Coffeehouse Post

Single Post Permalink

View Thread: Does Live 3rd party sign-in leak information without being upfront with you about it?
  • User profile image

    I was trying to post a comment on this review, without registering a new account since they offer options to sign in with existing account.

    So I tried the various options for signing up with existing account and:

    If you sign in with:

    Google, you give away "Google Contacts access", and it's not stated if this access is given on a permanent basis.

    Hotmail/Live/AOL, you apparently don't give any access, but reading through the Live URL suggests that you do, since it contains stuff like "%2Fauthorize%3Fscope%3Dwl.basic%252Cwl.contacts_emails%252Cwl.offline_access" but the Live sign-in doesn't say what that entails atleast at the point where you enter your Live password.

    Twitter- "This application will be able to:

    • Read Tweets from your timeline.
    • See who you follow, and follow new people.
    • Update your profile.
    • Post Tweets for you."

    Again, it must be assumed Huffington Post wants access to do all of that in your name in Twitter for as long as they want. If it doesn't mean that, it should be worded otherwise.

    Yahoo- "Allow sharing of your Yahoo! profile and connections info with The Huffington Post."


    Clearly, the pattern is that some of these say what they will give access to, Live doesn't say, unless you read the URL and make your own conclusions, but that's not very convenient.

    I would like if C9 could contact Hotmail/Live executives for comment on how they plan to improve the disclosure policies. (no point asking WHEN since we all know it takes Microsoft atleast 2+ years to implement the most trivial of changes in any product)