robinlinus / socialmedia-leak Goto Github PK

Can you please add Yelp in your list

in my browser i have logged facebook and github both but it is not working.

I have Privacy Badger enabled but I still see Hackernews, Slack, and Dropbox detected (i.e. me being logged in to them). What does this mean?

Firefox tracking protection (in private mode or as an experiment here) helps. At least Twitter is not recognized here.

However it recognizes GitHub, unfortunately.

The link to Privacy Badger on your website is as follows: https://www.google.de/search?q=privacy+badger

People using this link will end up on the German Google Results page showing German results and resulting in links to the Firefox and Chrome extensions to be in German as well.
For example, clicking on the link to the Privacy Badger Extension for Google Chrome from the Google Results page, leads to https://chrome.google.com/webstore/detail/privacy-badger/pkehgijcmpdhfbdbbnkijodmdjhbjlgp?hl=de (notice the ?hl=de on the end).

To improve usability for non-German visitors, I suggest you use the google.com domain which should redirect the user to the correct regional version of Google.

https://github.com/RobinLinus/socialmedia-leak/blob/master/demo.js#L32

👋

You'll get the same response logged in or out now. Thanks for identifying!

Tested with Google (including YouTube), Twitter and Github.

If I allow third-party cookies, it shows that I'm logged in there (which is correct), but if I block third-party cookies it shows none of them. So this might be a way to work-around this too.

I use a combination of:

• uMatrix
• uBlock Origin
• Self-Destructing Cookies
• RequestPolicy Continued
• Cookies Manager+
• Disconnect
• Canvas Fingerprint Blocker

so basically the site doesn't work for me (which is good!) xD

That being said, it's interesting to experiment to see which tools are blocking what tracking methods. I feel like there's a lot of redundancy here - sometimes I can't even figure out what is blocking a specific tracker!

Reddit now show an intermediate html before serving the requested resource.... not sure if was done by accident 🤔🤔 but any way, you get html for fav.ico whether logged in or not.

First thing everybody should do after installing a browser:

Block third party cookies.

Could be mentioned on your website.

It doesn't detect them

When I open Chrome in Incognito Mode, it shows me that I'm logged in to the following services (even though I'm not):

Twitter
Facebook
Google Plus
Reddit
Flickr

When I open Chrome normally, it shows me that I'm logged in to the following services (even though I'm not):

Flickr

It also shows me that I'm not logged in to the following services (even though I am):

Netflix

Maybe they fixed the issue, but Amazon/Netflix do not show up as logged in, even though I am.

would it also be possible to derive for example the Jungian archetypes, the myer-briggs equivalence-class or the big five from such data like you could do 2 Years ago on facebook: http://www.huffingtonpost.com/2014/06/12/facebook-five-labs_n_5485489.html

" 2016/10/07: Instagram removed the favicon from their root domain. They"

They.. what?

I'm not sure if anyone else has this issue, but I have this issue when using Chrome with uMatrix vs when opening up an incognito tab.

Indeed.com is not leaking logged in status.

Would like to see if Yelp has this weakness or not and notify them.

So far, this doesn't seem to work:

{
    domain: "https://www.yelp.com",
    redirect: "/login?return_url=https://www.yelp.com/favicon.ico?hl=en",
    name: "Yelp"
  }

hi, after facebook update they changed urls path, i tried set path to
https://www.facebook.com/login/?next=https://www.facebook.com/favicon.ico#_=_
but it not working, can you help?
if logged in to fb

if not logged in to fb