On Thursday of this past week a large number of websites had a very unpleasant experience. As a user went to popular sites like NBC, CNN, Huffington Post and others, they were instantly redirected to a Facebook error page.
If you click the Okay button, you were then taken to a blank page. In short the error resembled some sort of page hijacking hack.
The problem was quickly isolated to Facebook Connect, their popular Single Sign-On platform and Facebook jumped into action, fixing the problem. But now, as it turns out, Facebook might face a more serious problem.
I first realized this problem on Thursday night with a client's site. This was before any articles were written or tweets had even gone out. Even if the articles were out, it wouldn't have been much help. Why? Well this client doesn't use Facebook Connect. The only Facebook code loading on the pages is the Facebook Like button. As soon as I removed that code everything went back to normal.
So now you maybe saying that the problem was related to Connect and not Like, so why did this site have an issue? Well apparently Facebook uses Connect in their like button. An article in Salon makes that exact same connection:
Not so fast! We should stop and think about what really happened. By demonstrating a direct connection between our Facebook logins and the Facebook Like buttons on non-Facebook pages, Facebook inadvertently advertised exactly how much it potentially knows about all our Web browsing habits.