[LINK] The Perpetual, Invisible Window Into Your Gmail Inbox
Kim Holburn
kim at holburn.net
Sat Feb 11 12:55:00 AEDT 2012
You can give strange companies access to your gmail. How could that go wrong?
http://www.wired.com/epicenter/2012/02/perpetual-window-into-gmail/
> Wired Opinion: The Perpetual, Invisible Window Into Your Gmail Inbox
>
> The other day, I tried out Unroll.me, a clever new service that reads your inbox to let you unsubscribe from mailing lists and other unwanted e-mail flotsam with a single click.
>
> As I was about to connect my Gmail account, my finger hovered over the "Grant access" button.
>
>
>
> Wait a second. Who am I giving access to my Gmail account, anyway? There was no identifying information on their site — no company address, no team page listing the names of its team members, and broken links to their privacy policy or terms of service.
>
> For all I knew, it could be run by unscrupulous spammers or an Anonymous troll looking for lulz. And I was about to give them unfettered access to eight years of my e-mail history and, with password resets, the ability to access any of my online accounts?
>
> I had to dig around online to find out who's behind it, and fortunately, Unroll.me is a totally legit NYC-based startup providing a useful service. I spoke to Perri Blake Gorman, Unroll.me's cofounder and CMO, who assured me they'll add all the company information as they roll out their public beta.
>
> But since Gmail added oAuth support in March 2010, an increasing number of startups are asking for a perpetual, silent window into your inbox.
>
> I'm concerned oAuth, while hugely convenient for both developers and users, may be paving the way for an inevitable privacy meltdown.
--
Kim Holburn
IT Network & Security Consultant
T: +61 2 61402408 M: +61 404072753
mailto:kim at holburn.net aim://kimholburn
skype://kholburn - PGP Public Key on request
More information about the Link
mailing list