Dark Light

If you install desktop, iGoogle, dashboard or whatever widgets, be really careful about what they do, especially for things that you give your usernames and passwords to.

For example, this facebook Dashboard widget asks for your facebook username and password, which it uses to fetch a document like this:

http://cjbeauchamp.com/widget/codes/facebook/main.php?email=nicholas@aquarionics.com&pass=[YOURPASSWORDISHERE]

…which it then uses to screen-scrape Facebook for the information it needs. Also, as a side effect, your facebook login is now in a log file on Mr Beauchamp’s server (The weblogs, if nothing else). Now, I’m sure the writer of this is entirely honest and would never do anything with all this information.

But if it’s a shared box? Or someone breaks in? Or what about any other widgets you’ve got installed?

You must be entirely sure about any software you give your usernames and passwords to.

Related Posts

RIAAlly?

RIAA to appeal Library Of Congress’ Decision (Via John Robb via Scripting News, isn’t weblogging wonderful?) WYWOS: The…

Dayze

So I’m home. I went to a rehersal, and was shouted at for being late. Shouted at for…

Age of Ultron

There was a movie. It's... Um. Let's start with this: The following review contains spoilers for Age of Ultron. They start after the following paragraph, which is why you need to click the link to read the rest. Right, so my problem with AoU is that it's a comic book event series. Its purpose is to make people need to go and see it to wrap up the past and understand the future episodes. It's the exact kind of Age Of Secret War On Ultimate Earth cross-francise bullshit that generally kicks me off any super-hero comic series I've started to get into. Suddenly, in order to follow the arc of a character I need to buy twelve comics across nine series, five of which my local shop doesn't carry. The actual plot of the movie doesn't really maintain its own momentum.