An increasingly common Twitter/OAuth scenario...
An application would like to connect to your (Twitter) account?
Yeah, I know, I just clicked on the link, right?
The application _blah_ by _blah_ would like the ability to access and update your data on Twitter.
Err... OK. But why does it need access to update my data?
This application plans to use Twitter for logging you in in the future.
That's what I figured! But I still don't understand why it needs access to update my data? I think I'll pass... I'm not sure I want random applications being able to tweet on my behalf.
End of story :-(
The point is that there is a trust issue here and I don't think that current implementations are helping people to make sensible decisions. Why does the application need to update my data on Twitter? In this case, there appears to be a perfectly valid reason as far as I can tell, but even so...
- What kinds of updates is it going to make?
- How often is it going to make them?
- Are any updates going to be under my control?
I just want to have some indication of these kinds of things before I click on the 'Allow' button. Thanks.
Applications ask for access and update because if they chose only access it is almost impossible to switch to access and update later. See: http://code.google.com/p/twitter-api/issues/detail?id=814
"Access and update" is misleading because it also provides delete permissions. Any application allowed with update level permissions and delete all of your updates.
Posted by: Abraham Williams | December 29, 2009 at 10:29 PM