Beitrag Fr 26. Feb 2021, 06:15

Facebook login is letting hidden online trackers slurp up.

Third-party tracking code, used across the internet to track user behaviors on websites, optimize ads, and other purposes, has been grabbing Facebook user information on websites that support logging in through the social media platform, Princeton researchers report. When users log in to websites using Facebook’s Login feature, trackers can grab Facebook user IDs and … Continue reading “Facebook login is letting hidden online trackers slurp up your data”.Visit- Facebook login
Facebook login is letting hidden online trackers slurp up your data Calls for congressional hearings grow as Robinhood and other brokerages restrict GameStop trades
4 ways travel will be different in 2021, according to Airbnb. The internet offers hedge fund managers some hilarious advice, familiar to millennials
BY STEVEN MELENDEZ2 MINUTE READfacebook login

Third-party tracking code, used across the internet to track user behaviors on websites, optimize ads, and other purposes, has been grabbing Facebook user information on websites that support logging in through the social media platform, Princeton researchers report.
When users log in to websites using Facebook’s Login feature, trackers can grab Facebook user IDs and in some cases other information such as email address or gender, potentially without the knowledge of the operators of the websites where the trackers are installed, according to the researchers.
“[W]hen a user grants a website access to their social media profile, they are not only trusting that website, but also third parties embedded on that site,” write Gunes Acar, Arvind Narayanan, and Steven Englehardt, a Mozilla privacy engineer who also researches privacy at Princeton.
The researchers identified seven websites that were accessing Facebook user data and found scripts to gather this user information on just 434 of the Alexa top million sites.
How Bandsintown collects user data through Facebook Login on its website, and how third parties could access some of that data through Bandsintown code embedded on other sites [Image: Freedom-to-Tinker]facebook login

In one instance where hidden trackers can use Facebook Login to de-anonymize and track visitors, the gig listing website Bandsintown (represented as tracker.com in the above image) asks users to Login with Facebook and give the Bandsintown Facebook app access to their profile, city, likes, email address, and music activity. If those users visited other music-related sites that contain Bandintown’s “Amplified” ad product—including lyrics.com, songlyrics.com, and lyricsmania.com (represented by publisher.com in the image)—an invisible iframe then passed the user ID to the embedding site.facebook login

“Thus, any malicious site could have used their iframe to identify visitors,” the researchers wrote. After being notified, Bandsintown removed the script.facebook login