Ryan Singel writes:
If you have checked in with Foursquare in San Francisco in the last three weeks, Jesper Andersen probably knows where and when — even if you’ve set your check-ins to be published to friends only.
Andersen, a coder who recently built a service called Avoidr that helps you avoid social network “friends” you don’t really like, figured out that Foursquare had a privacy leak because of how it published user check-ins on web pages for each location.
Andersen reported the privacy breach to Foursquare two Sundays ago — and the company admitted the bug existed. They asked for a week or so to fix the bug, and now, according to an e-mail sent to Alexander, the company is modifying its privacy settings to let users opt out of being listed on location’s web pages. The site previously allowed users to opt out of being listed in the “Who’s here now” function, but until Tuesday that button didn’t apply to listing “Who’s checked in there.”
Read more on Threat Level.