Re: [twitter-dev] Re: Authorizing for partial control
Yes, that's why one does the right thing *and* has an attorney. ;-) -- M. Edward (Ed) Borasky http://borasky-research.net http://twitter.com/znmeb "A mathematician is a device for turning coffee into theorems." - Paul Erdos Quoting "Papa.Coen" : Of course, Twitter is not a secure means of communication. You know that, I know that. How about the majority of Twitter users? I think you could imagine the personal harm you could get from insulting tweets, spamming on your behalf or even setting pornographic images as your avatar. People are getting sued/prosecuted/fired/apprehended even here in the Netherlands for the tweets they post. Rediculous. -- Twitter developer documentation and resources: http://dev.twitter.com/doc API updates via Twitter: http://twitter.com/twitterapi Issues/Enhancements Tracker: http://code.google.com/p/twitter-api/issues/list Change your membership to this group: http://groups.google.com/group/twitter-development-talk?hl=en -- Twitter developer documentation and resources: http://dev.twitter.com/doc API updates via Twitter: http://twitter.com/twitterapi Issues/Enhancements Tracker: http://code.google.com/p/twitter-api/issues/list Change your membership to this group: http://groups.google.com/group/twitter-development-talk?hl=en
[twitter-dev] Re: Authorizing for partial control
Of course, Twitter is not a secure means of communication. You know that, I know that. How about the majority of Twitter users? I think you could imagine the personal harm you could get from insulting tweets, spamming on your behalf or even setting pornographic images as your avatar. People are getting sued/prosecuted/fired/apprehended even here in the Netherlands for the tweets they post. Rediculous. -- Twitter developer documentation and resources: http://dev.twitter.com/doc API updates via Twitter: http://twitter.com/twitterapi Issues/Enhancements Tracker: http://code.google.com/p/twitter-api/issues/list Change your membership to this group: http://groups.google.com/group/twitter-development-talk?hl=en
Re: [twitter-dev] Re: Authorizing for partial control
Agreed completely. I understand why people want scope for permissions ala Facebook, but I quite like the way Twitter is. The whole big issue here is that people seem to think DM's are a sacred medium for secure communication when that simply isn't the case. A DM is just a normal tweet directed at one person. Scott. On 20 Sep 2010, at 20:17, Abraham Williams wrote: > Any models consisting of more then three levels of permission is too > complicated. Read, write, and delete are the levels of permission in their > most pure form. Delete is important because otherwise every single > application that just needs to post a tweet can delete *all* of you data with > a few simple scripts. > > On a side note Twitter is not a secure communication medium and should not be > used for sensitive communication. > > Abraham > - > Abraham Williams | Hacker Advocate | http://abrah.am > @abraham | http://projects.abrah.am | http://blog.abrah.am > This email is: [ ] shareable [x] ask first [ ] private. > > > On Mon, Sep 20, 2010 at 11:56, @IDisposable wrote: > > - The possibility to ask for (by the app) and grant (by the user) a > > more fine grained level of authorization (more than just read/write > > only) > > Totally agreed!. Specifically, I want: > > 1) One time tweet WRITE > 2) Ongoing tweet WRITE > 3) Non-public READ > 3) Non-DM READ > 4) Full READ > 5) Profile and Settings WRITE > > I should be able to ask for any combination as a developer, and as a > client/end-user I should be able to revoke or refuse ANY of them while > still allowing access. Thus if someone codes an application that > wants to read all my tweets and send a solicit message, as an end-user > I should be able to allow the read access but deny the tweet writes. > > Yes, this would complexify (wee) the UI, but it would enable people to > avoid the Twitter-worms that annoy us so much. > > Marc -- Twitter developer documentation and resources: http://dev.twitter.com/doc API updates via Twitter: http://twitter.com/twitterapi Issues/Enhancements Tracker: http://code.google.com/p/twitter-api/issues/list Change your membership to this group: http://groups.google.com/group/twitter-development-talk?hl=en
Re: [twitter-dev] Re: Authorizing for partial control
Any models consisting of more then three levels of permission is too complicated. Read, write, and delete are the levels of permission in their most pure form. Delete is important because otherwise every single application that just needs to post a tweet can delete *all* of you data with a few simple scripts. On a side note Twitter is not a secure communication medium and should not be used for sensitive communication. Abraham - Abraham Williams | Hacker Advocate | http://abrah.am @abraham | http://projects.abrah.am | http://blog.abrah.am This email is: [ ] shareable [x] ask first [ ] private. On Mon, Sep 20, 2010 at 11:56, @IDisposable wrote: > > - The possibility to ask for (by the app) and grant (by the user) a > > more fine grained level of authorization (more than just read/write > > only) > > Totally agreed!. Specifically, I want: > > 1) One time tweet WRITE > 2) Ongoing tweet WRITE > 3) Non-public READ > 3) Non-DM READ > 4) Full READ > 5) Profile and Settings WRITE > > I should be able to ask for any combination as a developer, and as a > client/end-user I should be able to revoke or refuse ANY of them while > still allowing access. Thus if someone codes an application that > wants to read all my tweets and send a solicit message, as an end-user > I should be able to allow the read access but deny the tweet writes. > > Yes, this would complexify (wee) the UI, but it would enable people to > avoid the Twitter-worms that annoy us so much. > > Marc > > -- > Twitter developer documentation and resources: http://dev.twitter.com/doc > API updates via Twitter: http://twitter.com/twitterapi > Issues/Enhancements Tracker: > http://code.google.com/p/twitter-api/issues/list > Change your membership to this group: > http://groups.google.com/group/twitter-development-talk?hl=en > -- Twitter developer documentation and resources: http://dev.twitter.com/doc API updates via Twitter: http://twitter.com/twitterapi Issues/Enhancements Tracker: http://code.google.com/p/twitter-api/issues/list Change your membership to this group: http://groups.google.com/group/twitter-development-talk?hl=en
[twitter-dev] Re: Authorizing for partial control
> - The possibility to ask for (by the app) and grant (by the user) a > more fine grained level of authorization (more than just read/write > only) Totally agreed!. Specifically, I want: 1) One time tweet WRITE 2) Ongoing tweet WRITE 3) Non-public READ 3) Non-DM READ 4) Full READ 5) Profile and Settings WRITE I should be able to ask for any combination as a developer, and as a client/end-user I should be able to revoke or refuse ANY of them while still allowing access. Thus if someone codes an application that wants to read all my tweets and send a solicit message, as an end-user I should be able to allow the read access but deny the tweet writes. Yes, this would complexify (wee) the UI, but it would enable people to avoid the Twitter-worms that annoy us so much. Marc -- Twitter developer documentation and resources: http://dev.twitter.com/doc API updates via Twitter: http://twitter.com/twitterapi Issues/Enhancements Tracker: http://code.google.com/p/twitter-api/issues/list Change your membership to this group: http://groups.google.com/group/twitter-development-talk?hl=en