I have a Facebook account under a pseudonym. I basically gave them bogus information on every level.
About five years ago my mother passed away. We had been estranged for a very long time and had never interacted at all on the internet. No email. No Facebook. Nothing. But she apparently had a Facebook account. Two years after she died Facebook actually started sending me those "you might know these people" things - and one of those people was actually my mother.
Now aside from getting a friend request from your dead mom, I was absolutely astounded that they were able to make that match. I never once clicked on that link as to never reinforce the information in their algo's. But it was pretty shocking. I'm still not sure how they did it. I mean, if I got locked out of Facebook I wouldn't be able to get back in because I don't remember the information I gave them because it was all wrong.
Subscribe to:
Post Comments (Atom)
Hello She Said and Readers,
ReplyDeleteHope someone else will chime in on this as I can only surmise and am curious. Your Mom knew your secret facebook account? Or you had clicked on an account that she also clicked on?
Jeff
Not possible that she could have known. Only my husband knows the pseudo, and the gender isn't even correct. It's a male pseudo. I had clicked on her wall, but of all the hundreds of people Facebook has suggested to me - she was the only one that was correct hit. None of the people I know in real life or had gone to school with have ever been suggested even though I've hit their walls too. And lots more times.
ReplyDeleteHaving a male pseudo makes me seem secretive, but it's just not that. Millennials like to think they created the internet, but before there were web pages there were "newsgroups". Those of us on the internet early have already made our mistakes with oversharing and had them expunged. In some ways I think this whole Facebook fallout is just the internet growing up.
Facebook "like" button probably got you. Browser Fingerprint, ETag, IP match, many different ways to match you up. See https://market-ticker.org/akcs-www?post=23318 and. https://panopticlick.eff.org/ for a starting point. These algos can match you up on a very few bits of information.
ReplyDeleteBunnyGoat
Baby.....do you really think I'd anonymize myself to that degree and then start liking people on Facebook?
ReplyDeleteOn the Internet, nobody knows that you're really a rubber duck ...
ReplyDeleteExcept apparently Facebook.
Also also wik ...
ReplyDeleteGoogle creeps me out every now and then by showing me pieces of a photo I took as part of its captcha challenge, which makes me wish I'd have restricted reproduction rights for the photo.
Panopticlick generally works for me except that it can't run the browser fingerprinting, which is actually better than what might normally happen.
Because Google's captcha can't figure out much about my browser except what I've allowed my browser to tell it, including a faked-up browser user agent, I generally only would get about two or three shots per day to make snarkoleptic(tm) comments here.
There's a plug-in for browsers called "Privacy Pass" that I'm going to try, mostly because once Google's captcha decides I'm unkosher treyf, this also prevents me from viewing any other site that uses it, including sites that stick Cloudflare up in my face.
This means that if this comment actually works for me today, that's actually doing the job ...
And the verdicts are in: that was just a freak success.
ReplyDelete"Privacy Pass" might work for a few things -- I saw the number of passes go down a few times for a few Web sites, but that didn't happen in places where I would be challenged by Cloudflare's captcha anyway.
Panopticlick's fingerprinting test didn't work because I'd already blocked canvas and audio fingerprinting, and the solution to browser fingerprinting is to install a bunch of add-ons for defense in depth.
Add-ons for Firefox that work together: "AudioContext Fingerprint Defender", "Clear the browsers cache Button" (yes, it's spelled like that), "Canvas Blocker", "Cookie Killer" (with Kill All Cookies menu), "HTTPS Everywhere", "Privacy Badger", "RequestPolicy Continued", "Stop Fingerprinting", "uBlock Origin", and "User Agent Switcher".
After disabling AdBlock Plus because it was getting in the way, I had already set up uBlock Origin with ad blocking and tracking stuff that was already blocking the fingerprinting checks at Panopticlick. I forgot to add individual country-specific blocks for all of the languages that I know, so I went ahead and clicked all of those.
The end result of this is that the Panopticlick fingerprinting test should simply hang and produce no results, which is what I had before, but now I have at least three other layers making sure it doesn't happen at all.
As for getting around the problem with limited posting via Tor, it looks like the solution is to kill the browser after changing the Tor exit node and the browser user agent, after which I can flush the cookies and the cache just to be sure. That gets me at most three or four attempts at making comments anywhere on Blogger, provided that the selected Tor exit node isn't blocked entirely.
Even though this is a major pain in my backside, I'd rather do this than give Google/Blogger, Facebook, and so forth any of my browsing data.
OMG.. so creepy.
ReplyDelete