On taking a mile, sacrificing your children and OAuth
For some time, I’ve been grumbling to anyone who would listen about the limitations in Twitter’s use of OAuth, particularly as more third-party services emerge using Twitter for authentication. The issue was covered by Tom Scott in a piece in The Guardian in December. Last night, Nicole Harris pointed me at a post by Zach Holman, OAuth Will Murder Your Children, which articulates the problem far better (and more amusingly) than I could ever manage. Zach says:
When I brought this up briefly over a few tweets a week ago, I got mostly reasonable agreement in response, mixed in with a few “but then it will be harder to develop applications”.
Tough shit. That’s why we have if statements.
This stuff is a big deal. If a user doesn’t want some superficial Kanye West app to read and download all of her private direct messages, she should be able to expressly restrict that.
It seems to me some of the services using Twitter for authentication don’t require even read access to your Twitter feed, let alone read/write access; they may want to read following/follower lists; in some cases, it may even be that all they need is confirmation that you are the owner of that Twitter account. As Zach highlights, the solution is for Twitter to offer a more granular permissions system and for apps to use that, requesting permissions appropriate to their function, rather than adopting an “I’ll take a mile” default position.
I currently take the approach of refusing to use services that request unnecessary permissions through Twitter OAuth. For apps like Twitter clients which I want to write data on my behalf, yes, it’s fine; but for many other cases, I see no reason why they need the permissions they request. If that means that I miss out on services like Lanyrd, which I don’t doubt may be useful to me, then so be it. I’m no longer willing to acquiesce in propping up an approach which is fundamentally broken - and could quite easily be fixed.
Tuesday, January 25, 2011
“I sense an opportunity to create a new kind of social identity for us to leverage around the web, one that is far more personal and instrumented than a Facebook profile or a Google cookie. It’s an identity that is independent of the one we’ve cultivated on Dependent platforms, but not necessarily separate from them. We can chose to include our Dependent Web profiles, but we don’t have to. At the moment, the model seems pretty black or white. If I’m logged into Facebook and the site I visit is using Facebook’s services, that site knows more about me than probably most of my friends do. In other words, perhaps it’s time for a Revealed Identity, as opposed to a Public or Dependent Identity. As human beings wandering this earth, we certainly have both. Why don’t we have the same online?”
John Batelle, Identity and The Independent Web - John Battelle’s Searchblog
Wednesday, January 19, 2011
“Why is it that neo-liberals need to marketise the universities, almost as much as they need to marketwise the NHS? First, because neo-liberalism requires that the majority of people are taught not to think clearly and not to question what they’re told, lest they rebel. Second, and this is even more important, if the universities can be made into vehicles of the neo-liberal creed then they will do more than most other social institutions to reproduce and enforce that creed. Not only will “students” come to believe that everything – and perhaps everyone – is a commodity, but their teachers will themselves be products of the same ideology. For who but the rich will be able or willing to take on postgraduate work once they’re already tens of thousands of pounds in undergraduate debt? The arts, humanities and social sciences, in the few élite institutions in which they remain, will function as finishing schools for the wealthy, taught – if that is the right word – by their own. Everything else – from engineering to physics to business to design – will become bereft of critical content, taught – again if that is the right word – by people who understand themselves to be “delivering” quantifiable commodities to their customers.”
Bob Brecher, Universities and the Neo-Liberal Revolution « Really Open University
Saturday, January 15, 2011
This is really just a test of the Tumblr IPhone app, as I’m not sure what the photo will look like. I took it at Carter’s Steam Fair at the waterfront in Bristol, at the end of a very cold, slightly foggy afternoon between Christmas & New Year. It was almost deserted but the lights were all still on & there was a rock’n’roll mix playing over the PA, like a scene from a B-movie.
Via Twitter this afternoon, I heard the very sad, and really quite shocking, news of the death of Trish Keenan of Broadcast. While I wouldn’t quite describe myself as a fan of the group, I’ve bought most of their records, and always found them rewarding. As Ned Raggett says, there seemed to be a quiet sense of deliberation in their work, a determination to realise their vision, in their own time. ”Echo’s Answer” is a lovely, haunting song from their first album proper The Noise Made By People from 2000.
The wind is near The invisible hear Come my thoughts away from fear
Oh, the wind will come Blow, answer all these echoes
Thursday, January 6, 2011
“What most characterizes today’s web revolutionaries is their rigorously apolitical and ahistorical perspectives - their fear of actually being revolutionary. To them, the technological upheaval of the web ends in a reinforcement of the status quo. There’s nothing wrong with that view, I suppose - these are all writers who court business audiences - but their writings do testify to just how far we’ve come from the idealism of the early days of cyberspace, when online communities were proudly uncommercial and the free exchanges of the web stood in opposition to what John Perry Barlow dismissively termed “the Industrial World.” By encouraging us to think of sharing as “collaborative consumption” and of our intellectual capacities as “cognitive surplus,” the technologies of the web now look like they will have, as their ultimate legacy, the spread of market forces into the most intimate spheres of human activity.”
Nicholas Carr, Rough Type: Nicholas Carr’s Blog: The unrevolution
