Facebook UNVEILS VEIL for 'anonymous' logins

New, granular permissions give users line-item veto


If you've ever been hesitant to login to an app or website using your Facebook ID because you don't know what consequences clicking that blue button will actually have, Mark Zuckerberg says he feels your pain.

Speaking at the Facebook F8 developer conference in San Francisco on Wednesday – the first such event the social network has held since 2011 – Zuckerberg said the company will soon deliver updates to its login code that offer more privacy controls to users.

The first change, he said, will be more granular control over app permissions.

In the past, an app displayed a laundry list of data it wanted to access and actions it wanted to perform, and users were asked to say yea or nay to all of it at once.

With the new Facebook login API, users will be given line-by-line control over permissions – so they will be able to allow an app to see who their Facebook friends are, for example, but refuse to let it send messages or post anything to their timelines.

Facebook also plans to offer an anonymous login feature, which Zuckerberg described as "a hassle-free way to login and try apps."

Screenshot of Facebook's new granular login permissions

With Facebook's new login permissions,
users have control over what they share

The feature will offer users the convenience of a username-and-password-free Facebook login even when they're not ready to share any personal information with the app in question. If they later decide they want to share their names, friend lists, or other data, they will be able to do so.

Session data will even persist from one anonymous login to the next. "You'll be able to have an experience that's synced without the app even knowing who you are for the first time," Zuckerberg said.

The soon-to-be-30-year-old CEO also said that developers can expect Facebook to stand behind its new code and that the social network's APIs will be more stable in the future.

Going forward, Zuckerberg said, all Facebook APIs will have version numbers, and developers will be able to code against the version they want. The company will commit to supporting each version of the APIs for two years, and Zuckerberg said any major bugs will be fixed within 48 hours.

The more granular permission controls and anonymous login are both currently being tested with Facebook developers, and both are expected to roll out to the public over the next few months.

In addition, Zuckerberg said that although F8 conference scheduling has been spotty in the past, developers can expect the company to hold an event around this time every year from now on. The next F8 conference will be held in 2015 in San Francisco's Fort Mason. ®


Other stories you might like

  • Behind Big Tech's big privacy heist: Deliberate obfuscation
    You opted out, but you didn't uncheck the box on page 24, so your data's ours...

    Opinion "We value your privacy," say the pop-ups. Better believe it. That privacy, or rather taking it away, is worth half a trillion dollars a year to big tech and the rest of the digital advertising industry. That's around a third of a percent of global GDP, give or take wars and plagues. 

    You might expect such riches to be jealously guarded. Look at what those who "value your privacy" are doing to stop laws protecting it, what happens when a good law  gets through, and what they try to do to close it down afterwards. 

    The best result for big tech is if laws are absent or useless. The latest survey of big tech lobbying in the US reveals a flotilla of nearly 500 salespeople/lawyers touring the US state legislatures, trying to either draw up tech friendly legislation to insert into privacy bills, water then down through persuasion, or just keep them off the books.

    Continue reading
  • Facebook phishing campaign nets millions in IDs and cash
    Hundreds of millions of stolen credentials and a cool $59 million

    An ongoing phishing campaign targeting Facebook users may have already netted hundreds of millions of credentials and a claimed $59 million, and it's only getting bigger.

    Identified by security researchers at phishing prevention company Pixm in late 2021, the campaign has only been running since the final quarter of last year, but has already proven incredibly successful. Just one landing page - out of around 400 Pixm found - got 2.7 million visitors in 2021, and has already tricked 8.5 million viewers into visiting it in 2022. 

    The flow of this phishing campaign isn't unique: Like many others targeting users on social media, the attack comes as a link sent via DM from a compromised account. That link performs a series of redirects, often through malvertising pages to rack up views and clicks, ultimately landing on a fake Facebook login page. That page, in turn, takes the victim to advert landing pages that generate additional revenue for the campaign's organizers. 

    Continue reading
  • Apple dev roundup: Weather data meets privacy, and other good stuff
    No AR/VR glasses but at least RoomPlan will let you make rapid 3D room maps

    WWDC Apple this week at its Worldwide Developer Conference delivered software development kits (SDKs) for beta versions of its iOS 16, iPadOS 16, macOS 13, tvOS 16, and watchOS 9 platforms.

    For developers sold on seeking permission from Apple to distribute their software and paying a portion of revenue for the privilege, it's a time to celebrate and harken to the message from the mothership.

    While the consumer-facing features in the company's various operating systems consist largely of incremental improvements like aesthetic and workflow enhancements, the developer APIs in the underlying code should prove more significant because they will allow programmers to build apps and functions that weren't previously possible. Many of the new capabilities are touched on in Apple's Platforms State of the Union presentation.

    Continue reading
  • Google has more reasons why it doesn't like antitrust law that affects Google
    It'll ruin Gmail, claims web ads giant

    Google has a fresh list of reasons why it opposes tech antitrust legislation making its way through Congress but, like others who've expressed discontent, the ad giant's complaints leave out mention of portions of the proposed law that address said gripes.

    The law bill in question is S.2992, the Senate version of the American Innovation and Choice Online Act (AICOA), which is closer than ever to getting votes in the House and Senate, which could see it advanced to President Biden's desk.

    AICOA prohibits tech companies above a certain size from favoring their own products and services over their competitors. It applies to businesses considered "critical trading partners," meaning the company controls access to a platform through which business users reach their customers. Google, Apple, Amazon, and Meta in one way or another seemingly fall under the scope of this US legislation. 

    Continue reading

Biting the hand that feeds IT © 1998–2022