Stories
Slash Boxes
Comments

SoylentNews is people

posted by janrinok on Wednesday March 05 2014, @06:05PM   Printer-friendly
from the too-little-too-late? dept.

gishzida writes:

"A Reuters release notes that Yahoo Inc will stop letting consumers access its various online services, including Fantasy Sports and photo-sharing site Flickr, by signing-in with their Facebook Inc or Google Inc credentials. The move marks the latest change to Yahoo by Chief Executive Marissa Mayer, who is striving to spark fresh interest in the company's Web products and to revive its stagnant revenue.

The change, which will be rolled out gradually according to a Yahoo spokeswoman, will require users to register for a Yahoo ID in order to use any of the Internet portal's services."

 
This discussion has been archived. No new comments can be posted.
Display Options Threshold/Breakthrough Mark All as Read Mark All as Unread
The Fine Print: The following comments are owned by whoever posted them. We are not responsible for them in any way.
  • (Score: 3, Insightful) by Anonymous Coward on Wednesday March 05 2014, @06:25PM

    by Anonymous Coward on Wednesday March 05 2014, @06:25PM (#11440)

    Meh.. I dunno if this is a bad thing really. I never really liked or understood why so many companies sought some kind of facebook integration.
    Do you somehow find it logical to feed more information to facebook or google about your activities on a website that are not actually related to them?
    Or is it that you feel that it's soo convinient? It's also convinient to have a post-it with your passwords on your computer monitor or to have your pin code taped to your credit card but that doesn't mean it's a good idea.

    Starting Score:    0  points
    Moderation   +3  
       Insightful=3, Total=3
    Extra 'Insightful' Modifier   0  

    Total Score:   3  
  • (Score: 4, Insightful) by frojack on Wednesday March 05 2014, @06:53PM

    by frojack (1554) on Wednesday March 05 2014, @06:53PM (#11459) Journal

    Agreed, mindless facebook integration (or even ID linking) is just plain stupid, as is anyone actually using such.

    --
    No, you are mistaken. I've always had this sig.
    • (Score: 5, Interesting) by Angry Jesus on Wednesday March 05 2014, @07:58PM

      by Angry Jesus (182) on Wednesday March 05 2014, @07:58PM (#11492)

      Mindless facebook integration (or even ID linking) is just plain stupid, as is anyone actually using such.

      It's great for the websites which do it. If they use the full-blown "log in with facebook" (not the lowly OpenID which TFA is talking about) they get tons of information about the user and if they shell out for the deluxe package they get tons of information on every "friend" of that user too.

      Here's a screen-grab of all the different database fields facebook gives to a website when somone logs in via facebook - single-sign-on FTW!
      https://twitter.com/TheBakeryLDN/status/4275319342 94880256/photo/1 [twitter.com]

      • (Score: 3, Insightful) by frojack on Wednesday March 05 2014, @08:15PM

        by frojack (1554) on Wednesday March 05 2014, @08:15PM (#11495) Journal

        Hmmm, I thought most websites that Do this, do it out of lazyness, (too much trouble managing a log in system) and have no real need of all that data, and wouldn't have the capability of using it even in summary form.

        In any event, thanks for the image. Reinforces my point about how foolish it is to log in anywhere with a facebook account.

        --
        No, you are mistaken. I've always had this sig.
        • (Score: 2) by Angry Jesus on Wednesday March 05 2014, @09:13PM

          by Angry Jesus (182) on Wednesday March 05 2014, @09:13PM (#11521)

          I bet a good number of them don't know what to do with it.

          But fundamentally they are all just selling eyeballs, this info lets them better quantify those eyeballs and thus charge a higher rate for ads. My expectation is that there are drop-in modules that suck-up that data and re-package it to feed into various advertising networks.

  • (Score: 4, Interesting) by edIII on Wednesday March 05 2014, @08:18PM

    by edIII (791) on Wednesday March 05 2014, @08:18PM (#11498)
    The very concept of OpenID is flawed and deeply deeply deeply stupid.

    If I was running a ton of infrastructure and services, why would I ever let another company authenticate their users with my data? Sure, it seems like a value added service to the user as they only have to remember a single password for everything, and every time they log in I gain brand awareness.

    However, now you have a nice tidy little attack surface. Good for the small startup that no longer has to be responsible for their own security in it's entirety, but bad for the user. Flawed implementations in those other sites may reveal information to give an attacker an advantage.

    There is a reason why banks would never consider such a methodology viable.

    OpenID has always been bad for the user (they probably don't know that), and allowing smaller companies to not pull their own weight WRT security is a self-fulfilling prophecy whereby a data-breach can be inevitable due to incompetence or negligence.

    It only works as long as corporations are willing to cooperate anyways.... which means it's just as stupid as websites linking to other websites to download javascript. Facebook may be more reliable than that small software developer who put up his JQuery module for people to use, but that still doesn't mean it's in either the corporations or the users best interest does it?

    OpenID is just being lazy, and laziness gets you killed on the Internet.
    --
    Technically, lunchtime is at any moment. It's just a wave function.
    • (Score: 1, Interesting) by Anonymous Coward on Wednesday March 05 2014, @10:55PM

      by Anonymous Coward on Wednesday March 05 2014, @10:55PM (#11568)

      allowing smaller companies to not pull their own weight WRT security is a self-fulfilling prophecy whereby a data-breach can be inevitable due to incompetence or negligence.

      Face it, companies both large and small don't pull their own weight WRT security when the ball is entirely in their court, either. Many BANKS can't do internet security properly, even today. Increased responsibility doesn't reduce incompetence and negligence, it just raises the stakes when that incompetence and negligence is exploited.

      The point of OpenID is to put your authentication security in the hands of companies which take authentication security seriously, rather than gambling your ID with every new service you sign up to.

      • (Score: 2) by edIII on Thursday March 06 2014, @02:32AM

        by edIII (791) on Thursday March 06 2014, @02:32AM (#11664)

        You are still far better off having faked information and separate passwords for every single site that you visit.

        For the sites that have information that's real, you progressively create more complicated passwords (proportional to the info you gave them) and demand higher levels of security from them in the form of two-factor authentication and the like.

        If somebody cracked my password here they would find no identifiable information on me, certainly not any kind of sensitive information, and a password that can only be used with SoylentNews.

        If you cracked my account with PizzaHut you could order pizzas and have them sent to my address, but you would be paying for them. I keep waiting for that to happen, but it never does. Lazy hackers.

        --
        Technically, lunchtime is at any moment. It's just a wave function.
    • (Score: 0) by Anonymous Coward on Thursday March 06 2014, @11:58AM

      by Anonymous Coward on Thursday March 06 2014, @11:58AM (#11875)

      Because, if you have the option to log in with OpenID, a user is likely to log in if he sees one thing that catches his interest. Then, once he is logged in, he will see your other services, possibly deciding that he is interested in those.

      If, on the other hand, one needs to create an account to log in, the barrier is larger, and a user who sees one thing that catches his interest is more likely to not bother. To attract new users with this model, you need to build your image beforehand.

  • (Score: 0) by Anonymous Coward on Thursday March 06 2014, @10:35PM

    by Anonymous Coward on Thursday March 06 2014, @10:35PM (#12265)

    No idea.
    How about asking Atlassian why there is a need to send user data to google

    -
    Privacy policy designed to distribute user data should be called Sharing Policy