Hacker News new | past | comments | ask | show | jobs | submit login

First of all, when I go to spotify and "log in with facebook". The site sends me to a facebook page asking me to "log in to spotify" with my facebook. On this page, it specifically says "This app will not add activity to your Timeline." In other words, the basic spotify login with facebook isn't social. If you "Connect" your spotify account to facebook, it pops up a permission dialog asking you for various types of access. This is the social portion. Don't do this if you are concerned.

The second part of the application is the social part. Again, if you don't trust an application you can always go to your app settings page on facebook (https://www.facebook.com/settings/?tab=applications), select the application you are worried about and deny specific items that you don't want the app to have access to.

If you "x" out too many things, you might cripple the application, but that's the way it works.




I don't want to first opt-in to something and LATER have to deny it those permissions. I want to deny it those permissions and only give it some permissions to start with.

How much damage would it be possible to do in the 3 - 4 minutes it will take me to go back to Facebook, go to my account settings, look at my app settings, find the app in the huge list, and then start removing permissions I don't want to grant it?

After that I have to go through the effort to find the post content in my timeline, one by one delete the items and hope that my friends have not yet seen the content (and it being posted to the ticker makes that unlikely...)


My point was that most pages hopefully will have two levels (like spotify). One to log in and do basic things, and the second level a social one.

So, if you don't do the second part, you should be fine?

Also, I personally would be careful in installing apps. This goes for any application (not just facebook). If you trust an app, go ahead, if not, just avoid it. This is going to be different for different people.

Edit: Ok, I think I see your point. You don't want an app to ask for too many permissions right off the bat and then you having to go back and remove them.

Again, I think this is going to be developer and users driven. The more people ask for apps to start off with minimal permissions the developers will have to comply. Does that make sense?


Why should this be developer and user driven? Facebook on their permission page when I first visit it should be more than capable in allowing me to change what permissions are given.

If they can retroactively remove them, they should be able to do so before I even grant any permissions.

Give me two columns, one "Allow" and one "Disallow" and I can drag the permissions to the columns as I see fit. Can an app give me a template or ask for certain permissions by default, yes, absolutely, but let me change them.


This is an excellent point, let me pass that on to the platform permissions people.


If I remember correctly,they sort of had that earlier, then it was removed to make apps powerful and sign ups easier!




Consider applying for YC's W25 batch! Applications are open till Nov 12.

Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: