Follow Slashdot blog updates by subscribing to our blog RSS feed

 


Forgot your password?
Close
typodupeerror
×
Spam Advertising Social Networks Twitter Your Rights Online

NY Comic Con Takes Over Attendees' Twitter Accounts To Praise Itself 150

Posted by timothy from the you're-loving-it dept.
Okian Warrior writes "Attendees to this year's New York Comic Con convention were allowed to pre-register their RFID-enabled badges online and connect their social media profiles to their badges — something, the NYCC registration site explained, that would make the 'NYCC experience 100x cooler! For realz.' Most attendees didn't expect "100x cooler" to translate into 'we'll post spam in your feed as soon as the RFID badge senses that you've entered the show,' but that seems to be what happened."
This discussion has been archived. No new comments can be posted.

NY Comic Con Takes Over Attendees' Twitter Accounts To Praise Itself More

NY Comic Con Takes Over Attendees' Twitter Accounts To Praise Itself

Comments Filter:

  • Re:Ooops! Sorry (Score:5, Informative)

    by Nerdfest ( 867930 ) on Saturday October 12, 2013 @09:31AM (#45108113)

    When you use your Twitter account for authentication, it doesn't need to be authorised for tweeting. You only need to avoid places that request that permission.

  • Re:Ooops! Sorry (Score:5, Informative)

    by gl4ss ( 559668 ) on Saturday October 12, 2013 @09:45AM (#45108175) Homepage Journal

    They didn't "ask" for permission. They inferred it from people providing their twitter account info. There wasn't even an "opt-out" option because people didn't know this was going to happen.

    more importantly YOU CAN NOT give just partial access to an app in twitter. you either give it all it's requesting or nothing and you can not go into your app settings and change. you can only revoke the whole app.

    but the guys attending should really have smelled something funny when they were requesting post permissions along with other perms.

  • Re:Prosecute them ... (Score:2, Informative)

    by Rambo Tribble ( 1273454 ) on Saturday October 12, 2013 @10:29AM (#45108333) Homepage
    An established principle in the law is that there are certain rights you cannot sign away. For instance, you cannot legally, voluntarily or otherwise, enter into slavery in the United States of America. It remains for the courts to decide if one's identity is one of those rights. Prosecute them.

  • Re:And Nerds, please, shower! (Score:4, Informative)

    by couchslug ( 175151 ) on Saturday October 12, 2013 @10:43AM (#45108393)

    It's not Flamebait since it's the truth!

    Clicky da linky before modding.

  • Re:Ooops! Sorry (Score:5, Informative)

    by Rich0 ( 548339 ) on Saturday October 12, 2013 @10:47AM (#45108407) Homepage

    They didn't "ask" for permission. They inferred it from people providing their twitter account info. There wasn't even an "opt-out" option because people didn't know this was going to happen.

    When you grant a third party access to sent Tweets on your behalf, don't you click through a warning telling you that? Why would you give a convention permission to send Tweets as you, and if you do, why would you be surprised when they do?

    The problem is that there is a growing trend towards letting apps request permissions, and then giving the user two choices - accept all the permissions the app requests, or don't use the app at all. That is true of many online services, and it is true of Android as well (and likely other mobile OSes).

    The better solution is to allow the application to request a default list of permissions, and then give the user the opportunity to accept or modify them. The application would still work if the permissions are modified, though with limited functionality. I'd probably go a step further and not make it possible for the application to know what permissions were granted, so that app authors don't just force the all-or-nothing situation back on users by refusing to run if full permissions are not granted. 99% of the time partial permissions only cause failure modes that the application has to handle gracefully anyway (no access to contacts is no different than a user who has no contacts, no access to location/network is no different than a user in a building, etc).

    The all-or-nothing approach just gives app authors a club to hit users with - it puts the app author in control of the device, and not the user. Not running mobile apps really isn't an acceptable alternative.

  • Re:Ooops! Sorry (Score:4, Informative)

    by Anonymous Coward on Saturday October 12, 2013 @12:37PM (#45108993)

    iOS does it on a permission as needed basis. Twitter wants to use my location? Okay, I'm fine with my tweets indicating my location. Twitter wants to use my contacts? No, thank you Twitter, I'll spam people myself.

  • Re:Ooops! Sorry (Score:4, Informative)

    by Anonymous Coward on Saturday October 12, 2013 @12:47PM (#45109049)

    The better solution is to allow the application to request a default list of permissions, and then give the user the opportunity to accept or modify them. The application would still work if the permissions are modified, though with limited functionality.

    You know what security model you're referring to? Blackberry.

    My ancient (2 year old) blackberry lets me selectively grant or deny application permissions on a granular basis. I can even selectively grant or deny network connectivity, so that an application can connect to an ip address using https, but can't connect to a different ip address by http.

    The Blackberry security model has been thought out by some very smart people at RIM.

    Unfortunately, the market really doesn't seem interested in security, even as more people put their entire life on their smartphone.

    Sad.

Slashdot Top Deals

"And remember: Evil will always prevail, because Good is dumb." -- Spaceballs

Close