      Any account with sensitive personal information (banking info, etc.) is “level 3” and has a unique username and very strong (ie virtually random) password. There are very, very few of these sites. Each of these sites is also farmed out to a different e-mail address (and different provider as much as possible) which is never used for anything else. Basically the only way to get into my account on these sites is to gain access through the server-side because I do everything humanly possible on my end to destroy the electronic paper trail to them. It’s the equivalent of taking out a safe deposit box in a a false name with a false address, putting stuff in it, then filing all identifiers off the key and hiding it in random places in your neighbor’s yard. Someone can still access the box if they break into the bank, though.

      For the record, though, I’m almost as paranoid about that stuff on paper. For instance I choose not to have health insurance and pay cash as much as possible because I don’t like the paper trail health insurance and checks leave behind. According to Experian, Equifax, and TransUnion I haven’t existed in over fifteen years. Even my investment vehicles are primarily cash-based to reduce the paper trail.

      The funny thing is that I’m not a Luddite. I have a Facebook page and it’s even in my real name. I’m all over the internet if you look for me. It’s just that I’m very, very protective of personally identifying information.

      1. Aldowyn says:

        I don’t have any level 3 accounts, but I use the same password (mostly) and username (also, mostly. Actually, most of the ones that AREN’T the same is because I screwed up and can’t access the old account. *cough* EA *cough*) for my emails as I do for all my other online stuff.

        Good luck finding out my password, though. There’s only like 100 billion different combinations, and it’s pretty much totally random. It could be longer, but, meh.

      2. Ooo, a similar thinker! Well, I kind of knew that, but still. This is pretty much how we treat things around here though I am not nearly as organized. And on the lowest level, well as you can see we both use our real names since we were out there at the beginning and it is just pretty easy to find a guy named “Shamus Young” living in the US.

        1. Mari says:

          To the best of my (and Google’s) knowledge I am the only person in the U.S. with my particular full name. Apparently three of us share the same first name according to Google. This is due quite possibly to my mother having been high on pain killers when she filled out my birth certificate. For internet purposes I’ve shortened my first name to a couple of easily pronounced syllables to avoid the inevitable “Um, how do you SAY that?” which I’ve been dealing with since my first day of school. It’s not that I was trying to avoid people knowing my name, I’m just too lazy to try to help people pronounce it. In fact, IRL my general response to the question is now, “It doesn’t matter. I’ll answer to anything but b****.”

          1. Irridium says:

            Even Hank?

      3. ccesarano says:

        I feel like any site I use that has OpenID, I should just erase that data and get an OpenID to log on with from now on. The problem is that takes effort and I’m lazy.

        That, and the sites that DO use OpenID are only forums, blogs, etc. None of the sites that carry my credit card information, which I think I’ve kept toned down (Amazon, actual stores like Best Buy.com or Walmart.com, various pizza chains…). Those sites usually have better passwords.

    3. krellen says:

      My name sounds uncommon, but is common enough that unless you know my full name and the city I live in, you’re not going to find me. I’ve got the information publicly available a couple places on the internet, but you’d have to know me pretty much already to ferret it out.

      Well, Shamus can probably find me easily, since he gets to know my email address, but that’s okay, I trust him not to go all crazy spammer on me.

  16. Mincecraft says:

    I love it whenver you link that Seven Springs story, It’s such a fun little read.

    On topic, I’m not too bothered by it, I’m a facebook addict and proud!

  17. Vegedus says:

    ONE OF US. ONE OF US. ONE OF US.

  18. InThane says:

    I have a relatively (requires some computer knowledge) simple solution:

    I use Firefox w/Noscript and Adblock Plus, for regular browsing. I have facebook.com and fbcdn.com (I think that’s the other one – Noscript is useful for figuring this out) universally blocked via Adblock Pro. Voila, Facebook isn’t getting any of your browsing info, since none of it ever gets loaded thanks to Adblock Plus.

    I use Google Chrome if I need to look at Facebook.

    Voila, instant walled garden that keeps Facebook out of my browsing habits, and still lets me poke around Facebook when I need to.

  19. King of Men says:

    Curious – I’m not seeing the ‘Like’ button. Is AdBlock getting it, maybe?

    1. Adam P says:

      There’s actually a ‘Like’ button? I thought that was just conversation about a hypothetical button the other day. I have seen other people commenting about how they would ‘Like’ a post or that Shamus should add one to his site. Which… is a bit hypocritcal, if you think about it. Others have asked for it, and Shamus provided. Why, find a post from last week and there will probably be a comment about it; perfect time to have conversation.

  20. Factoid says:

    Clever, Shamus.

    Was the Like button even there before? I had never noticed it..my brain is trained to ignore things like that by now.

    I went back a few articles to see if any of them had Likes right after this went up and none of them did…now you’ve got 8-10 likes on the last several.

    Enjoy your traffic surge ;)

  21. Dys says:

    Personally my problem with Facebook is that I’m an antisocial arsehole, and ‘social networks’ rile me like few things can.

    Never even noticed the like button tho, probably because they’re so damned ubiquitous, it would be like noticing a power outlet or a street light.

    1. Aldowyn says:

      You have no idea how often I notice power outlets and street lights.

      And, somehow, I didn’t notice the like button. I notice it in all sorts of places, but not here. Very odd. I think it’s because I’m eager to get to the comments by the time I get to the end of the post, where it is.

  22. I use a really nifty chrome plugin called “Facebook Disconnect” that prevents facebook from tracking me: https://chrome.google.com/extensions/detail/ejpepffjfmamnambagiibghpglaidiec

    I really can’t stand facebook, as it’s revenue model is based around telling the world everything I tell it. Which is fine. I can simply opt not to tell it stuff. When it’s revenue model grows to include telling the world everything I do whether or not I tell Facebook that I’ve done it, there is a huge problem.

    Update: another plugin, this one for Firefox also: http://webgraph.com/resources/facebookblocker/

  23. People aren’t concerned about Facebook invading their privacy because Facebook is popular. They’re concerned about Facebook invading their privacy because Facebook has a proven track record of selling your personal data to third parties.

    Frankly, you just wrote an entire blog post saying, “I don’t give a shit about my readers. The only thing I care about is attracting MORE readers.”

    I have a simple response to that: Unsubscribe.

    1. Whoa there, nice selective clipping.

      Shamus is saying that people are concerned about Facebook MORE than other similar privacy violations, which can ALSO be sold to third parties and often are, because they’re so ubiquitous. So he understands the security concern and let his readers blog about solutions, as well as gave some simple solutions if you want to read but don’t want Facebook involved.

      Sorry, but that’s not what you said, not even close.

      1. K says:

        I am unsubscribing from your comments! Hah!

    2. Shamus says:

      Right. I don’t give a shit about my readers. That’s way I just spent a thousand words explaining what the problem is, how it works, and what they can do about it. If you care about this so much, then go use one of the many the solutions offered in this thread.

      I could get rid of the button, but that wouldn’t take the button off of all the other sites you visit every day. This is something everyone has to think about if they care about privacy, and insisting that the solution if for all content creators just stop using this tool is preposterous. YOU don’t like Facebook, so the REST of us shouldn’t use it? I’m not the one tracking your behavior, and I’m not in charge of securing your computer.

      1. Daemian Lucifer says:

        You sold out man!Youre no better than ea now!I hates you so muchs!Its not like people have constantly commented how they want like buttons spread across your blog and how they like that youve integrated with facebook.Oh…wait…..never mind.

      2. AngyPanda says:

        No point in getting worked up about the rage Shamus. If these people really wanted their privacy protected they could just not be on Facebook.

    3. Xavin says:

      Interesting.

      Acting like a jerk in a comment thread where at least one of your own blog’s readers will see it.

      I wonder what effect that will have on your own readership.

      1. Eric T says:

        I wouldn’t say he’s being a jerk, just being honest with someone who is being quite unreasonable.

        1. asterismW says:

          I think Xavin was referring to Justin Alexander, who has his own blog. (I was confused by that at first.)

          Unless, of course, you think Shamus is the “quite unreasonable” one and Justin is “just being honest”, in which case I’d have to disagree.

          1. Shamus says:

            Eric T is one of the guys in my gaming group, I’m sure he was defending me.

        2. Xavin says:

          asterismW is correct – My comment was directed at Justin Alexander.

          Justin has his own blog, which I read (I’d provide a link, but don’t really feel like doing any advertising for him right now).

          Apologies if that wasn’t clear.

          1. Eric T says:

            I’m sorry than, misunderstanding on my part.

  24. Blackbird71 says:

    I have to laugh about everyone using Chrome, a Google product, to keep other sites from tracking their web use; the irony is fantastic!

    1. Irridium says:

      I know. And funny thing is, I use Chrome.

      Not that worried about sites tracking me. I don’t visit much interesting sites. I just don’t like Facebook because when I was on last all my friends spammed me with needless requests for games. Which, I guess, isn’t Facebook’s fault. But still, was annoying.

      Also, deleting a facebook account is freaking hard. Like telling Xbox Live to stop renewing itself hard.

      1. ccesarano says:

        Gonna be honest, I’m kind of afraid of what’s going to happen when the Google Chrome Operating System comes out (they’re still working on that, right?) God knows how much data they’ll collect.

        But hey, it’ll be fast and free, right?

        1. Klay F. says:

          If Google Wave had been a success, we would have looked back with nostalgia at the good old days when Facebook was still around and people’s lives were still somewhat secret.

          The purpose of Google’s entire existence is to gather information using every tool in the internet’s arsenal, if you think its going to end well, I encourage you to wait a few more years and watch the Googlerape of China that will inevitably occur.

      2. Aldowyn says:

        heh. Not for my sister – she’s had two deleted against her will. It doesn’t like her, apparently.

        Also, I’m lucky in that most of my FB friends don’t play FB games.

        P.S. Dragon Age Legends is actually decent. I mean, as good as I could expect it to be, I guess.

        1. Mari says:

          It’s not that big of a deal if your FB friends do play games and spam you with their game requests. Hover over any of those requests and a neat little “x” shows up. Click it and you get the option to “hide this post” or “hide all posts by this friend” or “hide all posts by this game/app” and if you’re feeling really vindictive you can even “mark as spam.” Every once in a while I add a new friend who uses a new set of games or apps and I have to go in and block a few more apps. It takes me about 30 seconds and I never again have to see that “So and so needs the Super Cool Heart of Awesome Cuddle Love” or “So and so found a little lost puppy dog and wants you to have it by clicking here, signing up for an app, giving us permission to sell your firstborn, and playing to level 187.”

          1. Exactly– I have all games blocked (well, I did until my oldest got her OWN facebook account and started playing 1 game because her friends all played and I let my younger daughter play the same game on my account. Sigh.) Still, it is easy to opt out and it is easy to NOT USE APPS which do end up being the majority of the problem on Facebook. I click the x liberally, even on so called friends that I couldn’t care less about. I have about 20 people of 200 so called friends that actually show up in my reading list.

            1. ccesarano says:

              The second I see “Request permission to access…” pages for what seem to be neat little links, I deny it. I used a few for my profile like the Digital Bookshelf, but with the newer updates most of those are pointless. About the only app that still seems relevant is the Xbox Gamercard one.

              Wait, lemme check…Nope, that’s gone, too. I never even noticed, but that’s because I set it NOT to spam people with Achievement updates on my wall.

              I think that’s the real problem. People don’t go into the game settings and say “No, don’t post every mouse click I make onto my wall, because that’s dumb and annoying”.

            2. Mari says:

              I even played a few of the games myself just to see. Of course, I had my settings where they needed to ask my permission (which I never gave) to post anything for me and the few that violated it were gone in minutes including deleting the unasked for posts.

              I still use two game apps on Facebook but nobody will ever know which ones unless I decide to post a status talking about it or they happen to use the same apps because I just don’t let them post things for me.

              1. This is exactly it. I have mine set the same way, and have taught the kids that they are NOT allowed to spam people because it is RUDE even if a game is trying to get them too. They respect that and hate being spammed themselves so it all works out.

                It actually surprises me when people who wouldn’t think of spam texting all the people on their phone allow their games to autospam without a thought, and don’t even blink when you point out that you don’t WANT to play. At least now Facebook has figured that out and made it possible to x all the apps, items, and posts that you don’t want to see.

                I get a bigger laugh about the people I know who are “absolutely no pictures/info/whatever of my kids/family/dog” and then turn around and use Facebook liberally without even checking their privacy settings. And yes, I have a few of those. Sigh.

    2. MrWhales says:

      I liked when Google got mad at Microsoft for using the data it picks up from Google searches on IE to keep Bing all cool.

  25. Scott Richmond says:

    I just wanted to let everyone know that you can safely set your browser to kill all cookies all the time as Shamus instructed, and still have all the conveinence of auto-login and password remembering. I would suggest you check out the LastPass plugin for firefox/IE/Chrome/Opera/Safari/etc – What it does is auto-login with your credentials for you. It amazing! Not only that, but it INCREASES your security because you can now create more complex passwords without having to remember them.
    For those paranoid – Whilst it stores your information on its servers, it cannot read it. LastPass is supported by some of the most paranoid security experts around (Steve Gibson @ GRC).

    1. GTRichey says:

      Have to say 1Password is a better option. Stores details in an encrypted database on your own machine. If you need it available absolutely anywhere you can sync it via dropbox or store a version that is accessible from the dropbox website. The great thing is that absolutely no one has access to an unencrypted version of the database and it allows you to only need one strong password to remember since it will create and store passwords for anything else.

      1. SKD says:

        With the exception of using Dropbox it sounds like it does the same thing as LastPass. With LastPass the only one who can see your data unencrypted is you or someone you give your login credentials to. But you also have the convenience of it being available to you anywhere from there site where they store the encrypted data blob for you. They can not unencrypt the blob without your password, hopefully you chose a very strong one since it is the only one you have to remember, and you can even keep a copy of the blob on your own hard drive or thumbdrive if you want.

  26. Alan De Smet says:

    If one is concerned about privacy as you browse, unfortunately nothing beats tools like NoScript and AdBlock combined with a bit of knowledge about how the web works (so you can block stuff in a way that doesn’t break things you care about). As someone who does even minor web development it’s not a big deal. For people who don’t, I’m sorry we made things suck so much.

    On the specific issue of blocking Facebook’s “Like” buttons, globally, blacklist something like this with your favorite ad-blocker: *facebook.com/plugins/like.php?* I’ve been using it without problems for some time. I didn’t even know Shamus had added a Like button!

  27. Crystalgate says:

    Can’t you solve this problem by just deleting your facebook cookie? Failing that, there should be ways to block facebook specifically.

    1. That really depends on the browser you are using. I don’t think Firefox has a way of doing that (I am not sure as I usually use Chrome or Opera, depending on which is currently working better/faster via updates on slow my old Ubuntu box. Which means that the Adblock solution is out (though I have found it very useful on the kids computers for keeping them from seeing ads as they traipse around the web.) On the other hand I don’t want to use adblock because most of the sites I visit are of people and small businesses I want to support and using google ads on my own site I feel a small responsibility to occasionally click an ad to give them support since I don’t have actual money to share.

  28. andy_k says:

    Off topic…
    I sent links to your postcards from minecraft to someone in the office. 2 Days later the links came back to me from another unrelated source…

    The herd continues! Ofcourse I dont know how many of them stuck around. But I did get another herd member in on the LOTR series ages ago.

  29. O.G.N says:

    Maybe I misunderstand how cookies work, but wouldn’t unchecking the Accept third-party cookies option in Firefox solve most problems with tracking cookies?

    1. Aldowyn says:

      wouldn’t the cookies we were talking about be 2nd-party cookies? With 3rd-party cookies being, I dunno, cookies from sites you aren’t actually going to? 3rd party doesn’t make sense in this context.

      1. Simon Buchan says:

        *You* are the 2nd party!

      2. O.G.N says:

        The parties involved are:
        1. Your and your computer.
        2. The website you are visiting.
        3. Other sites that have managed to put a banner-ad or like button on the site you are visiting.

  30. Cybron says:

    There are firefox extensions which could block it, I’m sure. Even if there’s not one tailored for Facebook I bet AdBlock Plus or Grease Monkey could handle it. Remember that you can tailor AdBlock to block certain ads only instead of just whitelisting the whole site.

    1. old_scifi says:

      I use Ghostery for Firefox. It blocked 6 “web bugs” on this page, one of which was Facebook Social Plugins.

      1. Yar Kramer says:

        Awesome, thanks for the tip — I was going to make a post wishing AdBlock could do something like “Whitelist this site, except for these things I don’t like.”

        I mean, I still do wish that, since I often use AdBlock for “things I just don’t like,” it’s just that it removes the specific problem mentioned here. ;)

  31. Blurr says:

    So long, and thanks for all the wonderful posts.

    1. ccesarano says:

      I’m pretty sure you won’t really read this, but honestly, you and Justin Alexander sound like a couple of entitled brats. You can’t have things your way, so you won’t have it any way at all.

      Seriously?

      Y’know what? I actually like sharing posts by Shamus Young and other things, and Facebook is a great way for me to do that. So that Like button is actually convenient. Should my concerns come behind yours? Hell, shouldn’t we want to do whatever it takes to get more people to read this blog?

      I understand your privacy concerns, but Holy Hell man, you came here and demanded the guy remove the Like button, and when he explained that he understands why it’s not good but works as a sort of necessary evil you basically give him the finger and walk out.

      I’m just glad most people are actually understanding.

      (As a note: most of the time people freak about about Facebook privacy settings, I do some research and discover that, well, it means nothing to me. No one is selling information about my birthday, social security, passport number or checking account pin, just trying to figure out what I like so they can try to sell me stuff. Television tries to do this every day, only I’m forced to sit through it. I don’t have to read ads. What are you people genuinely scared of?)

      1. Shamus says:

        I respect Blurr’s approach. He didn’t demand. He just stated his case and made his choice. And his post led to this discussion, where everyone got to learn a bit. I hate to see a long-time reader leave, but he was polite about it.

        1. Daemian Lucifer says:

          Indeed.Which is honestly quite hard to find these days.

        2. ccesarano says:

          Now that it’s the morning and I’ve had some sleep, I kind of regret going off like that since, you’re right, his post was very polite even from the get go.

          Nonetheless, it still feels as if he is looking at the situation with blinders on. Then again, maybe it all has to do with perspective. I’m struggling to get exposure to my own blog, and when I see some of the more subtle tools such as the Facebook Like button demanded to be removed, all I can wonder is how YOU would boost exposure. I tried doing a webcomic in high school. I remember trying to get people to come to my site by calling attention to it on forums and such.

          Not only does it not work, but it’s annoying. Viral marketing really is the best “word of mouth”, and the best people to handle it are people sharing stuff on Facebook, Reddit, Digg, StumbleUpon, etc.

          To say “remove this or I’m no longer going to read your stuff” just sounds like that one friend who wants to hang out, but will only do so when people do what he wants to do. You know, the guy that will only leave his room when people want to go eat at one of his choice restaurants or his choice movie (or, to be gender friendly, replace him/his/he with her/she). After a while, people get sick of that guy and because he is unwilling to compromise he ends up being just as miserable.

          1. silver says:

            And what’s worse, it’s completely pointless of him to make this demand, because Facebook like buttons are ubiquitous.

          2. Blurr says:

            I popped back in to read the comments one last time. I’d just like to say your “friend” analogy doesn’t quite work. Shamus’s blog and me are not in a one-on-one setting. If you decide not to hang out with your friend, the decision affects both parties. If you decide not to hang out with a group of friends because you’re not interested in what they’re doing, the group is more or less unaffected.

            That is to say, my leaving has no effect on Shamus’s blog.

            1. Zak McKracken says:

              It’s still unnecessary. You can block any cookies from facebook, no problem.
              Thanks to your question sparking Shamus’ post, I’ve done some looking-up, and now Opera blocks all embedded facebook stuff plus cookies. So no more facebook tracking for me. — thanks for bringing that up! And thanks to Shamus for posting about it!
              It does make the site look weird a bit, though, but I bet pretty much every modern browser will be able to do something similar, which would solve not only your problem with Shamus’ site, but with every site on the net which has facebook integration.
              I understand why this button is there in the first place, though, even though I would not miss it. I got here through … oh, I don’t know. Some webcomic mentioning another webcomic linking to DMotR. My standard way of getting to know new sites, and it worked extremely well in this case :)

    2. mike says:

      You know… The twenty sided blog has an RSS feed, with the full post content in it.
      I don’t know if you use google reader, or some other RSS reader, but if you do… Well, add the feed. You can continue reading the wonderful posts. ;-)

  32. Zaius says:

    Well, I Liked the page, then installed Facebook Blocker.

    I’m not sure what I achieved today, but it feels like I did something.

    1. Daemian Lucifer says:

      Youve spent some time on the web.And if youre reading this,youve achieved spending even more time on the web.You get a cookie.Unless you already got one here,in which case you wont get a cookie before you get rid of that old one.

  33. burningdragoon says:

    I barely even notice the like button here, or most facebook stuff on other sites. What do notice is huge white bar across the buttom of the posts here that says content access denied… since facebook is blocked at work.

  34. Tizzy says:

    The problem isn't that Facebook is more hostile to privacy than other sites

    Erm… They do have a pretty bad track record.

    Of course, what people should really worry about is not so much Facebook per se but who else gets their hands on this data. Like, say, these guys.

    1. Mari says:

      Right. But, see, Google READS YOUR E-MAIL and uses keyword sensitive software to send you targeted ads and spam. They also store all information related to any Google search you’ve done in like the past 32 years (including the ones you do through your handy-dandy search bar on your web browser, etc). That information is tied to a unique (meaning it belongs to you and only you) identifier and sits in a database somewhere that anybody with a decent script could eventually access. Plus they accidentally collected over 600 GB of WiFi activity from hotspots they don’t even own. And apparently they’re the best thing since sliced bread.

      Don’t get me wrong, I’m not anti-Google any more than I’m anti-Facebook. I use both services extensively. And many others which use highly questionable privacy policies. Including doctors who now forward medical records to the federal government and the MIB (a large central medical information database).

      1. Aldowyn says:

        … It would be so annoying working for the MIB. Everyone would be smirking whenever they introduced themselves.

        I think Google’s just managed to avoid any crises. And they do some pretty cool stuff, like the stuff they do to their logo.

        Darn, now I want to play Google-logo-Pacman. Anyone still have a link?

        1. Mari says:

          LOL Google totally stole that from MySpace. Back in the early days of MySpace when it was still just a huge social networking site run by some kid with an Asian stripper fetish it broke a LOT and whenever it broke you got to play Pac-Man while waiting for Tom and the tech guys to fix it again. It got so people had more fun while MySpace was broken than they did when it was working and some of us would actively root for a new “feature” that would break the site for the better part of a day just to get our Paccy fix. The next thing I know Rupert Murdock buys MySpace and it’s never broken anymore but suddenly Google has Pac-Man.

      2. ccesarano says:

        Clearly the solution is for Google to buy Facebook.

        That, or for Google to create their own social network that does all the same things, but because it is Google it’s okay.

        1. Mari says:

          You mock but you know in your heart that it’s in the works and that you’re probably accurate about what public response will be :-D

          1. SeekerOfThePath says:

            Recently, the Google Profile webpage got revamped and more closely integrated with Picasa Web Albums. Google is actually pretty close to where Facebook currently is (functionality-wise), they just have it spread over several separate web pages (all accessible with GMail account) and lack the user base that would attract more users (which their biggest problem is and will continue to be.)

        2. wtrmute says:

          You rang?

          Of course, Orkut doesn’t have “Like” buttons, as far as I’m aware, and it’s positively overrun with Brazilians, but it’s there, and some seven years old, now. Still Beta, though.

          1. ccesarano says:

            1) They’re really going to have to change the name. I know a random word like “Google” worked out well, but Orkut sounds like an Orcish Uppercut or something.

            2) So I click that link and the first thing it does is say “You are signing up with this G-Mail address. Change your address with…”. I clicked the X, and it pushed me away to the Google Sign-In page.

            I can’t even see what Orkut is about, which is pretty lame. I mean, I know Facebook pretty much does the same thing if you don’t have an account, but holy crap, I expected Google to at least give me a tour before automatically trying to sign me up.

            I’ll pass (for now (after all, it’s only a matter of time before everyone starts using it)).

      3. Slothful says:

        Oh hey, there’s a reason to never switch to G-Mail, thanks, now I can be lazy.

        I knew that they read your email, but so far as I knew they just fed it to there giant search machine to help teach it basic language skills.

        Most people look at me funny when I tell them that once Google’s search function can talk, it will rise up against mankind and destroy us all.

        1. Mari says:

          I can’t speak to the search function but they have voice-to-text functionality that they make available through their “Google Voice” service. For reasons best known to himself my hubby thought that it would be awesome to use Google Voice for our home (cell) phone’s voicemail service. So instead of getting a message that we have a voicemail and calling out to retrieve it, we get the transcript of the voicemail as a text message on the phone.

          It’s proved quite entertaining. Recently an automated “events of the week” call from the kids’ school translated “junior high cheer squad” as “June you’re hot. You’re squat.” The principal’s name (Mr. Bushong) translates as Mr. Bush Job most of the time although at times it has also been Mr. B Thong, Mr. Bushing, and Mr. Shoe Thong.

      4. Tizzy says:

        Oh yeah, and by the way, I remember hearing on the (non-crazy) radio once that Google had bought old tape backups of 1980’s emails. Just for the sake of data mining, I guess…

  35. ehlijen says:

    I do actually mind being called herd. Or school. If it’s not too much trouble could you please use either flock, pack or congress next time?

    Thanks :)

    1. KremlinLaptop says:

      I personally prefer swarm. Only good things come in swarms, right?

      1. Daemian Lucifer says:

        So that would make Shamus our overmind?

        1. Shamus says:

          Spawn more overlords.

          1. ehlijen says:

            More Overshami? Or is that Overshamuses?

            1. Garden Ninja says:

              Shamus actually comes from Greek, not Latin, so the correct plural would be Shamodes.

      2. dovius says:

        What about pods? I like pods.
        Whales are awesome.

      3. Jirin says:

        Don’t the Collectors kind of come in swarms?

    2. Shamus says:

      I would NEVER refer to my readers as congress. That’s a term we reserve for the lowest sort of bottom-feeder.

      1. mike says:

        I wish I could “like” your comment. :-P

      2. ehlijen says:

        I was thinking more of owls, which while not the coolest, are pretty neat animals overall.

        But point taken.

      3. Ingvar says:

        I’d rather be part of a congress than a wunch. But I have always been partial to being part of a “fright”.

      4. Noble Bear says:

        Like.

    3. krellen says:

      I think we’re a bit more like a murder or an unkindness, personally.

      1. Daemian Lucifer says:

        Daemian Lucifer likes this comment.

    4. Noble Bear says:

      Being a bear, I’d prefer the term “sloth”, though that might be too nitpicky even in these modern days of PC… :P

      1. ehlijen says:

        Is that what the word for bears is? Neat, I have to remember that, being sort of a bear myself :D

        1. Daemian Lucifer says:

          So what is the word for sloths then?

          1. Ramsus says:

            I don’t know what it *is* but it should be a “meh”.

  36. ClearWater says:

    What about that Start Private Browsing option that Firefox has? Wouldn’t that solve the problem completely?

    1. perry says:

      but you’d have to open private browsing, use a website, then close the window. then repeat for another website.

  37. Low-Level DM says:

    The cookie-block info and advice you gave is solid, Shamus. I implemented that very procedure ages ago, for separate (credit-card) reasons, and it’s served me well so far. Yes, it’s inconvenient to have to give DriveThruRPG or somesuch your shipping info every dang time you want something, but it’s better than their site accidentally remembering your number and CVC next time around. The thing is, none of this LikeButton hype actually impacts me, since I have no Facebook. I’m sticking around, either way. Keep it up, and good luck with that novel project. I’ve had the worst luck with my own, of late. My empathy, sympathy, and pity are yours along with my luck.

  38. LMR says:

    The funniest part is that the only reason to be concerned is if you use Facebook. Using Facebook is the choice that these people make, and obviously have no concerns about their privacy while on that site. Furthermore, logging off is obviously a huge concern for them because they visit Facebook more often than Twenty Sided. Hard to be a fan of people like Blurr.

  39. Aldowyn says:

    I am moderately enthused that I actually knew what cookies were and most of how they work! :D

    More on topic, I don’t really care. That’s probably because I don’t do anything really important online (and anything that is is linked to my identity, and I’d have bigger problems if I had troubles there), and most of what I do is related to things that are common knowledge.

    Like the dozen or better sites related to gaming that I visit in a normal day.

    I actually use the “share” button more than I do the “like” button. Most people would just skip over the likes, especially at the rate I would come up with them, and a share gives me the opportunity to actually highlight and describe what I’m talking about. There was a streak where I shared like 3 or 4 Extra Credits in a row…

  40. Vect says:

    I have a Facebook account, but I mostly used it for playing games. Very few “Friends” on their, most of them being people I know online or I knew in school. Rarely visit it nowadays since no one talks to me there.

  41. (LK) says:

    There are a lot of times I might recommend a page to my friends but would never use the “like” button. I always ignore it when my own facebook friends like something. The effortless nature of it means it tends to be used the same way as twitter is when people first realize the ease of use: “totally had this awesome oatmeal for breakfast!”, yeah thanks bro, good to hear it.

    Personal endorsements are way better, so people like me use those or nothing at all.

  42. Storm Kraken says:

    I’m no cookie expert, but wouldn’t disabling third-party cookies in a browser disable this kind of tracking? I would hope that a well-designed browser would block the facebook.com cookie from being used while the user was on a site with the shamusyoung.com domain. That’s the whole point of blocking third-party cookies, isn’t it? Or does the fact that the “like” button is a request to facebook.com for information mean that the browser treats the facebook.com cookie as a first party cookie?

    On the other hand, you could explicitly blacklist the facebook.com cookie in your browser, preventing it from being used at all (even for useful things). Either of those solutions would allow you to continue using cookies and nearly any websites. (The ones that require you to use third-party cookies for their sites are backwards imo, but you could always whitelist them if you needed too.)

    EDIT: it looks like at least some modern browsers block third-party cookies in the way that I was hoping in the first paragraph. This webpage seems to indicate that at least the new version of Google Chrome looks like it will block third-party cookies that have already been created from being read on outside sites (It apparently only blocked them from being created on outside sites before). It looks like the option to enable this is well-hidden. I’m surprised it isn’t enabled by default when third-party cookies are disabled. I wonder how other browsers, particularly Firefox, handle this.

    1. Storm Kraken says:

      Here is a webpage that tells what browsers have what behaviors when third-party cookies are disabled, if anyone other than myself is interested. I use Firefox with third-party cookies disabled, which looks like it keeps me from being able to be tracked via this facebook.com cookie (which from I’ve looked at lately seems like it would be considered a third-party cookie as long as it’s not being accessed from within a facebook.com webpage).

    2. Alan De Smet says:

      Blocking third-party cookies won’t help. The Like button is actually a little mini-web page embedded in Shamus’s page. It’s really from Facebook, so Facebook can set and read their own cookies. They know it’s from Shamus’s page because 1. your browser send along the URL to the outer page (the Referrer), and 2. the bit of code that embeds the mini-web page specifically tells Facebook.

    3. Storm Kraken says:

      Still, I would hope that an intelligent browser would consider that whenever part of a webpage that is from an external domain (I believe that’s what an iframe is, part of a webpage embedded in another?) is accessed, any cookies it uses are considered third party. If that behavior is not blocked when I tell my browser to block third-party cookies, then that is really the browser’s fault.

      Now you could still be tracked through things other than regular cookies, such as flash cookies, which are another story….

      1. Alan De Smet says:

        “Third party cookies” are really meant to stop things like Shamus mucking about with your Google cookies. In this case Shamus is working with Facebook to make this happen. If blocking third-party cookies stopped that, lots of the web that relies on embedding would stop working. For example, lots of websites outsource their entire comment system to sites like Disqus that rely on embedding and cookies.

        If you’re really paranoid and monitor cookies on a site-by-site basis and run NoScript (I do), you will very quickly see how entangled the web is. For lots of major web sites to work, you end up poking large holes in your cookie and Javascript blocks.

        The cookies from Facebook really do come from Facebook. Absent explicit collusion between Shamus and Facebook, the two web pages are well segregated by your browser. (The big exception is that Facebook knows what shamusyoung.com page you’re visiting. This is identical to what they learn if you were to click on a link from shamusyoung.com to Facebook. If this bothers you, look into disabling the “Referer” in your browser.) With explicit collusion, well, the assumption is that it’s okay.

        1. Storm Kraken says:

          So if disabling third-party cookies doesn’t actually do what I thought it did, what kind of effect would it have if I could block all cookies from being used when the website the cookie’s from isn’t in the URL/location bar at the top of my browser? Do they really need to have information specific to me to integrate part of an outside page into the one I’m looking at? I’m no web developer, but the only situation I can think of where those cookies might be convenient to the user is when I want the outsourced part of the page to give me content specific to my user account on their website.

          1. Alan De Smet says:

            Problem the first: Lots of web sites simply freak out and stop working if you don’t accept cookies. They typically don’t need the cookie, they’re just putzes who either wrote the site sloppily, or they really, really want to know you are. For such sites, your nested functionality (comment forms, polls, maps, videos, music, podcasts, photos, etc) may simply fail entirely.

            Problem the second: Some nested functionality does need your identity. You’ll occasionally run into this when people outsource accounts, online shopping, polls, and the like. That said, it’s an increasingly uncommon technique. Google used to use it (the login page at gmail.com embedded a form from google.com), but no longer. Perhaps too many crazy people like me were blocking it and having problems.

            1. Zukhramm says:

              I hate that, it’s like the sites that require specific browers without actuallty using anything that is only supported by some of the browsers.

            2. Storm Kraken says:

              What do you do- do you block nested content entirely or just limit its access to data/cookies? I think that blocking nested content entirely would be a bit of a drastic solution for me- I’m only interested in third-party sites not having access to my data; I don’t mind them displaying what they want, as long as it’s not used as a hack to trace me. How would you block nested content’s access to any data/cookies you store? I had the impression before that that was what blocking third-party cookies from being used did.

  43. poiumty says:

    Wait, quitting a website forever because of a single button? I’m not saying Shamus is the best nor funniest man alive, but… that’s the reason? Man, what a bunch of hipsters.

    Oh no! Facebook will sell your INFORMATION to OTHER SITES and they will be able to SEE WHERE YOU’RE GOING! EVERYBODY PANIC

  44. Andrew B says:

    Well, I’m not concerned about FB knowing what I do on the internet. Not until all my favourite… er… not until other people’s favourite porn sites start having a like button.

    Phew, think I’ll have got away with that.

    1. Wolfwood says:

      yeh what he said. <..>

    2. Mari says:

      Some people on my Facebook list would probably be more than happy to share their porn preferences with the internet-at-large. Other people like myself might just use that feature to torment our friends and family with rule 34 examples.

  45. Hal says:

    How do you add the “Like” button? Is there a script on the Facebook site somewhere that you just copy/paste into each post?

    1. Shamus says:

      This button is a WordPress plugin.

  46. Nihil says:

    My approach: RequestPolicy addon for Firefox. I block Facebook and Google Analytics like it’s the f*cking Battle of Britain.

    1. Tizzy says:

      Very cool. I’m never quite sure which security/privacy plug-ins protect against what exactly, and cross-site stuff should be the main source of concern. Thanks for sharing!

  47. Nihil says:

    [ignore this]

  48. Bubble181 says:

    Facebook, Google, Twitter, Steam, a host of others – yes, they make money by selling my information to others. Yes, they allow access to (some of) my data.
    Does this bother me? Well, yes, a bit. Sometimes I’m surprised at what it’ll pick up and what it won’t, and so on.
    However, “don’t use Facebook” isn’t going to solve anything (since even non-users are tracked), “blocking all cookies” won’t help (because, hey, they don’t actually need those! Surprise! ISPs have perfectly good lists of who visits what, too!),…Actually, short of staying off the internet completely, I doubt there’s a way to not be tracked.
    I try to be a bit careful of what I leave where, but I’m well aware that, no offense to some in these comments, being paranoid and typing everything in manually every time is still only a stopgap, and won’t actually stop anyone from connecting anything to you.

    I’ll just enjoy the benefits (most notably in Google Ads and the like – getting ads about the things you were searching for can be USEFUL) and try to be careful…

    1. Mari says:

      Here’s my question: what are you doing on the internet that you wouldn’t want the world to know about? I mean what information, exactly, is it that you don’t want sold? I mean, if you’re out there googling “how to make homemade WMDs” I can see being concerned with your privacy. But other than that what’s the problem? Your porn viewing? Do you really think you’re looking at anything weird enough to raise eyebrows when compared to the rest of the internet population? Unless you’re hot for kiddy porn I kind of doubt it. Your name? Because that’s all over the place whether you’re on the ‘net or not. Your innermost opinions about things? If you really don’t want people to know, don’t share. But you must not be that concerned if you were willing to share it in the first place, right? Your address? Don’t put it out there. Facebook gives you a place to put your address but it’s not like they demand it. They don’t have mine. The places that have a legit need of an address (places that ship you goods) can have a PO box if you’re seriously concerned.

      The bottom line is if you don’t want the world to know something about you forever, don’t put it on the internet. But before you stop your web browsing forever make sure you have a little perspective on how the information you’re guarding stacks up in the big picture.

      1. Bubble181 says:

        Don’t misunderstand me; like I said, I don’t mind people kepeing tabs on me for the purpose of advertising or whatever. As far as I’m concerned, they can have my home address too – if that stops them from having all of these US-only offers all over the place, I’ll be al lthe happier for it.
        However, a problem is, of course, that this data is kept elsewhere, where you have no control over it. Someone else might hack a server; someone might have a legitimate reason to order/demand/take certain information… Either way, you have little knowledge about what happens.

        Face it: not everyone is only one persona. I’m a computer nerd, I’m a Belgian beer geek, I’m politically active, I was very active in fraternities once upon a time,… but not everyone needs to know everything about me. On your own facebook, you can choose what you share, with whom. If I don’t want my boss to see pictures of me blind-drunk, I’ll either not add my boss as a friend on my profile, or I won’t upload those pictures. It’s a bit ridiculous to say that I shouldn’t be able to maintain different persona on line, and at least try to keep them separate. “If you do nothing illegal, you have nothing to hide” is, frankly, simplistic. I may have perfectly good reasons to hide certain things from certain people. Yes, in 20 years time, we may have evolved to a new idea in that regard – but, for now, do you want to be forever and again confronted with your past? That picture of you as an emo with black hair to the front, or that picture of that schoolyard halloween party where you had the bad idea of coming as a Nazi general? That simply horrible slashfic about Harry Potter you wrote 10 years ago? they’re not “hidden”, but that doesn’t mean I want my boss to find them when he Pipl’s me :-P

        1. Mari says:

          Fair enough. I had the fortune to grow up before the internet era so my poor impulse control was mostly outgrown and I’d had a chance to destroy the evidence before Google, MySpace,and Facebook took over the world. Do I really want everybody to see me in my long, tragic goth phase? Not so much. Luckily the handful of photos that I allowed to be taken are long since ashes on the wind. And yes, I have a handful of things out there on the internet that I wouldn’t care to have associated with my “real” identity. Of course, most of them are on sites that wouldn’t show up when somebody Pipls you but even if they did, I have a separate persona for that stuff. The truth is, though, that it wouldn’t be the end of the world for me if they did get associated with me. It might keep me out of a few jobs but none I’d care to have. And I suspect that if Big Brother ever does show up and use the ‘net to put together the “first against the wall” list my public opinions about politics would get me on the list a lot faster than my more private Literotica ramblings.

          For the record, though, the information for which you have little control? I hate to tell you, but there’s way more of that than most people realize and the majority of it doesn’t originate with you putting it anywhere on the internet. Your bank has you in a database somewhere. So does your insurance company, your credit card company, brick and mortar stores you visit, your government, etc. Frighteningly the least secure of that information is probably the Social Security/government database. It’s broken into by hackers and script kiddies all the time. Veteran’s Administration has had three notable serious breaches in the past 5 years. But the point is that all of that information is out there without you thinking about it, without you personally adding it, and without you having any real control over who accesses it. Even if you’re 98 years old and have never owned a personal computer and have never been online for anything. I might still be walking around with your name, address, social security number, and credit card number in my briefcase.

          1. Bubble181 says:

            Oh, absolutely. Like I said in my original post – I try not to put too many of the “incriminating” stuff (as far as being drunk or such goes – I have, of course, never done anything illegal at all, nor even contemplated them) on profiles linked with my real life persona, but I’m well aware that all of that info is out there. I’m not all that paranoid; I’m just saying I can understand people who are :-P

      2. Daemian Lucifer says:

        Thats just the annoying part.However,if you read some of the articles about this topic,youll find that facebook even blocks private messages that use certain words.Thats when the line is crossed.

        1. Mari says:

          I got used to the fact some years ago that some sites have stupid word censoring policies. One of my kids is named “Mindie” but she can’t use her name on many of the kid-oriented websites because it has the letter string “die” in it, which the word censor hates and views as a personal threat. No, I’m not kidding. Is that the stupidest thing ever? Yes. Am I likely to change it by pointing out how moronic it is? No.

    2. Tizzy says:

      It pains me to say that I completely agree on the futility of trying to live off the grid. I mean, unless you *really* go and live in a cabin in the woods, it’s not going to happen (and living in the woods is not for everyone).

      So even if I don’t use Gmail, so long as I receive emails from people with gmail accounts, Google knows stuff about me. And so on… Still, it doesn’t mean I have to make it easier for those people.

      It disturbs me to think that, thanks to data mining, quite a few people know me better than I do myself.

  49. Topaz Wolf says:

    I have long ago abandoned the notion of online privacy. If you don’t want facebook to take it or see it, don’t put it up. Problem solved. Getting rid of a button isn’t going to make a bit of difference. The have other means of accessing the information. But if “certain” readers can’t come to terms with this, wish them well Shamus and be glad that they were not compatible with the modern age anyways.

    1. Old_Geek says:

      Sadly I have to agree. If “THEY” want to know something and it has ever been on-line, “THEY” will find it. So when you are finally brought to trial for your crimes against humanity, and the lynchpin in the prosecuters case is the amount of time you spnt on shamusyoung.com, they might as well start firing up the electric chair now.

      I don’t agree with it, but that’s the way the world seems to be headed.

    2. Storm Kraken says:

      I think that there is a difference between privacy and anonymity though. For instance, any comments I leave here are visible for anyone in the world who can connect to this website, so I don’t really have any privacy in what I say. However, I remain anonymous, unless any of you happen to know who this “Storm Kraken” actually is. (Of course, this website could take note of my IP address and ask my ISP who I actually am, but there are ways of preventing this webpage from knowing my IP address if I take the time to implement them.) I think also that people expect a degree of privacy on places like Facebook, where what you say is expected to be heard only by people you’ve authorized (your “friends”). I think THAT kind of privacy is a lost cause (because you’re putting your data on someone else’s servers, and they could do whatever they want with it), but I think anonymity can be achieved, even when big corporations and government are thrown into the picture.

  50. PhoenixUltima says:

    Amazing! I have the same combination on my luggage!

  51. Storm Kraken says:

    There are tradeoffs. The internet has a lot of free services from companies because you’re giving them free data (ok, so maybe neither the services nor the data are truly free then). Some companies will sell that data. Others, such as Google (based on what THEY say- you can believe it or not), will try to keep it contained within their company (court orders being the only stated exception) and only use it to determine what to advertise. I don’t think completely abstaining from many of these services, such as what Facebook, Google, Twitter, and many others have to offer, is always realistic, but I think that many times you can limit how much they can find out about you. I don’t mind Facebook knowing what I do on their site (it is THEIR site, after all, and they control the data on it- there’s nothing I can do about that), but I’m not necessarily comfortable with them knowing about what other sites I visit without my permission, or what my real identity is. I think that there are many things that can be done to maintain anonymity.

    Unfortunately, most of the solutions that limit what any one organization can know about me (outside what I do on their site) either require some technical understanding, can be inconvenient, or are just not enabled by default. Third party cookies can be disabled to stop tracking cookies; IP-hiding utilities can be used, such as a proxy or Tor; scripts in webpages can be blocked by default (which also helps computer security); etc. But these mean that you have to configure some new utility and usually know a little something about how it works. So you have to choose what level of anonymity you want and be prepared to work a little harder if you want to be almost completely anonymous (which I think is possible, even with the government watching).

  52. Patrick the Capricious says:

    I find your deletion of my comment a damnable offense. That you would consider my comments in error, or even boring, is an affront to our relationship. You have wounded me with such a left-handed and elitist insult. I find your silent condemnation of my contribution as an intentionally hurtful attack on my very being.

    NOW YOU SEE THE VIOLENCE INHEIRENT IN THE SYSTEM!!

    1. Shamus says:

      Context: This is my brother, who is in-joking me. Please do not emulate him.

      1. Bubble181 says:

        Oh, so we’re not EVEN allowed to complain about being silenced?
        CRYPTONAZIFASCIST!

        …or something. Fine, I’ll just shut up now.

      2. DanMan says:

        Sorry, once you start the Monty Python there is no stopping…

        Ni!

        1. Daemian Lucifer says:

          No,no,stop that.Its just too silly.

          1. dovius says:

            Yes, let’s not go to the Monty Python jokes, it is a silly place.

      3. Zukhramm says:

        Oh, I thought it was almost bizarrely hostile. Guess that’s explained.

      4. Irridium says:

        Help help, I’m being repressed!

  53. SolkaTruesilver says:

    Maybe it’s just me who’s a financial tehnocrat overlord, but why am I not troubles in the least that Facebook knows where I’m going on the net to sell this info to a third party?

    These third party will use the info to cut-out better publicity for me, meaning I won’t be harassed by more Scientology adds, I’ll get more exposure to stuff I like. Oh, the horror?!

    Changing the publicity I’m exposed to is not gonna be a horrible dealbreaker for me. I’m exposed to it anyway, might as well have a relevant one? Or, if you adblock, you can not-see adds made specifically for you. Is it that horrible?

    1. Alan De Smet says:

      One reason why pervasive privacy is important is that you don’t know how your information might be applied or misapplied in the future. It’s five years from now, maybe Facebook isn’t making quite as much money as Wall Street wants. Time to start selling web site research on specific users to anyone who wants it! Oh, hey, you’re applying for a new job. Your potential new employer buys the data and checks a few sites at random. What’s this “shamusyoung.com?” Hrm, the company censorware is blocking it as “encourages illegal activities.*” Well, there was another candidate who was almost as good, and doesn’t have that weird shamusyoung.com in his history.

      *Why would censorware do that? Turns out censorware companies have a history of erroneous blocking or intentionally political blocking. Maybe the censorware company also sells DRM and blocks all critics. Maybe Shamus has sadly been hit by a bus, his domain expired, and it’s been held by a domain squatter that serves viruses to people to visit.

      Or to take a simpler expand, hey, it looks like you keep visiting donate.example.com/planned-parenthood. Economy down, forced to accept a job with an extreme right-wing boss? Oops, a bit of research (perhaps buying it from Facebook, or perhaps buying it from someone who stole it from Facebook) and you lose your job.

  54. Aulayan says:

    I think the problem is, people who go to sites like this are stuck in the mindset of the past of the Internet. The era of things being seperated, and very few things tracking your movements are over.

    And as I said in a post above, there are -far- worse things than Facebook. To the point where it’s actively scary.

    I guess some people have the point of…they can at least do something about Facebook (for now). Whereas Google, or the credit agencies, there’s fuckall you can do. But it just seems to me to be pointless paranoia. Hell, I know a geek who forced his wife and himself to practically seperate from everyone online due to such paranoia.

    My point is. Facebooks here. If you’re willing to abandon shamus for it, I hope you’re willing to abandon *every* site that features news. Most entertainment sites (Including many if not most web-comics). Basically … the entire web at this point.

    Oh, and Shamus isn’t a sell-out. At least not until he publishes his novel and sells at least a couple thousand copies. ;) (Seriously. I hate the term sell-out).

    1. Mari says:

      Actually if you’re patient you can disappear from the credit agencies. Step 1: pay off all the debt Step 2: close the credit accounts Step 3: never open another credit account Step 4: wait for anonymity. It’ll take up to 10 years but eventually you, too, can be forced to send them a driver’s license and social security card photocopy just to check that your jacket is still blank because they have no other way of identifying you.

    2. Old_Geek says:

      One of my dreams in life is to have so much talent that people are trying to get me to sell out. I don’t think I would do a very good job resisting. After one hit song I’d be writing a jingle for Pepsie.

      I remember an interview with Vanilla Ice where he was asked about the damage he did to his serious rap career by writing the theme song to one of the Ninja Turtle’s movies. He admitted he sold out but couldn’t help smiling into the camera and saying “But it was a hell of a lot of money!”

      That would be me.

      1. Zukhramm says:

        I don’t really get the “selling out” thing. Someone has something they want to done and the money for it, so they hire you to do it. That’s how a lot of people get by in their lives, and making furniture or sausage it’s apparently fine do do it that way, but as soon as it’s about music it’s “selling out”.

        1. Old_Geek says:

          In all seriousness, I think selling out has to do with your image. To really sell out, you have to have to be all “The hell with society! I will always push the envelope, doing things that will just blow your mind, if what I do pisses you off, FANTASTIC!” then turn around and write a jingle for Coco Puffs or appear on American Idol.

          The only ways I think Shamus could sell out would be to market his own brand of DRM or write a positive review of a crappy game just for cash.

  55. Lalaland says:

    Sell Out => More Successful Than Me

    The only definition I accept for sellout is the one above. I hear what you’re saying about quality Shamus but it’s such a nebulous concept you will never get someone who throws it out there to accept a difference.

    That said I have a passionate dislike of Facebook and all it’s works. I don’t have an account and I assiduously avoid it to the point where I’m ‘that guy’ who rants about privacy every time it comes up. Of course it’s tinged with IT elitism as my friends and I run a private BBS for ourselves to stay in touch, an option not really open to others.

    I’m conflicted though as Facebook has become an important source of exposure and, indirectly, revenue for a lot of web sites that I love. For those that offer it I usually go down the direct donation route to make up for my ‘freeloading’ provided by the various script blockers and ad-blockers I use.

    Anonymous tracking is a complicated multi-level issue as it’s not just the Zuckerberg Zerg Rush that some paint it to be with every class of bad actor trying to sell your love of ‘specialist’ web sites to tom, dick and harry. TV relies on ad revenue and to a lesser extent the web has moved to the same model (I’d love to see in % terms how much you’re out of pocket you’re left after hosting costs). To hide from those adverts is to make a choice that while pro-consumer is necessarily anti-creative as often those are the only revenue sources they can tap.

  56. LintMan says:

    Doh – beaten to it by PhoenixUltima

  57. Slothful says:

    I just plain ol’ wipe my recent history every time I go to Facebook. I don’t really know the specifics of what they do with their cookies or how they work, but I just want to get rid of that dirty feeling.

    Also, if you don’t make sure to sign out, now that Facebook has a chat feature, people will start talking to you when you’re doing something else, and that can be really…disconcerting.

    Also there are some sites that have this weird, intrusive pop-up Facebook thing that hangs around on the bottom of the screen and you can’t get rid of it. I may just leave this site if you get one of those.

  58. Deoxy says:

    Firstly, Shamus, I’ve been commenting less here because the comments are so often well over 100 already when I get here, which they NEVER used to be. Clearly, your audience has grown. A lot. In the last 2 weeks.

    What would be very useful in cases like this is a “dump THESE cookie” function, which you could use to delete Facebook (for instance) cookies and leave the rest. (Edit: You can do this manually in Firefox by viewing the cookies and choosing which to delete. In IE, the cookies are stored as individual files that can be deleted, but I can’t remember where offhand.)

    Or you COULD (like me) just never log into Facebook. Problem solved.

  59. Deadfast says:

    Let’s not forget Local Shared Objects aka LSOs aka flash cookies aka super cookies. These are pretty much the same thing as regular cookies. Unlike your every day text cookie though, an LSO never expires, cannot be deleted as easily and mainly most people aren’t even aware such thing exists.

  60. Gary says:

    I don’t mind the LIKE feature on this site because I can’t even see it. Facebook is blocked on this computer and as such, so is every LIKE button on the internet. :)

  61. wootage says:

    Not to be rude, but well, DUH. Of course Facebook is going to track your movements. Your personal information is what they SELL FOR A LIVING. Did anyone seriously think that service was free? M. Z. is out-and-out, an out-for-himself kind of guy. He’s the up and coming Bobby Kotick of the Internet.

    Personally, I stayed far, far away from Facebook until all my family and many friends had gotten suckered into it. So I made up a name they’d recognize and got an alternate email address that couldn’t be used to identify me personally.

    For sites using Facebook’s web integration, the only recourse I’ve found is to make sure I’m logged OUT of Facebook when I leave the site. I’m not even sure it’s effective, but it’s all I can do at the moment.

    Edit: And no, I’m not going to stop coming to this, or any of the sites I use, because of it. It’s not Shamus’ doing, it’s Mark Zuckerberg’s and his employees’ doing. They’re the ones who chose The Evil That They Do over every other way to accomplish the same ends.

  62. Even says:

    All it took me was one website with abusive flash content to install Adblock and I’ve been rather happy with it ever since. I find the very idea of being personally tracked by strangers with dubious motives to be all sorts of creepy. It’s the one thing I hate the most about the internet, but it’s something you just have to live with. I just don’t think it’s anyone else’s business but mine what sites I visit and when and therefore reserve the right to block access (when applicable) to any service tracking my own data.

    It’s a shame really though for you to lose readers over it, since as a social platform and a “bush radio” Facebook is definitely very effective.

  63. Volatar says:

    Just so you know Shamus, that picture of those cookies looks really tasty.

      1. Damn you now I want cookies and I am at work and can get none what have you done.

      2. Noble Bear says:

        Serious. If that was anything other than a GIS on your part, I want the recipe.

      3. Volatar says:

        I ended up baking a batch thanks to you. :D Cookies!

  64. LVC says:

    This post and the following discussion actually made me aware of the issue.

    So as a result I considered the issue and decided that a web page should not involve any other third party in it’s communication. I’m not that worried about tracking but I do think that which sites I visit is simply none of their business. Nevermind that I’m not actually interested in seeing their content.

    To achieve this I installed the Request Policy Firefox plugin which blocks any requests to sites on another domain by, unless the domains for that site are white listed. This effectively blocks FB, Twitter and any other plugins.

    One of the major improvements is that loading pages now happens considerably faster. The last bits of non-java script advertisement also seem to be gone now and over all everything still works.

    So thanks, this post increased the qaulity of my internet life.

    Perhaps it’s worth realizing that a website is not like a bar where you go to and either have to accept the crowd and the music or forgo having a beer. Rather a website is like inviting some one into your living room and have a beer. So when they ask if they can invite their friends and play music, you can say no.

    1. Mari says:

      Very true. One thing to keep in mind though is that hanging out in your friend’s living room is cool but after the third or fourth week of you spending every night in his living room, sucking down his beer and eating his pizza, it’s generally considered polite to kick in a little bit for the hospitality. I’m not referring to Shamus in particular here but most websites, as mentioned in many previous posts, derive their “income” (which for smaller sites means “enough money to cover the hosting package maybe”) from the ads and other third-party content. Essentially, hanging out at many websites for prolonged periods of time while blocking all of the revenue-generating content is kind of like mooching off your friend. IF a site that you love has a donate button AND you have the means to do so and you’re blocking the other revenue-generating stuff it might be nice to consider donating a little. Think of it as buying the next case of beer to share with your buddy :-)

      The disclaimer: this is MY opinion, not something espoused by Shamus or any other site-owner I know. And again, I’m not saying it’s an obligation or you should be run off the internet on a rail if you don’t do it. Just that it’s a view point to consider for the sake of politeness.

      1. LVC says:

        Those are good points and I’ll have to spend some thought on that.

        I do think it’s interesting you reversed the metaphor. You seem to consider visiting a website to be going somewhere. Though your arguments holds either way, if I’m having Shamus over in my living room all the time to entertain me I better buy him a beer and pizza now and then.

        1. Mari says:

          I think it’s a personal quirk. To me, one of the most intimate (and I don’t mean that in the sleazy way) things a person can do is invite me into their home. In my social circle that’s the mark of very close friends who know one another well enough to overlook the fingerprints on the lightswitch plates and toddler toys under the recliner. So I tend to think of many personal blogs as being invited into the author’s home. Because I’m not fully reciprocating (giving them as much of a look at my personal thoughts/life) I have trouble thinking of it as inviting them into my home though that’s more literally the truth.

  65. Patrick the Oppressed says:

    Seriously people, removing the FB ‘like’ button? What do you think this is? Did you think we were an autonomous collective. You’re foolin’ yourself! We’re living in a dictatorship. A self-perpetuating autocracy in which the working class has it’s posts removed! Yan’t expect to wield supreme executive power just ’cause some Harvard dropout threw a cookie button at you!

    You all saw him mock my post! That’s what I’m on about — did you see him repressing me,you saw it didn’t you?

    1. Mark says:

      Shut up, will you? Shut up! Bloody peasant.

    2. Slothful says:

      Yeah, other than interesting posts, lets plays, introducing me to minecraft, making comics, aqueducts, and giving interesting commentary on video games, what has Shamus Young ever done for us?!

    3. Mari says:

      Oh there you go again bringing class into it!

    4. Irridium says:

      Well, I didn’t vote for ‘im…

  66. BFG9000 says:

    You know, there is a Tool song with a title that I’ll leave out, but basically he is talking about a discussion with a fan where he says “I sold out long before you ever even heard my name.” To call someone a sellout means nothing if your interaction with them is never anything more than you consuming the product (be it art, blog, music, video game, fruit snacks, so on) they provide. To call Shamus a sellout implies you know more about him than he reveals in this blog, so really, calling him a sellout means you haven’t thought very hard about your relationship to him.

    I guess the moral of the story is if you think he’s a sellout, you are in love with Shamus.

  67. rabs says:

    Wow, so much fuss over a few cookies. It looks more like a principle problem than a technical one.

    I quickly browsed the comments, here is my config:
    Cookie Culler (Firefox Addon) with a few whitelisted cookies (everything else is purged on close). I like having a clean cookie list, as I do some web dev.
    – NoScript (I’m not against ads, but against waste of my computer resources, especially on mobile devices) & FlashBlock (2nd layer, if the domain is whitelisted)
    – A secondary unstable browser without addons, for playing/testing. Full wipe of everything on close. When I log on Facebook, it’s on this one (well, I’m not a real Facebook user, it was more for curiosity, when it started).
    – My homedir backup script already purged the whole ~/.macromedia directory before the “permanent Flash cookies” story. So it was a funny one.

    And I can still be tracked in many ways (IP & UA), though the data is expected to be less accurate. There are solutions for that, but I’m not an extreme privacy activist.

  68. F0nz13 says:

    Eh, I’m annoyed, not at you Shamus, it’s more one of those teenage ‘things are happening and so must be bad’ annoyances. It doesn’t affect me too much because I don’t give a damn about all of this facebook integration (I mean, it irks me, but it isn’t breaking down the front door and stealing my windows), nevertheless, I really appreciate the how-to for those who are really put off by it.

    Anyhow, as far as I’m concerned with it, if you say it might help you get more sheep to the flock, then I’ll give it a clicky, least I can do, you being the first games blogger I stumbled across who wasn’t a kid foaming at the mouth with fanboyish rage.

  69. Dragomok says:

    Actually, if you’re using Firefox, you can just add Facebook.com to list of domains your browser doesn’t accept cookies from.

  70. Neko says:

    I can’t be certain this works, but I’ve just right-clicked the “Like” button and told AdBlock Plus to add a rule to filter out the iframe, “||facebook.com/plugins/like.php?*” (chose first option). If it’s not loading the iframe contents at all, then facebook should never get sent that cookie and never know where I go from now on. Since it’s only filtering out the ‘plugins/like.php’ URL, I think it will still work when I log in normally, but it wouldn’t surprise me if Facebook breaks in some unusual way so use at one’s own risk. It’s not as though I ever ‘like’ anything though…

  71. Christoph says:

    Actually there IS an easy way to block the facebook-spies (social plugins) if you are using Adblock Plus. Basically it blocks facebook-content everywhere but on facebook.com itself. Facebook gets no data and you can keep your autologin-cookie.

    just add these two rules

    ||facebook.*$domain=~facebook.com|~127.0.0.1
    ||fbcdn.net$domain=~fbcdn.net|~facebook.com|~127.0.0.1

    source:
    http://dhcollier.com/articles/disabling_facebook_connect_nonfacebook_websites

  72. Rick says:

    Everything’s a tradeoff nowadays. People aren’t worried by how much information Google has. Do you really think that Like button is on as many sites as Google Analytics or code hosted on Google’s CDN?

    Just like the Facebook button, Google can see what site you were looking at when Analytics etc was requested.

    And that’s not even counting all those people who use Google’s DNS services and lets Google see every single domain they look up.

    Honestly, I hadn’t really noticed the button, but now I’m going to take the time to click it on stories I particularly like. Thanks.

    Good on you, Shamus. Self promotion is a hard thing for humble people, but the Facebook Like button expands your reach. Your best work to those most interested, just like you said.

  73. AngyPanda says:

    My brain is overloading. The only way this button can have a negative effect is if you are actualy on Facebook. That means you already whored your privacy out. It’s not the fault of this site that they know everything you do now.

    1. Alan De Smet says:

      Sadly, a lot of people feel compelling to have Facebook accounts. I got a Facebook account because I have a friend who insists on arranging everything via Facebook. Another friend has a Facebook account specifically to protect his privacy; if you don’t have an account, you won’t get notified when someone tags you in a photograph. If you want to be able to remove your name from photographs, you’ll need a Facebook account and you’ll need to friend just about anyone who might end up with a photo of you.

      1. AngryPanda says:

        I do see your point but once more doesn’t that just prove that just show that the problem here is Facebook itself. You only have the issue if you buy into the thing. You buy into the thing because it is convinient. So does Shamus. It looks a bit strange to me to blame him for this. Last but not least, if you are not deleting your cookies then Facebook knows your are visiting some way worse sites than this. And I know you do.

        PS: none of those “you” actualy mean Alan.. I have no idea how your personal stand in this issue is :) Unless you blame Shamus for selling out. In which case I totaly mean you. And might set your dog on fire.

  74. Author says:

    I think the problem here is that the “classic tradeoff” is created by Twenty Sided by adopring the tracking button. This is aggravated by the issues with the suggested workaround. Firstly, session-long cookies are long enough, because some people keep Firefox open for weeks. Secondly, Facebook knows my IP address, so it knows where I go even without a cookie. Shrugging the load of responsibility off to the users is what is aggravating. Sold out or not sold out is secondary to me. I am not jealous of Shamus’ ad imprints.

    I found that the only way to deal with this is to ignore Facebook altogether. I did not stage a protest with deleting my account and throwing tantrums, but I only visit Facebook once in several weeks and every visit is followed by a cookie-cleansing campaign (keep in mind that not only facebook.com cookies have to be deleted, but also its CDN and other tracking cookies). Then, AdBlock gets updated and Facebook rules reinstated.

    Finally, there is an option of never visiting Twenty Sided until Shamus specifically trolls for comments on Twitter, or something.

  75. Merle says:

    Thanks to this blog post, I now have my browser set to clear cookies.
    The idea of someone tracking me around the Internet seriously skeeves me out…and advertising in general is the art of trying to sell you something you don’t need, by any means available.

    Oh, and a neat little tidbit – did you know that Flash movies have their own separate setup entirely for cookies?

  76. Zak McKracken says:

    There are so many half-assed* descriptions of how to avoid facebook cookies that I decided to add my own :)
    On Opera:
    go to settings -> advanced -> cookies
    click the “manage cookies” button
    – wonder how many thousand ad-related cookies you have –
    enter “facebook” in the search field; delete everything that is being found; click “close”
    set it to ask every time a site sends you a cookie, click “OK”
    open any page with facebook button, wait for the cookie dialogue to come up, for the facebook cookie, select “remember my choice” and “refuse”, there you go.

    You can then unset the “ask me every time” thing again, because it starts to be annoying rather soon. You can also choose to not allow third-party cookies, and you can use the opera adblocker (right-click on the site, “block contents”, then “details” on the top of the page) to block anything with *facebook* in it. That will also block the facebook button, not just on this site, but everywhere.

    Repeat the aboveprocess for every user-tracking site you don’t like, and there you go (I took the opportunity to find a great number of ad-related cookies I did away with, too)
    There should be a simpler way of doing this in a browser, but it worked for me, and I didn’t need any plugins.
    Shamus’ approach to just block all cookies will certainly work, too, but it would also mess up some sites you may still want to use.

    * and some good ones, but not for Opera

  77. Zak McKracken says:

    why I hate facebook
    A company uses something to turn ressources into stuff and then sell it to customers.
    Question: Who are facebooks customers?
    It’s not the users! They provide content and data, data, data. None of them actually pays facebook (nor Google, for that matter). Now facebook goes out of their way to not just present you advertising (which certainly would make sense), but also to collect even more of your data, to link every bit of data against every other bit they can get hold of. Then they put that on the net. They go to great lengths to make sure what is on facebook stays on facebook, even if the user is gone, even if they won’t serve that user ads no longer. Why would they do that? Why spend money on this?
    Solution: The users are not the customers, they’re the cattle. They provide raw data, facebook refactors that, connects all the dots, and that’s the product. And the customers? Weeelll… depends, I guess. Advertisement is surely one thing, but services for “third parties” who want to access that data are certainly a growing share of their income. Facebook has a license to do virtually anything with your data, private or not (you think only 10 people can see your private details? more like 10 prople plus every facebook employee, plus x, where is x a business critical figure, and thus a secret).
    I know some bits about data mining, and it’s scary what you can do with very limited information if you have the same bits if information about enough people, or for a long enough period. You can then connect that to other (public or not public) information, cross-correlate, derive other data and know much much much more than an unsuspecting passer-by would assume.

    Also, they have a monopoly, and that can never be a good thing. There is too much power in that company, and it is going to be abused. There are enough open standards (e-mail, IRC, NTP, whatever) for communication, and I can choose which software and which provider I use, why should I use the system that is owned by only one company and requires me to give them the full rights to anything I upload?

    I understand that Shamus needs to care about where the new readers come from, but I too whish it was easier to avoid facebook.

  78. Julia says:

    I avoid the whole “Facebook knows what you do!” problem by not being on Facebook.

    1. Zak McKracken says:

      Well that’s the point of Shamus’s post: Facebook still knows what you do, even if you’re not on it. It’s enough to visit Websites with facebook’s “I Like” buttons, or have friends who are on facebook. It’s amazing how much you can find out about a person if you can just bring lots and lots of seemingly unimportant information together and connect all the dots.
      Facebook has already stored, on which of their “partner” sites you were, and when. If Someone posts picture of you on his facebook account and labels it corrtctly, they know your name and what you look like, and they can scan all their other pictures (plus anything else that’s available on the web) for your face, with the help of meta-tags on pictures they’ll know dates and locations, and who else is on those photos. If they can then connect that to your browser history and the profiles of everyone they know you had contact with … well, that’s a lot. There’s even more that can be inferred from this bunch of information, just by cross-correlation of some data and what is already known about other people. (e.g. “95% of females who talk about TV show X and spend their holiday in Y are voting for political party Z”) — without you even being on facebook.

      OK, outside of panic mode: They’re surely not directly conspiring to become Big Brother, or planning to misuse their knowledge of individuals to obtain world domination, or whatever. They’re a company trying to generate revenue, not a big evil secret society. But if they’ll ever find a way to turn all this information into money, then they will, regardless of what that does to you, unless they are forbidden by law to do so, but sometimes even then (there’s a lawsuit in Germany, but it’s not clear wether they have to comply with German law in the first place).
      Since Legislation regarding privacy protection is pretty much in its infancy regarding the internet, there is still a lot that would be considered unethical by most but isn’t forbidden because up until now it has never been a problem.
      => If you care about the facebook problem, ignoring facebook is not enough, you’d need to block their cookies, and embedded buttons, too.

  79. Hola! I’ve been following your web site ffor a while now and finally gott the
    courage to go ahead and give you a shout out from New Caney Texas!
    Just wanted to mention keep up thhe excellent work!

Thanks for joining the discussion. Be nice, don't post angry, and enjoy yourself. This is supposed to be fun. Your email address will not be published. Required fields are marked*

You can enclose spoilers in <strike> tags like so:
<strike>Darth Vader is Luke's father!</strike>

You can make things italics like this:
Can you imagine having Darth Vader as your <i>father</i>?

You can make things bold like this:
I'm <b>very</b> glad Darth Vader isn't my father.

You can make links like this:
I'm reading about <a href="http://en.wikipedia.org/wiki/Darth_Vader">Darth Vader</a> on Wikipedia!

You can quote someone like this:
Darth Vader said <blockquote>Luke, I am your father.</blockquote>

Leave a Reply

Your email address will not be published.