this post was submitted on 15 Sep 2023
32 points (74.2% liked)

Asklemmy

43826 readers
870 users here now

A loosely moderated place to ask open-ended questions

Search asklemmy 🔍

If your post meets the following criteria, it's welcome here!

  1. Open-ended question
  2. Not offensive: at this point, we do not have the bandwidth to moderate overtly political discussions. Assume best intent and be excellent to each other.
  3. Not regarding using or support for Lemmy: context, see the list of support communities and tools for finding communities below
  4. Not ad nauseam inducing: please make sure it is a question that would be new to most members
  5. An actual topic of discussion

Looking for support?

Looking for a community?

~Icon~ ~by~ ~@Double_A@discuss.tchncs.de~

founded 5 years ago
MODERATORS
 

Hello, smart people. Filling out an online form to volunteer for something, Firefox's Facebook-fence icon appeared on the email field. Confused, I clicked on its question mark. On the next page, Mozilla wanted to sell me Firefox relay for $7/mo. (That's their VPN + email masking + phone masking.) I used my yandex.ru email address instead for $0. Here's the question: is Facebook really able to track me because I've signed up to volunteer for Cornel West (setting aside the FB-Russia blockage issue)? Thanks.

top 33 comments
sorted by: hot top controversial new old
[–] Synthead@lemmy.world 76 points 1 year ago (5 children)

is Facebook really able to track me

Oh yes. The "like" buttons on websites are also used for tracking people, so any website that is Facebook-enabled will know who you are. Additionally, browser fingerprinting makes it difficult to stay anonymous, even without an account.

More or less, it's the worst-case scenario. Governments of many countries have sued and fined the crap out of them for obtaining data in a way that is illegal. But they make so much money with that data that they almost ignore the concern.

[–] kale@lemmy.zip 22 points 1 year ago (2 children)

Related to fingerprinting, it's theorized that if a person doesn't have a Facebook account but their friend group does, Facebook will create a "shadow account" which isn't public but still attempts to collect data for this person based on the posts, pictures, and location data from friends on Facebook that spend time with this person. Zuckerberg admitted to Congress that Facebook does collect information on non-users.

Even for users, Facebook attempts to establish a lot of metrics, even if the user doesn't provide them, like estimated income and political affiliation, for advertisers to use.

I saw some of this first hand. Several years ago I tried some advertising for some affiliate marketing. Facebook's ad platform let me limit advertising to people with gaming consoles between certain ages, and I noticed I could target it for people who likely leaned more liberal or conservative if I wanted, or only for an estimated household income level. It's surprisingly detailed.

[–] Hyperreality@kbin.social 17 points 1 year ago* (last edited 1 year ago) (2 children)

it’s theorized that if a person doesn’t have a Facebook account but their friend group does, Facebook will create a “shadow account

AFAIK this is confirmed. CNET:

... the Facebook CEO confirmed the company collects information on nonusers. "In general, we collect data of people who have not signed up for Facebook for security purposes," he said. ... described various forms of data collection that don't involve users directly giving it to the social network. ... That data comes from a range of sources... includes brokers who sell customer information that you gave to other businesses, as well as web browsing data sent to Facebook when you "like" content or make a purchase on a page outside of the social network. It also includes data about you pulled from other Facebook users' contacts lists, no matter how tenuous your connection to them might be.

I presume that will at some point also include data scraped from the fediverse.

One thing that really does help, is salting your data. The online equivalent of wearing a fake moustache, is the occasional comment that may or not be entirely incorrect. I live in France. As a black woman, I support Trump. I'm expecting a baby. I want to buy a new house. That kind of thing.

Of course it does lead to minor inconveniences. For example, my google calender mentions my father's birthday being on the 13th of August. In reality we have the same birthday. My birthday is on the 18th of September. Once again, I'm salting the data. That way if I ever mention something factual, it'll be hard to tell which bits of data are or aren't real.

I'm exagerating for effect, but you get the gist. Occasionally change details or names a small bit to make your profile fuzzy and easier to confuse with someone else's.

[–] riley0@lemmy.dbzer0.com 4 points 1 year ago

🤣 I like that.

[–] Stovetop@lemmy.world 1 points 1 year ago

You really think people ~~would~~ should do that? Just go on the internet and tell lies?

[–] darcy@sh.itjust.works 2 points 1 year ago

scary stuff

[–] riley0@lemmy.dbzer0.com 12 points 1 year ago (3 children)

I just looked up fingerprinting. Yuck. Is there anything FOSS that defeats it?

[–] DeltaTangoLima@reddrefuge.com 28 points 1 year ago

Firefox has blocked browser fingerprinting since v72 (we're at v117 now) - nearly 4 years now.

[–] Synthead@lemmy.world 10 points 1 year ago (1 children)
[–] raptir@lemdro.id 1 points 1 year ago

If Firefox blocks it, why am I unique according to that site?

[–] Atemu@lemmy.ml 3 points 1 year ago

Not usang their services. I'm doubtful any technical measures achieve appreciable results here.

[–] xigoi@lemmy.sdf.org 8 points 1 year ago

This is why fines should be escalated exponentially.

[–] Hyperreality@kbin.social 6 points 1 year ago (1 children)

Given how often I have to fill in captchas, I think I'm good tbh.

Although I have firefox delete my history and cookies every time I exit a session, use ublock origin, vpn, etc.

[–] darcy@sh.itjust.works 1 points 1 year ago (1 children)

maybe... but i get captchas just from changing my user agent...

[–] riley0@lemmy.dbzer0.com 2 points 1 year ago (2 children)

I just looked up user agent. If I understand correctly, that changes every time I change browsers. Does it also change every time I clear the cache?

[–] Blake@feddit.uk 3 points 1 year ago (1 children)

User agent has quite a few things included, such as browser and operating system, so if you use a different browser, you’ll have a different user agent. The trouble with user agent is that some techniques used to try and make it more anonymous ironically make it easier to track. There’s not really a good option. Although it’s definitely worth getting a user agent switching plugin to disguise yourself as Google bot so you can bypass paywalls

[–] riley0@lemmy.dbzer0.com 1 points 1 year ago

Thanks. Magnolia does the paywall thing for me. :)

[–] Synthead@lemmy.world 2 points 1 year ago* (last edited 1 year ago)

Some browsers have proprietary APIs that break web standards (see Chrome), and sometimes, workarounds are needed for some browsers. Changing the user agent might break functionality.

[–] riley0@lemmy.dbzer0.com 4 points 1 year ago

That bites, and thank you.

[–] otter@lemmy.ca 12 points 1 year ago (1 children)

I don't think you need relay/VPN to block the facebook stuff if you have the container turned on? I haven't gotten a popup like that from Firefox before

[–] zerofk@lemm.ee 5 points 1 year ago* (last edited 1 year ago) (2 children)

Indeed, this sounds like a scummy way to sell vpn. While it is true that Facebook embeds tracking in other sites, these can be easily blocked without vpn.

[–] Moghul@sh.itjust.works 5 points 1 year ago

I mean... OP interacted with a privacy feature. The tracking was already blocked, but if you go further, you might be interested in privacy in other ways. It's not an entirely unreasonable place to assume a user might be interested in your other privacy products.

That being said, I don't know that I would put all my privacy eggs in one basket with one company. I use a variety of products, free and paid.

[–] tias@discuss.tchncs.de 0 points 1 year ago

Also using a VPN won't help at all.

[–] FredericChopin_@feddit.uk 9 points 1 year ago (1 children)

What do you mean you used your .ru email and paid $0

[–] Blake@feddit.uk 7 points 1 year ago

Facebook is able to track you quite successfully almost everywhere unless you block them using an anti-Facebook blocklist with a decent ad-blocker such as ublock origin. At the very least, everywhere you see a “share on Facebook” or a “like” button, you’re being tracked by Facebook

Mozilla, sadly, isn’t really that trustworthy anymore. A VPN is not really helpful when it comes to ensuring privacy - a VPN hides your IP address from sites you connect to, but cookies, browser fingerprint, login accounts, etc. are much more useful than your IP address because your IP address is likely shared with other users, potentially many others. And additionally, you’re trusting the VPN provider with far, far more than you really should. It would be pretty straight forward for some VPN provider to steal your login details for basically any website if they wanted to do so.

For emails, disposable email address providers exist and if you use Bitwarden password manager (highly recommended!) then you can use them to generate username/password combinations for any website you like.

[–] riley0@lemmy.dbzer0.com 6 points 1 year ago (1 children)

Thanks, everyone, for the info and education. I've just discovered and added Privacy Badger to FF. Tracking makes me feel slimed.

[–] PlexSheep@feddit.de 5 points 1 year ago

Iirc privacy badger had some incident where they became untrustworthy, ublock Origin is the highly recommended tool against everything.

Don't take this for granted, do your own research, unlike me.