Thanks David and Michael - I've incorporated those posts into the blog post that will be published tomorrow morning.
On Mon, Jan 5, 2009 at 8:53 AM, silky <michaelsli...@gmail.com> wrote: > > Yeah, this is why I don't use those services. > > oAuth is an option, but even twitter doing something trivial > themselves would be nice, like I proposed here a while back: > > > http://lets.coozi.com.au/content/token-based_authentication_for_api_access.html > > > > On Sun, Jan 4, 2009 at 5:06 PM, Elias Bizannes <elias.bizan...@gmail.com> > wrote: > > > > Hi everyone, > > > > I personally believe Twitter is being irresponsible by creating an > > ecosystem off their API without creating appropriate safeguards to > > protect users like us. I am looking for some Aussie bloggers to help > > me make some noise. The silicon beach community literally turned the > > fight against the clean feed to a whole new level, so I'm looking for > > us do it again by creating a better Internet through example. > > > > Quick background: > > For you to give access to things like third party apps (like Twhirl), > > you need to give up your login and password. As has been reported in > > the tech news this last week, there have been security breaches of > > people taking your Twitter password and selling it and the like. A > > simple change to their API can avoid this bad password anti-pattern. > > > > With delegated authunentication or through the use of an open standard > > called "oAuth" you can actually allow websites to access your data > > without you needing to give up your password (by simply giving them > > permission through the Twitter interface). What happens is that > > instead of you punching in your password, and giving some random your > > personal details which they can then take advantage of, you can > > instead have them request Twitter for authorisation, and you can > > simply click a button saying "approved". > > > > I will be posting something on the DataPortability Project's blog > > about the issue and hope to give it some attention. The more people we > > have posting a synchronised blog post, the better chances we can turn > > this into news and get them to pull out their finger out. I know for a > > fact the only reason they are not doing this is because they don't > > give it a high enough priority - but of course they don't, as it's not > > them hurting but us. With a bit of awareness, we can make people > > realise there is a simple way to fix a very serious issue, which is > > comprimising your online identity. > > > > I've already had to change my passwords a few times due to third party > > apps, and I am sick of doing it, and it annoys me when I know I don't > > need to do it! > > > > Please contact me if you are willing to participate. For those looking > > to get a bit more exposure of their blogs, this is a good way to do > > it :) > > > > Thanks! > > Elias > > > > > > > > > -- > noon silky > http://www.boxofgoodfeelings.com/ > > > > -- Elias Bizannes http://liako.biz --~--~---------~--~----~------------~-------~--~----~ You received this message because you are subscribed to the Google Groups "Silicon Beach Australia" group. To post to this group, send email to silicon-beach-australia@googlegroups.com To unsubscribe from this group, send email to silicon-beach-australia+unsubscr...@googlegroups.com For more options, visit this group at http://groups.google.com/group/silicon-beach-australia?hl=en -~----------~----~----~----~------~----~------~--~---
