I’ve been thinking a lot about OAuth lately (for the uninitiated that’s the protocol used for all those sign in with Twitter and Facebook things that sends you back to the site to sign in and say you give this application permission to use your data). This is a huge step in the right direction (away from every site asking for the password you use on every other site), but the popular implementations are still far away from where they need to be.
I bring this up because I was glad to read someone else thinking the same thing. Talking mostly about the Twitter implementation, Zach Holman brings up the danger with Twitter only offering two options for developers who want to tap into people’s Twitter accounts: Read access or read + write access. That means that if a developer wanted to show you your friend’s latest Tweet, and only requested read access, they’d also be able to get to all your direct messages.
Now this bothers me as both a user and maker of internet things. As the latter, I don’t want that sort of access to a user’s personal data because I’d rather not have responsibility for it (in the same way I’m glad to not have to deal with asking people to give me their password for another site). As a user, I’m uncomfortable with the fact that I have to make a decision between using an application that needs my Twitter account with the default access variables or not allowing and therefore not getting to use it at all (maybe because they asked for read + write access and I don’t know whether they’re going to randomly tweet on my behalf). While I’m not sure how to remedy this (clearly Twitter could use more precise privacy controls, as Facebook allows in their implementation), I do think it’s important that people realize just what they’re doing when they hook up with other applications.
With great power comes great responsibility.