Facebook cookie issue now fixed

Social network has taken quick action to stamp out the "bug"
Kerry Butters

September 29, 2011

On Monday, we reported that Facebook continued to track user’s movements online after logout, according to blogger Nik Cubrilovic.

The issue seems to have caused quite a stir at Facebook and they now appear to have ‘fixed’ the problem, Nik writes, in an update to the blog.

He says that “over the course of the last 48 hours” he has been in “constant contact with Facebook on working out solutions.”

This has led to the social media giant making changes, which they have explained to Nik in detail.

Whilst Nik goes into a fair amount of technical detail in the blog, the upshot of his work with Facebook is that the logout issue has now been dealt with and users are no longer tracked.

Facebook themselves say that there was “a bug” which meant that user IDs were not being destroyed, as they should be, on logout.

However, this leaves other cookies still present, which are designed for various things such as helping the site “identify suspicious login activity like failed login attempts and keep users safe.”

These are also used to flag behaviour, such as when a spammer creates multiple accounts, and repeated failed login attempts.

Another cookie that remains is intended to protect users who access the site via a public computer, which was one of Nik’s main concerns in the first blog. This will ensure the “keep me logged in” option will be unchecked if it’s found that multiple users are using the same PC.

“These cookies, by the very purpose they serve, uniquely identify the browser being used - even after logout. As a user, you have to take Facebook at their word that the purpose of these cookies is only for what is being described,” Facebook told Nik.

It seems that the other cookies that remain “are not very interesting”, being used mainly for things like browser language and timestamps.

Nik advises users to continue to clear cookies after a session even though the problem has been fixed to his satisfaction.

He noted: “I believe Facebook when they describe what these cookies are used for, but that is not a reason to be complacent on privacy issues and to take initiative in remaining safe.”


Post a comment

Your email address will not be published. Required fields are marked *

Visited 2467 times, 1 so far today