Mark My Words 3.0

"[Machinery] will never be a substitute for the face of a man, with his soul in it, encouraging another man to be brave and true." — Charles Dickens

Search

Pages

Find Me

Link
So, you’ve signed in to an application using Twitter OAuth. Now what? With read and write access, an application can: Unfollow all of the people you are following Follow any number of Twitter users Block any number of Twitter users Favourite any number of tweets Send a Direct Message to everyone you are following, multiple times Send a tweet, multiple times Change your Twitter background, profile data, colours, etc. Follow, and unfollow, any number of lists Create, delete, and edit your lists etc. Basically, allowing access via OAuth can enable application developers to do a lot of things. However, because they don’t have your password, you can revoke your connection to the application via the appropriate settings to stop any further mis-use of your account. Unlike giving an application your password (that they could easily store, and then change) once an access token created by OAuth is revoked, the pesky developer will have no further access to your account details. Unless the damage has already been done. Be wary of applications that request read and write access, particularly ones that just read tweets. Anything that involves sending, updating, or deleting will require read and write access. I could tell you about accessor and mutator methods, but, I won’t.

So, you’ve signed in to an application using Twitter OAuth. Now what? With read and write access, an application can:

  • Unfollow all of the people you are following
  • Follow any number of Twitter users
  • Block any number of Twitter users
  • Favourite any number of tweets
  • Send a Direct Message to everyone you are following, multiple times
  • Send a tweet, multiple times
  • Change your Twitter background, profile data, colours, etc.
  • Follow, and unfollow, any number of lists
  • Create, delete, and edit your lists
  • etc.

Basically, allowing access via OAuth can enable application developers to do a lot of things. However, because they don’t have your password, you can revoke your connection to the application via the appropriate settings to stop any further mis-use of your account. Unlike giving an application your password (that they could easily store, and then change) once an access token created by OAuth is revoked, the pesky developer will have no further access to your account details. Unless the damage has already been done. Be wary of applications that request read and write access, particularly ones that just read tweets. Anything that involves sending, updating, or deleting will require read and write access. I could tell you about accessor and mutator methods, but, I won’t.

Blog comments powered by Disqus

Loading posts...