Again with the "OAuth does not prevent a bad app form being bad" point. All this same stuff can be done with Basic Auth apps. The point here is that users can prevent further badness by going to their "Connections" tab and revoking the access tokens.
No, this doesn't solve the "what happens when I initially authorize this app" problem. imho, "buyer beware". -Chad On Wed, Apr 15, 2009 at 10:51 PM, Abraham Williams <[email protected]> wrote: > My thoughts are not having a good enough notice is bad form and users will > start gravitating away from apps with bad form and better competition comes > out. > > But yes. I think it would be good for Twitter to make an official statement > and include it somewhere that that sort of misdirection is frowned upon. > > Abraham > > On Wed, Apr 15, 2009 at 21:21, Cameron Kaiser <[email protected]> wrote: >> >> > From a user expectatins perspective, I'd suggest that the Twitter OAuth >> > dialog also add a bullet list of what "access and update your data" >> > means >> > (like Flickr does) to prevent further surprises. I'm not sure users >> > appreciate that an authorised app can: >> > >> > * Post and delete tweets in your name >> > * Add and remove users you are following >> > * Block and unblock users >> > * Change your name, email address, location, avatar or description >> > >> > Thoughts? >> >> This is an excellent point. >> >> -- >> ------------------------------------ personal: >> http://www.cameronkaiser.com/ -- >> Cameron Kaiser * Floodgap Systems * www.floodgap.com * >> [email protected] >> -- Sarcasm is a spiritual gift. -- Paul Austin >> -------------------------------- > > > > -- > Abraham Williams | http://the.hackerconundrum.com > Hacker | http://abrah.am | http://twitter.com/abraham > Web608 | Community Evangelist | http://web608.org > This email is: [ ] blogable [x] ask first [ ] private. > Sent from Madison, Wisconsin, United States
