Creepy

[Lynn Fredricks]

> Comforting to know it's not a browser exploit digging into 
> our hard drives, but it raises a question of the security 
> decision-making at Yahoo, gMail, etc.:
> 
> How can a web site like FaceBook dig into your address book 
> at those other sites without requiring your passwords for those sites?
> 
> Do Yahoo, Google, etc. just give free access to FaceBook and 
> potentially anyone else willing to pony up whatever those 
> mail companies ask for such access?

I believe at some point, you are asked if you want to "find your friends" on
various e-services. I recall something about this, also other platforms
using something similar, like NING.

They've all set up sharing APIs that require permission to be granted. Once
it sucks in your data though - its in their system and likely not removable.
There are more and more "validation" methods being used across apps. If you
have a Wordpress based blog for example, there's a plugin that lets you
utilize Facebook Connect for validating commenters. It is very easy to set
up. You've ceded access control though.

I think this all boils down to the problem, esp in the USA, that you do not
"own" your own information. Ive met reps from many Web 2.0 type companies
that openly tell me that its all about owning the customer information, and
giving away use of all sorts of great applications is targeted towards
acquiring this information for ongoing exploitation - targeted ads, direct
mail marketing and the like.

Best regards,

Lynn Fredricks
President
Paradigma Software
http://www.paradigmasoft.com

Valentina SQL Server: The Ultra-fast, Royalty Free Database Server