Snooping The Words You Type
In July 2012, a pair of researchers sampled data from 5 million Facebook users in America and the United Kingdom. What were they looking for? Self-censorship. More specifically, they wanted to know how often users would start writing a post but end up deleting it before it was actually posted.
It was possible to track keystrokes and content. They just chose not to.
Tracking Your Browsing Habits
Cookies are persistent, meaning they continue to exist even after you leave the webpage or close your browser (unless they expire or you delete them manually). Do you see the growing problem? If a cookie persists from webpage to webpage, it’s possible for a company to see which websites you visit.
Just to be clear, you don’t need to click the button for it to track you. The act of loading is enough for these share widgets to gather data on you.
That being said, social share buttons are just one of many ways companies can track your browsing habits. Other examples include online dating profiles, Disqus comments, and websites that use Google’s free web fonts.
Malicious Code Injection
If this happens on a website that handles sensitive user information, such as financial data, the malicious code could potentially snoop and steal that information. Taken one step further, XSS can be used to proliferate viruses and malware, which is what happened when Twitter was infected with the StalkDaily worm.
Ultimately, the responsibility rests with web developers to make sure their websites are clean and secure. As an end user, however, you should always keep your browsers up to date and regularly scan for malware.
Here’s what to do in case you do find malware on your system.