Two days ago, security researcher Nik Cubrilovic brought it to the Internet’s attention that Facebook installed cookies on users’ computers that continued to track their movements around the web even after they logged out of the social network. Today, Facebook has said that they have changed the behavior of those aforementioned cookies.
The cookie with which Cubrilovic took issue is called “a_user,” which communicated the user’s ID and persisted after logout. This cookie is now destroyed upon logout, which Facebook described as a bug fix. Though other cookies will continue to exist after logout, this was the cookie of primary interest to Cubrilovic. The other continuing cookies are associated with security, localization, and anti-spam functions and will continue functioning as before.
There’s a breakdown of the cookies’ function over on Cubrilovic’s blog.
Published: Sep 27, 2011 03:31 pm