Is Flixster Using Deceptive Viral Practices? 190
Talaria writes "The social networking movie review site Flixster is requesting their users' AOL, Gmail, Yahoo and Hotmail passwords, and then using them to access users' address books and send 'invitations' to join Flixster, making them appear to come from the user. The password prompt screen includes the ISP's logo right next to the password prompt. Rather than hiding this little 'feature,' Flixster brags about it in an interview after receiving $2 million in venture funding earlier this year." American Venture Magazine notes: "...such practices are becoming increasingly... common as new and even established web sites look to attract visitors without expensive marketing campaigns and a hefty advertising budget."
Facebook does this too. (Score:4, Informative)
Not to mention (Score:3, Informative)
There is no way of telling if the password used is provided to a third party without consent or if the site is hacked. Be careful with your personal data, and keep your login to yourself as much as possible.
If you create a site with interactive content - think twice before if you really need your visitors to log in to request the content.
Non-Issue (Score:5, Informative)
I'm not saying I'm a fan of their scheme, but it's not like they're scamming anyone. You even get to select who you want to invite.
I guess some people feel they have to produce content, even if they have to dress a non-story up in inflammatory language and ignore the facts of the situation. Gotta drive those Adsense impressions.
Re:Facebook does this too. (Score:2, Informative)
FUD (Score:2, Informative)
Re:Facebook does this too. (Score:5, Informative)
Re:FUD (Score:2, Informative)
Exactly; not new (Score:5, Informative)
sms.ac did exactly the same thing; but didn't ask permission to email people. Whilst you'd think people would know better even Joi Ito got caught by this, what's worse is they spammed before the signup process was complete. Joi immediately quit using the service and blogged a public apology [ito.com], referring to sms.ac as spammers. Next thing you know they sent him a cease and desist [ito.com] demanding Joi stopped calling them spammers.
Some are much worse (Score:3, Informative)
This is by far not as bad as what wayn.com does (or at least used to do). They were just sending out their spam through your account without your knowledge. See "WAYN - Where Are You Now? Warning [misterorange.com]" or Wayn.com : phishing alert, ne vous faites pas couillonner ! [pingouin.be] (the last one in French). (found these at the end of a French blog post about other deceptive practices of Wayn.com [alma.ch])
Re:Not to mention (Score:3, Informative)
Re:My Gmail password?! (Score:2, Informative)
In the case of Myspace this almost makes sense (Score:2, Informative)
Hell, Blogger (which is google) has a "feature" that will let the service p0wn your FTP server by posting directly to the server. This sort of behaviour isn't new and I'm surprised Flixster gets tagged as horrible and evil for doing something everyone is already doing.
I hate to admit it but I fell for the FTP one and used the service for a good six months until it dawned on me what I had done. I immediately cancelled my shell account and moved my blog to blogspot. Sometimes even people who understand the security implications can get tripped up. This doesn't excuse the now absent behaviour of posting videos within your account but at least the idea seems somewhat understandable. Plus, Google has a history of doing these sort of things in the interest of "interoperability."
Yeah, right... interoperability. I'll keep telling myself that. Maybe it will make it true.
Re:So be smart, don't use the same (Score:3, Informative)