Facebook just got outed for including (non Girl Scout) cookies that have the potential to track a user's movement across the interwebs even when signed out of the site. I...feel violated. Get it? I just sat on a dog toy!
When Australian programmer Nik Cubrilovic first blogged on Sunday about how Facebook logout didn't seem to actually, uh, log out, the company went into damage control mode, insisting that "Facebook does not track users across the web," which was pretty funny given that Facebook has a tracking feature its CEO literally calls "Facebook Across the Web." The company also said, "logged out cookies... are used for safety and protection..."
Except it turns out one cookie wasn't used for "safety and protection," as a Facebook engineer has admitted to Cubrilovic now that the press storm is subsiding. One cookie, "a_user," continued to report your user ID back to Facebook after you logged out, until you shut down your browser entirely. The cookie was only visible to Facebook, but the site could have used it to track your visits to other sites if it wished, since a great many websites feature "Facebook Connect" widgets that load content from facebook.com -- transmitting cookies to Facebook each time they do so.
Oh shishi Facebook, you bein' bad! *calling Zuckerberg* Hey Zuck -- it's me, the Geekologie Writer. THE GEEKOLOGIE WRITER, DAMMIT, DON'T ACT LIKE YOU DON'T KNOW WHO I AM! Huh? No Y, it's with an I-E at the end. Listen Zuck, let me cut to the chase -- I'm calling about something really serious today. I need you to float me $10-million.
Thanks to Joe and JoeLickASac, who, wow, two different Joes on one tip, what the chances of that happening?! "Not small enough to be worth mentioning." Oh.