permalink

2

Facebook falsely accused of hijacking Links

I just stumbled upon a tweet by Michael Gray who wrote:

Tweet from @graywolf about Facebook hijacking links

If you like Links

Curious as I am, I had to read that article by Adam Singer. In essence, the author complains about Facebook because they are trying him to force an app just to see an article on the Guardian.

Is the Social Network misguiding its users?

This is not correct. Sure, Facebook is clever, but they are not the ones to blame for this link hijacking. At first, Singer seems to get it right:

However, due to how The Guardian has configured their site’s Facebook integration, anyone clicking the link is not taken to the expected URL. Instead a user is taken to this page to authorize use of The Guardian application

But then he repeatedly accuses Facebook of diverting his link:

To access this story elsewhere was ridiculously easier than in Facebook (I originally found it via Twitter). It was just one click, of course. That’s how the web works. But within Facebook’s system and the need to add an application (and share detailed information / yield rights to a third party) this is just obnoxious.

All this does is leaves a bad taste in my mouth and basically motivates me to take my sharing elsewhere. Because who wants to share content in a platform that adds complexity and brings your network to something you did not intend to share?

His last question should rather be: “Because who wants to share content which is on a web site …”

I fired OWASP‘s ZAP Proxy to analyze the HTTP traffic going on between my browser and the internet when I click on a link to a Guardian article on Facebook. And sure enough I saw what I was expecting. The usual forwarding technique as recently analyzed on Google+ is used to forward the user to the Guardian web site.

What happens then is that the Guardian web site checks if the user comes from Facebook using the referer header field and if this is the case the browser is told to redirect to the Guardian’s Facebook app which of course first needs to ask for permission.

Who’s to blame?

Quite clearly this is the Guardian who tries to force its readers into using their Facebook app if they determine a user’s click source is Facebook. Given that their app uses Facebook’s “frictionless sharing” capability which automatically updates a user’s contacts with what she reads this has quite a viral potential. The numbers which are disclosed in a comment to the article by Martin Belam who has worked on the Guardian Facebook app are quite impressive:

Since launch the app has been installed over 4 million times, added about 1m page impressions a day to our traffic, and over 56% of those installations are by people aged 24 and under. They are a demographic that news organisations have found very difficult to reach.

The Guardian seems to have decided that the price they pay, namely annoying readers by hitting them in the face with the question to use their app, is ok to pay for the increasing number of readers and app users.

To be fair, the Guardian only asks once (per browser). If the user indicates she does not want to use the app by clicking ‘Cancel’ the app sets a Cookie called ‘GU_FB’ with a value of ‘false’ and a lifespan of one year.

 

2 Comments

    • Hi Adam,

      thanks for commenting. Yes, I have read Anil’s post but I don’t agree with him. True, Facebook is trying to collect as much data about their users as they legally can – and even more as many European privacy advocates say – and I am about the last to defend them in this area. I even think that some of their recent security measures are actually to defend their tracking mechanisms against some upcoming legislative initiatives. There’s also no denying that Facebook is not unhappy about the Guardian’s move to try to force people to use the app and “frictionless sharing”. But still, it’s the Guardian who has decided to annoy their users this way.

      In some way this is comparable to newspapers blocking their web site from being read by iPhone and iPad users and forcing them to use their paid app. It’s not Apple to blame but the newspaper. One can only hope that people will vote with their mouse and chose other newspapers’ web sites.

Leave a Reply

Required fields are marked *.