Hacker News new | past | comments | ask | show | jobs | submit login
Google Engineer Builds Facebook Disconnect (techcrunch.com)
135 points by bwaldorf on Oct 20, 2010 | hide | past | favorite | 50 comments



You know you're heading down a rocky road when third parties are creating your app's privacy functionality.


s/third parties/Google/

(I realise this isn't an official Google product)


You can use FacebookBlocker to accomplish the same thing with extensions for Firefox, Safari, and Chrome:

http://webgraph.com/resources/facebookblocker/


A browser extension to block a single service?

Use a general "browser firewall" and add http://*.connect.facebook.*/* to the list of blocked urls...


The browser extension is useful, even more so for non-technical people: you click a button and it's installed.


How many non-technical people do you know that use Chrome as their primary browser?

I ask this because while I know plenty of tech savvy people that use Firefox, I'm in the minority on the Chrome/Chromium front amongst them, and I don't know a single non-technical person who uses Chrome.


I know quite a few non-technical person who use Chrome. I cannot guarantee that they know how to install an extension though. Most of the non-tech people uses internet primarily for FaceBook and they shouldn't be concerned when they see their FaceBook on say, CNN.com.


Installing this extension is as easy as clicking the big Install button on its page and then click Install when Chrome asks you whether you really want to install the extension.


You still need to go to Chrome extension website right? It's not that when you go to a website that has FB connect, the Chrome asks if you want to block it or not. That would be effective though.


FWIW, you do not need to go the Chrome extension website to install an extension. It can be hosted by a 3rd party via a simple link on any website.


Yes, I get your point, but if you take an example of CNN, they are not going to have a link to disable FB Connect.


Right. But they aren't going to have an explanation on how to block FB connect with your firewall, so it's not really a disadvantage of an extension.


I'd imagine that facebook would not be pleased ;)


I imagine there's plenty, since they've been running ads on Hulu, and possibly TV as well. They also have ads for it on the google homepage and youtube ('watch in a better browser' or something like that)


I prefer browser extension. Its much easier for general public and you don't need to restart the browser, now that's convenient.


Direct link to the Chrome extension: https://chrome.google.com/extensions/detail/ejpepffjfmamnamb...

It is a bit odd to blame this on Google unless the guy created it at work. From the page: "the work here is entirely my own and in no way endorsed by Google."

edit: disclaimer is on the actual download page!


Of course one should be 'worried' about privacy with his/her data on facebook, but i don't think one should care less with the information google has about a huge amount of people.

Just as a reminder: they know what you look for on the web (google itself), they know what you talk to your friends (gtalk), they know what you get via email (gmail), they know what videos you watch to (on youtube) and they now even have a browser which is being adopted by a lot of people pretty fast.

Maybe one does not use all those services but many people do, and depending on how you look at it, probably google has a lot of more 'private' information about one's life than facebook.

That, of course, doesn't mean 'FB disconnect' is a bad idea. It's just that i get 'scared' when someone who know a lot about you (google in this case) build something trying to look as they 'protect your privacy'... (i also keep in mind that google is not prone to providing data about users, but they have the ability to)


Do note this was neither sanctioned nor designed by Google. The guy who built it just happens to work there.


Even before Chrome, they know what you read on a very wide cross-section of the web, too, thanks to the AdSense pixel.


Why is it bad if google or facebook know a lot about people? Can you give me some examples?


Pooling all of that information into one place is begging for it to be abused. Would you still be asking the same question if it was s/Facebook/NSA/g or s/Google/FBI/g or even s/Google/KGB/g? Once all of this information is in place how hard do you think it will be for such organizations to get access to it? Just because the 'big bad guberment' isn't the one doing the collecting doesn't mean that the information cannot be abused internally, or externally to the company compiling it.


Usually these discussions sound like some people are worried that the corporations themselves will do something bad with the data (sell you more stuff you like !gasp!).

Government misusing data is the only thing I could think of. But what's the evidence for that fear? If the organisations you mention wanted to go after people, can't they already do so?

With this kind of reasoning, the internet itself should qualify as a huge setback to privacy. The point is that the advantages far outweigh the disadvantages.


Maybe a Facebook engineer will make "Google disconnect" now?


I disabled my FB account back in May, but I'd find it quite difficult to do without all the Google services I use. Google Reader in particular.


I'm hoping a Facebook engineer designs something similar for Google's privacy issues...


An Adwords blocker for Chrome?

An tool which automatically logs you into Facebook when presented with a choice of OpenIDs which includes Google's?


I do something similar with adblock filters. I don't use Facebook, so I have no privacy issue with connect, but it does improve load/render times by multiple seconds.


I too don't have a facebook account and the worst issue with Facebook connect is, its login box steals keyboard focus and completely annoys my browsing experience.

I hope he releases this as Firefox extension too.



Would you mind sharing? Sounds useful.


I block the following:

static.ak.fbcdn.net

||connect.facebook.net^

*.facebook.com

Among a bunch of others, but these are the FB-related ones.


Thanks.


What's interesting to me is that this is done in Chrome, which has given eg, Adblock some trouble since it does not really allow extensions to change the page content, only hide parts of it. Would be interested in a technical look at how it's managing to filter out the facebook bugs given that limitation -- or has Chrome been updated to give extensions more power?


knowing nothing else about chrome extension development:

Rapportive appears to modify page content in chrome


I do this system-wide on OSX via Glimmer Blocker (http://glimmerblocker.org/) using a modified version of the Facebook Like filter on their wiki (http://glimmerblocker.org/wiki/Filters). Has a nice bonus of speeding up page load as well.


Can't this be blocked on a FB level already? I don't see those "FB Connect" boxes anymore. To be honest, I cannot even remember what setting I changed in FB, but it seems to work. (I also have disabled applications and not sure if this makes a difference but I use Adblock Plus as well.)


This cannot be good for Google. If I was an exec at Google I would be very nervous about this. This is a good excuse and opportunity for people to start writing more ad blocking plugins. I am sure Google would not want that.


It's a blessing for people like me who see the 'you are not authorized to visit this site and will be reported' kind of message on your office computer.


another great extension for improving sanity and privacy on facebook is f.b purity. The app blocking functionality, helps protect your privacy from all those spammy quiz and game applications that appear in your newsfeed http://www.fbpurity.com


Come on, we already have a perfectly good protocol for this, OpenID. It's unfortunate how big companies try to lock users in their own authentication services rather than educate them about OpenID (although I think the new JanRain widgets turn OpenID into a "Connect with X" service, which is great).


OpenID is not a perfectly good protocol. It is a total mess. Implementing it is an exercise in pulling teeth. Every major implementation was vulnerable to a timing attack until recently, which severely compromised the security of both sites which actually accept OpenID. The user experience is an abomination which requires users understand concepts which strike them like ancient Aramaic. Half of the spec, which you have to implement, is devoted to requirements put there for ideological reasons which no user is actually interested in (delegation). The core use case -- that any site on the website can ask for your holiest of holy credentials and you should just give them out -- appears to be the world's most widespread phishing attack, organized by sleeper agents planted on the spec committee whose dark masters tasked them with undermining everything we have ever taught users about password security.


Delegation is of great interest to anyone who runs their own web site but prefers to not run their own openid server.

(Won't touch the other trolling.)


Yes, but isn't the core use case the same with any third party identification service, such as Facebook Connect or MS Passport or whatever?


Unfortunately, OpenId is too complicated for most folks. paste in your url? c'mon. Even Brad Fitzpatrick realizes this:

http://code.google.com/p/webfinger/

"People have been trying to use URLs as identifiers for people (as OpenID does), as it has great readability/discoverability properties, but this effort has largely failed because of UI/UX design failings, user confusion about URLs, etc."


You don't have to, there are widgets you can use where you just select your provider and enter your username, and everything's done.


good point, looks like stack overflow does this pretty well. there's also https://www.idselector.com and http://wiki.openid.net/Gallery


OpenID integration doesn't create an easy way for end users to share their likes with hundreds of Facebook friends who read newsfeeds on a daily basis, or tell you that 30 of your friends have become members. Love it or loathe it, there's a big value-add for marketers (and depending on the application, possibly also end-users) to Facebook Connect over a simple universal authentication system.

As others have pointed out, OpenID isn't even better than Facebook at what it specialises in: at best OpenID asks the user to remember whether they signed up with their Yahoo ID or their Gmail one and at worst to read a third-party FAQ just to figure out how to log in. Facebook Connect is a big blue button with a recognisable brand, and you're quite possibly already logged in.

If only their API wasn't such a piece of shit...


It's too bad OpenID isn't cool. The Social Network movie is just going to exacerbate people's infatuation with Facebook and social networking in my opinion. This will lead to the common person being even more accepting of Facebook becoming ubiquitous across the internet. The side benefit of the movie though is that I am finding girls are much more into me talking about working as programmer at the bar...


Yeah, I think that's its biggest "failure". Facebook is something everyone knows, so they think "oh, Connect button, cool". It's a shame, really.

Unless someone writes a Facebook <-> OpenID bridge, anyway.


If you are that worried about Facebook privacy, just create a fake account and stuff it with fake data on your fake persona. This way, not only you will be expressing your disdain for Facebook's lack of privacy, you'll also be saying to Facebook: I don't like you but I use you ;-)

Or better yet, use OpenID.




Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: