Website seeing my Facebook data?Are bookmarklets safe with facebook data?Facebook data visibility to admin...
Buying a "Used" Router
How do you get out of your own psychology to write characters?
What game did these black and yellow dice come from?
Does a paladin have to announce that they're using Divine Smite before attacking?
Existence of Riemann surface, holomorphic maps
How can I play a serial killer in a party of good PCs?
Non-Cancer terminal illness that can affect young (age 10-13) girls?
Why is it that Bernie Sanders is always called a "socialist"?
Why did Luke use his left hand to shoot?
What senses are available to a corpse subjected to a Speak with Dead spell?
Eww, those bytes are gross
Can the "Friends" spell be used without making the target hostile?
Why do neural networks need so many training examples to perform?
How to access internet and run apt-get through a middle server?
What's the oldest plausible frozen specimen for a Jurassic Park style story-line?
Why does 0.-5 evaluate to -5?
Why is a temp table a more efficient solution to the Halloween Problem than an eager spool?
Potential client has a problematic employee I can't work with
Calculate of total length of edges in Voronoi diagram
Why does magnet wire need to be insulated?
What's this assembly doing?
Is there a file that always exists and a 'normal' user can't lstat it?
Difference in casting float to int, 32-bit C
In harmony: key or the flow?
Website seeing my Facebook data?
Are bookmarklets safe with facebook data?Facebook data visibility to admin staffFacebook hackerUnsolicited SMS from Facebookfacebook malicious notification 12.12.2015Facebook Chat user's APIHow can Facebook use my Whatsapp data?How did the Facebook Originull vulnerablity of Access-Control-Allow-Origin: null allow cross-origin access?Can Facebook collect data on local network?Facebook sharing data with 3rd party companies
I recently visited opensecrets.org and was surprised to see a message box in the lower right corner of the window asking if I wanted to talk, and displaying my name.
The pop-up says Chat with opensecrets.org in Messenger.
As far as I know, I haven't allowed Facebook to share any data with this site, so how does this website know my name?
New contributor
add a comment |
I recently visited opensecrets.org and was surprised to see a message box in the lower right corner of the window asking if I wanted to talk, and displaying my name.
The pop-up says Chat with opensecrets.org in Messenger.
As far as I know, I haven't allowed Facebook to share any data with this site, so how does this website know my name?
New contributor
Comment: I can't see any message box in any lower-right corner... might it be Firefox's anti-hassle (anti-tracking) feature? :-D
– usr-local-ΕΨΗΕΛΩΝ
4 hours ago
add a comment |
I recently visited opensecrets.org and was surprised to see a message box in the lower right corner of the window asking if I wanted to talk, and displaying my name.
The pop-up says Chat with opensecrets.org in Messenger.
As far as I know, I haven't allowed Facebook to share any data with this site, so how does this website know my name?
New contributor
I recently visited opensecrets.org and was surprised to see a message box in the lower right corner of the window asking if I wanted to talk, and displaying my name.
The pop-up says Chat with opensecrets.org in Messenger.
As far as I know, I haven't allowed Facebook to share any data with this site, so how does this website know my name?
New contributor
New contributor
edited yesterday
schroeder♦
77.1k30170206
77.1k30170206
New contributor
asked yesterday
Bolton BaileyBolton Bailey
19615
19615
New contributor
New contributor
Comment: I can't see any message box in any lower-right corner... might it be Firefox's anti-hassle (anti-tracking) feature? :-D
– usr-local-ΕΨΗΕΛΩΝ
4 hours ago
add a comment |
Comment: I can't see any message box in any lower-right corner... might it be Firefox's anti-hassle (anti-tracking) feature? :-D
– usr-local-ΕΨΗΕΛΩΝ
4 hours ago
Comment: I can't see any message box in any lower-right corner... might it be Firefox's anti-hassle (anti-tracking) feature? :-D
– usr-local-ΕΨΗΕΛΩΝ
4 hours ago
Comment: I can't see any message box in any lower-right corner... might it be Firefox's anti-hassle (anti-tracking) feature? :-D
– usr-local-ΕΨΗΕΛΩΝ
4 hours ago
add a comment |
1 Answer
1
active
oldest
votes
I went on that website and this is what I saw:
They are using the Customer Chat Plugin from Facebook.
They don't know your name, they're just embedding an iframe to allow you to speak with their Facebook page's administrator(s).
Only Facebook knows who you are.
5
@A.Hersean That's really an iframe, so the website can't read the name nor the discussion.
– Benoit Esnard
yesterday
96
"Only Facebook knows who you are." Sounds like a quote from a horror movie.
– Overmind
23 hours ago
4
Maybe a slightly more detailed part to the answer that I think OP is looking for: The website does not know who you are. The website just sends a "facebook thing" to your browser, as part of its webpage. When your page loads in your browser, the "facebook thing", which runs in a facebook domain iframe, accesses your local cookie (which was created by visiting facebook), and uses that cookie to figure out your identity. The original website still has no idea what your identity is, but your local browser page (which is showing a page that once came from the web server) and Facebook does.
– Flater
21 hours ago
13
While this seems like a decent and plausible answer, given Facebook's repeated behavior of sharing data despite have promised to stop, I think the statement "only Facebook knows who you are" is questionable in general. You should assume whatever you put on Facebook will be shared with other companies.
– JimmyJames
19 hours ago
7
@JimmyJames And where are your evidence except "Facebook is sharing data to third-parties in general"? iframes are, by design, unable to access each other as a part of browser security, barring possible 0-days. You've provided nothing but FUD-inducing statement here. If you want to bite at Facebook's shady practices, go do it at places where it actually applies.
– Voile
11 hours ago
|
show 10 more comments
Your Answer
StackExchange.ready(function() {
var channelOptions = {
tags: "".split(" "),
id: "162"
};
initTagRenderer("".split(" "), "".split(" "), channelOptions);
StackExchange.using("externalEditor", function() {
// Have to fire editor after snippets, if snippets enabled
if (StackExchange.settings.snippets.snippetsEnabled) {
StackExchange.using("snippets", function() {
createEditor();
});
}
else {
createEditor();
}
});
function createEditor() {
StackExchange.prepareEditor({
heartbeatType: 'answer',
autoActivateHeartbeat: false,
convertImagesToLinks: false,
noModals: true,
showLowRepImageUploadWarning: true,
reputationToPostImages: null,
bindNavPrevention: true,
postfix: "",
imageUploader: {
brandingHtml: "Powered by u003ca class="icon-imgur-white" href="https://imgur.com/"u003eu003c/au003e",
contentPolicyHtml: "User contributions licensed under u003ca href="https://creativecommons.org/licenses/by-sa/3.0/"u003ecc by-sa 3.0 with attribution requiredu003c/au003e u003ca href="https://stackoverflow.com/legal/content-policy"u003e(content policy)u003c/au003e",
allowUrls: true
},
noCode: true, onDemand: true,
discardSelector: ".discard-answer"
,immediatelyShowMarkdownHelp:true
});
}
});
Bolton Bailey is a new contributor. Be nice, and check out our Code of Conduct.
Sign up or log in
StackExchange.ready(function () {
StackExchange.helpers.onClickDraftSave('#login-link');
});
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Required, but never shown
StackExchange.ready(
function () {
StackExchange.openid.initPostLogin('.new-post-login', 'https%3a%2f%2fsecurity.stackexchange.com%2fquestions%2f204218%2fwebsite-seeing-my-facebook-data%23new-answer', 'question_page');
}
);
Post as a guest
Required, but never shown
1 Answer
1
active
oldest
votes
1 Answer
1
active
oldest
votes
active
oldest
votes
active
oldest
votes
I went on that website and this is what I saw:
They are using the Customer Chat Plugin from Facebook.
They don't know your name, they're just embedding an iframe to allow you to speak with their Facebook page's administrator(s).
Only Facebook knows who you are.
5
@A.Hersean That's really an iframe, so the website can't read the name nor the discussion.
– Benoit Esnard
yesterday
96
"Only Facebook knows who you are." Sounds like a quote from a horror movie.
– Overmind
23 hours ago
4
Maybe a slightly more detailed part to the answer that I think OP is looking for: The website does not know who you are. The website just sends a "facebook thing" to your browser, as part of its webpage. When your page loads in your browser, the "facebook thing", which runs in a facebook domain iframe, accesses your local cookie (which was created by visiting facebook), and uses that cookie to figure out your identity. The original website still has no idea what your identity is, but your local browser page (which is showing a page that once came from the web server) and Facebook does.
– Flater
21 hours ago
13
While this seems like a decent and plausible answer, given Facebook's repeated behavior of sharing data despite have promised to stop, I think the statement "only Facebook knows who you are" is questionable in general. You should assume whatever you put on Facebook will be shared with other companies.
– JimmyJames
19 hours ago
7
@JimmyJames And where are your evidence except "Facebook is sharing data to third-parties in general"? iframes are, by design, unable to access each other as a part of browser security, barring possible 0-days. You've provided nothing but FUD-inducing statement here. If you want to bite at Facebook's shady practices, go do it at places where it actually applies.
– Voile
11 hours ago
|
show 10 more comments
I went on that website and this is what I saw:
They are using the Customer Chat Plugin from Facebook.
They don't know your name, they're just embedding an iframe to allow you to speak with their Facebook page's administrator(s).
Only Facebook knows who you are.
5
@A.Hersean That's really an iframe, so the website can't read the name nor the discussion.
– Benoit Esnard
yesterday
96
"Only Facebook knows who you are." Sounds like a quote from a horror movie.
– Overmind
23 hours ago
4
Maybe a slightly more detailed part to the answer that I think OP is looking for: The website does not know who you are. The website just sends a "facebook thing" to your browser, as part of its webpage. When your page loads in your browser, the "facebook thing", which runs in a facebook domain iframe, accesses your local cookie (which was created by visiting facebook), and uses that cookie to figure out your identity. The original website still has no idea what your identity is, but your local browser page (which is showing a page that once came from the web server) and Facebook does.
– Flater
21 hours ago
13
While this seems like a decent and plausible answer, given Facebook's repeated behavior of sharing data despite have promised to stop, I think the statement "only Facebook knows who you are" is questionable in general. You should assume whatever you put on Facebook will be shared with other companies.
– JimmyJames
19 hours ago
7
@JimmyJames And where are your evidence except "Facebook is sharing data to third-parties in general"? iframes are, by design, unable to access each other as a part of browser security, barring possible 0-days. You've provided nothing but FUD-inducing statement here. If you want to bite at Facebook's shady practices, go do it at places where it actually applies.
– Voile
11 hours ago
|
show 10 more comments
I went on that website and this is what I saw:
They are using the Customer Chat Plugin from Facebook.
They don't know your name, they're just embedding an iframe to allow you to speak with their Facebook page's administrator(s).
Only Facebook knows who you are.
I went on that website and this is what I saw:
They are using the Customer Chat Plugin from Facebook.
They don't know your name, they're just embedding an iframe to allow you to speak with their Facebook page's administrator(s).
Only Facebook knows who you are.
answered yesterday
Benoit EsnardBenoit Esnard
7,75444251
7,75444251
5
@A.Hersean That's really an iframe, so the website can't read the name nor the discussion.
– Benoit Esnard
yesterday
96
"Only Facebook knows who you are." Sounds like a quote from a horror movie.
– Overmind
23 hours ago
4
Maybe a slightly more detailed part to the answer that I think OP is looking for: The website does not know who you are. The website just sends a "facebook thing" to your browser, as part of its webpage. When your page loads in your browser, the "facebook thing", which runs in a facebook domain iframe, accesses your local cookie (which was created by visiting facebook), and uses that cookie to figure out your identity. The original website still has no idea what your identity is, but your local browser page (which is showing a page that once came from the web server) and Facebook does.
– Flater
21 hours ago
13
While this seems like a decent and plausible answer, given Facebook's repeated behavior of sharing data despite have promised to stop, I think the statement "only Facebook knows who you are" is questionable in general. You should assume whatever you put on Facebook will be shared with other companies.
– JimmyJames
19 hours ago
7
@JimmyJames And where are your evidence except "Facebook is sharing data to third-parties in general"? iframes are, by design, unable to access each other as a part of browser security, barring possible 0-days. You've provided nothing but FUD-inducing statement here. If you want to bite at Facebook's shady practices, go do it at places where it actually applies.
– Voile
11 hours ago
|
show 10 more comments
5
@A.Hersean That's really an iframe, so the website can't read the name nor the discussion.
– Benoit Esnard
yesterday
96
"Only Facebook knows who you are." Sounds like a quote from a horror movie.
– Overmind
23 hours ago
4
Maybe a slightly more detailed part to the answer that I think OP is looking for: The website does not know who you are. The website just sends a "facebook thing" to your browser, as part of its webpage. When your page loads in your browser, the "facebook thing", which runs in a facebook domain iframe, accesses your local cookie (which was created by visiting facebook), and uses that cookie to figure out your identity. The original website still has no idea what your identity is, but your local browser page (which is showing a page that once came from the web server) and Facebook does.
– Flater
21 hours ago
13
While this seems like a decent and plausible answer, given Facebook's repeated behavior of sharing data despite have promised to stop, I think the statement "only Facebook knows who you are" is questionable in general. You should assume whatever you put on Facebook will be shared with other companies.
– JimmyJames
19 hours ago
7
@JimmyJames And where are your evidence except "Facebook is sharing data to third-parties in general"? iframes are, by design, unable to access each other as a part of browser security, barring possible 0-days. You've provided nothing but FUD-inducing statement here. If you want to bite at Facebook's shady practices, go do it at places where it actually applies.
– Voile
11 hours ago
5
5
@A.Hersean That's really an iframe, so the website can't read the name nor the discussion.
– Benoit Esnard
yesterday
@A.Hersean That's really an iframe, so the website can't read the name nor the discussion.
– Benoit Esnard
yesterday
96
96
"Only Facebook knows who you are." Sounds like a quote from a horror movie.
– Overmind
23 hours ago
"Only Facebook knows who you are." Sounds like a quote from a horror movie.
– Overmind
23 hours ago
4
4
Maybe a slightly more detailed part to the answer that I think OP is looking for: The website does not know who you are. The website just sends a "facebook thing" to your browser, as part of its webpage. When your page loads in your browser, the "facebook thing", which runs in a facebook domain iframe, accesses your local cookie (which was created by visiting facebook), and uses that cookie to figure out your identity. The original website still has no idea what your identity is, but your local browser page (which is showing a page that once came from the web server) and Facebook does.
– Flater
21 hours ago
Maybe a slightly more detailed part to the answer that I think OP is looking for: The website does not know who you are. The website just sends a "facebook thing" to your browser, as part of its webpage. When your page loads in your browser, the "facebook thing", which runs in a facebook domain iframe, accesses your local cookie (which was created by visiting facebook), and uses that cookie to figure out your identity. The original website still has no idea what your identity is, but your local browser page (which is showing a page that once came from the web server) and Facebook does.
– Flater
21 hours ago
13
13
While this seems like a decent and plausible answer, given Facebook's repeated behavior of sharing data despite have promised to stop, I think the statement "only Facebook knows who you are" is questionable in general. You should assume whatever you put on Facebook will be shared with other companies.
– JimmyJames
19 hours ago
While this seems like a decent and plausible answer, given Facebook's repeated behavior of sharing data despite have promised to stop, I think the statement "only Facebook knows who you are" is questionable in general. You should assume whatever you put on Facebook will be shared with other companies.
– JimmyJames
19 hours ago
7
7
@JimmyJames And where are your evidence except "Facebook is sharing data to third-parties in general"? iframes are, by design, unable to access each other as a part of browser security, barring possible 0-days. You've provided nothing but FUD-inducing statement here. If you want to bite at Facebook's shady practices, go do it at places where it actually applies.
– Voile
11 hours ago
@JimmyJames And where are your evidence except "Facebook is sharing data to third-parties in general"? iframes are, by design, unable to access each other as a part of browser security, barring possible 0-days. You've provided nothing but FUD-inducing statement here. If you want to bite at Facebook's shady practices, go do it at places where it actually applies.
– Voile
11 hours ago
|
show 10 more comments
Bolton Bailey is a new contributor. Be nice, and check out our Code of Conduct.
Bolton Bailey is a new contributor. Be nice, and check out our Code of Conduct.
Bolton Bailey is a new contributor. Be nice, and check out our Code of Conduct.
Bolton Bailey is a new contributor. Be nice, and check out our Code of Conduct.
Thanks for contributing an answer to Information Security Stack Exchange!
- Please be sure to answer the question. Provide details and share your research!
But avoid …
- Asking for help, clarification, or responding to other answers.
- Making statements based on opinion; back them up with references or personal experience.
To learn more, see our tips on writing great answers.
Sign up or log in
StackExchange.ready(function () {
StackExchange.helpers.onClickDraftSave('#login-link');
});
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Required, but never shown
StackExchange.ready(
function () {
StackExchange.openid.initPostLogin('.new-post-login', 'https%3a%2f%2fsecurity.stackexchange.com%2fquestions%2f204218%2fwebsite-seeing-my-facebook-data%23new-answer', 'question_page');
}
);
Post as a guest
Required, but never shown
Sign up or log in
StackExchange.ready(function () {
StackExchange.helpers.onClickDraftSave('#login-link');
});
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Required, but never shown
Sign up or log in
StackExchange.ready(function () {
StackExchange.helpers.onClickDraftSave('#login-link');
});
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Required, but never shown
Sign up or log in
StackExchange.ready(function () {
StackExchange.helpers.onClickDraftSave('#login-link');
});
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Comment: I can't see any message box in any lower-right corner... might it be Firefox's anti-hassle (anti-tracking) feature? :-D
– usr-local-ΕΨΗΕΛΩΝ
4 hours ago