Google Friend Connect Site on Joyent Accelerators

Want to play around with a site already using Google’s Friend Connect? Head over to BibleApps running on Joyent Accelerators. The “Sign In” infrastructure is part of the gadgets available from Google Friend Connect. God bless them.

This entry was written by grassonthefield and posted on May 13, 2008 at 5:39 pm and filed under Announcements, Industry. Bookmark the permalink. Follow any comments here with the RSS feed for this post. Post a comment or leave a trackback: Trackback URL.

One Comments

  1. Micheal
    Posted May 14, 2008 at 1:35 am | Permalink

    Is this opening up a can of security worms?

    I’ll explain.

    So I went out to the BibleApps site and clicked “Sign in”.

    It presented me with signing in with Google/Yahoo/AIM/etc.

    (Immediately, I think – oh no. This is going to open up a can of worms by unethical sites faking login pages.)

    The reason being, for years – we have instructed people for security reason to NEVER give out their login information for site X when on site Y.

    Now OpenID and Friend Connect changes all of that. Now, it’s “okay” to give out your Google/Yahoo login information when not on a Google/Yahoo site.

    What concerns me is, how do we explain to people now that this is alright? And how do we prevent unethical people from capturing someones Google/Yahoo login information on a fake-login page and then pass that information onto Google/Yahoo?

    Does that make sense?

    I really like the functionality of Friend Connect and OpenID, and I’m sure it’s implemented in a secure way … what concerns me is that it now seems like it will be extremely easy for sites to “fake” a Google/Yahoo login page because we are now training people that it’s alright to give out your login credentials for a third party site (like BibleApps)


Post a Comment

You must be logged in to post a comment.
Follow

Get every new post delivered to your Inbox.

Join 49 other followers