Hacker Newsnew | past | comments | ask | show | jobs | submitlogin

Speaking of Scribd. I didn't know they have a paywall so I decided to check how it works and BAM, they logged me in using my Facebook account immediately!.

I need a separate browser just for facebook.



Just two days ago when I decided to clean up Facebook applications, I found that I have apparently authorized Scribd to access my data 6 months ago. I never used scribd, and I am very sure I didn't authorize it consciously - there it was in my Facebook applications! Very strange.


I too went through my Facebook applications recently and there was a ton of stuff in there I never intended to authorize. Using a separate browser for Facebook sounds like a great idea.


If you use chrome, you can use an incognito window (ctrl+shift+n). You can also disable third-party cookies (just remember to delete current facebook cookies). Since iOS devices block third party cookies, most sites that wouldn't work with them enabled now do. If you use chrome, you can also disable them from being read (in about:flags). Chrome will also show an icon in the urlbar if a site wants to set third party cookies, so you can enable them for specific sites (it also has the same behaviour for blocked javascript and plugins).

The other option is to totally disable platform apps, in the privacy, applications menu. This will mean you can never log into an external site, but it also means that you can't have any applications. I would do it myself if I didn't use a third-party android application, that requires a facebook app for interaction


This is worrisome. Along with my sibling commentors on this thread, I am seeing a bunch of stuff in here I am fairly sure I never authorized - all with the same date range "more than 6 months ago". I wonder if Facebook did some kind of mass update to all of its old oAuth tokens to make them all accepted, even if we had never actually confirmed them via the dialog?


Exactly the same here. Never authorized sribd, and bam it's there on my list. Creepy.


Facebook disconnect is a worthwhile extension if you're using Chrome. There is a FF equivalent as well.


This so very much. Although I'd like one that does the same to twitter and G+ buttons...maybe I should take a look through the code for Facebook Disconnect and do it myself...


Take a look at Ghostery or Disconnect.


That's what I usually do. I normally use Firefox, but I use Chrome for Google logins and Opera for Facebook logins.


I would like Opera's style better. Private tab in same window.


If you're on Firefox, just install NoScript.




Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: