Creepy Facebook surprise

Fuzzy_

Legendary Member
Joined
Nov 1, 2011
Posts
4,253
Media
0
Likes
1,105
Points
258
Location
Wuziland
Gender
Male
What about if I click the little arrow next to the address field and click the facebook address that drops down among others?

Do they know where I come from then?

That's fine. It's just hyperlinks from webpages that send referrals. This includes images, scripts, embedded objects (java/flash) and of course text hyperlinks.

Just remember that the cookies for that site may still be cached, so even thought referral information (where you came from) isn't sent, they may still know who you are because of cookies set on your computer during previous visits. That cookie can be read by that site regardless of how you arrived, so they can still know who you are, but not where you came from... unless web beacons are used.

If you want more anonymity, delete that site's cookies BEFORE you visit that site.

As for HTTP_USER_AGENT information, that can't be deleted, but it can be hidden with anti-virus software. USER_AGENT information is just another (albiet less reliable) way to identify a visitor to a website. It basically contains your browser name and version and your OS name and version, and maybe some plugins. This information can be very exact, however, so don't underestimate it. For example, here is somebody's user agent string:

Mozilla/5.0 (iPad; U; CPU OS 3_2 like Mac OS X; en-us) AppleWebKit/531.21.10 (KHTML, like Gecko) Version/4.0.4 Mobile/7B334b Safari/531.21.102011-10-16 20: 23 :50

This is very identifiable because very few others will have that same string.

Here is your user agent information. Don't worry, that link is safe.
 
Last edited:

petite

Expert Member
Joined
Mar 3, 2010
Posts
7,199
Media
2
Likes
146
Points
208
Sexuality
No Response
Gender
Female
A better article about restricting the friending algorithm:

Techlure: How to Stop Appearing as a Friend Suggestion on Facebook

Also some articles about the algorithm:

How *does Facebook select Suggested Friends? : Shiny Shiny

"I also think the "people you may know" window is stalker related. I created a fake profile ages ago to check my privacy settings (this was before fb introduced the privacy view feature) anyway.. I had no friends in my profile and i searched my proper profile and a couple of my close friends a few times. Then logged into my normal profile only to find my fake profile appearing to the right in friends you may know. "

Evidence that Facebook tracks that info:
http://mashable.com/2011/08/18/secret-facebook-stalking-list/

An interesting observation that single females got pushed up in the list over people that this user is more likely to know because he's a single male:

Does Facebook’s People You May Know tool rank single people of the opposite sex higher than others to encourage friending? » Geektastical
 
Last edited:

Fuzzy_

Legendary Member
Joined
Nov 1, 2011
Posts
4,253
Media
0
Likes
1,105
Points
258
Location
Wuziland
Gender
Male
Fuzzy's HTTP Header Information:

Fuzzy's HTTP_USER_AGENT:
Mozilla/5.0 (Windows NT 5.1; rv:11.0) Gecko/20100101 Firefox/11.0

Fuzzy's HTTP_REFERER:
http://www.lpsg.org/

Fuzzy's IP Address:
555.555.555.555

Some of Fuzzy's LPSG Cookie Information:

sessionhash:
c26b27f077104d9bc3060a9386802262

lastvisit:
1328720003

userid:
740566

This kind of information can be used to identify a user by any website you visit, including LPSG. There are many other methods: subpoenas of ISP's, web beacons, phishing, information sharing between websites, etc.

Most ISP's have been fairly easy to subpeona and some will even release ALL of a user's browsing history for the past one or two years (not just sites related strictly to the lawsuit). All it takes is filing a lawsuit with a local court clerk, issuing the subpoena, then dropping the suit without prejudice (important if you want to continue litigation later). Or you can just ask your hacker friend to get the info, which can be surprisingly easy. :redface:

Edit 1: Fuzzy will not post methods of subverting security mechanisms that websites use to permaban trolls.

Edit 2: Be careful if you subpoena your harasser's browsing history. You need 'clean hands' in a civil court, so if you pursue litigation, you can't be abusing this knowledge and expect your case to not be dismissed.
 
Last edited:

LargeSide

Legendary Member
Verified
Gold
Joined
Dec 17, 2007
Posts
912
Media
34
Likes
1,299
Points
423
Location
Missouri (United States)
Verification
View
Sexuality
No Response
Gender
Male
This whole thread creeps me out a little. Now its got me wondering if I have been seen by members of this site... although thinking about it I wouldn't care if they saw the little that they could since my profile is private...

I also use 2 different browsers. Chrome is for general internet use, while I typically use Firefox to access LPSG. I do this for convenience of quickly changing from one screen to another, and also its easier to "hide" things when needed.
 

NotSoDumb_Blonde

Sexy Member
Verified
Gold
Joined
Nov 18, 2009
Posts
765
Media
18
Likes
34
Points
263
Age
49
Location
US
Verification
View
Sexuality
90% Straight, 10% Gay
Gender
Female
Facebook tries to suggest friends to me that I've never even heard nor can make a connection. I generally just ignore it, but I understand your interest.

This is an interesting read.

Facebook tracking is under scrutiny


Interesting article -- by that I mean, scary! It's an amazing debate, but one that I think will continue -- much like downloading movies, books, and music. How do you track people and force them to 'give back' what they've downloaded? Their argument is, once it's out there on the web, it's out there and they're going to use it. I think this is where social networking sites start their arguments. Sadly, I don't agree with them, but being one of a ....er...billion? zillion?? lol users of the internet, I don't have much say. Except here, of course. :cool:

gmail creeps me out too. It reads your emails. Not literally -- but looks for key words, then advertises what you're writing about. Yahoo to some extent too.

Cal -- I'd be worried indeed. Maybe look at your profile on FB and ask some subtle questions of this friend from LPSG. See if you share anything beyond this site?
 

Fuzzy_

Legendary Member
Joined
Nov 1, 2011
Posts
4,253
Media
0
Likes
1,105
Points
258
Location
Wuziland
Gender
Male
gmail creeps me out too. It reads your emails. Not literally -- but looks for key words, then advertises what you're writing about. Yahoo to some extent too.

This is what media expert Yvonne Jewkes calls the "irony of the carceral society." We know that we're being watched by big corporations on the Interwebs and we know that our privacy is being invaded, but we're doing nothing about it.

Fuzzy likes targeted advertising because he doesn't like random ads that don't pertain to his life. Fuzzy hates targeted advertising because the information they collect could be personally-identifiable. That is to say, they may not ask Fuzzy's name and address, but they can get Fuzzy's city (IP address), and check their digital dossier to see that Fuzzy likes cricket, owns a home, uses Firefox on Windows 7, drives an Impala and has insurance through Allstate. This information would be enough for somebody to figure out who Fuzzy is.

For now, Digital Dossiers have their pros and cons. In the future age of biometrics, as Jewkes has suggested, it will be more about 'who' you are than 'what' you do... we all become living documents.
 
1

185248

Guest
I don't have a facebook account, everyone has their own ideas on it, personally I have know just as many frienships to come under stress and family 'stickyness' because of it than uncreate problems. I just think it is a pile, it's a big business electronic version big brother. If you are concerned cal, send a email off to facebook themselves expressing your concern. Whether they care, you get an honest response, is another thing.

PS, you would probably have to prove it was their doing and not yours. Unless you are a Science Information and Tech graduate with heaps of time and money to do that, or, you prove that there is no other lkely connection between friends and remote aquaintances. For that in itself would involve a fair amount of tracking, or wear the loss of privacy. Or, just delete the account, change your birth name and start again :).
 
Last edited by a moderator:

Mercurygirl

Superior Member
Joined
Mar 4, 2012
Posts
3,528
Media
0
Likes
3,143
Points
148
Location
Island of Misfit Toys
Gender
Female
I don't have a facebook account, everyone has their own ideas on it, personally I have know just as many frienships to come under stress and family 'stickyness' because of it than uncreate problems. I just think it is a pile, it's a big business electronic version big brother. If you are concerned cal, send a email off to facebook themselves expressing your concern. Whether they care, you get an honest response, is another thing.

PS, you would probably have to prove it was their doing and not yours. Unless you are a Science Information and Tech graduate with heaps of time and money to do that, or, you prove that there is no other lkely connection between friends and remote aquaintances. For that in itself would involve a fair amount of tracking, or wear the loss of privacy. Or, just delete the account, change your birth name and start again :).

This.

It the same with Google, I hate those bastards. I'll try to log onto my Youtube account and they make it a point to have me link it to Google. A page will appear asking me to link all my accounts, even wanting phone info, and the only way to get off the page is to backtrack. Even if I refuse, which I have to do every fucking time, if I then use Google suddenly I'm logged in there, and I've never made an account with them. Totally pisses me off.

Listen up dipshits, I DON'T WANT YOU TRACKING WHAT I SEARCH FOR AND THEN LINKING IT TO MY YOUTUBE ACCOUNT! Now all I use is Bing. Through their Big Brother tactics they lost a customer. I think they're a joint company with Yahoo too, not sure? But I've noticed they try and force me to link all these sites together and track everything I do.

I don't have a Facebook account, it's so intrusive. I have little doubt they just added tracking cookies and linked both the author of this thread and his friend to here and then took it upon themselves to link them on Facebook. All this shit should be against the law.
 

aninnymouse

Cherished Member
Gold
Platinum Gold
Joined
Dec 13, 2006
Posts
2,812
Media
0
Likes
349
Points
553
Location
In My Own World
Sexuality
60% Gay, 40% Straight
Gender
Male
There is a way to turn off the tracking on Google, it's in the privacy settings.

ITA on the creepiness, too. What sucks is I'm a professional, trying to find a job, so I need some sort of social networking. Which fucking sucks.

/and people wonder why I'm a technophobe.
 

Guy-jin

Legendary Member
Joined
Oct 1, 2007
Posts
3,836
Media
3
Likes
1,367
Points
333
Location
San Jose (California, United States)
Sexuality
Asexual
Gender
Male
As you've surmised, it's nothing too difficult to figure out--cookies and referrers. And Facebook is far from the only one doing it. Say hello to Google, Amazon and Apple while you're at it. (No really, go ahead and wave, they're watching you right now!)

The only way to keep from having such connections made is to use a private browsing solution. There is a very simple one in Firefox. Before coming to LPSG (or other sites you don't want tracked by anyone), switch to "Private Browsing" mode (in the Tools drop-down). This will leave you logged out of all your normal sites, be absent of any of your typical stored information, and so forth. If you were to go from LPSG to Facebook with Private Browsing on, you would show up logged out of Facebook, killing the referrer problem. It also eliminates data collection by cookies.

By the way, if you're on an iOS or Mac device using Safari, it has the same feature. As does Google Chrome (Incognito mode).

Because I want to maintain my anonymity here, I always log in here using private browsing and I never log into sites like Facebook using the same session that I'm using for LPSG.

You're in a new age, folks. You can run away from useful tools like Twitter, Facebook, Google Plus, iCloud, Amazon, et cetera, or you can learn how to deal with them. I choose the latter. And the solution isn't all that difficult once you know what to do.

Oh, and let me add that I thought upon reading the title that this thread would be about the phenomenon of either men sending dick pics over Facebook or women doing the duck face and taking self-shots with their iPhones.
 
Last edited:

bobg4400

Loved Member
Joined
Jun 11, 2011
Posts
2,718
Media
1
Likes
521
Points
258
Location
UK
Sexuality
99% Straight, 1% Gay
Gender
Male
This.

It the same with Google, I hate those bastards. I'll try to log onto my Youtube account and they make it a point to have me link it to Google. A page will appear asking me to link all my accounts, even wanting phone info, and the only way to get off the page is to backtrack. Even if I refuse, which I have to do every fucking time, if I then use Google suddenly I'm logged in there, and I've never made an account with them. Totally pisses me off.

Listen up dipshits, I DON'T WANT YOU TRACKING WHAT I SEARCH FOR AND THEN LINKING IT TO MY YOUTUBE ACCOUNT! Now all I use is Bing. Through their Big Brother tactics they lost a customer. I think they're a joint company with Yahoo too, not sure? But I've noticed they try and force me to link all these sites together and track everything I do.

I don't have a Facebook account, it's so intrusive. I have little doubt they just added tracking cookies and linked both the author of this thread and his friend to here and then took it upon themselves to link them on Facebook. All this shit should be against the law.


Yeah I dleted my youtube acount after it ketp bugging me to join it with a google account which I would have had to make just for that purpose then got a new gmail account automatically and it was too much crap.

I still have the privacy tracking things on google turned on theough so It doesn't track stuff.

Also funnily enough all that fuss about google's policies being illegal seems to have died down fairly rapidly, although I don't think google actually changed the policies or anything. People just forgot about it. People only seem to care about stuff for a week or two till the next thing pops up. Like kony was all cool ands stuff a coupla weeks ago with everyone 'liking' it and crap but now no-one gives a shit.
 

LittleDicky

LPSG Legend
Joined
Oct 22, 2007
Posts
27,684
Media
0
Likes
273,046
Points
518
Location
New York (United States)
Gender
Male
Does anyone have any idea how Facebook could have made the connection between me and this person?

I don't know if this is the answer; I didn't read this entire thread. There's a lot of info here.

But, when I was on FB very briefly, I saw people listed as "friends" that I had only the vaguest contact with.

As near as I could figure, we had exchanged email in the past, and were in each other's ADDRESS BOOK. That was the common link.

I think there was a button, "search for friends," and I may have clicked it. It must match up what it finds in your address book with addresses in its database.

But, you say something about using different addresses..... I don't know.....
 

Fuzzy_

Legendary Member
Joined
Nov 1, 2011
Posts
4,253
Media
0
Likes
1,105
Points
258
Location
Wuziland
Gender
Male
Here is another trick that is used to add your email address (and possibly your username, date of birth and password) to a site's database.

They will send you an email that has a picture in it. The URL would look like either of these:

http://somesite.com/images/photo1.jpg?b3459

http://somesite.com/images/photo1.jpg#b3459

The "b3459" part is YOUR personal identifier; there is only one per email address. If you click the image, they know exactly who you are when you arrive on their site -- even if your cookies and unnecessary headers are turned off. This is why most webmail systems (hotmail, yahoo mail, etc) turn images off by default.

This information can be used to:
1. Sell your email to a mailing list since they now know that you're a 'clicker'.
2. Identify you even if you try to sneak into a site without cookies/headers.
3. Get your IP address so that they can continue following you throughout their sites, properties and cooperating sites.
4. Add this information to your digital dossier.

If you don't trust a site, don't enable images in your email. Some sites know that people are aware of this, so they trick you with similar domains, such as:

www. support -yahoo.com
www. feedback-hotmail .com
www. yahoo.tech. com

Fight back by:
1. Reporting all junkmail quickly
2. Looking for the last two parts of the url (the 'real' domain). If it doesn't end in "yahoo.com" then it's probably not legit.
3. Reading up on phishing scams.
 
Last edited:

Calboner

Superior Member
Verified
Gold
Joined
Aug 16, 2007
Posts
9,024
Media
29
Likes
7,717
Points
433
Location
USA
Verification
View
Sexuality
100% Straight, 0% Gay
Gender
Male
Thanks for the explanations, Fuzzy.
The "b3459" part is YOUR personal identifier; there is only one per email address. If you click the image, they know exactly who you are when you arrive on their site -- even if your cookies and unnecessary headers are turned off. This is why most webmail systems (hotmail, yahoo mail, etc) turn images off by default.
I'm not sure that clicking on an image--or, for that matter, clicking on an image--is essential. If the message contains a link, even without an image, then clicking on it to go to the site will provide the site with identifying information, won't it? And if the message contains an image hosted on the site but no link, and you merely display the image in your e-mail program without clicking on the link, won't the transmission of the image to your e-mail program provide the site with identifying information? I take that to be the reason why Web mail systems (and some e-mail programs) don't automatically display externally hosted images.

It's funny that 90% of the spam messages that I get look exactly the same on my e-mail program, because it displays them without images, and they all seem to have the same basic format.
Fight back by:
1. Reporting all junkmail quickly
2. Looking for the last two parts of the url (the 'real' domain). If it doesn't end in "yahoo.com" then it's probably not legit.
3. Reading up on phishing scams.
Question on no. 1: "report" to whom?
 

Guy-jin

Legendary Member
Joined
Oct 1, 2007
Posts
3,836
Media
3
Likes
1,367
Points
333
Location
San Jose (California, United States)
Sexuality
Asexual
Gender
Male
Yes, you don't have to click the image for that to happen, which is exactly why most clients won't show images by default.

You can report spam in any major webmail client as well as in local email programs. If you're using IMAP or something similar with your local program, your spam report should flag spam on the webmail client as well.
 

Mercurygirl

Superior Member
Joined
Mar 4, 2012
Posts
3,528
Media
0
Likes
3,143
Points
148
Location
Island of Misfit Toys
Gender
Female
Yeah I dleted my youtube acount after it ketp bugging me to join it with a google account which I would have had to make just for that purpose then got a new gmail account automatically and it was too much crap.

I still have the privacy tracking things on google turned on theough so It doesn't track stuff.

Also funnily enough all that fuss about google's policies being illegal seems to have died down fairly rapidly, although I don't think google actually changed the policies or anything. People just forgot about it. People only seem to care about stuff for a week or two till the next thing pops up. Like kony was all cool ands stuff a coupla weeks ago with everyone 'liking' it and crap but now no-one gives a shit.

Is he same guy behind that who smoked meth/crack and was talking to himself in the street naked?

Yeah, what bothers me with Google is their heavy hand. You'd log into Youtube and they put you on this page to link your accounts with no option to say "no thanks" so instead you had to backtrack to get to youtube. Just total bullshit.
 

Calboner

Superior Member
Verified
Gold
Joined
Aug 16, 2007
Posts
9,024
Media
29
Likes
7,717
Points
433
Location
USA
Verification
View
Sexuality
100% Straight, 0% Gay
Gender
Male
You can report spam in any major webmail client as well as in local email programs. If you're using IMAP or something similar with your local program, your spam report should flag spam on the webmail client as well.
But report to whom? I can designate ("flag") a message as spam, which is supposed to help my e-mail program to identity future spam messages; but to do that is not to report the message to anyone.
 

Fuzzy_

Legendary Member
Joined
Nov 1, 2011
Posts
4,253
Media
0
Likes
1,105
Points
258
Location
Wuziland
Gender
Male
Thanks for the explanations, Fuzzy.

I'm not sure that clicking on an image--or, for that matter, clicking on an image--is essential. If the message contains a link, even without an image, then clicking on it to go to the site will provide the site with identifying information, won't it? And if the message contains an image hosted on the site but no link, and you merely display the image in your e-mail program without clicking on the link, won't the transmission of the image to your e-mail program provide the site with identifying information? I take that to be the reason why Web mail systems (and some e-mail programs) don't automatically display externally hosted images.

It's funny that 90% of the spam messages that I get look exactly the same on my e-mail program, because it displays them without images, and they all seem to have the same basic format.

Yes! Fuzzy neglected to mention that. These days, the images are generally disabled by default. Allowing the images to be opened is pretty much the same as clicking on them as for as identifying who you are through the HTTP GET request. Showing the image identifies who you are. Clicking on it identifies you as a 'clicker', whom advertisers love, and you can expect to get more junk.

People should also remember that clicking the "Unsubscribe" links provided will also identify you as somebody who checks junk mail, and you'll just be added to more lists and get more junk. These people are scum.

Thanks for spotting that, Cal.

Question on no. 1: "report" to whom?

Flag it as spam as fast as you can. A wonderful advantage that large email systems, like Live and Yahoo, have is that they can get a large sample for analyzing collaborative behaviors. They can spot the undesirable sources as soon as enough people flag their messages. They can not only disable that form letter, but also block the source.