Facebook pixel and VPN providers

Discussion in 'privacy general' started by sukarof, Apr 21, 2018.

  1. sukarof

    sukarof Registered Member

    Joined:
    Jun 22, 2004
    Posts:
    1,885
    Location:
    Stockholm Sweden
    Scroll down to see which VPNs has (or had) this tracking pixel. Some of them removed it as soon as VPN-Mentor contacted them. Well done! But a little worrying, I mean, if they claim to take privacy seriously, that they used it in the first place... Or maybe they didnt realize?

    https://www.vpnmentor.com/blog/report-vpns-share-data-users-facebook/
     
  2. aih

    aih Registered Member

    Joined:
    Jan 31, 2010
    Posts:
    31
    And the hits just keep coming

    Thanks for posting. VPN I use isn't identified as using the tracker, but I think this shows of the many ways we know Facebook is hoovering personal data even on non-users, it is likely there are many more ways we don't yet have any idea about.
     
  3. mirimir

    mirimir Registered Member

    Joined:
    Oct 1, 2011
    Posts:
    9,252
    None of the ones that I've recommended used this. Not even PIA ;)

    And no surprise that HMA does. But I was a little surprised at some who did.
     
  4. Rasheed187

    Rasheed187 Registered Member

    Joined:
    Jul 10, 2004
    Posts:
    14,789
    Location:
    The Netherlands
    This FB pixel is being blocked by uBlock and Ghostery right?
     
  5. DrearyMushroom

    DrearyMushroom Registered Member

    Joined:
    Sep 9, 2017
    Posts:
    27
    Location:
    The Internet
    No, not by default. Blocking the Facebook Pixel would also disable the Facebook social share button on sites and also remove the ability to login to websites using Facebook. You can go ahead and block connect.facebook.com to block it.
     
  6. Tinstaafl

    Tinstaafl Registered Member

    Joined:
    Jul 30, 2015
    Posts:
    884
    Location:
    USA
    After reading the article, it appears that the damage to privacy seems limited to the fact that the Pixel shows you have visited a VPN home page. So that may profile you as a potential VPN user. That could be worrisome for some, and I would hope these services figure out that they need to stop doing this!

    But it is not collecting any data that you are actually using one, or how and when you do. Most VPNs do not require you to sign into their web page to launch a VPN connection. That is usually handled by a local application running on your PC
     
  7. mirimir

    mirimir Registered Member

    Joined:
    Oct 1, 2011
    Posts:
    9,252
    Yeah, but having a VPN website tell Facebook that you've viewed it is at least ironic, no?
     
  8. Tinstaafl

    Tinstaafl Registered Member

    Joined:
    Jul 30, 2015
    Posts:
    884
    Location:
    USA
    Ironic yes. Surprising, no.

    They definitely shouldn't be doing that! But I was just pondering the extent of the real exposure when they do that. Don't think they know "who" I am. So what are they actually telling Facebook?

    So when I visited that hypothetical VPN website that uses a Facebook pixel, not sure they could correlate me (whoever they think I am) to a Facebook account, without any personally identifiable info. I never use Facebook account credentials to login to any 3rd party sites. Also log out of Facebook unless I am actually using it, and avoid surfing other sites while logged in.
     
  9. Minimalist

    Minimalist Registered Member

    Joined:
    Jan 6, 2014
    Posts:
    14,441
    Location:
    Slovenia
    AFAIK Facebook is tracking you even if you're not logged in and even if you don't have profile. Their ad network uses same tricks as others and don't rely only on user's profile for "identification".
     
  10. Tinstaafl

    Tinstaafl Registered Member

    Joined:
    Jul 30, 2015
    Posts:
    884
    Location:
    USA
    I don't believe they can, without an IP address, a tracking cookie, or a browser fingerprint of some sort. And I take measures to prevent that.

    Then they would need to correlate those tracks with some sort of personally identifiable information in a database, to profile "you".

    Total FUD.
     
  11. Minimalist

    Minimalist Registered Member

    Joined:
    Jan 6, 2014
    Posts:
    14,441
    Location:
    Slovenia
    Yes but most users don't. When a "regular" user visits VPN provider's website, they probably don't use VPN, but are looking for one, so we can assume that their IP addresses are exposed...
    Personally I agree with author and think that VPN providers shouldn't allow trackers to use their site to track potential customers. At least providers that charge for their service.
     
  12. Tinstaafl

    Tinstaafl Registered Member

    Joined:
    Jul 30, 2015
    Posts:
    884
    Location:
    USA
    I am in agreement that VPN providers should NOT be supporting this tracking. Extreme irony!

    So in the case of "regular" users, there is probably a lot of other personal data that they are unknowingly shoveling into the "big data" warehouses, along with all of their social media connections.

    Bottom line is data collectors can only collect and correlate the data that you have already made available, knowingly or unknowingly. Knowledge and education about online privacy is essential, because big brother will never protect us from ourselves. But it seems more and more people could care less about these things today. And I think that many large companies are leaping on that apathy to make a buck.

    So a little pressure in the form of shame on those that collect data without full disclosure is a good thing for us all!
     
  13. Stefan Froberg

    Stefan Froberg Registered Member

    Joined:
    Jul 30, 2014
    Posts:
    747
    Not necessarily FUD.

    It's possible to collect all the various little technical things that your browser and OS sends (not to mention some ***** that actually make it even easier, anyone remember how Verizon slapped extra HTTP header, X-UIDH to each subscriber connection to make them uniquely identifiable and free game for advertisers?).

    That will give them general info (like where you from, your language etc...).

    And if you ever did actually use the same setup to fill some form that needed your specific information (name, age etc..) then there is a chance, (ofc depending of the site visited) that your real info could leak and then could be correlated to all the previously stored general info.

    So it's a really nasty ugly place there in the wild web. And the best defences are like always:
    - VPN/Tor/Proxy (or even better proxychain)
    - Privacy respecting browser
    - encryption encryption encryption!
     
  14. MisterB

    MisterB Registered Member

    Joined:
    May 31, 2013
    Posts:
    1,251
    Location:
    Southern Rocky Mountains USA
    Interesting list. None of the VPNs I use are on it but it is full of the ones that are always offering cheap subscriptions on 3rd party sites.

    Compartmentalizing Facebook from VPN usage should be an obvious security and privacy precaution. I don't go as far as Mirirmir but I do have Facebook on a separate computer that only uses the ISP IP. All VPN usage occurs on different systems that are on different VLANs. Each VLAN connects to a different VPN server.

    With Facebook itself, I further limit it by giving it its own browser with ScriptBlock and uMatrix. I can seriously tweak it by allowing and blocking domains and subdomains. All ads are blocked, of course. That tames it down quite a bit. Technology can only go so far, you still have to be extremely careful with what information you put on Facebook. If there's nothing there, there's nothing to find.
     
  15. mirimir

    mirimir Registered Member

    Joined:
    Oct 1, 2011
    Posts:
    9,252
    Yeah, that's the main thing. Keep all of your real-name stuff compartmentalized from stuff that you want kept private. And better, have at least three compartments: 1) public, social media, etc; 2) private banking etc; and 3) private using VPNs etc.
     
  16. MisterB

    MisterB Registered Member

    Joined:
    May 31, 2013
    Posts:
    1,251
    Location:
    Southern Rocky Mountains USA
    Yes, the basic paradigm is first person private, first person public, third person private and third person public. Third person public would be MisterB here on Wilders, for example. A different public persona than others I use on other forums. Third person private would be doing anonymous research on systems where no logins are done or done with disposable identities. I don't even come up with the names for those, they are completely random, usually whatever name a disposable email service provides. There is no persona, just a pair of eyes and ears.
     
  17. mirimir

    mirimir Registered Member

    Joined:
    Oct 1, 2011
    Posts:
    9,252
  18. Rasheed187

    Rasheed187 Registered Member

    Joined:
    Jul 10, 2004
    Posts:
    14,789
    Location:
    The Netherlands
    I do believe that Ghostery blocks the FB buttons if you configure it to block everything. With uBlock I'm not always sure.
     
  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.