> That said, there's no indication that ClientLogin is any less secure than OAuth. ClientLogin is just old.
False. The whole point of OAuth is that users don't have to trust random software. I'm new to Shotwell, and it's asking me for my gmail password. How do I know (how could I ever know outside fo reading the codebase) that you aren't trying to get into my email? Doing so would allow you: 1. Access to my money through paypal and online banking 2. The ability to hack my servers (through poking around through logs and such) 3. To steal my identity 4. Basically to ruin my life for a while. On top of this, when apps innocently ask users for their password, it teaches users bad behaviors, since they become accostomed to giving out their password to random applications. Not a good situation. Email requires *incredibly* high levels of security, and Shotwell should *never* ask for a user's password to it. -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/782690 Title: Picasa upload not secure: asks for Google Password To manage notifications about this bug go to: https://bugs.launchpad.net/shotwell/+bug/782690/+subscriptions -- ubuntu-bugs mailing list [email protected] https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
