gdp's Comments

materialsdave.com : Social conferencing with Lanyrd

Thu, 28 Oct 2010 08:25:59 +0000

Thanks for trying out Lanyrd. We're using Twitter rather than Facebook or LinkedIn mainly because Twitter has the best support for "follow" relationships. I don't necessarily want to hear about conferences attended by my co-workers (LinkedIn) and personal friends (Facebook) - I want to go to the same conferences as the people I respect, who may have no idea who I am. I can follow someone on Twitter without them needing to follow me back.

Joe Gregorio | BitWorking : 140 characters isn\'t enough | BitWorking | Joe Gregorio

Sat, 2 Oct 2010 00:17:08 +0000

Deleting your Twitter account would play havoc with your Lanyrd profile http://lanyrd.com/people/jcgregorio/ - I should probably figure out a way of dealing with that... :/

drstarcat.com : Why an OAuth iframe is a Great Idea

Fri, 17 Jul 2009 00:11:30 +0000

You're right that redirects alone aren't the answer - OpenID has suffered from this same phishing problem for years, any time you have an untrusted site that's meant to redirect you to a trusted one there's potential for trouble. In the long-run, the solution lies with the browsers. My browser should understand OAuth (and OpenID) and provide un-spoofable chrome confirming that I'm on the correct site. That's another argument for sticking with the redirect though - if sites are using the redirect, browsers can start adding their own level of protection and it will Just Work with existing OAuth deployments.

drstarcat.com : Why an OAuth iframe is a Great Idea

Thu, 16 Jul 2009 19:07:14 +0000

Posted a bit more about this here: http://simonwillison.net/2009/Jul/16/responsibili... - including a call for OAuth providers to add frame-busting JavaScript to their authorisation pages.