clock menu more-arrow no yes

Filed under:

Social network login statuses of site visitors revealed by loophole

New, 13 comments

SEO analyst Tom Anthony has worked out a way to show whether or not visitors to his site are logged into Facebook, Twitter, Google+ or Google.

login
login

SEO analyst Tom Anthony has devised a way to work out whether or not visitors to his site are logged into Facebook, Twitter, Google+ or regular Google. Facebook has an API for this, but the trick works with Twitter and Google+ by checking for login redirects. You can try it in your own browser at the link below — the picture above displayed accurate information for your writer, at least. Anthony claims that this is useful for developers as they can decide what networks to support via social media buttons, marketing, or using the services themselves. While this does raise potential privacy concerns, especially if it became applicable to a wider range of sites, it's important to note that no user information is being taken here. If you want to keep your online status a secret, though, Anthony provides links to Firefox and Chrome addons that should block the scripts. Given how easy it appears to have been to exploit the loophole in the first place, it wouldn't be surprising if any of the services in question decided to fix it soon enough.