Tuesday, October 4, 2011

Facebook to Extinguish Bugs After Lawsuit Over Bad Cookie Behavior



http://ow.ly/6Nlgm

An article by  Chelsi Nakano posted on cmswire.com.

This article discusses a recent lawsuit against Facebook.  The article states, "Facebook privacy concerns— they're like like a broken record. This time around the platform was sued over cookies, having been accused of tracking users even after they've logged out of the social network."


The author goes on to explain, "...(Facebook) still collects these pieces of data when you've logged out of the site. For example, a cookie known as "datr" helps identify suspicious login activity, while another called "lu" protects those using public computers.


The article further states, ""These cookies, by the very purpose they serve, uniquely identify the browser being used—even after logout. As a user, you have to take Facebook at their word that the purpose of these cookies is only for what is being described," (blogger/hacker Nik Cubrilovic) Cubrilovic said.""

The article also points out, "The recent lawsuit, filed in the California district court by six Facebook users in Illinois, Hawaii, Virginia, and New Jersey, asks the court for damages, as well as an order that would require Facebook to stop installing cookies that track users after they log out of the service."

Facebook's position is that the suit is without merit.  Facebook engineer Gregg Stefanick recently wrote in an email, "We have been made aware of 2 instances in the past 2 weeks related to cookies which needed to be addressed. What you (referring to comments from aforementioned Nik Cubrilovic) describe in this post is not a re-enabling of anything, but a separate issue involving a limited number of sites, including CBSSports. We have moved quickly to investigate and resolve this latest issue which will be fully addressed today. We encourage security researchers to test our practices and report them to us through our whitehat program which rewards people like you who identify issues."

No comments:

Post a Comment