It looks like it gets even worse. Forbes might be shipping the data off to a company controlling gigya.com. http://postimage.org/image/cjzwzq2wn/
The screen capture was from a Wireshark trace while exercising the "post comment" functionality (Google Oauth, and then "No Thanks" on contact sharing). On Tue, Jan 8, 2013 at 1:29 PM, Jeffrey Walton <[email protected]> wrote: > I was reading > http://www.forbes.com/sites/timworstall/2013/01/07/has-microsoft-tried-to-make-windows-8-too-secure/, > and wanted to leave a comment on vendor lock-in on vendor application > stores and vendor clouds (anti-trust FTW!). > > It appears Forbes uses OAuth, so I tried to use it against my Goggle > account. Forbes asked that I share my google contacts. > http://postimage.org/image/l03hq6oc7/. > > When I declined the sharing of my contacts, Forbes would not allow me > to continue. It seems they were "requiring" and not "asking". > > That's a fairly flagrant party foul..... _______________________________________________ Fun and Misc security discussion for OT posts. https://linuxbox.org/cgi-bin/mailman/listinfo/funsec Note: funsec is a public and open mailing list.
