Comments on: facebook does it again? http://www.localoaf.org/2007/05/01/facebook-does-it-again/ Information: It's the Magic Sat, 02 Jan 2010 19:23:32 +0000 hourly 1 http://wordpress.org/?v=3.0.5 By: n8agrin http://www.localoaf.org/2007/05/01/facebook-does-it-again/comment-page-1/#comment-1929 n8agrin Tue, 01 May 2007 22:37:17 +0000 http://localoaf.org/2007/05/01/facebook-does-it-again/#comment-1929 this has become a trend on many web 2.0 sites and definitely sets off some red flags for me. it would be interesting to do an analysis to see how sites like facebook handle the authentication protocol. wesabe (an online financial manager) comes to mind here, and their approach is to be fairly transparent as to their process (where they connect to your financial institution using a program you run locally on your own computer), which i think is a trend we may be seeing more and more of in the next few years (the transparency that is). this has become a trend on many web 2.0 sites and definitely sets off some red flags for me. it would be interesting to do an analysis to see how sites like facebook handle the authentication protocol. wesabe (an online financial manager) comes to mind here, and their approach is to be fairly transparent as to their process (where they connect to your financial institution using a program you run locally on your own computer), which i think is a trend we may be seeing more and more of in the next few years (the transparency that is).

]]> By: yiming http://www.localoaf.org/2007/05/01/facebook-does-it-again/comment-page-1/#comment-1928 yiming Tue, 01 May 2007 19:48:25 +0000 http://localoaf.org/2007/05/01/facebook-does-it-again/#comment-1928 Wacky. Gmail/Yahoo/etc also asks for email acct passwords, if you want to use the POP3 retrieval function to pull mail from other mail accounts. I've always eyed those functions warily. But, I guess if I trust Gmail to keep some fairly sensitive correspondences, I might as well trust it with the rest of my mail. Though that password probably shouldn't be linked to, say, my iSchool account or something. But Facebook ... hmm. Has it even adopted SSL for its main login yet? Or is the Facebook password still fired out plaintext for all to see? Wacky.

Gmail/Yahoo/etc also asks for email acct passwords, if you want to use the POP3 retrieval function to pull mail from other mail accounts. I’ve always eyed those functions warily. But, I guess if I trust Gmail to keep some fairly sensitive correspondences, I might as well trust it with the rest of my mail. Though that password probably shouldn’t be linked to, say, my iSchool account or something.

But Facebook … hmm. Has it even adopted SSL for its main login yet? Or is the Facebook password still fired out plaintext for all to see?

]]> By: Ziggity http://www.localoaf.org/2007/05/01/facebook-does-it-again/comment-page-1/#comment-1927 Ziggity Tue, 01 May 2007 19:47:37 +0000 http://localoaf.org/2007/05/01/facebook-does-it-again/#comment-1927 Yeah, like they even have to ask - we all know it's your ATM pin: 5318008. P.S. Erdem - call me! Yeah, like they even have to ask – we all know it’s your ATM pin: 5318008.

P.S. Erdem – call me!

]]>