IS it covered by the ToS?
I see stuff like
Your information is the information thatās required when you sign up for the site, as well as the information you choose to share.
and
Your information also includes the information you choose to share on Facebook, such as when you post a status update, upload a photo, or comment on a friendās story.
but all big with that āchooseā to share language.
Then thereās
We receive data about you whenever you use or are running Facebook, such as when you look at another personās timeline, send or receive a message, search for a friend or a Page, click on, view or otherwise interact with things, use a Facebook mobile app, or make purchases through Facebook.
So, apparently users were supposed to assume that Facebook was gathering info on unpublished posts thanks to that all-encompassing āotherwise interact with thingsā phrase.
Silicon Valley to White House, NSA: āWhat the hell are you doing?ā
[Ars Technica]
Pot, kettle, etc.
This headline is quite misleading. For a small portion of the userbase, Facebook only detect if they self-censor and just transmit that as a yes/no value. They only see metadata, and not the actual contents of the message. You can see this by opening the browser developer tools and watching network traffic.
Have they considered adding passive-aggressive javascript popups that belittle and harass you about what you arenāt sharing, and how you never communicate, and what are you keeping from me?
I figure that, in the brave new world where āsocialā no longer refers to interpersonal connections; but to their exploitation, you might as well cram in as much abuse as possible.
I am General Keith B. Alexander and I approve this message.
I bet they are salivating at the prospect of the kind of marketable data FitBit and other activity trackers generate.
We have your fitness tracker, your food photos, and your schedule of upcoming social events where being as repulsively fat as you are now would be deeply mortifying. Monetization here we come!
Not just social - calendar items ranging from doctorās appointments to personal trainers, events such as marathons, vacationsā¦ combining it with shopper-loyalty grocery/pharmacy programs diet and health data pointsā¦hell, they know the menstrual cycle of most women and can target ads based on that. Geolocation data from iPhone/Android apps allows cross-colonizing data from associates, family, matesā¦ itās endless.
Where does the confirmation that Facebook reads what users type come from?
I canāt see it in the linked article, where Facebook confirms that they tracked any cancellation event after 5 chars had been written. That itself may be not okay, but it is a magnitude less invasive than what has been implied.
By the way, BoingBoing does something similar, when Iām not mistaken. When I abandon this browser window on my Mac Pro and switch to iOS, the current content of the comment magically appears.
Iād love to hear an explanation how this happens without passing this information through servers authorized or even run by Boing Boing, I canāt find anything about this in the FAQ or privacy statement.
Ooooh, lookie hereā¦ HttpScoop tells me that my draft gets sent unencrypted (plain http, unencrypted json) to http://bbs.boingboing.net/draft.json. Wow, Iām so glad that this is totally not monitoring what I do in my browserā¦
There is none because it doesnāt happenā¦ The research paper has all the details.
Grumble. I submitted this story to BB two days ago, sourced from this article:
Rob Beschizza blows goats! Of course BoingBoing would never do such a thing, even if it had the technical capability.
Out of interest, how much would it cost to serve boingboing.net purely over SSL connections?
As far as I know the main cost of HTTPS lies with handshaking, which in a reasonably modern scenario should happen only once for the session. I assume that posting stuff happens within such a session. Iām not that concerned with simple reading, as what articles I read could probably be inferred by any eavesdropper by looking at message lengths or checking what inline images by browser reads.
Err, got derailed. Anyway, such stuff should run on http these days. Note that the eavesdropping attacks against Google and Facebook on their non-https streams took place on connection which where not on the general internet and had some expectation of being secure already . (Kinda like people not wearing clothes within their own walls.)
Peopleā¦ stillā¦ use that junk?
Wait, that thing tracks when Iām walking AND when Iām not?! I only want it to track my actual activity!!!
ROFL. Now THATās funny! Because, āitās_only_ metadataā. And because, FB is like, the grandaddy of all three-hops-and-we-know-what-and-who-you-and-everybody-you-know-had-for-lunch-todayā.
Almost makes you wonder whether FB was the true inspiration for some of these NSA colonics weāre all receiving.
Although, as much as I detest FB (and thatās putting it ridiculously politely), at least joining it is voluntary - even if they do purposely mislead you about the data-mining they use you for. But hey - thatās a lot like NSA-speak, too!
Sorta feels like we should be hearing most any day now that FB is secretly manned by NSA operatives. Or, vice versaā¦I canāt decide.
On my phone when I open fb it has a little popup saying āPOST SOME PHOTOSā. Uhhh ok, just what everybody wants to see, shitty and shaky photos of my school notes and things I couldnāt see under the couch.
Not that Iām suggesting any untoward manoeuvring by @codinghorror and pals but discourse maintains your un-posted comments until specifically cancelled.
Maybe facebook just canāt help it.
Submitted?
You know you can just, like, totally post stuff on the BBS?