I disagree. By granting the application access to my account, I tacitly
accept the fact that they can access any information that the API provides.
The API returns the user's screen name every time you fetch their posts. For
crying out loud, a malicious app could go through and delete your last 3200
posts without your even realizing it. You're concerned about using a piece
of readily available information -- one that does not actually accurately
identify you on Twitter since you can change your username at will -- for
something that could probably be relatively benign ("Welcome, @user!"). Yes,
I know there are malicious ways to use it, but there are malicious ways to
use any read/write API.

On Wed, Aug 26, 2009 at 08:08, Duane Roelands <duane.roela...@gmail.com>wrote:

>
> Here's the example:
>
> 1. You download my desktop Twitter client.
> 2. You install it and authorize it to your Twitter account.
> 3. -Without your consent or knowledge-, my Twitter client sends me
> your screen name.
>
> That's unethical.  If you don't think so, go ahead and code that into
> your client and watch your users freak out when they find out that
> you've been collecting their personal information without your
> consent.
>
>
> On Aug 26, 9:14 am, JDG <ghil...@gmail.com> wrote:
> > How could using JUST the screen name -- something that twitter explicitly
> > provides to you -- possibliy get your application banned? I'm failing to
> see
> > how something that is readily available that Twitter provides for
> > identification purposes is so bad, and despite my respect for many of the
> > developers on this list, I have yet to see a compelling argument for that
> > position. I'm willing to have my mind change, don't get me wrong. But at
> the
> > same time, I know that there are chances for malicious hijinx in ANY case
> > where the user has granted access to a third-party app, regardless of
> > whether the app has that user's screen name or not.
> >
> > On Wed, Aug 26, 2009 at 02:45, Duane Roelands <duane.roela...@gmail.com
> >wrote:
> >
> >
> >
> >
> >
> >
> >
> > > Doing it without the express, explicit consent of the user is sneaky.
> > > It's also likely to get your application banned.
> >
> > > If it's important to you to know who your users are, ask them to
> > > register.  But it should always be "opt-in".
> >
> > > On Aug 25, 11:21 pm, JDG <ghil...@gmail.com> wrote:
> > > > I fail to see how knowing the user's screen name only is "phoning
> home"
> > > or a
> > > > "sneaky thing".
> >
> > > > On Tue, Aug 25, 2009 at 16:20, Joseph Cheek <jos...@cheek.com>
> wrote:
> >
> > > > > I agree.  I've seen a lot of resistance to user apps that "phone
> home"
> > > > > in the past.
> >
> > > > > Joseph Cheek
> > > > > jos...@cheek.com
> > > > > @cheekdotcom
> >
> > > > > mcdade wrote:
> > > > > > Thanks JDG for the advice but I wrote an App, not a webapp.
> >
> > > > > > The program runs on the users computer and they auth, I really
> don't
> > > > > > want to do a whole "i'm going to quietly send your info to me
> while
> > > > > > you aren't looking".  I really dislike when companies put in a
> some
> > > > > > sneaky things to get the user info without the user knowing about
> it.
> >
> > > > > > Twitter really should provide a method of seeing this server
> side, I
> > > > > > guess they don't.
> >
> > > > > > -b
> >
> > > > > > On Aug 25, 11:44 pm, JDG <ghil...@gmail.com> wrote:
> >
> > > > > >> they do. when you get an access token, the screen name and their
> ID
> > > are
> > > > > >> returned to you along with the token. Use it. Store it.
> >
> > > > > >> On Tue, Aug 25, 2009 at 15:18, mcdade <bmcd...@gmail.com>
> wrote:
> >
> > > > > >>> Bumping on this since no one answered..
> >
> > > > > >>> And i'm up to 90 users who authed now but I have no idea who
> they
> > > are
> > > > > >>> since i can't search my app's name.
> >
> > > > > >>> Twitter needs to create a way for Developers to track users who
> are
> > > > > >>> using the product.  Look at Facebook, they have amazing tools
> for
> > > the
> > > > > >>> Developer
> >
> > > > > >>> -b
> >
> > > > > >>> On Aug 12, 4:33 pm, mcdade <bmcd...@gmail.com> wrote:
> >
> > > > > >>>> Ok.
> >
> > > > > >>>> So I have my app written, I usedoauthto authenticate them
> since it
> > > > > >>>> was easier the storing the password.  Anyways I didn't write
> in
> > > > > >>>> anything special to trackusers(or make the follow me) but I
> would
> > > > > >>>> like to see who is using it since I had about 300 downloads on
> the
> > > app
> > > > > >>>> but have only about 58 ppl who have authenticated with
> twitter.
> >
> > > > > >>>> Thanks
> >
> > > > > >>>> -bryan
> >
> > > > > >>>> oh.. and i wrote the app in Cocoa and the framework and code
> > > examples
> > > > > >>>> suck and mostly don't work.
> >
> > > > > >> --
> > > > > >> Internets. Serious business.
> >
> > > > --
> > > > Internets. Serious business.
> >
> > --
> > Internets. Serious business.
>



-- 
Internets. Serious business.

Reply via email to