Quoting jmathai <jmat...@gmail.com>:

On Aug 30, 12:59 pm, "M. Edward (Ed) Borasky" <zn...@borasky-
research.net> wrote:
That's part of an application developer's responsibility - to make it  
clear what your application *does* "on behalf of a user" and how users  
can detect when it does something it *shouldn't* do. And yes, very few  
applications fully document that during the oAuth dialog, but it  
*does* need to be done somewhere.

That's more my point and I'm not arguing that the Stream API shouldn't
exist.  I want to use it myself.  I just don't believe users are
really agreeing to this regardless if it's in the fine print or not.
There's a fine line and it's being approached - that's all.

I think it's a bigger issue with OAuth as a whole.  Users don't really
know what they're handing over since it's not their username and
password.  They continue under a false pretense that their information
is still "secure" (citation needed).  I don't think more words on the
OAuth flow pages addresses this and the only way to solve this is to
educate users (not an easy task).  I hope in time users have a true
understanding of what it means to "allow this app" because right now I
don't believe they do.

Ayup - and it's only going to get worse as Twitter grows towards its 500M user goal. For better or worse, Facebook's size and complexity is blazing these trails and, assuming "good will" of the power elite, something approaching "best practices" will emerge.

Twitter is currently both smaller and less complex than Facebook. My futurist lens is very cloudy on how Twitter and its user base will co-evolve, but I have to assume that a future 500M-user Twitter will be different from today's 500M-user Facebook. And I am even less certain how much bigger Facebook can get. ;-)

--
M. Edward (Ed) Borasky
http://borasky-research.net http://twitter.com/znmeb

"A mathematician is a device for turning coffee into theorems." - Paul Erdos


--
Twitter developer documentation and resources: http://dev.twitter.com/doc
API updates via Twitter: http://twitter.com/twitterapi
Issues/Enhancements Tracker: http://code.google.com/p/twitter-api/issues/list
Change your membership to this group: 
http://groups.google.com/group/twitter-development-talk?hl=en

Reply via email to